[shurane]

I would love to see a standalone testcase demonstrating this bug. Although, what was Facebook's solution to fix it? Was it to make a fix to the SSL library to use a CFSocker wrapper?

| It turns out that abandoning manual code analysis was a good strategy.

Wait a minute, wasn't this manual code analysis? They were certainly digging around the codebase and a particular slice of commits to figure out why the crash kept occurring.

[nspiegelberg]

Although fixing a bug requires analyzing the offending code, we weren't able to effectively narrow down the area of inspection through manual means (diff analysis, stack trace, git bisect). We instead narrowed down the area of code using sandboxing and non-trivial conditional breakpointing.

To fix the SSL library, we first used dup() to properly refcount the FD and then did more long-term restructuring to properly couple the FD & SSL object lifetime later.