fix(websocket): Fix websocket client race on abort and memory leak(IDFGH-16555) #924
Conversation
|
|
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
gabsuren
changed the title
gabsuren
force-pushed
the
fix/ws_race_on_abort
branch
3 times, most recently
from
67bd7e3 to
46871bf
Compare
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| #else | ||
| // When separate TX lock is not configured, we already hold client->lock | ||
| // which protects the transport, so we can send PONG directly | ||
| esp_transport_ws_send_raw(client->transport, WS_TRANSPORT_OPCODES_PONG | WS_TRANSPORT_OPCODES_FIN, data, client->payload_len, |
Check warning
Code scanning / clang-tidy
The value '138' provided to the cast expression is not in the valid range of values for 'ws_transport_opcodes' [clang-analyzer-optin.core.EnumCastOutOfRange] Warning
gabsuren
force-pushed
the
fix/ws_race_on_abort
branch
from
46871bf to
5577e03
Compare
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
gabsuren
force-pushed
the
fix/ws_race_on_abort
branch
2 times, most recently
from
082b119 to
bff5cbe
Compare
- Add state check in abort_connection to prevent double-close - Fix memory leak: free errormsg_buffer on disconnect - Reset connection state on reconnect to prevent stale data - Implement lock ordering for separate TX lock mode - Added sdkconfig.ci.tx_lock config
gabsuren
force-pushed
the
fix/ws_race_on_abort
branch
from
ca2956e to
0e58789
Compare
| { | ||
| ESP_WS_CLIENT_STATE_CHECK(TAG, client, return ESP_FAIL); | ||
|
|
||
| // Note: This function must be called with client->lock already held |
There was a problem hiding this comment.
If this is a pre-condition for the function, should we add a guard here? If a guard isn't possible this must be documented to user and not be a comment inside the function.
| esp_websocket_client_dispatch_event(client, WEBSOCKET_EVENT_DISCONNECTED, NULL, 0); | ||
|
|
||
| if (client->errormsg_buffer) { | ||
| ESP_LOGI(TAG, "Freeing error buffer (%d bytes) - Free heap: %" PRIu32 " bytes", |
There was a problem hiding this comment.
This should be Debug or verbose level.
| client->errormsg_buffer = NULL; | ||
| client->errormsg_size = 0; | ||
| } else { | ||
| ESP_LOGI(TAG, "Disconnect - Free heap: %" PRIu32 " bytes", esp_get_free_heap_size()); |
| } | ||
| ESP_LOGD(TAG, "Calling abort_connection due to send error"); | ||
| #ifdef CONFIG_ESP_WS_CLIENT_SEPARATE_TX_LOCK | ||
| xSemaphoreGiveRecursive(client->tx_lock); |
There was a problem hiding this comment.
It is better to move this verification to abort connection function.
| const char *data = (client->payload_len == 0) ? NULL : client->rx_buffer; | ||
| ESP_LOGD(TAG, "Sending PONG with payload len=%d", client->payload_len); | ||
| #ifdef CONFIG_ESP_WS_CLIENT_SEPARATE_TX_LOCK | ||
| // CRITICAL: To avoid deadlock, we must follow lock ordering: tx_lock BEFORE client->lock |
There was a problem hiding this comment.
These comments are unnecessary.
4 participants
TODO - Will remove comments after the review ( left it for easier review)
Description
This PR fixes critical memory leaks and crashes in the ESP WebSocket client that occur during reconnection scenarios(CONFIG_ESP_WS_CLIENT_SEPARATE_TX_LOCK = y).
Changes Made:
Related
#898
Checklist
Before submitting a Pull Request, please ensure the following: