[Libwebsockets] [libwebsockets] #18: Crash on SSL_connect

Trac trac at libwebsockets.org
Wed Feb 20 10:19:05 CET 2013


#18: Crash on SSL_connect
-------------------------------------+--------------------
  Reporter:  Joakim                  |      Owner:  agreen
      Type:  defect                  |     Status:  new
  Priority:  major                   |  Milestone:
 Component:  libwebsocket test apps  |    Version:
Resolution:                          |   Keywords:
-------------------------------------+--------------------

Comment (by Joakim):

 Crash in different location:
 {{{
 Program received signal EXC_BAD_ACCESS, Could not access memory.

 Reason: KERN_INVALID_ADDRESS at address: 0x000000000000001a
 0x00000001003d2fe6 in BIO_read ()
 (gdb) backtrace
 #0  0x00000001003d2fe6 in BIO_read ()
 #1  0x0000000100312eeb in ssl23_read_bytes ()
 #2  0x000000010031206e in ssl23_connect ()
 #3  0x00000001002e3990 in lws_client_socket_service ()
 #4  0x00000001002e7dfd in libwebsocket_service_fd ()
 #5  0x00000001002e808b in libwebsocket_service ()
 }}}

 Haven't been able to get a debug build of OpenSSL running. But at least I
 turned on the libwebsockets internal logging:

 {{{
 [1361350531:9999] INFO: SSL_connect WANT_... retrying
 [1361350531:9999] INFO: SSL_connect WANT_... retrying
 [1361350531:9999] INFO: SSL_connect WANT_... retrying
 [1361350531:9999] INFO: SSL_connect WANT_... retrying
 [1361350531:9999] INFO: SSL_connect WANT_... retrying
 [1361350531:9999] INFO: SSL_connect WANT_... retrying
 [1361350532:0000] INFO: SSL_connect WANT_... retrying
 [1361350532:0000] INFO: TIMEDOUT WAITING
 [1361350532:0000] DEBUG: close: just_kill_connection
 [1361350532:0000] DEBUG: not calling back closed

 Program received signal EXC_BAD_ACCESS, Could not access memory.
 Reason: KERN_INVALID_ADDRESS at address: 0x000000000000002d
 0x0000000100349f5a in SSL_connect ()
 (gdb) bt
 #0  0x0000000100349f5a in SSL_connect ()
 #1  0x00000001002ff79b in lws_client_socket_service (context=0x101800000,
 wsi=0x1011199b0, pollfd=0x101801200) at build/osx/libwebsockets-git/src
 /libwebsockets-git/lib/client.c:143
 #2  0x0000000100304342 in libwebsocket_service_fd (context=0x101800000,
 pollfd=0x101801200) at build/osx/libwebsockets-git/src/libwebsockets-
 git/lib/libwebsockets.c:1058
 #3  0x00000001003045d0 in libwebsocket_service (context=0x101800000,
 timeout_ms=1000) at build/osx/libwebsockets-git/src/libwebsockets-
 git/lib/libwebsockets.c:1224

 }}}

 I see the: '''"not calling back closed"''' message. I'm not sure why there
 is no callback to tell me that the websocket instance is going to be
 freed.

 I don't know if this is what's causing the crash. But since I use the
 '''LWS_CALLBACK_CLOSED''' callback to set my wsi instance to NULL, it
 might be?

 The crash isn't happening on me trying to touch the wsi struct though, I'm
 simply servicing the libwebsockets context.

 I run the program in gdb when the crash happens, and it looks like the SSL
 struct is not garbage memory, and that the wsi struct is also ok.

 {{{
 (gdb) print wsi->ssl->handshake_func
 $11 = (int (*)(SSL *)) 0x100333cc0 <ssl23_connect>
 }}}

-- 
Ticket URL: <http://libwebsockets.org/trac/ticket/18#comment:2>
libwebsockets <http://libwebsockets.org>
libwebsockets C library



More information about the Libwebsockets mailing list