Package: lua-event Version: 0.4.1-1 Severity: grave Tags: upstream When this binding is used with libevent 2.0 some errors are not handled properly. An extract of the personal communication with the maintainer of the binding follows, giving precise details on how this bug affects, for example, the prosody jabber server.
-- 8< --------------------------------------------------------- From: Matthew Wild The problem is caused by a combination of Lua's exception handling (setjmp+longjmp) and some new re-entrant checks added to libevent. When an error occurs inside an event callback Lua (at the C level) jumps outs of libevent and up to the last set error handler, which in Prosody is before libevent is called. After logging the error Prosody heads back into libevent, but unfortunately libevent2 has an internal flag to prevent entering it twice. Because the error jumped right back, this flag is never unset and libevent immediately returns (thinking it is already running). This triggers a shutdown in Prosody. The consequence is that given any other bug that causes an error to be thrown in Prosody (there aren't many, but they exist) it's possible to remotely shut down a Prosody server that is using libevent, even from an unauthenticated connection. -- 8< --------------------------------------------------------- -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages lua-event depends on: ii libc6 2.13-33 ii libevent-2.0-5 2.0.19-stable-3 ii lua-socket 2.0.2-8 ii multiarch-support 2.13-33 lua-event recommends no packages. lua-event suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
