You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Original bug ID: 5959 Reporter: toots Assigned to:@damiendoligez Status: resolved (set by @xavierleroy on 2017-02-16T10:13:43Z) Resolution: unable to duplicate Priority: normal Severity: crash Platform: Windows OS: Windows OS Version: XP Version: 4.00.1 Target version: later Category: platform support (windows, cross-compilation, etc) Monitored by: smimram @alainfrisch
Bug description
I have been working on updating the mingw-ocaml cross-compiler for 4.00.1 and found a pretty bad bug in Unix.select() emulation.
I can reproduce it with a windows build of liquidsoap an input.harbor. It uses Unix.select() to handle remote socket connections. I will try to have a minimal reproduction example.
Meanwhile, I've added some extra debugging printing and have been able to get this trace of the crash. It happens in the socket_poll_add function in otherlibs/win32unix/select.c. Here's a trace of relevant logs:
DBUG (pid:8, tid: 38): Scanning list of worker to find one that already handle socket
DBUG (pid:8, tid: 38): Searching for an available job for type 4 for descriptor 140
DBUG (pid:8, tid: 38): Entered while loop.
DBUG (pid:8, tid: 38): Non socket case.
DBUG (pid:8, tid: 38): Entered while loop.
DBUG (pid:8, tid: 38): Socket case.
DBUG (pid:8, tid: 38): Acessing aQueries.
wine: Unhandled exception 0x80000001 at address 0x5c9f60 (thread 0026), starting debugger...
(note: I'm using wine here for convenience but the bug happens exactly the same way on a "real" windows)
Here's the corresponding annotated code:
DEBUG_PRINT("Scanning list of worker to find one that already handle socket");
/* Search for job */
DEBUG_PRINT("Searching for an available job for type %d for descriptor %d", SELECT_TYPE_SOCKET, hFileDescr);
while (res != NULL)
{
DEBUG_PRINT("Entered while loop.");
if (res->EType == SELECT_TYPE_SOCKET)
{
DEBUG_PRINT("Socket case.");
i = res->nQueriesCount - 1;
DEBUG_PRINT("Acessing aQueries.");
aQueries = res->aQueries;
<---- CRASH HERE!
I'm attaching a longer debug logs in case the crash may be due to previous select() call.
Postscriptum: longer debug printout:
DBUG (pid:8, tid: 38): Scanning list of worker to find one that already handle socket
DBUG (pid:8, tid: 38): Searching for an available job for type 4 for descriptor 164
DBUG (pid:8, tid: 38): Entered while loop.
DBUG (pid:8, tid: 38): Socket case.
DBUG (pid:8, tid: 38): Acessing aQueries.
DBUG (pid:8, tid: 38): If we didn't find the socket but this worker has available slots, store it.
DBUG (pid:8, tid: 38): Previous socket query located -- we're finished.
DBUG (pid:8, tid: 38): Socket a4 updated to 93
DBUG (pid:8, tid: 38): Finish dispatching handle a4
DBUG (pid:8, tid: 38): Adding handle 54 to set 116e8d4
DBUG (pid:8, tid: 38): Begin dispatching handle 54
DBUG (pid:8, tid: 38): Waiting for 1 on handle 54
DBUG (pid:8, tid: 38): Handle 54 is a pipe handle
DBUG (pid:8, tid: 38): Need to check availability of data on pipe
DBUG (pid:8, tid: 38): Searching an available worker handling pipe
DBUG (pid:8, tid: 38): Searching an available job for type 3
DBUG (pid:8, tid: 38): Finish dispatching handle 54
DBUG (pid:8, tid: 38): Dispatch write fd
DBUG (pid:8, tid: 38): Dispatch exceptional fd
DBUG (pid:8, tid: 38): Building events done array
DBUG (pid:8, tid: 38): Job submitted to worker b424b8
DBUG (pid:8, tid: 42): Worker has 1 queries to service
DBUG (pid:8, tid: 42): Polling read for 140
DBUG (pid:8, tid: 38): Job submitted to worker 2132c8
DBUG (pid:8, tid: 38): Need to watch 2 workers
DBUG (pid:8, tid: 38): Waiting for one select worker to be done
DBUG (pid:8, tid: 40): Checking data pipe
DBUG (pid:8, tid: 40): Finish checking data on pipe
DBUG (pid:8, tid: 41): Build final result
DBUG (pid:8, tid: 41): out select
DBUG (pid:8, tid: 41): in select
DBUG (pid:8, tid: 41): nothing to do
DBUG (pid:8, tid: 38): One worker is done
DBUG (pid:8, tid: 38): Sending stop signal to every select workers
DBUG (pid:8, tid: 38): Waiting for every select worker to be done
DBUG (pid:8, tid: 42): Restore a blocking socket
DBUG (pid:8, tid: 38): Every worker is done
DBUG (pid:8, tid: 38): Error status: 0 (0 is ok)
DBUG (pid:8, tid: 38): Building result
DBUG (pid:8, tid: 38): Free selectdata resources
DBUG (pid:8, tid: 38): Freeing data of 214a88
DBUG (pid:8, tid: 38): Freeing data of b3ef98
DBUG (pid:8, tid: 38): Free local allocated resources
DBUG (pid:8, tid: 38): Raise error if required
DBUG (pid:8, tid: 38): Build final result
DBUG (pid:8, tid: 38): out select
DBUG (pid:8, tid: 38): in select
DBUG (pid:8, tid: 38): Non socket value encountered
DBUG (pid:8, tid: 38): Will wait 299983 ms
DBUG (pid:8, tid: 38): Dispatch read fd
DBUG (pid:8, tid: 38): Adding handle a4 to set 116e8d4
DBUG (pid:8, tid: 38): Begin dispatching handle a4
DBUG (pid:8, tid: 38): Waiting for 1 on handle a4
DBUG (pid:8, tid: 38): Handle a4 is a socket handle
DBUG (pid:8, tid: 38): Scanning list of worker to find one that already handle socket
DBUG (pid:8, tid: 38): Searching for an available job for type 4 for descriptor 164
DBUG (pid:8, tid: 38): res == NULL case.
DBUG (pid:8, tid: 38): No job for type 4 found, create one
DBUG (pid:8, tid: 38): Done creating new job.
DBUG (pid:8, tid: 38): Socket a4 added
DBUG (pid:8, tid: 38): Finish dispatching handle a4
DBUG (pid:8, tid: 38): Adding handle 5c to set 116e8d4
DBUG (pid:8, tid: 38): Begin dispatching handle 5c
DBUG (pid:8, tid: 38): Waiting for 1 on handle 5c
DBUG (pid:8, tid: 38): Handle 5c is a pipe handle
DBUG (pid:8, tid: 38): Need to check availability of data on pipe
DBUG (pid:8, tid: 38): Searching an available worker handling pipe
DBUG (pid:8, tid: 38): Searching an available job for type 3
DBUG (pid:8, tid: 38): No job for type 3 found, create one
DBUG (pid:8, tid: 38): Finish dispatching handle 5c
DBUG (pid:8, tid: 38): Adding handle 90 to set 116e8d4
DBUG (pid:8, tid: 38): Begin dispatching handle 90
DBUG (pid:8, tid: 38): Waiting for 1 on handle 90
DBUG (pid:8, tid: 38): Handle 90 is a pipe handle
DBUG (pid:8, tid: 38): Need to check availability of data on pipe
DBUG (pid:8, tid: 38): Searching an available worker handling pipe
DBUG (pid:8, tid: 38): Searching an available job for type 3
DBUG (pid:8, tid: 38): Finish dispatching handle 90
DBUG (pid:8, tid: 38): Adding handle 8c to set 116e8d4
DBUG (pid:8, tid: 38): Begin dispatching handle 8c
DBUG (pid:8, tid: 38): Waiting for 1 on handle 8c
DBUG (pid:8, tid: 38): Handle 8c is a socket handle
DBUG (pid:8, tid: 38): Scanning list of worker to find one that already handle socket
DBUG (pid:8, tid: 38): Searching for an available job for type 4 for descriptor 140
DBUG (pid:8, tid: 38): Entered while loop.
DBUG (pid:8, tid: 38): Non socket case.
DBUG (pid:8, tid: 38): Entered while loop.
DBUG (pid:8, tid: 38): Socket case.
DBUG (pid:8, tid: 38): Acessing aQueries.
wine: Unhandled exception 0x80000001 at address 0x5c9f60 (thread 0026), starting debugger...
The text was updated successfully, but these errors were encountered:
Original bug ID: 5959
Reporter: toots
Assigned to: @damiendoligez
Status: resolved (set by @xavierleroy on 2017-02-16T10:13:43Z)
Resolution: unable to duplicate
Priority: normal
Severity: crash
Platform: Windows
OS: Windows
OS Version: XP
Version: 4.00.1
Target version: later
Category: platform support (windows, cross-compilation, etc)
Monitored by: smimram @alainfrisch
Bug description
I have been working on updating the mingw-ocaml cross-compiler for 4.00.1 and found a pretty bad bug in Unix.select() emulation.
I can reproduce it with a windows build of liquidsoap an input.harbor. It uses Unix.select() to handle remote socket connections. I will try to have a minimal reproduction example.
Meanwhile, I've added some extra debugging printing and have been able to get this trace of the crash. It happens in the socket_poll_add function in otherlibs/win32unix/select.c. Here's a trace of relevant logs:
DBUG (pid:8, tid: 38): Scanning list of worker to find one that already handle socket
DBUG (pid:8, tid: 38): Searching for an available job for type 4 for descriptor 140
DBUG (pid:8, tid: 38): Entered while loop.
DBUG (pid:8, tid: 38): Non socket case.
DBUG (pid:8, tid: 38): Entered while loop.
DBUG (pid:8, tid: 38): Socket case.
DBUG (pid:8, tid: 38): Acessing aQueries.
wine: Unhandled exception 0x80000001 at address 0x5c9f60 (thread 0026), starting debugger...
(note: I'm using wine here for convenience but the bug happens exactly the same way on a "real" windows)
Here's the corresponding annotated code:
DEBUG_PRINT("Scanning list of worker to find one that already handle socket");
/* Search for job */
DEBUG_PRINT("Searching for an available job for type %d for descriptor %d", SELECT_TYPE_SOCKET, hFileDescr);
while (res != NULL)
{
DEBUG_PRINT("Entered while loop.");
if (res->EType == SELECT_TYPE_SOCKET)
{
DEBUG_PRINT("Socket case.");
i = res->nQueriesCount - 1;
DEBUG_PRINT("Acessing aQueries.");
aQueries = res->aQueries;
<---- CRASH HERE!
I'm attaching a longer debug logs in case the crash may be due to previous select() call.
I've reverted the select.c code to http://caml.inria.fr/svn/ocaml/trunk@11223 and it works agin. If we can assume that http://caml.inria.fr/svn/ocaml/version/4.00@12800 is only aesthetic then I'd say commit http://caml.inria.fr/svn/ocaml/trunk@12023 is the culprit.
Hope this helps!
Postscriptum: longer debug printout:
DBUG (pid:8, tid: 38): Scanning list of worker to find one that already handle socket
DBUG (pid:8, tid: 38): Searching for an available job for type 4 for descriptor 164
DBUG (pid:8, tid: 38): Entered while loop.
DBUG (pid:8, tid: 38): Socket case.
DBUG (pid:8, tid: 38): Acessing aQueries.
DBUG (pid:8, tid: 38): If we didn't find the socket but this worker has available slots, store it.
DBUG (pid:8, tid: 38): Previous socket query located -- we're finished.
DBUG (pid:8, tid: 38): Socket a4 updated to 93
DBUG (pid:8, tid: 38): Finish dispatching handle a4
DBUG (pid:8, tid: 38): Adding handle 54 to set 116e8d4
DBUG (pid:8, tid: 38): Begin dispatching handle 54
DBUG (pid:8, tid: 38): Waiting for 1 on handle 54
DBUG (pid:8, tid: 38): Handle 54 is a pipe handle
DBUG (pid:8, tid: 38): Need to check availability of data on pipe
DBUG (pid:8, tid: 38): Searching an available worker handling pipe
DBUG (pid:8, tid: 38): Searching an available job for type 3
DBUG (pid:8, tid: 38): Finish dispatching handle 54
DBUG (pid:8, tid: 38): Dispatch write fd
DBUG (pid:8, tid: 38): Dispatch exceptional fd
DBUG (pid:8, tid: 38): Building events done array
DBUG (pid:8, tid: 38): Job submitted to worker b424b8
DBUG (pid:8, tid: 42): Worker has 1 queries to service
DBUG (pid:8, tid: 42): Polling read for 140
DBUG (pid:8, tid: 38): Job submitted to worker 2132c8
DBUG (pid:8, tid: 38): Need to watch 2 workers
DBUG (pid:8, tid: 38): Waiting for one select worker to be done
DBUG (pid:8, tid: 40): Checking data pipe
DBUG (pid:8, tid: 40): Finish checking data on pipe
DBUG (pid:8, tid: 41): Build final result
DBUG (pid:8, tid: 41): out select
DBUG (pid:8, tid: 41): in select
DBUG (pid:8, tid: 41): nothing to do
DBUG (pid:8, tid: 38): One worker is done
DBUG (pid:8, tid: 38): Sending stop signal to every select workers
DBUG (pid:8, tid: 38): Waiting for every select worker to be done
DBUG (pid:8, tid: 42): Restore a blocking socket
DBUG (pid:8, tid: 38): Every worker is done
DBUG (pid:8, tid: 38): Error status: 0 (0 is ok)
DBUG (pid:8, tid: 38): Building result
DBUG (pid:8, tid: 38): Free selectdata resources
DBUG (pid:8, tid: 38): Freeing data of 214a88
DBUG (pid:8, tid: 38): Freeing data of b3ef98
DBUG (pid:8, tid: 38): Free local allocated resources
DBUG (pid:8, tid: 38): Raise error if required
DBUG (pid:8, tid: 38): Build final result
DBUG (pid:8, tid: 38): out select
DBUG (pid:8, tid: 38): in select
DBUG (pid:8, tid: 38): Non socket value encountered
DBUG (pid:8, tid: 38): Will wait 299983 ms
DBUG (pid:8, tid: 38): Dispatch read fd
DBUG (pid:8, tid: 38): Adding handle a4 to set 116e8d4
DBUG (pid:8, tid: 38): Begin dispatching handle a4
DBUG (pid:8, tid: 38): Waiting for 1 on handle a4
DBUG (pid:8, tid: 38): Handle a4 is a socket handle
DBUG (pid:8, tid: 38): Scanning list of worker to find one that already handle socket
DBUG (pid:8, tid: 38): Searching for an available job for type 4 for descriptor 164
DBUG (pid:8, tid: 38): res == NULL case.
DBUG (pid:8, tid: 38): No job for type 4 found, create one
DBUG (pid:8, tid: 38): Done creating new job.
DBUG (pid:8, tid: 38): Socket a4 added
DBUG (pid:8, tid: 38): Finish dispatching handle a4
DBUG (pid:8, tid: 38): Adding handle 5c to set 116e8d4
DBUG (pid:8, tid: 38): Begin dispatching handle 5c
DBUG (pid:8, tid: 38): Waiting for 1 on handle 5c
DBUG (pid:8, tid: 38): Handle 5c is a pipe handle
DBUG (pid:8, tid: 38): Need to check availability of data on pipe
DBUG (pid:8, tid: 38): Searching an available worker handling pipe
DBUG (pid:8, tid: 38): Searching an available job for type 3
DBUG (pid:8, tid: 38): No job for type 3 found, create one
DBUG (pid:8, tid: 38): Finish dispatching handle 5c
DBUG (pid:8, tid: 38): Adding handle 90 to set 116e8d4
DBUG (pid:8, tid: 38): Begin dispatching handle 90
DBUG (pid:8, tid: 38): Waiting for 1 on handle 90
DBUG (pid:8, tid: 38): Handle 90 is a pipe handle
DBUG (pid:8, tid: 38): Need to check availability of data on pipe
DBUG (pid:8, tid: 38): Searching an available worker handling pipe
DBUG (pid:8, tid: 38): Searching an available job for type 3
DBUG (pid:8, tid: 38): Finish dispatching handle 90
DBUG (pid:8, tid: 38): Adding handle 8c to set 116e8d4
DBUG (pid:8, tid: 38): Begin dispatching handle 8c
DBUG (pid:8, tid: 38): Waiting for 1 on handle 8c
DBUG (pid:8, tid: 38): Handle 8c is a socket handle
DBUG (pid:8, tid: 38): Scanning list of worker to find one that already handle socket
DBUG (pid:8, tid: 38): Searching for an available job for type 4 for descriptor 140
DBUG (pid:8, tid: 38): Entered while loop.
DBUG (pid:8, tid: 38): Non socket case.
DBUG (pid:8, tid: 38): Entered while loop.
DBUG (pid:8, tid: 38): Socket case.
DBUG (pid:8, tid: 38): Acessing aQueries.
wine: Unhandled exception 0x80000001 at address 0x5c9f60 (thread 0026), starting debugger...
The text was updated successfully, but these errors were encountered: