[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Mldonkey-bugs] [Bug #1173] array bounds violations in latest CVS on OS
From: |
nobody |
Subject: |
[Mldonkey-bugs] [Bug #1173] array bounds violations in latest CVS on OS X 10.2 -> SIGBUS |
Date: |
Thu, 19 Sep 2002 14:35:27 -0400 |
=================== BUG #1173: LATEST MODIFICATIONS ==================
http://savannah.nongnu.org/bugs/?func=detailbug&bug_id=1173&group_id=1409
Changes by: mldonkey admin <address@hidden>
Date: 2002-Sep-19 18:35 (GMT)
What | Removed | Added
---------------------------------------------------------------------------
Category | None | eDonkey-plugin
Bug Group | None | Segmentation Fault
Resolution | None | Remind
Assigned to | None | mldonkey
Release | None | 1.99 beta
Platform Version | None | Mac OS X Jaguar
Binaries Origin | None | Compiled From CVS
------------------ Additional Follow-up Comments ----------------------------
The question is: how to find the correct size of the file ? There are currently
no way to get the size of a file from the servers or clients just knowing its
MD4 hash.
Maybe the temporary fix would be to check the size of the chunks before
accessing file_chunks, but it doesn't explain the SIGBUS, since ocaml checks
the size of the array before accessing it.
=================== BUG #1173: FULL BUG SNAPSHOT ===================
Submitted by: None Project: mldonkey, a free e-Donkey
client
Submitted on: 2002-Sep-10 13:58
Category: eDonkey-plugin Severity: 5 - Major
Bug Group: Segmentation Fault Resolution: Remind
Assigned to: mldonkey Status: Open
Release: 1.99 beta Release:
Platform Version: Mac OS X Jaguar Binaries Origin: Compiled From CVS
Reproducibility:
Summary: array bounds violations in latest CVS on OS X 10.2 -> SIGBUS
Original Submission: hi -
there are cases where loops across file.file_nchunks in
donkey/donkeyOneFile.ml and donkey/donkeyClient.ml
fail because the loop index is used to reference arrays
that are not long enough.
e.g., (Array.length file.file_chunks) != file.file_nchunks
or (Array.length chunks) != (Array.length file.file_chunks)
this is easily triggered by removing files.ini and history.met,
restart, and "recover_temp". entries in files.ini with "file_length = 0"
will also cause SIGBUS crashes because of array bounds problems throughout
the formerly secret code.
no fix yet, but lots of interesting stuff learned via Printf.printf /
printf_string
sprinkled liberally...
why is this a problem in os x 10.2 and not other
architectures/operating-systems,
including os x 10.1 & os x 10.0?
-- rottegift
Follow-up Comments
*******************
-------------------------------------------------------
Date: 2002-Sep-19 18:35 By: mldonkey
The question is: how to find the correct size of the file ? There are currently
no way to get the size of a file from the servers or clients just knowing its
MD4 hash.
Maybe the temporary fix would be to check the size of the chunks before
accessing file_chunks, but it doesn't explain the SIGBUS, since ocaml checks
the size of the array before accessing it.
-------------------------------------------------------
Date: 2002-Sep-11 02:26 By: None
there are problems if the on-disk file size of a recovered file is
different from the file-size known on the donkey network: loops
from 0 to file.file_nchunks end up having too few network chunks,
and the recovery can also lead to file.file_nchunks and the length
of the file.file_chunks array differing. if the index is larger than
the array, mldonkey dies with SIGBUS on the mac os x 10.2 ppc platform.
if one does recover_temp and a file is recovered that had been put
into pause state because there was insufficient disk space to grow
the on-disk file to the full size found when starting the file download
in the first place, the current code will have a permanent disagreement
between what the donkey network believes is the file size, and what
the local mldonkey believes is the filesize. this leads to program crashes.
a fix should recognize that the on-disk file size is NOT canonical in
some circumstances, and that in those circumstances, the on-disk
chunks should be tested to see if they are PresentValid. however,
the test should either grow the file to the network's idea of the
file size, or it should stop at disk-file EOF. in either case, the
state held about the file size (and related info such as file.file_nchunks
and the chunk arrays) should be updated to a *correct* network size.
one possible approach might be to have a zombie file state which
recover_temp uses until it gets a "consensus view" about the
proper file size for a given MD4 file from the donkey network,
then do the size bookkeeping, then run the file through the current
recover_temp process. or, "step 1: synthesize (or search) an ed2k:// link.
step2:
start a download on that link. step 3: validate the on-disk data, as
if it arrived after step 2.".
CC list is empty
No files currently attached
For detailed info, follow this link:
http://savannah.nongnu.org/bugs/?func=detailbug&bug_id=1173&group_id=1409