Socket crash

Question

Socket crash

WerWolv opened this issue 6 years ago · comments

If around 398MB of heap data got allocated after initializing the socket service using socketInitializeDefault() and then either socketExit() got called or the homebrew exits and tries to return to the hbmenu, the Switch crashes with an error code of 2168-0002 (Segmentation Fault).

Here's the source code of a PoC homebrew app to demonstrate the issue: https://gist.github.com/WerWolv98/2f57359e72634e33be7d64a07009aa35

It's using libnx version 1.3.2. The issue was NOT present on earlier versions (prior to 1.3.0)

yellows8 · Answer 1 · Mon Aug 27 2018 09:08:32 GMT+0800 (China Standard Time)

What was the previous libnx version you tested, exactly? Did you try freeing that buffer? And you're sure the buffer was allocated successfully?

Nik · Answer 2 · Mon Aug 27 2018 09:39:39 GMT+0800 (China Standard Time)

When compiling EdiZon with libnx 1.3.0-1, I don't have the issue. Sorry for that misinformation. Freeing the buffer doesn't help either.
How can I check if it got allocated correctly? Also, is it possible to see the memory usage of a homebrew app?

Edit: Code with deallocation https://gist.github.com/WerWolv98/f67971f1340c08a466af75cc4d6aefcd

yellows8 · Answer 3 · Tue Aug 28 2018 02:55:59 GMT+0800 (China Standard Time)

Did you use the same devkitA64 version for current/{previously working}?

Can you get a crash-report?

EDIT: "How can I check if it got allocated correctly?" std::nothrow "memory usage" mallinfo()

Nik · Answer 4 · Tue Aug 28 2018 03:52:53 GMT+0800 (China Standard Time)

DevkitA64 are both on version r12-2 and libcurl is on 7.58.0-1 on the working setup and 7.61.0-2 on the not working one.
This is the latest crash log: https://gist.github.com/WerWolv98/fc2d329ef5a6d1f0da1e42ef1c054603

Also I'm not sure if I'm doing this correctly but

	u8* data = new(std::nothrow) u8[1024*1024*398];
	(void)data;
	printf("%lx\n", mallinfo().uordblks);

returns 144101F8

yellows8 · Answer 5 · Tue Aug 28 2018 04:16:34 GMT+0800 (China Standard Time)

Upload elf for that crash-report?

Nik · Answer 6 · Tue Aug 28 2018 04:19:15 GMT+0800 (China Standard Time)

https://transfer.sh/Gw5mN/SocketCrash.elf

yellows8 · Answer 7 · Tue Aug 28 2018 05:10:07 GMT+0800 (China Standard Time)

Are you sure that elf is from the same build as the crash-report?(.text offsets don't make sense)

Nik · Answer 8 · Tue Aug 28 2018 05:17:13 GMT+0800 (China Standard Time)

Oh no sorry. Here is a zip with the latest elf and a crash report from it https://transfer.sh/kZURV/SocketCrash.zip

yellows8 · Answer 9 · Tue Aug 28 2018 05:30:48 GMT+0800 (China Standard Time)

Still doesn't make sense, are you using latest atmo creport?

Nik · Answer 10 · Tue Aug 28 2018 05:32:04 GMT+0800 (China Standard Time)

Pretty sure. I'm using tomGER's files right now

Nik · Answer 11 · Mon Sep 10 2018 08:14:51 GMT+0800 (China Standard Time)

I'm sorry for this, I made a really stupid mistake in my code and misinterpreted it as a libnx error. The error was caused by me trying to delete a nullptr in a destructor. Issue being, this object is global and therefore deleted by libnx once the homebrew exits.