| Summary: | net-p2p/rtorrent-0.8.7-r4: memory corruption in thread_queue_hack constructor | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Igor Novikov <intorr> |
| Component: | Current packages | Assignee: | Gentoo net-p2p team <net-p2p> |
| Status: | RESOLVED OBSOLETE | ||
| Severity: | normal | ||
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | x86 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
(In reply to comment #0) > Sorry, i don't know how to make diff file. # cp file file.org # diff -u file.org file > file.diff Bugs of this shrt should raelly be filed upstream for proper resolution. Is it still an issue in 0.8.9? Fixed in 0.8.9. |
I found a memory corruption using Valgrind: ==24489== Invalid write of size 4 ==24489== at 0x40282ED: memset (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==24489== by 0x80ABD79: thread_queue_hack::thread_queue_hack() (thread_base.cc:64) ==24489== by 0x80AB77E: ThreadBase::ThreadBase() (thread_base.cc:118) ==24489== by 0x80AC2BE: ThreadWorker::ThreadWorker() (thread_worker.cc:54) ==24489== by 0x8069F26: main (main.cc:169) ==24489== Address 0x47b0c48 is 0 bytes after a block of size 256 alloc'd ==24489== at 0x4025C72: operator new(unsigned int) (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==24489== by 0x80AB772: ThreadBase::ThreadBase() (thread_base.cc:118) ==24489== by 0x80AC2BE: ThreadWorker::ThreadWorker() (thread_worker.cc:54) ==24489== by 0x8069F26: main (main.cc:169) To resolv this issue replace line 64 in thread_base.cc: thread_queue_hack() { std::memset(m_queue, 0, sizeof(thread_queue_hack)); } with following lines: thread_queue_hack() { std::memset(m_queue, 0, sizeof(value_type) * (max_size + 1)); m_lock = 0; } Sorry, i don't know how to make diff file. Reproducible: Always Steps to Reproduce: 1. Simpe run rtorrent. Use Valgrind. Actual Results: Random crash. Expected Results: Random crash.