apr-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 56654] New: apr_skiplist sometimes corrupts
Date Sat, 21 Jun 2014 06:14:53 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=56654

            Bug ID: 56654
           Summary: apr_skiplist sometimes corrupts
           Product: APR
           Version: HEAD
          Hardware: All
                OS: All
            Status: NEW
          Severity: critical
          Priority: P2
         Component: APR
          Assignee: bugs@apr.apache.org
          Reporter: takashi.asfbugzilla@tks.st

apr_skiplist sometimes corrupts.

apr_skiplist_insert uses apr_skiplist_alloc to allocate memory for
apr_skiplistnode_t, but apr_skiplist_alloc sometimes returns uninitialized
(un-memset-zeroed) one.
apr_skiplist have a memory recycle system, so apr_skiplist_alloc first tries to
get memory from it, but apr_skiplist_alloc doesn't clear memory.
apr_skiplist_insert presume apr_skiplist_alloc returns zero cleared memory.

How to reproduce:

1. insert objects to skiplist many times (about 10?)
2. remove all objects from the skiplist
3. insert objects to skiplist many times again

then skiplist_print_struct shows like this:
Skiplist Structure (height: 3)
_(nil) 0xb3805e78 0xb3805f18 
_0xb3806080 
_0xb3806088 0xb3806088 
_0xb38060c0 

First line should contains NULL only, but it doesn't.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@apr.apache.org
For additional commands, e-mail: bugs-help@apr.apache.org


Mime
View raw message