[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[Libevent-users] Libevent-2.1.5-beta - Couple issues


Hi libevent developers,

I was not sure if we have to raise bugs for the beta version - libevent-2.1.5 so here is an email to begin. We would really appreciate a fix for issue 1 soon.

Thanks,
Linus Aranha

Issue 1)
Cleanup ordering issue in evdns_base_free_and_unlock - gives rise to invalid reads/writes

I found an issue in the code for libevent-2.1.5-beta in the cleanup function - Âevdns_base_free_and_unlock.

Below is the valgrind report. It looks we end up accessing the nameserver (evdns.c:662) pointer part of the requests structure after it is cleaned up at evdns.c:4011.

The issue is not present in 2.0.21-stable.

Maybe we could just re-order the cleanup so the nameservers are cleaned up in the end? That should prevent the invalid reads and writes.

==722== Invalid read of size 4
==722== Â Âat 0x4C4CB80: request_finished (evdns.c:662)
==722== Â Âby 0x4C56228: evdns_base_free_and_unlock (evdns.c:4022)
==722== Â Âby 0x4C56483: evdns_base_free (evdns.c:4062)
==722== Â Âby 0x404A0B: dummy_function1 (file.c:xxx)
==722== Â Âby 0x405F61:Âdummy_function2Â(file.c:xxx)
==722== Â Âby 0x40BDD5:Âdummy_function3Â(file.c:xxx)
==722== Â Âby 0x40EED2:Âdummy_function4Â(file.c:xxx)
==722== Â Âby 0x4C38D72: event_persist_closure (event.c:1531)
==722== Â Âby 0x4C3905B: event_process_active_single_queue (event.c:1590)
==722== Â Âby 0x4C39684: event_process_active (event.c:1689)
==722== Â Âby 0x4C39DE0: event_base_loop (event.c:1912)
==722== Â Âby 0x4C3970C: event_base_dispatch (event.c:1723)
==722== Â Âby 0x404C46: main (file.c:xxx)
==722== ÂAddress 0x5dfa710 is 448 bytes inside a block of size 456 free'd
==722== Â Âat 0x4A0739B: free (vg_replace_malloc.c:473)
==722== Â Âby 0x405AB7: dummy_free (file.c:xx)
==722== Â Âby 0x4C3EE8F: event_mm_free_ (event.c:3462)
==722== Â Âby 0x4C5610F: evdns_nameserver_free (evdns.c:3995)
==722== Â Âby 0x4C56149: evdns_base_free_and_unlock (evdns.c:4011)
==722== Â Âby 0x4C56483: evdns_base_free (evdns.c:4062)
==722== Â Âby 0x404A0B:Âdummy_function1Â(file.c:xxx)
==722== Â Âby 0x405F61:Âdummy_function2Â(file.c:xxx)
==722== Â Âby 0x40BDD5:Âdummy_function3Â(file.c:xxx)
==722== Â Âby 0x40EED2:Âdummy_function4Â(file.c:xxx)
==722== Â Âby 0x4C38D72: event_persist_closure (event.c:1531)
==722== Â Âby 0x4C3905B: event_process_active_single_queue (event.c:1590)
==722== Â Âby 0x4C39684: event_process_active (event.c:1689)
==722== Â Âby 0x4C39DE0: event_base_loop (event.c:1912)
==722== Â Âby 0x4C3970C: event_base_dispatch (event.c:1723)
==722== Â Âby 0x404C46: main (file.c:xxx)

Issue 2)
Found memory leak

Valgrind stacktrace is below.

==722== 792 bytes in 3 blocks are definitely lost in loss record 34 of 65
==722== Â Âat 0x4A05F80: malloc (vg_replace_malloc.c:296)
==722== Â Âby 0x4059EA: dummy_malloc (dummy.c:xx)
==722== Â Âby 0x4C3ED1B: event_mm_calloc_ (event.c:3403)
==722== Â Âby 0x4C578C8: evdns_getaddrinfo (evdns.c:4649)
==722== Â Âby 0x4047A7: dummy1 (dummy.c:xxx)
==722== Â Âby 0x404933: dummy2 (dummy.c:xxx)
==722== Â Âby 0x41F412: dummy3 (dummy.c:xxx)
==722== Â Âby 0x41EEE1: dummy4 (dummy.c:xxx)
==722== Â Âby 0x404CF8: dummy5 (dummy.c:xxx)
==722== Â Âby 0x4C390FE: event_process_active_single_queue (event.c:1597)
==722== Â Âby 0x4C39684: event_process_active (event.c:1689)
==722== Â Âby 0x4C39DE0: event_base_loop (event.c:1912)
==722== Â Âby 0x4C3970C: event_base_dispatch (event.c:1723)
==722== Â Âby 0x404C46: main (dummy.c:xxx)
==722==