Segmentation Fault on OSX

[adriangraham]

I'm trying to get webdis running on OSX 10.8.3 and am seeing a segfault anytime a request is made. I must be missing something obvious, but haven't been able to figure it out. For instance:

curl http://127.0.0.1:1979/SET/hello/world

Here's the backtrace:

Attaching to process 95837.
Reading symbols for shared libraries . done
Reading symbols for shared libraries ................................ done
Reading symbols for shared libraries + done
0x00007fff839a9d16 in kevent ()
(gdb) c
Continuing.
Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: 13 at address: 0x0000000000000000
[Switching to process 95837 thread 0x1203]
0x00007fff83cc3c6f in strncasecmp_l ()
(gdb) backtrace
#0  0x00007fff83cc3c6f in strncasecmp_l ()
#1  0x000000010e3aa03f in cmd_is_subscribe (cmd=0x7fd28aa00280) at cmd.c:374
#2  0x000000010e3a9fce in cmd_free (c=0x7fd28aa00280) at cmd.c:57
#3  0x000000010e3b6963 in format_send_reply (cmd=0x7fd28aa00280, p=0x7fd28aa005b0 "{\"SET\":[true,\"OK\"]}", sz=19, content_type=0x10e3cfbdf "application/json") at formats/common.c:123
#4  0x000000010e3b4aab in json_reply (c=0x7fd289508020, r=0x7fd28aa00410, privdata=0x7fd28aa00280) at formats/json.c:40
#5  0x000000010e3bf439 in __redisRunCallback (ac=0x7fd289508020, cb=0x10e4f2d08, reply=0x7fd28aa00410) at hiredis/async.c:244
#6  0x000000010e3bedf2 in redisProcessCallbacks (ac=0x7fd289508020) at hiredis/async.c:442
#7  0x000000010e3bf52f in redisAsyncHandleRead (ac=0x7fd289508020) at hiredis/async.c:506
#8  0x000000010e3b398a in redisLibeventReadEvent (fd=67, event=2, arg=0x7fd2895089a0) at libevent.h:15
#9  0x000000010e3f4107 in event_base_loop (base=0x7fd2894040d0, flags=240070224) at event.c:1350
#10 0x000000010e3ab516 in worker_main (p=0x7fd289404560) at worker.c:156
#11 0x00007fff83c897a2 in _pthread_start ()
#12 0x00007fff83c761e1 in thread_start ()

(gdb)```

I've tried more verbose logging and haven't seen anything unusual. I did run into some issues getting libevent installed on OSX using brew, and ended up installing it from source. Once I did that, I didn't have any issues compiling and installing webdis. I've also installed it on Centos and haven't had any problems. Any ideas what might be going on? Thanks!

[adriangraham]

When I checkout the previous revision (34bb0b8090f3b7b1eaa67e5e5463eca7b5db6b30), I don't get this segfault. I wish I understood the code better so I could offer a fix, but at least there's a workaround and some indication of where the issue lives: https://github.com/nicolasff/webdis/commit/f616c2992a70926b9e3448562dff4addb3961985 Again, I never saw this on Centos, just OSX.

Thanks for making such a great piece of software -- I'm looking forward to using it.

[nicolasff]

Hi Adrian,

Many thanks for reporting this issue. I only have rare access to an OSX machine but will try my best to reproduce and solve the issue this week. In the meantime, could you please try out the latest webdis master? I pushed an attempted fix.

[adriangraham]

Thanks for looking into this. I just tried it and am seeing the same issue. I tried to poke around a bit more, and found that cmd->argv[0] seems to have a non-null invalid address:

Breakpoint 1, cmd_is_subscribe (cmd=0x7fa1b2415d60) at cmd.c:374
374         (strncasecmp(cmd->argv[0], "SUBSCRIBE", cmd->argv_len[0]) == 0 ||
(gdb) p cmd->argv[0]
$2 = 0x3000000000000000 <Address 0x3000000000000000 out of bounds>
(gdb) c
Continuing.

Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: 13 at address: 0x0000000000000000
0x00007fff83cc3c6f in strncasecmp_l ()

[nicolasff]

Adrian,

The bug should be fixed now, it was indeed introduced in a recent change. Thanks again for reporting it!

[adriangraham]

Thanks so much for fixing this! I just recompiled and tested with no issues.