I'm also seeing an infinite loop in evmap_io_active:
TAILQ_FOREACH(ev, &ctx->events, ev_io_next) {
if (ev->ev_events & events)
event_active_nolock(ev, ev->ev_events & events, 1);
}
It looks like the ev_io_next pointer points back to itself :(
Here is a disassembly of that loop:
0x280ab670 <evmap_io_active+64>: mov 0x20(%esi),%esi
0x280ab673 <evmap_io_active+67>: test %esi,%esi
0x280ab675 <evmap_io_active+69>: je 0x280ab69d <evmap_io_active+109>
0x280ab677 <evmap_io_active+71>: mov 0x30(%esi),%eax
0x280ab67a <evmap_io_active+74>: and %edi,%eax
0x280ab67c <evmap_io_active+76>: cwtl
0x280ab67d <evmap_io_active+77>: test %eax,%eax
0x280ab67f <evmap_io_active+79>: je 0x280ab670 <evmap_io_active+64>
And here is what I see from GDB (%esi points to ev, and (%esi + 0x20)
is ev_io_next):
(gdb) p/x $esi
$2 = 0x2835fad0
(gdb) p/x *(void **)($esi + 0x20)
$3 = 0x2835fad0
I guess that would happen if I added the same event twice? But I'm not
doing that. Here is the pattern of event_add() and event_callbacks()
for each fd and struct ev * that I add. I'm adding events as EV_READ
or EV_WRITE, not EV_PERSIST, and with no timeout:
event_add(fd=9, ev=0x2831fec0)
event_callback(fd=9, ev=0x2831fec0)
event_add(fd=9, ev=0x2831fec0)
event_add(fd=11, ev=0x2833dcd0)
event_callback(fd=11, ev=0x2833dcd0)
event_add(fd=11, ev=0x2835fad0)
event_add(fd=10, ev=0x2833da80)
event_callback(fd=10, ev=0x2833da80)
event_add(fd=10, ev=0x2833da80)
event_callback(fd=11, ev=0x2835fad0)
event_add(fd=11, ev=0x2835fad0)
What am I doing wrong here? The only thing I can think of is that it
might not be OK to re-add the same event in the callback? But I copied
this code right out of event-test.c.
My program is single threaded, and I can deterministically get it
stuck in this state immediately using just one connection.
Thanks for your help!
***********************************************************************
To unsubscribe, send an e-mail to majord...@freehaven.net with
unsubscribe libevent-users in the body.
