librfid-tool works only sometimes / glibc error

Julian Schütte julian.schuette at sit.fraunhofer.de
Tue Jan 22 17:28:41 UTC 2008 

Harald Welte wrote:
> On Mon, Jan 21, 2008 at 08:36:32PM +0100, Julian Schütte wrote:
>   
>> Hello,
>>
>> I'm running into obscure problems using mifare-tool and librfid-tool:
>>     
>
> this sounds like either stack or (probably more likely) heap corruption.
>
> I think the first step would be to verify the problem can be replicated
> on x86 (or x86_64), and then use the valgrind memory debugger to futher
> hunt this down.
>   
The same problems occur on a x86 (32) platform: "librfid-tool -S" works 
only from time to time, though I don't get the glibc error "corrupted 
double-linked list".  In case of failure, the program just timeouts and 
declares "No Omnikey Cardman 5121 found".

This is the output from valgrind:

# valgrind --leak-check=yes librfid-tool -S
==4585== Memcheck, a memory error detector.
==4585== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al.
==4585== Using LibVEX rev 1732, a library for dynamic binary translation.
==4585== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
==4585== Using valgrind-3.2.3-Debian, a dynamic binary instrumentation 
framework.
==4585== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al.
==4585== For more details, rerun with: -v
==4585==
librfid-tool - (C) 2006 by Harald Welte
This program is Free Software and has ABSOLUTELY NO WARRANTY

initializing librfid
opening reader handle
==4585== Invalid read of size 1
==4585==    at 0x4046CA6: usb_parse_descriptor (in /lib/libusb-0.1.so.4.4.4)
==4585==    by 0x4047056: usb_parse_configuration (in 
/lib/libusb-0.1.so.4.4.4)
==4585==    by 0x40491D6: usb_os_find_devices (in /lib/libusb-0.1.so.4.4.4)
==4585==    by 0x40466CA: usb_find_devices (in /lib/libusb-0.1.so.4.4.4)
==4585==    by 0x4041A91: scan_or_find_devices (ccid-driver.c:730)
==4585==    by 0x40425F1: ccid_open_reader (ccid-driver.c:967)
==4585==    by 0x403DBA4: cm5121_source_init 
(rfid_reader_cm5121_ccid_direct.c:34)
==4585==    by 0x403D796: cm5121_open (rfid_reader_cm5121.c:331)
==4585==    by 0x40393E5: rfid_reader_open (rfid_reader.c:49)
==4585==    by 0x8049A65: reader_init (common.c:78)
==4585==    by 0x804905B: main (librfid-tool.c:406)
==4585==  Address 0x41B2798 is 0 bytes after a block of size 216 alloc'd
==4585==    at 0x4022765: malloc (vg_replace_malloc.c:149)
==4585==    by 0x4049172: usb_os_find_devices (in /lib/libusb-0.1.so.4.4.4)
==4585==    by 0x40466CA: usb_find_devices (in /lib/libusb-0.1.so.4.4.4)
==4585==    by 0x4041A91: scan_or_find_devices (ccid-driver.c:730)
==4585==    by 0x40425F1: ccid_open_reader (ccid-driver.c:967)
==4585==    by 0x403DBA4: cm5121_source_init 
(rfid_reader_cm5121_ccid_direct.c:34)
==4585==    by 0x403D796: cm5121_open (rfid_reader_cm5121.c:331)
==4585==    by 0x40393E5: rfid_reader_open (rfid_reader.c:49)
==4585==    by 0x8049A65: reader_init (common.c:78)
==4585==    by 0x804905B: main (librfid-tool.c:406)
==4585== Warning: noted but unhandled ioctl 0x550B with no 
size/direction hints
==4585==    This could cause spurious value errors to appear.
==4585==    See README_MISSING_SYSCALL_OR_IOCTL for guidance on writing 
a proper wrapper.
==4585== Warning: noted but unhandled ioctl 0x550B with no 
size/direction hints
==4585==    This could cause spurious value errors to appear.
==4585==    See README_MISSING_SYSCALL_OR_IOCTL for guidance on writing 
a proper wrapper.
No Omnikey Cardman 5121 found
No OpenPCD found either
==4585==
==4585== ERROR SUMMARY: 4 errors from 1 contexts (suppressed: 15 from 1)
==4585== malloc/free: in use at exit: 84,697 bytes in 100 blocks.
==4585== malloc/free: 253 allocs, 153 frees, 241,524 bytes allocated.
==4585== For counts of detected errors, rerun with: -v
==4585== searching for pointers to 100 not-freed blocks.
==4585== checked 160,924 bytes.
==4585==
==4585== LEAK SUMMARY:
==4585==    definitely lost: 0 bytes in 0 blocks.
==4585==      possibly lost: 0 bytes in 0 blocks.
==4585==    still reachable: 84,697 bytes in 100 blocks.
==4585==         suppressed: 0 bytes in 0 blocks.
==4585== Reachable blocks (those to which a pointer was found) are not 
shown.
==4585== To see them, rerun with: --leak-check=full --show-reachable=yes
#


Best regards,
Julian


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3603 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.openpcd.org/pipermail/openpcd-devel/attachments/20080122/dcbe426e/smime.bin

More information about the openpcd-devel mailing list