[Libwebsockets] Segfault

Jack Mitchell ml at communistcode.co.uk
Wed Jan 23 12:54:38 CET 2013


On 18/01/13 23:54, Andy Green wrote:
> Hi -
>
> Is your code arranged like the test server in terms of using the "call 
> me back when I am writable" api when you have something to send, and 
> writing a single thing in the "I am writable" callback?
>
> The mystery here is how you end up trying to do multiple things with a 
> dead socket, the library shouldn't be able to call you back even once 
> under those circumstances. However if your code took the (wrong) 
> approach to store the wsi and randomly try to send on it, that can 
> easily happen.
>
> -Andy
>
>
> Jack Mitchell <ml at communistcode.co.uk> wrote:
>
>     On 18/01/13 15:42, Jack Mitchell wrote:
>
>         On 18/01/13 14:04, "Andy Green (林安廸)" wrote:
>
>             On 18/01/13 21:20, the mail apparently from Jack Mitchell
>             included: Hi -
>
>                 Today I tried out the latest libwebsockets master in
>                 my embedded application and gave it a good thrashing.
>                 I managed to reproduce a segfault a few times - I have
>                 had this issue before but thought I had fixed it but
>                 it has reared it's ugly head again in this new release. I
>
>             Hm sorry to hear that but I am glad to hear you are
>             beating on the library HEAD.
>
>                 have attached a valgrind trace below in the hope that
>                 someone could help me out. I think it is trying to
>                 write to a dead socket (null pointer) and bailing out.
>                 Should there be some extra error checking somewhere to
>                 ensure that a dead socket is never written to?
>
>             Until this week it would have been too expensive, but with
>             the new lookup array approach it should be possible to
>             cheaply confirm the struct websocket you have hold of
>             still jibes with the pollfd it claims to hold and the fds
>             match. I added an api lws_confirm_legit_wsi()
>             http://git.libwebsockets.org/cgi-bin/cgit/libwebsockets/commit/?id=acbaee649ab62beb34609d4b79e8814a2913430f
>             and used it on libwebsocket_write... if you think that's
>             the problem you can sprinkle them around and see if it
>             fires. It looks for any inconsistency between what the
>             struct websocket thinks its position in in the polling
>             table and what the polling table thinks. I wasn't really
>             able to tie up the valgrind log with the idea something
>             blows segfaults. The log shows a memcpy inside deflate is
>             reading 2 bytes it shouldn't? -Andy
>
>                 I'm going to investigate some more and will let you
>                 know if I find a solution! <snip>
>
>         Hi Andy, I turned the DEBUG levels right up (1 | 2 | 4 | 8)
>         and it stopped the segfault. I would assume this means that
>         somewhere there is maybe some error checking code that the
>         debug ifdefs out? Jack.
>
>
>
>
>
>     Below is a log of me thrashing it so you can see which parts of the code
>     I am giving a good kicking.
>
>     <snip>
>

Hi Andy,

I cannot produce this any more in the latest head. I will go over my 
websocket implementation again at some point to be sure that it's not 
just chance.

Regards,
Jack.

-- 

   Jack Mitchell (jack at embed.me.uk)
   Embedded Systems Engineer
   http://www.embed.me.uk

--




More information about the Libwebsockets mailing list