6.6.9. Fixes Related to Crashes
6.6.9.1. [Critical] DataReader C++ application crashed if it received tampered sample with unsupported encapsulation ID
If a C++ application with a DataReader received a sample with a tampered or malformed encapsulation kind, a segmentation fault occurred when the DataReader attempted to deserialize the sample, leading to an application crash. This problem has been fixed.
[RTI Issue ID CORE-12356]
6.6.9.2. [Critical] Segmentation fault after calling DomainParticipant::register_durable_subscription with a group containing a long role_name
An application using the API DomainParticipant::register_durable_subscription() may have experienced a segmentation fault if the role_name of the input group was NULL or had a length greater than 512 bytes. This problem has been fixed.
[RTI Issue ID CORE-12460]
6.6.9.3. [Critical] Segmentation fault when application using MultiChannel ran out of memory
A Connext application using MultiChannel might have produced a segmentation fault if the system ran out of memory. This problem has been fixed.
[RTI Issue ID CORE-12493]
6.6.9.4. [Critical] Application crashed when capturing traffic for a DomainParticipant created before enabling network capture
To capture network traffic, you must enable this feature before creating the DomainParticipants that will capture the traffic. Applications not satisfying this requirement crashed when starting, pausing, or resuming the capture.
This problem has been fixed. Connext will no longer crash in this situation, but will fail and log messages such as the following:
ERROR NDDS_Utility_start_network_capture_w_params_for_participant:!get network capture manager for DomainParticipant. Network capture must be enabled before creating the DomainParticipant
ERROR NDDS_Utility_start_network_capture_for_participant:!network capture could not be started for the participant
ERROR NDDS_Utility_run_network_capture_operation_for_all_participants:!failed to run network capture operation for participant
ERROR NDDS_Utility_start_network_capture_w_params:!error starting network capture for all participants
ERROR NDDS_Utility_start_network_capture:!start network capture for all participants. There was at least one participant that could not be started
[RTI Issue ID CORE-12511]
6.6.9.5. [Critical] Possible crash when writing a sample
Due to an internal error, an application could crash when writing a sample using either a best-effort or reliable DataWriter. Before the crash, an error message in either of the following functions was printed:
* COMMENDBeWriterService_write
* COMMENDSrWriterService_write
This problem has been resolved.
[RTI Issue ID CORE-12561]
6.6.9.6. [Critical] Potential crash during type registration if system ran out of memory
A crash may have occurred during type registration if the application ran out of memory. This problem has been resolved.
[RTI Issue ID CORE-12734]
6.6.9.7. [Critical] Segmentation fault after calling DomainParticipant::delete_durable_subscription with a group containing a long role_name
An application using the API DomainParticipant::register_durable_subscription() may have experienced a segmentation fault if the role_name of the input group was NULL or had a length greater than 512 bytes. This problem has been fixed.
[RTI Issue ID CORE-12787]
6.6.9.8. [Critical] Potential crash or memory corruption if user application using thread-specific storage
Starting with release 6.1.0, there was an issue that could lead to a potential crash or memory corruption if the user application was using thread-specific storage.
In particular, when using Activity Context or Heap Monitoring, a race condition could have been triggered upon creating a thread with the ThreadFactory at the same time the DomainParticipantFactory instance was initialized or finalized. When this race condition was triggered, Connext might have overwritten the user application’s thread-specific storage, leading to memory corruption or crashes.
This issue is now fixed. If the race condition that led to the issue happens in an application, the following benign warning will be logged:
Unexpected RTIOsapiContextSupport_g_tssKey value. This could mean that this thread was
created at the same time you are destroying the DDSDomainParticipantFactory.
If that is the case, Activity Context and Heap Monitoring won’t be available for that thread.
[RTI Issue ID CORE-12966]
6.6.9.9. [Minor] Simultaneous deletion of an entity by multiple threads caused a crash when using Java
When two threads deleted an entity at the same time, in Java, this may have caused a crash with the following backtrace:
#7 0x00007f7c630dad3b in REDAWeakReference_getReferent (reference=0x78, slNode=0x7f7c4407f988, frOut=0x0, tableWithStartedCursor=0x7f7c6452c000) at WeakReference.c:144
#8 0x00007f7c630d2ff3 in REDACursor_gotoWeakReference (c=0x7f7c4407f950, fr=0x0, wr=0x78) at
Cursor.c:230
#9 0x00007f7c62d5ed46 in PRESPsService_destroyLocalEndpoint (me=0x7f7c64367cc0, failReason=0x7f7cb0136fc0, group=0x7f7c64dbb340, endpoint=0x7f7c644f0e88, worker=0x7f7c44015f70) at PsService.c:2130
#10 0x00007f7c62b6fc26 in PRESParticipant_destroyLocalEndpoint (me=0x7f7c64368a00, failReason=0x7f7cb0136fc0, group=0x7f7c64dbb340, endpoint=0x7f7c644f0e88, worker=0x7f7c44015f70) at Participant.c:5882
#11 0x00007f7c636fcc32 in DDS_DataReader_deleteI (reader=0x7f7c644f1070) at DataReader.c:4250
#12 0x00007f7c6372667e in DDS_Subscriber_delete_datareader (self=0x7f7c64dbb620, reader=0x7f7c644f1070) at Subscriber.c:1159
#13 0x00007f7c63daf24b in Java_com_rti_dds_subscription_SubscriberImpl_DDS_1Subscriber_1delete_1datareader (env=0x7f7c781061f8, self_class=0x7f7cb0137148, self=140172244792864, readerL=140172235575408) at SubscriberImpl.c:790
This issue has been resolved. Now one thread will remove the entity and the other thread will throw an exception with the error code com.rti.dds.infrastructure.RETCODE_ALREADY_DELETED.
[RTI Issue ID CORE-10768]