[omniORB] invalid read of size 1 reported by valgrind for omniORB 4.2.3
Serguei Kolos
serguei.kolos at cern.ch
Wed Jun 19 15:05:58 BST 2019
Hi
I have been using omniORB 4.2.3 and recently while running my
application under valgrind
I have observed the error which suggests that under some conditions the
giopServer class
uses the "pd_dying" attribute of the connection object that has already
been deleted.
Did anyone see that behaviour already? Any ideas on how that could be fixed?
Cheers,
Serguei
Here is the valgrind report:
==32583== Thread 3:
==32583== Invalid read of size 1
==32583== at 0x7A3ABDA:
omni::giopServer::notifyRzReadable(omni::giopConnection*, bool)
(giopServer.cc:990)
==32583== by 0x7A975B8:
omni::tcpEndpoint::notifyReadable(omni::SocketHolder*)
(tcpEndpoint.cc:373)
==32583== by 0x79F9DBC: sendNotifications (SocketCollection.h:244)
==32583== by 0x79F9DBC: omni::SocketCollection::Select()
(SocketCollection.cc:347)
==32583== by 0x7A97520: omni::tcpEndpoint::AcceptAndMonitor(void
(*)(void*, omni::giopConnection*), void*) (tcpEndpoint.cc:314)
==32583== by 0x7A375A8: omni::giopRendezvouser::execute()
(giopRendezvouser.cc:58)
==32583== by 0x7A4AFEF: omniAsyncWorker::real_run() (invoker.cc:578)
==32583== by 0x7A4ABA8: omniAsyncWorker::mid_run() (invoker.cc:511)
==32583== by 0x7A4BF5E: omniAsyncWorker::run(void*) (invoker.cc:126)
==32583== by 0x7D04A87: omni_thread_wrapper (posix.cc:459)
==32583== by 0x7F0FE24: start_thread (in
/usr/lib64/libpthread-2.17.so)
==32583== by 0x9986BAC: clone (in /usr/lib64/libc-2.17.so)
==32583== Address 0x2846060c is 12 bytes inside a block of size 112
free'd
==32583== at 0x4C2B1CD: operator delete(void*)
(vg_replace_malloc.c:576)
==32583== by 0x7A251E5: omni::giopConnection::decrRefCount(bool)
(giopEndpoint.cc:241)
==32583== by 0x7A3E146:
omni::giopStrand::deleteStrandAndConnection(bool) (giopStrand.cc:264)
==32583== by 0x7A3AD23:
omni::giopServer::connectionState::~connectionState()
(giopServer.cc:702)
==32583== by 0x7A3BEAE:
omni::giopServer::removeConnectionAndWorker(omni::giopWorker*)
(giopServer.cc:1090
==32583== by 0x7A3C134:
omni::giopServer::notifyWkDone(omni::giopWorker*, bool)
(giopServer.cc:1102)
==32583== by 0x7A43FC4: omni::giopWorker::execute()
(giopWorker.cc:83)
==32583== by 0x7A4AFEF: omniAsyncWorker::real_run() (invoker.cc:578)
==32583== by 0x7A4BFBF:
omniAsyncPoolServer::workerRun(omniAsyncWorker*) (invoker.cc:328)
==32583== by 0x7A4ABA8: omniAsyncWorker::mid_run() (invoker.cc:511)
==32583== by 0x7A4BF5E: omniAsyncWorker::run(void*) (invoker.cc:126)
==32583== by 0x7D04A87: omni_thread_wrapper (posix.cc:459)
==32583== by 0x7F0FE24: start_thread (in
/usr/lib64/libpthread-2.17.so)
==32583== by 0x9986BAC: clone (in /usr/lib64/libc-2.17.so)
==32583== Block was alloc'd at
==32583== at 0x4C2A243: operator new(unsigned long)
(vg_replace_malloc.c:334)
==32583== by 0x7A97539: omni::tcpEndpoint::AcceptAndMonitor(void
(*)(void*, omni::giopConnection*), void*) (tcpEndpoint.cc:316)
==32583== by 0x7A375A8: omni::giopRendezvouser::execute()
(giopRendezvouser.cc:58)
==32583== by 0x7A4AFEF: omniAsyncWorker::real_run() (invoker.cc:578)
==32583== by 0x7A4ABA8: omniAsyncWorker::mid_run() (invoker.cc:511)
==32583== by 0x7A4BF5E: omniAsyncWorker::run(void*) (invoker.cc:126)
==32583== by 0x7D04A87: omni_thread_wrapper (posix.cc:459)
==32583== by 0x7F0FE24: start_thread (in
/usr/lib64/libpthread-2.17.so)
==32583== by 0x9986BAC: clone (in /usr/lib64/libc-2.17.so)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.omniorb-support.com/pipermail/omniorb-list/attachments/20190619/a4c437bb/attachment.html>
More information about the omniORB-list
mailing list