HTTrack Website Copier
Free software offline browser - FORUM
Subject: Concurrency bug about global_opt
Author: Yao Shi
Date: 02/17/2009 10:35
 
I used htsserver and found a potential bug that may cause program crash.

In the main loop in function smallserver, webhttrack_main is invoked to create
a new thread to handle a new connection. The variable global_opt is created in
the new thread (htsweb.c:262). Then global_opt may be used by other commands.

However, the program does not guarantee the order between creation of
global_opt and use of global_opt. If global_opt is created slower because of
OS scheduling, the new coming command may crash the server.

I did a simple experiment. 
(1) For guarantee to reproduce of the bug, insert the delay before creation of
global_opt;
(2) Compile and run htsserver;
(3) Click any "skip" button quickly just after starting crawling to send a
"cancel-file" command;
(4) Then, the program crashed because of "cancel-file" command. This command
invoked function hts_cancel_file_push and accessed global_opt->state while
global_opt==NULL. (htscore.c:3139-3145)

Not only "cancel-file" but also some other commands may meet the same problem.
I think a synchronization should be set to keep the creation of global_opt
before executing other commands.
 
Reply


All articles

Subject Author Date
Concurrency bug about global_opt

02/17/2009 10:35




8

Created with FORUM 2.0.11