Subject: Re: [Boost-bugs] [Boost C++ Libraries] #7611: segfault in epoll_reactor.ipp
From: Boost C++ Libraries (noreply_at_[hidden])
Date: 2017-09-28 14:17:13
#7611: segfault in epoll_reactor.ipp
-------------------------------------------------+-------------------------
Reporter: Fredrik Jansson | Owner:
<fredrik.jansson.se@…> | chris_kohlhoff
Type: Bugs | Status: reopened
Milestone: To Be Determined | Component: asio
Version: Boost 1.52.0 | Severity: Problem
Resolution: | Keywords:
-------------------------------------------------+-------------------------
Comment (by bronf):
I encountered the same bug and made a minimal example attached to this
page to reproduce the bug (tested with 1.65.1). See also the gdb output, I
kept the core if you would like me to extract some more information.
My program starts a server which just waits with the connected socket
while the client writes a large amount of data. Because the server does
not read, the write operation is stopped and the timer expires and cancels
the write operation by closing the client socket. (This is just a test
program, not a real program).
Apparently, in rare situations, closing the socket while in async_write
gives a segmentation fault because of the dereferencement of a nullptr
(descriptor_data).
boost/include/boost/asio/detail/impl/epoll_reactor.ipp:230
230 if (descriptor_data->shutdown_)
(gdb) print descriptor_data
$1 = (boost::asio::detail::epoll_reactor::per_descriptor_data &)
@0x64de48: 0x0
Because the bug appears very rarely, this is what I do to make it happen
and stop in gdb:
while gdb -ex run -ex quit ./asio_bug ; do true; done
In parallel, I try to load the computer with a lot of things (not sure if
this helps to make the bug appear).
Tested on linux 64 bits with gcc 7.2.0 and boost 1.65.1.
-- Ticket URL: <https://svn.boost.org/trac10/boost/ticket/7611#comment:9> Boost C++ Libraries <http://www.boost.org/> Boost provides free peer-reviewed portable C++ source libraries.
This archive was generated by hypermail 2.1.7 : 2017-09-28 14:23:54 UTC