[zeromq-dev] Potential bug found
Martin Sustrik
sustrik at 250bpm.com
Tue Aug 31 16:15:51 CEST 2010
Hi Mikael,
> I've been tinkering with my system and I've hit a problem inside zmq
> that I haven't been able to debug or figure out just yet. My code is
> trying to send when I hit it.
>
> I get an access violation (for those who aren't into Windows ways of
> putting things Zeromq is access memory that is not valid for it to
> use) in the zmq::writer_t::process_pipe_term() function. Apparently
> Endpoint has a value (it is not 00000000), but it is not a valid
> object because the v-table points as 0xfeeefeee which is a guard
> value if I remember correctly. Anyway zmq calls a function but the
> object no longer exists. I believe I am hitting some sort of thread
> interaction issue with zmq in the process of shutting down said
> endpoint, but the pointer to endpoint not getting cleared (always a
> possible issue if you can't use shared_ptr's and the like). Now I am
> not yet familiar with the innards of the library, but I doubt I am
> supposed to be able to crash it by calling a function on it.
>
> My system has the following call stack when it goes down:
> libzmqd.dll!zmq::writer_t::process_pipe_term() Line 305 + 0x14 bytes
> C++ libzmqd.dll!zmq::object_t::process_command(zmq::command_t&
> cmd_={...}) Line 98 + 0xf bytes C++
> libzmqd.dll!zmq::app_thread_t::process_commands(bool block_=false,
> bool throttle_=true) Line 129 C++
> libzmqd.dll!zmq::socket_base_t::send(zmq_msg_t * msg_=0x0420f948, int
> flags_=0) Line 351 + 0x12 bytes C++ libzmqd.dll!zmq_send(void *
> s_=0x00d87168, zmq_msg_t * msg_=0x0420f948, int flags_=0) Line 357
> C++ fservertest.exe!zmq::socket_t::send(zmq::message_t& msg_={...},
> int flags_=0) Line 246 + 0x14 bytes C++
>
> All values from my side of the fence should be valid (socket_t and
> message_t mostly). The socket_t was allocated on the calling thread,
> but the context_t that it was built from was not (it was given to the
> thread as a pointer).
>
> I can't really pick out an easy code example to reproduce this just
> now (I have some other stuff that has priority as it is a bug in some
> production code), but I will try ASAP unless told that this is a
> known graceful shutdown issue. I will put up an issue on github if
> people think this is a zeromq bug and not just my boneheadedness.
I am looking at the code. It have changed between 2.0.8 and the trunk.
Which version are you using?
Martin
More information about the zeromq-dev
mailing list