search

someone-noone / libnfc-js

A simple libnfc API to interact with NFC tags.
Apache License 2.0
6 stars 9 forks source link

Crash (memory allocation problem)? #3

Open lcrocker opened 6 years ago

lcrocker commented 6 years ago

node version 8.9.4. npm version 5.6.0 libnfc 1.7.1 libnfc-js 0.1.0

*** My program: 'use strict'; const { NFC, NFCReader } = require('libnfc-js');

const appSelectApdu = Buffer.from([ 0x00, 0xA4, 0x04, 0x00, 0x07, 0xD2, 0x76, 0x00, 0x00, 0x85, 0x01, 0x01, 0x00 ]), ccSelectApdu = Buffer.from([ 0x00, 0xA4, 0x00, 0x0C, 0x02, 0xE1, 0x03 ]);

class Tester { constructor() { this.nfc = null; }

async start() {
    this.nfc = new NFC();
    this.devices = this.nfc.listDevices();
    if (0 === this.devices.length) {
        console.error('No readers found');
        return;
    }
    console.log(this.devices);
    this.reader = new NFCReader();
    this.reader.open(this.devices[0]);

    this.reader.poll();
    this.reader.on('card', async card => {
        console.log(card);
        let result = await this.reader.transceive(appSelectApdu);
        console.log(result);

        if (! (0x90 === result[0]) && (0x00 === result[1])) {
            console.error('Error: Tag4 protocol');
            return;
        }
        result = await this.reader.transceive(ccSelectApdu);
        console.log(result);
        if (! (0x90 === result[0]) && (0x00 === result[1])) {
            console.error('Error: Tag4 protocol');
            return;
        }
        await this.reader.release();
    });
    this.reader.on('error', err => {
        console.log(2);
        throw err;
    });
}

} (new Tester()).start().catch(err => { console.error('*** ' + JSON.stringify(err)); });

*** The output:

[ 'acr122_usb:003:004' ] { modulationType: 'NMT_ISO14443A', baudRate: 'NBR_106' } <Buffer 90 00> <Buffer 90 00> Error in `/usr/local/bin/node': free(): invalid size: 0x00000000033e6f70 ======= Backtrace: ========= /lib/x86_64-linux-gnu/libc.so.6(+0x777e5)[0x7f0a12e157e5] /lib/x86_64-linux-gnu/libc.so.6(+0x8037a)[0x7f0a12e1e37a] /lib/x86_64-linux-gnu/libc.so.6(cfree+0x4c)[0x7f0a12e2253c] /usr/local/bin/node(_ZN2v88internal13JSArrayBuffer16FreeBackingStoreEv+0x3c)[0xf99a5c] /usr/local/bin/node(_ZN2v88internal18ArrayBufferTracker7FreeAllEPNS0_4PageE+0x50)[0xe7c980] /usr/local/bin/node(_ZN2v88internal8NewSpace8TearDownEv+0xc0)[0xef56b0] /usr/local/bin/node(_ZN2v88internal4Heap8TearDownEv+0x25f)[0xeaa36f] /usr/local/bin/node(_ZN2v88internal7Isolate6DeinitEv+0x235)[0xf53625] /usr/local/bin/node(_ZN2v88internal7Isolate8TearDownEv+0x53)[0xf53833] /usr/local/bin/node(_ZN4node5StartEP9uv_loopsiPKPKciS5+0xe23)[0x122c353] /usr/local/bin/node(_ZN4node5StartEiPPc+0x163)[0x1224d03] /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf0)[0x7f0a12dbe830] /usr/local/bin/node[0x8aee41] ======= Memory map: ======== 00400000-01fa1000 r-xp 00000000 08:01 656439 /usr/local/bin/node 021a1000-021bc000 rw-p 01ba1000 08:01 656439 /usr/local/bin/node 021bc000-021d3000 rw-p 00000000 00:00 0 032dc000-0345d000 rw-p 00000000 00:00 0 [heap] 6ab83c80000-6ab83d00000 rw-p 00000000 00:00 0 c2bc1200000-c2bc1280000 rw-p 00000000 00:00 0 12237e980000-12237ea00000 rw-p 00000000 00:00 0 141c13c00000-141c13c80000 rw-p 00000000 00:00 0 15ac33f80000-15ac34000000 rw-p 00000000 00:00 0 180e38e80000-180e38e85000 rw-p 00000000 00:00 0 19da6d380000-19da6d400000 rw-p 00000000 00:00 0 1b56509b8000-1b5650b80000 ---p 00000000 00:00 0 1b5650b80000-1b5650b83000 rw-p 00000000 00:00 0 1b5650b83000-1b5650b84000 ---p 00000000 00:00 0 1b5650b84000-1b5650bff000 rwxp 00000000 00:00 0 1b5650bff000-1b5650c00000 ---p 00000000 00:00 0 1b5650c00000-1b5650c03000 rw-p 00000000 00:00 0 1b5650c03000-1b5650c04000 ---p 00000000 00:00 0 1b5650c04000-1b5650c7f000 rwxp 00000000 00:00 0 1b5650c7f000-1b5650c80000 ---p 00000000 00:00 0 1b5650c80000-1b5650c83000 rw-p 00000000 00:00 0 1b5650c83000-1b5650c84000 ---p 00000000 00:00 0 1b5650c84000-1b5650cff000 rwxp 00000000 00:00 0 1b5650cff000-1b5650d00000 ---p 00000000 00:00 0 1b5650d00000-1b5650d03000 rw-p 00000000 00:00 0 1b5650d03000-1b5650d04000 ---p 00000000 00:00 0 1b5650d04000-1b5650d7f000 rwxp 00000000 00:00 0 1b5650d7f000-1b56709b8000 ---p 00000000 00:00 0 1fd74b480000-1fd74b500000 rw-p 00000000 00:00 0 2082fcb80000-2082fcc00000 rw-p 00000000 00:00 0 26dfbe580000-26dfbe600000 rw-p 00000000 00:00 0 2be8ae500000-2be8ae580000 rw-p 00000000 00:00 0 2e28ff580000-2e28ff600000 rw-p 00000000 00:00 0 338cece00000-338cece80000 rw-p 00000000 00:00 0 339e2ba80000-339e2bb00000 rw-p 00000000 00:00 0 369d87980000-369d879d5000 rw-p 00000000 00:00 0 3a6245000000-3a6245080000 rw-p 00000000 00:00 0 3b20a4f00000-3b20a4f80000 rw-p 00000000 00:00 0 3eca5e718000-3eca5e720000 rw-p 00000000 00:00 0 3eca5e720000-3eca5e724000 ---p 00000000 00:00 0 7f09f0000000-7f09f0021000 rw-p 00000000 00:00 0 7f09f0021000-7f09f4000000 ---p 00000000 00:00 0 7f09f8000000-7f09f8021000 rw-p 00000000 00:00 0 7f09f8021000-7f09fc000000 ---p 00000000 00:00 0 7f09fc000000-7f09fc021000 rw-p 00000000 00:00 0 7f09fc021000-7f0a00000000 ---p 00000000 00:00 0 7f0a01ffc000-7f0a01ffd000 ---p 00000000 00:00 0 7f0a01ffd000-7f0a027fd000 rw-p 00000000 00:00 0 7f0a027fd000-7f0a027fe000 ---p 00000000 00:00 0 7f0a027fe000-7f0a02ffe000 rw-p 00000000 00:00 0 7f0a02ffe000-7f0a02fff000 ---p 00000000 00:00 0 7f0a02fff000-7f0a037ff000 rw-p 00000000 00:00 0 7f0a037ff000-7f0a03800000 ---p 00000000 00:00 0 7f0a03800000-7f0a04000000 rw-p 00000000 00:00 0 7f0a04000000-7f0a04051000 rw-p 00000000 00:00 0 7f0a04051000-7f0a08000000 ---p 00000000 00:00 0 7f0a08000000-7f0a08021000 rw-p 00000000 00:00 0 7f0a08021000-7f0a0c000000 ---p 00000000 00:00 0 7f0a0c000000-7f0a0c021000 rw-p 00000000 00:00 0 7f0a0c021000-7f0a10000000 ---p 00000000 00:00 0 7f0a10554000-7f0a1055b000 r-xp 00000000 08:01 4850899 /lib/x86_64-linux-gnu/libusb-0.1.so.4.4.4 7f0a1055b000-7f0a1075a000 ---p 00007000 08:01 4850899 /lib/x86_64-linux-gnu/libusb-0.1.so.4.4.4 7f0a1075a000-7f0a1075b000 r--p 00006000 08:01 4850899 /lib/x86_64-linux-gnu/libusb-0.1.so.4.4.4 7f0a1075b000-7f0a1075c000 rw-p 00007000 08:01 4850899 /lib/x86_64-linux-gnu/libusb-0.1.so.4.4.4 7f0a1075c000-7f0a1075d000 rw-p 00000000 00:00 0 7f0a1075d000-7f0a10767000 r-xp 00000000 08:01 4850936 /lib/x86_64-linux-gnu/libpcsclite.so.1.0.0 7f0a10767000-7f0a10966000 ---p 0000a000 08:01 4850936 /lib/x86_64-linux-gnu/libpcsclite.so.1.0.0 7f0a10966000-7f0a10967000 r--p 00009000 08:01 4850936 /lib/x86_64-linux-gnu/libpcsclite.so.1.0.0 7f0a10967000-7f0a10968000 rw-p 0000a000 08:01 4850936 /lib/x86_64-linux-gnu/libpcsclite.so.1.0.0 7f0a10968000-7f0a1098b000 r-xp 00000000 08:01 807540 /usr/local/lib/libnfc.so.5.0.1 7f0a1098b000-7f0a10b8b000 ---p 00023000 08:01 807540 /usr/local/lib/libnfc.so.5.0.1 7f0a10b8b000-7f0a10b8d000 r--p 00023000 08:01 807540 /usr/local/lib/libnfc.so.5.0.1 7f0a10b8d000-7f0a10b8f000 rw-p 00025000 08:01 807540 /usr/local/lib/libnfc.so.5.0.1 7f0a10b8f000-7f0a10b98000 r-xp 00000000 08:12 11144365 /home/lee/work/base/protocol/node_modules/libnfc-js/build/Release/nfc-binding.node 7f0a10b98000-7f0a10d98000 ---p 00009000 08:12 11144365 /home/lee/work/base/protocol/node_modules/libnfc-js/build/Release/nfc-binding.node 7f0a10d98000-7f0a10d99000 r--p 00009000 08:12 11144365 /home/lee/work/base/protocol/node_modules/libnfc-js/build/Release/nfc-binding.node 7f0a10d99000-7f0a10d9a000 rw-p 0000a000 08:12 11144365 /home/lee/work/base/protocol/node_modules/libnfc-js/build/Release/nfc-binding.node 7f0a10d9a000-7f0a10d9b000 ---p 00000000 00:00 0 7f0a10d9b000-7f0a1159b000 rw-p 00000000 00:00 0 7f0a1159b000-7f0a1159c000 ---p 00000000 00:00 0 7f0a1159c000-7f0a11d9c000 rw-p 00000000 00:00 0 7f0a11d9c000-7f0a11d9d000 ---p 00000000 00:00 0 7f0a11d9d000-7f0a1259d000 rw-p 00000000 00:00 0 7f0a1259d000-7f0a1259e000 ---p 00000000 00:00 0 7f0a1259e000-7f0a12d9e000 rw-p 00000000 00:00 0 7f0a12d9e000-7f0a12f5e000 r-xp 00000000 08:01 4865601 /lib/x86_64-linux-gnu/libc-2.23.so 7f0a12f5e000-7f0a1315e000 ---p 001c0000 08:01 4865601 /lib/x86_64-linux-gnu/libc-2.23.so 7f0a1315e000-7f0a13162000 r--p 001c0000 08:01 4865601 /lib/x86_64-linux-gnu/libc-2.23.so 7f0a13162000-7f0a13164000 rw-p 001c4000 08:01 4865601 /lib/x86_64-linux-gnu/libc-2.23.so 7f0a13164000-7f0a13168000 rw-p 00000000 00:00 0 7f0a13168000-7f0a13180000 r-xp 00000000 08:01 4865600 /lib/x86_64-linux-gnu/libpthread-2.23.so 7f0a13180000-7f0a1337f000 ---p 00018000 08:01 4865600 /lib/x86_64-linux-gnu/libpthread-2.23.so 7f0a1337f000-7f0a13380000 r--p 00017000 08:01 4865600 /lib/x86_64-linux-gnu/libpthread-2.23.so 7f0a13380000-7f0a13381000 rw-p 00018000 08:01 4865600 /lib/x86_64-linux-gnu/libpthread-2.23.so 7f0a13381000-7f0a13385000 rw-p 00000000 00:00 0 7f0a13385000-7f0a1339b000 r-xp 00000000 08:01 4850954 /lib/x86_64-linux-gnu/libgcc_s.so.1 7f0a1339b000-7f0a1359a000 ---p 00016000 08:01 4850954 /lib/x86_64-linux-gnu/libgcc_s.so.1 7f0a1359a000-7f0a1359b000 rw-p 00015000 08:01 4850954 /lib/x86_64-linux-gnu/libgcc_s.so.1 7f0a1359b000-7f0a136a3000 r-xp 00000000 08:01 4865597 /lib/x86_64-linux-gnu/libm-2.23.so 7f0a136a3000-7f0a138a2000 ---p 00108000 08:01 4865597 /lib/x86_64-linux-gnu/libm-2.23.so 7f0a138a2000-7f0a138a3000 r--p 00107000 08:01 4865597 /lib/x86_64-linux-gnu/libm-2.23.so 7f0a138a3000-7f0a138a4000 rw-p 00108000 08:01 4865597 /lib/x86_64-linux-gnu/libm-2.23.so 7f0a138a4000-7f0a13a16000 r-xp 00000000 08:01 524706 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21 7f0a13a16000-7f0a13c16000 ---p 00172000 08:01 524706 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21 7f0a13c16000-7f0a13c20000 r--p 00172000 08:01 524706 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21 7f0a13c20000-7f0a13c22000 rw-p 0017c000 08:01 524706 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21 7f0a13c22000-7f0a13c26000 rw-p 00000000 00:00 0 7f0a13c26000-7f0a13c2d000 r-xp 00000000 08:01 4865619 /lib/x86_64-linux-gnu/librt-2.23.so 7f0a13c2d000-7f0a13e2c000 ---p 00007000 08:01 4865619 /lib/x86_64-linux-gnu/librt-2.23.so 7f0a13e2c000-7f0a13e2d000 r--p 00006000 08:01 4865619 /lib/x86_64-linux-gnu/librt-2.23.so 7f0a13e2d000-7f0a13e2e000 rw-p 00007000 08:01 4865619 /lib/x86_64-linux-gnu/librt-2.23.so 7f0a13e2e000-7f0a13e31000 r-xp 00000000 08:01 4865603 /lib/x86_64-linux-gnu/libdl-2.23.so 7f0a13e31000-7f0a14030000 ---p 00003000 08:01 4865603 /lib/x86_64-linux-gnu/libdl-2.23.so 7f0a14030000-7f0a14031000 r--p 00002000 08:01 4865603 /lib/x86_64-linux-gnu/libdl-2.23.so 7f0a14031000-7f0a14032000 rw-p 00003000 08:01 4865603 /lib/x86_64-linux-gnu/libdl-2.23.so 7f0a14032000-7f0a14058000 r-xp 00000000 08:01 4865599 /lib/x86_64-linux-gnu/ld-2.23.so 7f0a1421e000-7f0a14225000 rw-p 00000000 00:00 0 7f0a14252000-7f0a14253000 rw-p 00000000 00:00 0 7f0a14253000-7f0a14254000 ---p 00000000 00:00 0 7f0a14254000-7f0a14257000 rw-p 00000000 00:00 0 7f0a14257000-7f0a14258000 r--p 00025000 08:01 4865599 /lib/x86_64-linux-gnu/ld-2.23.so 7f0a14258000-7f0a14259000 rw-p 00026000 08:01 4865599 /lib/x86_64-linux-gnu/ld-2.23.so 7f0a14259000-7f0a1425a000 rw-p 00000000 00:00 0 7fff1a968000-7fff1a98a000 rw-p 00000000 00:00 0 [stack] 7fff1a9a0000-7fff1a9a3000 r--p 00000000 00:00 0 [vvar] 7fff1a9a3000-7fff1a9a5000 r-xp 00000000 00:00 0 [vdso] ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall] Aborted (core dumped)

jonas-lauber commented 5 years ago

Hi @lcrocker,

Did you get any luck ? I also had a weird issue related to memory allocation... :

{ modulationType: 'NMT_ISO14443A', baudRate: 'NBR_106' }
=> Send 00 a4 04 00 06 11 22 33 44 55 11
=> Send 00 50 00 00 08
Result: 270f (9999)
node(3380,0x7fffa9c2d380) malloc: *** error for object 0x1030a22e8: pointer being freed was not allocated
*** set a breakpoint in malloc_error_break to debug

I am just executing https://github.com/someone-noone/libnfc-js/blob/master/test.js... But I am sending data in the polling loop:

let data = Buffer.from('00a4040006112233445511', 'hex');
console.log(data);
let result = await nfcReader.transceive(data);
console.log(result);

data = Buffer.from('0050000008', 'hex');
console.log(data);
result = await nfcReader.transceive(data);
console.log(result);

So nothing fancy... But it systematically fails... Making it unusable..

Context OS: macOs High Sierra
node: 8.11.1 npm: 5.6.0 libnfc: 1.7.1 libnfc-js: 0.1.0

jonas-lauber commented 5 years ago

I saw people where having same issues on node-nfc and it got fixed => https://github.com/camme/node-nfc/issues/17

Anyone would know how I can go further with this ?

jonas-lauber commented 5 years ago

So, after debugging the C code and setting a breakpoint in malloc_error_break as the message was advising me, it turns out that the exception is thrown in NFCTransceive::HandleOKCallback(): https://github.com/someone-noone/libnfc-js/blob/1e503a7540e69b8defa5a571daef52c5aed835b3/src/nfc-transceive.cc#L51 But I still have no idea what it might be (I don't know much about C coding...)

jonas-lauber commented 5 years ago

Ok @lcrocker,

I really believe your problem was the same as mine. I think I found it ;-) So I don't know much about C programming, so it wasn't easy, but as I figured out it only happened with "transceive" and it was a memory allocation stiff, I quickly imagined it had something with the data buffer. And it was indeed the case :-)

It happens here: https://github.com/someone-noone/libnfc-js/blob/1e503a7540e69b8defa5a571daef52c5aed835b3/src/nfc-transceive.cc#L49 One should not use NewBuffer, but rather CopyBuffer! Indeed, the __recvdata is defined as a static array in nfc-transceive and using NewBuffer, we let node take responsibility of its life cycle and to free it whenever it wants to. Using CopyBuffer, we tell node to to make its own copy and to leave ours alone!

Hope it helps someone! I would gladly make a PR, but I am under the impression that the project is a bit dead... Is it not ?