Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Possible Weakness with locking in the GNRC network stack #5656

Closed
melshuber opened this issue Jul 18, 2016 · 23 comments
Closed

Possible Weakness with locking in the GNRC network stack #5656

melshuber opened this issue Jul 18, 2016 · 23 comments
Assignees
Labels
Area: network Area: Networking Type: bug The issue reports a bug / The PR fixes a bug (including spelling errors)

Comments

@melshuber
Copy link

melshuber commented Jul 18, 2016

In the IPv6/6loWPAN stack there are sometimes statements like this: (e.g.: sys/net/gnrc/network_layer/ipv6/netif/gnrc_ipv6_netif.c:95ff)

        mutex_unlock(&entry->mutex);    /* function below relocks mutex */
        gnrc_ndp_internal_send_nbr_sol(entry->pid, &tmp_addr->addr, router, router);
        mutex_lock(&entry->mutex);      /* relock mutex */

Releasing the lock and relocking it again later however breaks the atomicity of those functions, because the memory which is protected by the lock might change while the lock is not held.

I propose two possible solutions:

  1. implement local function for _send_nbr_sol which do not try to lock the mutex
  2. add a reentrant mutex implementation
@kYc0o kYc0o added Type: bug The issue reports a bug / The PR fixes a bug (including spelling errors) Area: core Area: RIOT kernel. Handle PRs marked with this with care! labels Jul 18, 2016
@miri64
Copy link
Member

miri64 commented Jul 18, 2016

We talked already at the summit about this and I agree, that we need to fix this ASAP. I think the re-entrant mutexes would be the cleaner and in the end code-saving. @kaspar030 how hard would that be to realize?

@melshuber
Copy link
Author

I also think reentrant mutex are the way to go. However i do not think that you should change the semantics of your current mutex implementation as this may break many other things. Further non-reentrant mutexes are more lightweight. May be it is better to add an rmutex module.

@OlegHahm OlegHahm added Area: network Area: Networking GNRC and removed Area: core Area: RIOT kernel. Handle PRs marked with this with care! labels Jul 18, 2016
@kaspar030
Copy link
Contributor

@melshuber With re-entrant you mean recursive, e.g., a thread locking a mutex twice doesn't block itself?

@melshuber
Copy link
Author

yes - recursive is the correct terminus

@miri64
Copy link
Member

miri64 commented Jul 18, 2016

I think they are both correct ;-) at least I've seen both in literature.

@miri64
Copy link
Member

miri64 commented Jul 18, 2016

So the issue is two-fold now: (a) implementing re-entrant mutexes and (b) apply them everywhere it makes sense. @kaspar030 do you have capacities to do (a)? Then I would do (b) at least for the most parts in GNRC with the upcoming re-work of the network layer anyway.

@kaspar030
Copy link
Contributor

Well, they're (fairly) easy to implement, but they would basically add (mutex-codesize + X).

Do I understand correctly that gnrc has a lot of shared memory (between threads) that the mutexes try to protect, and even one single thread might try to lock some of that memory twice, because the accesses are nested? Sounds scary.

@miri64
Copy link
Member

miri64 commented Jul 18, 2016

Do I understand correctly that gnrc has a lot of shared memory (between threads) that the mutexes try to protect, and even one single thread might try to lock some of that memory twice, because the accesses are nested? Sounds scary.

Not a lot, just the data structures of the network layer that are also accessible to users (interfaces, neighbor cache, ...). The problem comes from the fact, that packets need to be send out if some things are changed (e.g. Router Advertisements when a new prefix is added). Since this happens has to happen while the mutex is locked (otherwise the address could be removed again making the sendout invalid), but sending a packet also involves operations on these data structures. It's not beautiful, I know and there are better ways to do it (which I intend with the promised overhaul), but I think re-entrant mutexes might be an interesting feature regardless.

How about instead of providing a whole new module with a lot of code duplication we just provide a new function mutex_lock_reent() to specificly lock recursively (might also be implementable externally using mutex_trylock())?

@kaspar030
Copy link
Contributor

kaspar030 commented Jul 18, 2016 via email

@melshuber
Copy link
Author

@miri64: Just a thought - As RIOT is a Message passing OS why not try to put this paradigm onto the network stack.
Those management functions - read/modify neighbour cache, add/remove ip addressed, read/modify 6loctx, ... are called rarely from the outside and mostly not performance critical.
Why not make them accessible by the synchronous and or asynchronous API and get rid of the mutexes completely.

@miri64
Copy link
Member

miri64 commented Jul 21, 2016

Might also be an idea. Indeed, I'm thinking about integrating more layers than just L2 into the usage GET/SET commands (which was the original idea). This part of netapi is currently dangerously underutilized ;-).

@jnohlgard
Copy link
Member

There's an implementation proposal for a recursive mutex as part of the PR for newlib reentrancy #4529

https://github.com/RIOT-OS/RIOT/pull/4529/files#diff-8f48e1b9ed7a0a48d0c686a87cc5084eR35

@melshuber
Copy link
Author

I have checked the implementation and it should work.
However is the atomic_inc/dec necessary? The lock is already/still held at this point.
A normal / non-atomic should do the job just as well.

@jnohlgard
Copy link
Member

I agree regarding the atomic inc, but I think there is already another race between the check and update of the owner variable. Probably should be using atomic_cas in some form.

@jnohlgard
Copy link
Member

@melshuber Do you have the time to adapt the code from #4529 into a new core/recursive_mutex component?

@melshuber
Copy link
Author

Yes I will take a look, i hope can propose a pull request, by the end of next week.

@melshuber
Copy link
Author

I have added a pull request for the port. See #5731

@miri64 miri64 added this to the Release 2016.10 milestone Oct 18, 2016
miri64 added a commit that referenced this issue Nov 11, 2016
RIOT-2016.10 - Release Notes
============================
RIOT is a real-time multi-threading operating system that supports a range of
devices that are typically found in the Internet of Things: 8-bit
microcontrollers, 16-bit microcontrollers and light-weight 32-bit processors.

RIOT is based on the following design principles: energy-efficiency, real-time
capabilities, small memory footprint, modularity, and uniform API access,
independent of the underlying hardware (this API offers partial POSIX
compliance).

RIOT is developed by an international open source community which is
independent of specific vendors (e.g. similarly to the Linux community) and is
licensed with a non-viral copyleft license (LGPLv2.1), which allows indirect
business models around the free open-source software platform provided by
RIOT.

About this release:
===================
This release provides a lot of new features as well as it  fixes several major
bugs. Among these new features are the new simplified network socket API
called sock, the GNRC specific CoAP implementation gcoap and several new
packages: TinyDTLS, the Aversive++ microcontroller library for robotics, the
u8g2 graphic library, and nanocoap.
Using the new sock API an implementation of the Simple Time Network Protocol
(SNTP) was also introduced, allowing for time synchronization between nodes.
New platforms include the Arduino Uno, the Arduino Duemilanove, the Arduino
Zero, SODAQ Autonomo, and the Zolertia remote (rev. B).
The most significant bug fix was done in native which led to a significantly
more robust handling of ISRs and now allows for at least 1,000 native
instances running stably on one machine.

About 263 pull requests with about 398 commits have been merged since the last
release and about 42 issues have been solved. 37 people contributed with code
in 100 days. 1006 files have been touched with 166500 insertions and 26926
deletions.

Notations used below:
=====================
+ means new feature/item
* means modified feature/item
- means removed feature/item

New features and changes
========================
General
-------
* Verbose behavior for assert() macro

Core
----
+ MPU support for Cortex-M

API changes
-----------
+ Socket-like sock API (replacing conn)
* netdev2: Add Testmodes and CCA modes
* IEEE 802.15.4: clean-up Intra-PAN behavior
* IEEE 802.15.4: centralize default values
* gnrc_pktbuf: allow for 0-sized snips
+ gnrc_netapi: mbox and arbitrary callback support

System libraries
----------------
No new features or changes

Networking
----------
+ Provide sock-port for GNRC
+ gcoap: a GNRC-based CoAP implementation
+ Simple Network Time Protocol (RFC 5905, section 14)
+ Priority Queue for packet snips
+ IPv4 header definitions

Packages
--------
+ nanocoap: CoAP header parser/builder
+ TinyDTLS: DTLS library
+ tiny-asn1: asn.1/der decoder
+ Aversive++ microcontroller programming library
+ u8g2 graphic library

Platforms
---------
+ Support for stm32f2xx MCU family
+ Low power modes for samd21 CPUs
+ More Arduino-based platforms:
    + Arduino Uno
    + Arduino Duemilanove
    + Arduino Zero
+ More boards of ST's Nucleo platforms:
    + ST Nucleo F030 board support
    + ST Nucleo F070 board support
    + ST Nucleo F446 board support
+ SODAQ Automono
+ Zolertia remote rev. B

Drivers
-------
+ W5100 Ethernet device
+ Atmel IO1 Xplained extension
+ LPD8808 LED strips
* at86rf2xx: provide capability to access the RND_VALUE random value register

Build System
------------
+ static-tests build target for easy local execution of CI's static tests

Other
-----
+ Provide Arduino API to Nucleo boards
+ Packer configuration file to build vagrant boxes
+ CC2650STK Debugger Support
+ ethos: add Ethos over TCP support

Fixed Issues from the last release
==================================
 #534:  native debugging on osx fails
 #2071: native: *long* overdue fixes
 #3341: netdev2_tap crashes when hammered
 #5007: gnrc icmpv6: Ping reply goes out the wrong interface
 #5432: native: valgrind fails

Known Issues
============
Networking related issues
-------------------------
 #3075: nhdp: unnecessary microsecond precision: NHDP works with timer values
       of microsecond precision which is not required. Changing to lower
       precision would save some memory.
 #4048: potential racey memory leak: According to the packet buffer stats,
       flood-pinging a multicast destination may lead to a memory leak due to
       a race condition. However, it seems to be a rare case and a completely
       filled up packet buffer was not observed.
 #4388: POSIX sockets: open socket is bound to a specific thread: This was an
       inherit problem of the conn API under GNRC. Since the POSIX sockets are
       still based on conn for this release, this issue persists
 #4527: gnrc_ipv6: Multicast is not forwarded if routing node listens to the
       address (might still be fixable for release, see #5729, #5230: gnrc
       ipv6: multicast packets are not dispatched to the upper layers)
 #5016: gnrc_rpl: Rejoining RPL instance as root after reboot messes up routing
 #5055: cpuid: multiple radios will get same EUI-64 Nodes with multiple
       interfaces might get the same EUI-64 for them since they are generated
       from the same CPU ID.
 #5656: Possible Weakness with locking in the GNRC network stack: For some
       operations mutexes to the network interfaces need to get unlocked in
       the current implementation to not get deadlocked. Recursive mutexes as
       provided in #5731 might help to solve this problem.
 #5748: gnrc: nodes crashing with too small packet buffer: A packet buffer of
       size ~512 B might lead to crashes. The issue describes this for several
       hundret nodes, but agressive flooding with just two nodes was also
       shown to lead to this problem.
 #5858: gnrc: 6lo: potential problem with reassembly of fragments: If one frame
       gets lost the reassembly state machine might get out of sync

 ### NDP is not working properly
 #4499: handle of l2src_len in gnrc_ndp_rtr_sol_handle: Reception of a router
       solicitation might lead to invalid zero-length link-layer addresses in
       neighbor cache.
 #5005: ndp: router advertisement sent with global address: Under some
       circumstances a router might send RAs with GUAs. While they are ignored
       on receive (as RFC 4861 specifies), RAs should have link-local
       addresses and not even be send out this way.
 #5122: NDP: global unicast address on non-6LBR nodes disappears after a while:
       Several issues (also see #5760) lead to a global unicast address
       effectively being banned from the network (disappears from neighbor
       cache, is not added again)
 #5467: ipv6 address vanishes when ARO (wrongly) indicates DUP caused by
       outdated ncache at router
 #5539: Border Router: packet not forwarded from ethos to interface 6
 #5790: ND: Lost of Global IPV6 on node after sending lot of UDP frame from BR

Timer related issues
--------------------
 #4841: xtimer: timer already in the list: Under some conditions an xtimer can
       end up twice in the internal list of the xtimer module
 #4902: xtimer: xtimer_set: xtimer_set does not handle integer overflows well
 #5338: xtimer: xtimer_now() not ISR safe for non-32-bit platforms.
 #5928: xtimer: usage in board_init() crashes: some boards use the xtimer in
       there board_init() function. The xtimer is however first initialized in
       the auto_init module which is executed after board_init()
 #6052: tests: xtimer_drift gets stuck: xtimer_drift application freezes after
       ~30-200 seconds

native related issues
---------------------
 #495:  native not float safe: When the FPU is used when an asynchronous context
       switch occurs, either the stack gets corrupted or a floating point
       exception occurs.
 #2175: ubjson: valgind registers "Invalid write of size 4" in unittests
 #4590: pkg: building relic with clang fails.
 #5796: native: tlsf: early malloc will lead to a crash: TLSF needs pools to be
       initialized (which is currently expected to be done in an application).
       If a malloc is needed before an application's main started (e.g. driver
       initialization) the node can crash, since no pool is allocated yet.

other platform related issues
-----------------------------
 #1891: newlib-nano: Printf formatting does not work properly for some numberic
       types: PRI[uxdi]64, PRI[uxdi]8 and float are not parsed in newlib-nano
 #2006: cpu/nrf51822: timer callback may be fired too early
 #2143: unittests: tests-core doesn't compile for all platforms: GCC build-ins
       were used in the unittests which are not available with msp430-gcc
 #2300: qemu unittest fails because of a page fault
 #4512: pkg: tests: RELIC unittests fail on iotlab-m3
 #4522: avsextrem: linker sometimes doesn't find `bl_init_clks()`
 #4560: make: clang is more pedantic than gcc oonf_api is not building with
       clang. (Partly solved by #4593)
 #4694: drivers/lm75a: does not build
 #4737: cortex-m: Hard fault after a thread exits (under some circumstances)
 #4822: kw2xrf: packet loss when packets get fragmented
 #4876: at86rf2xx: Simultaneous use of different transceiver types is not
       supported
 #4954: chronos: compiling with -O0 breaks
 #4866: not all GPIO driver implementations are thread safe: Due to non-atomic
       operations in the drivers some pin configurations might get lost.
 #5009: RIOT is saw-toothing in energy consumption (even when idling)
 #5103: xtimer: weird behavior of tests/xtimer_drift: xtimer_drift randomly
       jumps a few seconds on nrf52
 #5361: cpu/cc26x0: timer broken
 #5405: Eratic timings on iotlab-m3 with compression context activated
 #5460: cpu/samd21: i2c timing with compiler optimization
 #5486: at86rf2xx: lost interrupts
 #5489: cpu/lpc11u34: ADC broken
 #5603: atmega boards second UART issue
 #5678: at86rf2xx: failed assertion in _isr
 #5719: cc2538: rf driver doesn't handle large packets
 #5799: kw2x: 15.4 duplicate transmits
 #5944: msp430: ipv6_hdr unittests fail
 #5848: arduino: Race condition in sys/arduino/Makefile.include
 #5954: nRF52 uart_write get stuck
 #6018: nRF52 gnrc 6lowpan ble memory leak

other issues
------------
 #1263: TLSF implementation contains (a) read-before-write error(s).
 #3256: make: Setting constants on compile time doesn't really set them
       everywhere
 #3366: periph/i2c: handle NACK
 #4488: Making the newlib thread-safe: When calling puts/printf after
       thread_create(), the CPU hangs for DMA enabled uart drivers.
 #4866: periph: GPIO drivers are not thread safe
 #5128: make: buildtest breaks when exporting FEATURES_PROVIDED var
 #5207: make: buildest fails with board dependent application Makefiles
 #5390: pkg: OpenWSN does not compile: This package still uses deprecated
       modules and was not tested for a long time.
 #5520: tests/periph_uart not working
 #5561: C++11 extensions in header files
 #5776: make: Predefining CFLAGS are parsed weirdly
 #5863: OSX +  SAMR21-xpro: shell cannot handle command inputs larger than 64
       chars
 #5962: Makefile: UNDEF variable is not working as documented
 #6022: pkg: build order issue

Special Thanks
==============
We like to give our special thanks to all the companies that provided us with
their hardware for porting and testing, namely the people from (in
alphabeticalorder): Atmel, Freescale, Imagination Technologies, Limifrog,
Nordic, OpenMote, Phytec, SiLabs, UDOO,and Zolertia; and also companies that
directly sponsored development time: Cisco Systems, Eistec, Ell-i, Enigeering
Spirit, Nordic, FreshTemp LLC, OTAkeys and Phytec.

More information
================
http://www.riot-os.org

Mailing lists
-------------
* RIOT OS kernel developers list
  devel@riot-os.org (http://lists.riot-os.org/mailman/listinfo/devel)
* RIOT OS users list
  users@riot-os.org (http://lists.riot-os.org/mailman/listinfo/users)
* RIOT commits
  commits@riot-os.org (http://lists.riot-os.org/mailman/listinfo/commits)
* Github notifications
  notifications@riot-os.org (http://lists.riot-os.org/mailman/listinfo/notifications)

IRC
---
* Join the RIOT IRC channel at: irc.freenode.net, #riot-os

License
=======
* Most of the code developed by the RIOT community is licensed under the GNU
  Lesser General Public License (LGPL) version 2.1 as published by the Free
  Software Foundation.
* Some external sources are published under a separate, LGPL compatible
  license (e.g. some files developed by SICS).

All code files contain licensing information.
miri64 added a commit that referenced this issue Nov 11, 2016
RIOT-2016.10 - Release Notes
============================
RIOT is a real-time multi-threading operating system that supports a range of
devices that are typically found in the Internet of Things: 8-bit
microcontrollers, 16-bit microcontrollers and light-weight 32-bit processors.

RIOT is based on the following design principles: energy-efficiency, real-time
capabilities, small memory footprint, modularity, and uniform API access,
independent of the underlying hardware (this API offers partial POSIX
compliance).

RIOT is developed by an international open source community which is
independent of specific vendors (e.g. similarly to the Linux community) and is
licensed with a non-viral copyleft license (LGPLv2.1), which allows indirect
business models around the free open-source software platform provided by
RIOT.

About this release:
===================
This release provides a lot of new features as well as it  fixes several major
bugs. Among these new features are the new simplified network socket API
called sock, the GNRC specific CoAP implementation gcoap and several new
packages: TinyDTLS, the Aversive++ microcontroller library for robotics, the
u8g2 graphic library, and nanocoap.
Using the new sock API an implementation of the Simple Time Network Protocol
(SNTP) was also introduced, allowing for time synchronization between nodes.
New platforms include the Arduino Uno, the Arduino Duemilanove, the Arduino
Zero, SODAQ Autonomo, and the Zolertia remote (rev. B).
The most significant bug fix was done in native which led to a significantly
more robust handling of ISRs and now allows for at least 1,000 native
instances running stably on one machine.

About 263 pull requests with about 398 commits have been merged since the last
release and about 42 issues have been solved. 37 people contributed with code
in 100 days. 1006 files have been touched with 166500 insertions and 26926
deletions.

Notations used below:
=====================
+ means new feature/item
* means modified feature/item
- means removed feature/item

New features and changes
========================
General
-------
* Verbose behavior for assert() macro

Core
----
+ MPU support for Cortex-M

API changes
-----------
+ Socket-like sock API (replacing conn)
* netdev2: Add Testmodes and CCA modes
* IEEE 802.15.4: clean-up Intra-PAN behavior
* IEEE 802.15.4: centralize default values
* gnrc_pktbuf: allow for 0-sized snips
+ gnrc_netapi: mbox and arbitrary callback support

System libraries
----------------
No new features or changes

Networking
----------
+ Provide sock-port for GNRC
+ gcoap: a GNRC-based CoAP implementation
+ Simple Network Time Protocol (RFC 5905, section 14)
+ Priority Queue for packet snips
+ IPv4 header definitions

Packages
--------
+ nanocoap: CoAP header parser/builder
+ TinyDTLS: DTLS library
+ tiny-asn1: asn.1/der decoder
+ Aversive++ microcontroller programming library
+ u8g2 graphic library

Platforms
---------
+ Support for stm32f2xx MCU family
+ Low power modes for samd21 CPUs
+ More Arduino-based platforms:
    + Arduino Uno
    + Arduino Duemilanove
    + Arduino Zero
+ More boards of ST's Nucleo platforms:
    + ST Nucleo F030 board support
    + ST Nucleo F070 board support
    + ST Nucleo F446 board support
+ SODAQ Automono
+ Zolertia remote rev. B

Drivers
-------
+ W5100 Ethernet device
+ Atmel IO1 Xplained extension
+ LPD8808 LED strips
* at86rf2xx: provide capability to access the RND_VALUE random value register

Build System
------------
+ static-tests build target for easy local execution of CI's static tests

Other
-----
+ Provide Arduino API to Nucleo boards
+ Packer configuration file to build vagrant boxes
+ CC2650STK Debugger Support
+ ethos: add Ethos over TCP support

Fixed Issues from the last release
==================================
 #534:  native debugging on osx fails
 #2071: native: *long* overdue fixes
 #3341: netdev2_tap crashes when hammered
 #5007: gnrc icmpv6: Ping reply goes out the wrong interface
 #5432: native: valgrind fails

Known Issues
============
Networking related issues
-------------------------
 #3075: nhdp: unnecessary microsecond precision: NHDP works with timer values
       of microsecond precision which is not required. Changing to lower
       precision would save some memory.
 #4048: potential racey memory leak: According to the packet buffer stats,
       flood-pinging a multicast destination may lead to a memory leak due to
       a race condition. However, it seems to be a rare case and a completely
       filled up packet buffer was not observed.
 #4388: POSIX sockets: open socket is bound to a specific thread: This was an
       inherit problem of the conn API under GNRC. Since the POSIX sockets are
       still based on conn for this release, this issue persists
 #4527: gnrc_ipv6: Multicast is not forwarded if routing node listens to the
       address (might still be fixable for release, see #5729, #5230: gnrc
       ipv6: multicast packets are not dispatched to the upper layers)
 #5016: gnrc_rpl: Rejoining RPL instance as root after reboot messes up routing
 #5055: cpuid: multiple radios will get same EUI-64 Nodes with multiple
       interfaces might get the same EUI-64 for them since they are generated
       from the same CPU ID.
 #5656: Possible Weakness with locking in the GNRC network stack: For some
       operations mutexes to the network interfaces need to get unlocked in
       the current implementation to not get deadlocked. Recursive mutexes as
       provided in #5731 might help to solve this problem.
 #5748: gnrc: nodes crashing with too small packet buffer: A packet buffer of
       size ~512 B might lead to crashes. The issue describes this for several
       hundret nodes, but agressive flooding with just two nodes was also
       shown to lead to this problem.
 #5858: gnrc: 6lo: potential problem with reassembly of fragments: If one frame
       gets lost the reassembly state machine might get out of sync

 ### NDP is not working properly
 #4499: handle of l2src_len in gnrc_ndp_rtr_sol_handle: Reception of a router
       solicitation might lead to invalid zero-length link-layer addresses in
       neighbor cache.
 #5005: ndp: router advertisement sent with global address: Under some
       circumstances a router might send RAs with GUAs. While they are ignored
       on receive (as RFC 4861 specifies), RAs should have link-local
       addresses and not even be send out this way.
 #5122: NDP: global unicast address on non-6LBR nodes disappears after a while:
       Several issues (also see #5760) lead to a global unicast address
       effectively being banned from the network (disappears from neighbor
       cache, is not added again)
 #5467: ipv6 address vanishes when ARO (wrongly) indicates DUP caused by
       outdated ncache at router
 #5539: Border Router: packet not forwarded from ethos to interface 6
 #5790: ND: Lost of Global IPV6 on node after sending lot of UDP frame from BR

Timer related issues
--------------------
 #4841: xtimer: timer already in the list: Under some conditions an xtimer can
       end up twice in the internal list of the xtimer module
 #4902: xtimer: xtimer_set: xtimer_set does not handle integer overflows well
 #5338: xtimer: xtimer_now() not ISR safe for non-32-bit platforms.
 #5928: xtimer: usage in board_init() crashes: some boards use the xtimer in
       there board_init() function. The xtimer is however first initialized in
       the auto_init module which is executed after board_init()
 #6052: tests: xtimer_drift gets stuck: xtimer_drift application freezes after
       ~30-200 seconds

native related issues
---------------------
 #495:  native not float safe: When the FPU is used when an asynchronous context
       switch occurs, either the stack gets corrupted or a floating point
       exception occurs.
 #2175: ubjson: valgind registers "Invalid write of size 4" in unittests
 #4590: pkg: building relic with clang fails.
 #5796: native: tlsf: early malloc will lead to a crash: TLSF needs pools to be
       initialized (which is currently expected to be done in an application).
       If a malloc is needed before an application's main started (e.g. driver
       initialization) the node can crash, since no pool is allocated yet.

other platform related issues
-----------------------------
 #1891: newlib-nano: Printf formatting does not work properly for some numberic
       types: PRI[uxdi]64, PRI[uxdi]8 and float are not parsed in newlib-nano
 #2006: cpu/nrf51822: timer callback may be fired too early
 #2143: unittests: tests-core doesn't compile for all platforms: GCC build-ins
       were used in the unittests which are not available with msp430-gcc
 #2300: qemu unittest fails because of a page fault
 #4512: pkg: tests: RELIC unittests fail on iotlab-m3
 #4522: avsextrem: linker sometimes doesn't find `bl_init_clks()`
 #4560: make: clang is more pedantic than gcc oonf_api is not building with
       clang. (Partly solved by #4593)
 #4694: drivers/lm75a: does not build
 #4737: cortex-m: Hard fault after a thread exits (under some circumstances)
 #4822: kw2xrf: packet loss when packets get fragmented
 #4876: at86rf2xx: Simultaneous use of different transceiver types is not
       supported
 #4954: chronos: compiling with -O0 breaks
 #4866: not all GPIO driver implementations are thread safe: Due to non-atomic
       operations in the drivers some pin configurations might get lost.
 #5009: RIOT is saw-toothing in energy consumption (even when idling)
 #5103: xtimer: weird behavior of tests/xtimer_drift: xtimer_drift randomly
       jumps a few seconds on nrf52
 #5361: cpu/cc26x0: timer broken
 #5405: Eratic timings on iotlab-m3 with compression context activated
 #5460: cpu/samd21: i2c timing with compiler optimization
 #5486: at86rf2xx: lost interrupts
 #5489: cpu/lpc11u34: ADC broken
 #5603: atmega boards second UART issue
 #5678: at86rf2xx: failed assertion in _isr
 #5719: cc2538: rf driver doesn't handle large packets
 #5799: kw2x: 15.4 duplicate transmits
 #5944: msp430: ipv6_hdr unittests fail
 #5848: arduino: Race condition in sys/arduino/Makefile.include
 #5954: nRF52 uart_write get stuck
 #6018: nRF52 gnrc 6lowpan ble memory leak

other issues
------------
 #1263: TLSF implementation contains (a) read-before-write error(s).
 #3256: make: Setting constants on compile time doesn't really set them
       everywhere
 #3366: periph/i2c: handle NACK
 #4488: Making the newlib thread-safe: When calling puts/printf after
       thread_create(), the CPU hangs for DMA enabled uart drivers.
 #4866: periph: GPIO drivers are not thread safe
 #5128: make: buildtest breaks when exporting FEATURES_PROVIDED var
 #5207: make: buildest fails with board dependent application Makefiles
 #5390: pkg: OpenWSN does not compile: This package still uses deprecated
       modules and was not tested for a long time.
 #5520: tests/periph_uart not working
 #5561: C++11 extensions in header files
 #5776: make: Predefining CFLAGS are parsed weirdly
 #5863: OSX +  SAMR21-xpro: shell cannot handle command inputs larger than 64
       chars
 #5962: Makefile: UNDEF variable is not working as documented
 #6022: pkg: build order issue

Special Thanks
==============
We like to give our special thanks to all the companies that provided us with
their hardware for porting and testing, namely the people from (in
alphabeticalorder): Atmel, Freescale, Imagination Technologies, Limifrog,
Nordic, OpenMote, Phytec, SiLabs, UDOO,and Zolertia; and also companies that
directly sponsored development time: Cisco Systems, Eistec, Ell-i, Enigeering
Spirit, Nordic, FreshTemp LLC, OTAkeys and Phytec.

More information
================
http://www.riot-os.org

Mailing lists
-------------
* RIOT OS kernel developers list
  devel@riot-os.org (http://lists.riot-os.org/mailman/listinfo/devel)
* RIOT OS users list
  users@riot-os.org (http://lists.riot-os.org/mailman/listinfo/users)
* RIOT commits
  commits@riot-os.org (http://lists.riot-os.org/mailman/listinfo/commits)
* Github notifications
  notifications@riot-os.org (http://lists.riot-os.org/mailman/listinfo/notifications)

IRC
---
* Join the RIOT IRC channel at: irc.freenode.net, #riot-os

License
=======
* Most of the code developed by the RIOT community is licensed under the GNU
  Lesser General Public License (LGPL) version 2.1 as published by the Free
  Software Foundation.
* Some external sources are published under a separate, LGPL compatible
  license (e.g. some files developed by SICS).

All code files contain licensing information.
@miri64 miri64 removed this from the Release 2016.10 milestone Nov 11, 2016
@miri64 miri64 modified the milestones: Release 2017.01, Release 2016.10 Nov 11, 2016
neiljay pushed a commit to neiljay/RIOT that referenced this issue Jan 16, 2017
RIOT-2016.10 - Release Notes
============================
RIOT is a real-time multi-threading operating system that supports a range of
devices that are typically found in the Internet of Things: 8-bit
microcontrollers, 16-bit microcontrollers and light-weight 32-bit processors.

RIOT is based on the following design principles: energy-efficiency, real-time
capabilities, small memory footprint, modularity, and uniform API access,
independent of the underlying hardware (this API offers partial POSIX
compliance).

RIOT is developed by an international open source community which is
independent of specific vendors (e.g. similarly to the Linux community) and is
licensed with a non-viral copyleft license (LGPLv2.1), which allows indirect
business models around the free open-source software platform provided by
RIOT.

About this release:
===================
This release provides a lot of new features as well as it  fixes several major
bugs. Among these new features are the new simplified network socket API
called sock, the GNRC specific CoAP implementation gcoap and several new
packages: TinyDTLS, the Aversive++ microcontroller library for robotics, the
u8g2 graphic library, and nanocoap.
Using the new sock API an implementation of the Simple Time Network Protocol
(SNTP) was also introduced, allowing for time synchronization between nodes.
New platforms include the Arduino Uno, the Arduino Duemilanove, the Arduino
Zero, SODAQ Autonomo, and the Zolertia remote (rev. B).
The most significant bug fix was done in native which led to a significantly
more robust handling of ISRs and now allows for at least 1,000 native
instances running stably on one machine.

About 263 pull requests with about 398 commits have been merged since the last
release and about 42 issues have been solved. 37 people contributed with code
in 100 days. 1006 files have been touched with 166500 insertions and 26926
deletions.

Notations used below:
=====================
+ means new feature/item
* means modified feature/item
- means removed feature/item

New features and changes
========================
General
-------
* Verbose behavior for assert() macro

Core
----
+ MPU support for Cortex-M

API changes
-----------
+ Socket-like sock API (replacing conn)
* netdev2: Add Testmodes and CCA modes
* IEEE 802.15.4: clean-up Intra-PAN behavior
* IEEE 802.15.4: centralize default values
* gnrc_pktbuf: allow for 0-sized snips
+ gnrc_netapi: mbox and arbitrary callback support

System libraries
----------------
No new features or changes

Networking
----------
+ Provide sock-port for GNRC
+ gcoap: a GNRC-based CoAP implementation
+ Simple Network Time Protocol (RFC 5905, section 14)
+ Priority Queue for packet snips
+ IPv4 header definitions

Packages
--------
+ nanocoap: CoAP header parser/builder
+ TinyDTLS: DTLS library
+ tiny-asn1: asn.1/der decoder
+ Aversive++ microcontroller programming library
+ u8g2 graphic library

Platforms
---------
+ Support for stm32f2xx MCU family
+ Low power modes for samd21 CPUs
+ More Arduino-based platforms:
    + Arduino Uno
    + Arduino Duemilanove
    + Arduino Zero
+ More boards of ST's Nucleo platforms:
    + ST Nucleo F030 board support
    + ST Nucleo F070 board support
    + ST Nucleo F446 board support
+ SODAQ Automono
+ Zolertia remote rev. B

Drivers
-------
+ W5100 Ethernet device
+ Atmel IO1 Xplained extension
+ LPD8808 LED strips
* at86rf2xx: provide capability to access the RND_VALUE random value register

Build System
------------
+ static-tests build target for easy local execution of CI's static tests

Other
-----
+ Provide Arduino API to Nucleo boards
+ Packer configuration file to build vagrant boxes
+ CC2650STK Debugger Support
+ ethos: add Ethos over TCP support

Fixed Issues from the last release
==================================
 RIOT-OS#534:  native debugging on osx fails
 RIOT-OS#2071: native: *long* overdue fixes
 RIOT-OS#3341: netdev2_tap crashes when hammered
 RIOT-OS#5007: gnrc icmpv6: Ping reply goes out the wrong interface
 RIOT-OS#5432: native: valgrind fails

Known Issues
============
Networking related issues
-------------------------
 RIOT-OS#3075: nhdp: unnecessary microsecond precision: NHDP works with timer values
       of microsecond precision which is not required. Changing to lower
       precision would save some memory.
 RIOT-OS#4048: potential racey memory leak: According to the packet buffer stats,
       flood-pinging a multicast destination may lead to a memory leak due to
       a race condition. However, it seems to be a rare case and a completely
       filled up packet buffer was not observed.
 RIOT-OS#4388: POSIX sockets: open socket is bound to a specific thread: This was an
       inherit problem of the conn API under GNRC. Since the POSIX sockets are
       still based on conn for this release, this issue persists
 RIOT-OS#4527: gnrc_ipv6: Multicast is not forwarded if routing node listens to the
       address (might still be fixable for release, see RIOT-OS#5729, RIOT-OS#5230: gnrc
       ipv6: multicast packets are not dispatched to the upper layers)
 RIOT-OS#5016: gnrc_rpl: Rejoining RPL instance as root after reboot messes up routing
 RIOT-OS#5055: cpuid: multiple radios will get same EUI-64 Nodes with multiple
       interfaces might get the same EUI-64 for them since they are generated
       from the same CPU ID.
 RIOT-OS#5656: Possible Weakness with locking in the GNRC network stack: For some
       operations mutexes to the network interfaces need to get unlocked in
       the current implementation to not get deadlocked. Recursive mutexes as
       provided in RIOT-OS#5731 might help to solve this problem.
 RIOT-OS#5748: gnrc: nodes crashing with too small packet buffer: A packet buffer of
       size ~512 B might lead to crashes. The issue describes this for several
       hundret nodes, but agressive flooding with just two nodes was also
       shown to lead to this problem.
 RIOT-OS#5858: gnrc: 6lo: potential problem with reassembly of fragments: If one frame
       gets lost the reassembly state machine might get out of sync

 ### NDP is not working properly
 RIOT-OS#4499: handle of l2src_len in gnrc_ndp_rtr_sol_handle: Reception of a router
       solicitation might lead to invalid zero-length link-layer addresses in
       neighbor cache.
 RIOT-OS#5005: ndp: router advertisement sent with global address: Under some
       circumstances a router might send RAs with GUAs. While they are ignored
       on receive (as RFC 4861 specifies), RAs should have link-local
       addresses and not even be send out this way.
 RIOT-OS#5122: NDP: global unicast address on non-6LBR nodes disappears after a while:
       Several issues (also see RIOT-OS#5760) lead to a global unicast address
       effectively being banned from the network (disappears from neighbor
       cache, is not added again)
 RIOT-OS#5467: ipv6 address vanishes when ARO (wrongly) indicates DUP caused by
       outdated ncache at router
 RIOT-OS#5539: Border Router: packet not forwarded from ethos to interface 6
 RIOT-OS#5790: ND: Lost of Global IPV6 on node after sending lot of UDP frame from BR

Timer related issues
--------------------
 RIOT-OS#4841: xtimer: timer already in the list: Under some conditions an xtimer can
       end up twice in the internal list of the xtimer module
 RIOT-OS#4902: xtimer: xtimer_set: xtimer_set does not handle integer overflows well
 RIOT-OS#5338: xtimer: xtimer_now() not ISR safe for non-32-bit platforms.
 RIOT-OS#5928: xtimer: usage in board_init() crashes: some boards use the xtimer in
       there board_init() function. The xtimer is however first initialized in
       the auto_init module which is executed after board_init()
 RIOT-OS#6052: tests: xtimer_drift gets stuck: xtimer_drift application freezes after
       ~30-200 seconds

native related issues
---------------------
 RIOT-OS#495:  native not float safe: When the FPU is used when an asynchronous context
       switch occurs, either the stack gets corrupted or a floating point
       exception occurs.
 RIOT-OS#2175: ubjson: valgind registers "Invalid write of size 4" in unittests
 RIOT-OS#4590: pkg: building relic with clang fails.
 RIOT-OS#5796: native: tlsf: early malloc will lead to a crash: TLSF needs pools to be
       initialized (which is currently expected to be done in an application).
       If a malloc is needed before an application's main started (e.g. driver
       initialization) the node can crash, since no pool is allocated yet.

other platform related issues
-----------------------------
 RIOT-OS#1891: newlib-nano: Printf formatting does not work properly for some numberic
       types: PRI[uxdi]64, PRI[uxdi]8 and float are not parsed in newlib-nano
 RIOT-OS#2006: cpu/nrf51822: timer callback may be fired too early
 RIOT-OS#2143: unittests: tests-core doesn't compile for all platforms: GCC build-ins
       were used in the unittests which are not available with msp430-gcc
 RIOT-OS#2300: qemu unittest fails because of a page fault
 RIOT-OS#4512: pkg: tests: RELIC unittests fail on iotlab-m3
 RIOT-OS#4522: avsextrem: linker sometimes doesn't find `bl_init_clks()`
 RIOT-OS#4560: make: clang is more pedantic than gcc oonf_api is not building with
       clang. (Partly solved by RIOT-OS#4593)
 RIOT-OS#4694: drivers/lm75a: does not build
 RIOT-OS#4737: cortex-m: Hard fault after a thread exits (under some circumstances)
 RIOT-OS#4822: kw2xrf: packet loss when packets get fragmented
 RIOT-OS#4876: at86rf2xx: Simultaneous use of different transceiver types is not
       supported
 RIOT-OS#4954: chronos: compiling with -O0 breaks
 RIOT-OS#4866: not all GPIO driver implementations are thread safe: Due to non-atomic
       operations in the drivers some pin configurations might get lost.
 RIOT-OS#5009: RIOT is saw-toothing in energy consumption (even when idling)
 RIOT-OS#5103: xtimer: weird behavior of tests/xtimer_drift: xtimer_drift randomly
       jumps a few seconds on nrf52
 RIOT-OS#5361: cpu/cc26x0: timer broken
 RIOT-OS#5405: Eratic timings on iotlab-m3 with compression context activated
 RIOT-OS#5460: cpu/samd21: i2c timing with compiler optimization
 RIOT-OS#5486: at86rf2xx: lost interrupts
 RIOT-OS#5489: cpu/lpc11u34: ADC broken
 RIOT-OS#5603: atmega boards second UART issue
 RIOT-OS#5678: at86rf2xx: failed assertion in _isr
 RIOT-OS#5719: cc2538: rf driver doesn't handle large packets
 RIOT-OS#5799: kw2x: 15.4 duplicate transmits
 RIOT-OS#5944: msp430: ipv6_hdr unittests fail
 RIOT-OS#5848: arduino: Race condition in sys/arduino/Makefile.include
 RIOT-OS#5954: nRF52 uart_write get stuck
 RIOT-OS#6018: nRF52 gnrc 6lowpan ble memory leak

other issues
------------
 RIOT-OS#1263: TLSF implementation contains (a) read-before-write error(s).
 RIOT-OS#3256: make: Setting constants on compile time doesn't really set them
       everywhere
 RIOT-OS#3366: periph/i2c: handle NACK
 RIOT-OS#4488: Making the newlib thread-safe: When calling puts/printf after
       thread_create(), the CPU hangs for DMA enabled uart drivers.
 RIOT-OS#4866: periph: GPIO drivers are not thread safe
 RIOT-OS#5128: make: buildtest breaks when exporting FEATURES_PROVIDED var
 RIOT-OS#5207: make: buildest fails with board dependent application Makefiles
 RIOT-OS#5390: pkg: OpenWSN does not compile: This package still uses deprecated
       modules and was not tested for a long time.
 RIOT-OS#5520: tests/periph_uart not working
 RIOT-OS#5561: C++11 extensions in header files
 RIOT-OS#5776: make: Predefining CFLAGS are parsed weirdly
 RIOT-OS#5863: OSX +  SAMR21-xpro: shell cannot handle command inputs larger than 64
       chars
 RIOT-OS#5962: Makefile: UNDEF variable is not working as documented
 RIOT-OS#6022: pkg: build order issue

Special Thanks
==============
We like to give our special thanks to all the companies that provided us with
their hardware for porting and testing, namely the people from (in
alphabeticalorder): Atmel, Freescale, Imagination Technologies, Limifrog,
Nordic, OpenMote, Phytec, SiLabs, UDOO,and Zolertia; and also companies that
directly sponsored development time: Cisco Systems, Eistec, Ell-i, Enigeering
Spirit, Nordic, FreshTemp LLC, OTAkeys and Phytec.

More information
================
http://www.riot-os.org

Mailing lists
-------------
* RIOT OS kernel developers list
  devel@riot-os.org (http://lists.riot-os.org/mailman/listinfo/devel)
* RIOT OS users list
  users@riot-os.org (http://lists.riot-os.org/mailman/listinfo/users)
* RIOT commits
  commits@riot-os.org (http://lists.riot-os.org/mailman/listinfo/commits)
* Github notifications
  notifications@riot-os.org (http://lists.riot-os.org/mailman/listinfo/notifications)

IRC
---
* Join the RIOT IRC channel at: irc.freenode.net, #riot-os

License
=======
* Most of the code developed by the RIOT community is licensed under the GNU
  Lesser General Public License (LGPL) version 2.1 as published by the Free
  Software Foundation.
* Some external sources are published under a separate, LGPL compatible
  license (e.g. some files developed by SICS).

All code files contain licensing information.
@PeterKietzmann PeterKietzmann modified the milestones: Release 2017.01, Release 2017.04 Jan 26, 2017
@kYc0o
Copy link
Contributor

kYc0o commented Apr 26, 2017

#5731 was merged.

@kYc0o kYc0o closed this as completed Apr 26, 2017
@miri64
Copy link
Member

miri64 commented Apr 26, 2017

#5731 did not fix this issue it just provided a new data type to fix it.

@miri64 miri64 reopened this Apr 26, 2017
@kYc0o
Copy link
Contributor

kYc0o commented Apr 26, 2017

Ok, just changed the milestone since the fix seems to be hard.

@miri64
Copy link
Member

miri64 commented Apr 26, 2017

It's not hard, its just a very intensive search-and-replace of mutexes to rmutexes with regards to gnrc_ipv6_netif ;-).

@miri64
Copy link
Member

miri64 commented Nov 6, 2017

Fixed by #7925

@miri64
Copy link
Member

miri64 commented Nov 27, 2017

This was fixed with the introduction of the new network interface API in #7925

@miri64 miri64 closed this as completed Nov 27, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Area: network Area: Networking Type: bug The issue reports a bug / The PR fixes a bug (including spelling errors)
Projects
None yet
Development

No branches or pull requests

8 participants