Hi Martin, yes I confirm that the patch is under MIT license. Sorry, missed to mention it to my first email. Regards, Aram -----Original Message----- From: nanomsg-bounce@xxxxxxxxxxxxx [mailto:nanomsg-bounce@xxxxxxxxxxxxx] On Behalf Of Martin Sustrik Sent: 23 October 2014 08:09 To: nanomsg@xxxxxxxxxxxxx Subject: [nanomsg] Re: [PATCH] Bug fix for the clean-up of removed poll fds, when NN_USE_POLL is selected. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Aram, Can you confirm that you are submitting the patch under MIT license? Thanks! Martin On 22/10/14 14:15, Aram Santogidis wrote: > Hi, > > I found a bug and I submit a patch for the fix. > > Here is the descritption: > > I selected to use poll as the polling mechanism (i.e. > NN_USE_POLL=1) and then executed the unit tests (make check). > > The ipc_shutdown and tcp_shutdown failed with the following messages > > ./test-driver: line 107: 18064 Segmentation fault "$@" > > $log_file 2>&1 FAIL: tests/ipc_shutdown ./test-driver: line 107: > 20233 Segmentation fault "$@" > $log_file 2>&1 FAIL: > tests/tcp_shutdown > > 1) I investigated the issue, and discovered that the following > segmentation fault was the source of the failure. > > nn_poller_wait (self=self@entry=0x7ffff7dd9608 <self+136>, > timeout=70) at src/aio/poller_poll.inc:130 130 > self->hndls [i].hndl->index = i; > > The statement at line 130 fails because hndl can be NULL in the case > when *the last element of the pollset belongs to the list of removed > fds, itself*. I solved this by adding a check for NULL before the > assignment. > > 2) I discovered a second bug, also in the nn_poller_wait, however more > subtle than the NULL pointer problem. > > Assume that we add N pollsets to the list of removed fds. If it > happens to be that the N-1 element is at the end of the pollsets, it > will take the position of N after the replacement. In this case the > .prev index is the same with the i index. The adjustment that follows > > /* The fd from the end of the pollset may have been on removed fds > list itself. If so, adjust the list. */ [...] > > corrupts the list because both .next and .prev are equal to i now. > > > The symptoms of this error are not deterministic. Sometimes The test > wouldn't terminate at all, some other times it would terminate with a > segmentation fault because the *removed* field would have larger value > than the size of the array, or the *size* field would take negative > values because the loop wouldn't terminate. > > I solved this problem by adding the following code just before the > replacement. > > + if (self->hndls [i].next != -1) + > self->hndls [self->hndls [i].next].prev = -1; > > After every replacement, the next element is at the top of the stack, > therefore the .prev should be equal to -1. This fixes the problem 2) > > After these two changes, the tests pass. > > > Best Regards, Aram Santogidis > > > ---------------------------------------- Marie Curie Fellow, CERN > ICE-DIP project Tel: +49 17677192498 > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAEBAgAGBQJUSJtfAAoJENTpVjxCNN9Yvf8H/Rgd0BgZKhjrsfapflQZLp+M dVpuvW0ZH4HW2TZ0uPr5WAv0DSFVxuH8YLwV/iaxaCsxKJlcSx0wCLGzkpjpHAuK f6xczAUlrzkeHnU9RFVCM+AIEMzrzazDCOqg7pncgqX5REmfz4z+JoO9rRap1gio I4QThk5saQwvGBfv3NNMPBRgTDBRCs/lI1EWRKV4ccZKvBeoY3WYZN5Ip7FXtMph zcRhRsDb/vBGtL57va+Ag9/UW0sfXu36yxUdJDhknqT5EJqqbEiOQ1Nijqvkm4yc 6ILCZjVVGLGoPgTbu7JLdspmhdV5gsQnMxXlhKDeaq7T6HQxWwAhNl/Tuhlb2Pg= =zC+i -----END PGP SIGNATURE-----