From dev-return-11726-apmail-apr-dev-archive=apr.apache.org@apr.apache.org Sat May 22 03:25:59 2004 Return-Path: Delivered-To: apmail-apr-dev-archive@www.apache.org Received: (qmail 28706 invoked from network); 22 May 2004 03:25:59 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur-2.apache.org with SMTP; 22 May 2004 03:25:59 -0000 Received: (qmail 76551 invoked by uid 500); 22 May 2004 03:26:21 -0000 Delivered-To: apmail-apr-dev-archive@apr.apache.org Received: (qmail 76492 invoked by uid 500); 22 May 2004 03:26:20 -0000 Mailing-List: contact dev-help@apr.apache.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: Delivered-To: mailing list dev@apr.apache.org Received: (qmail 76476 invoked by uid 98); 22 May 2004 03:26:20 -0000 X-Qmail-Scanner-Mail-From: jwoolley@virginia.edu via hermes.apache.org X-Qmail-Scanner: 1.20 (Clear:RC:0(128.143.137.19):. Processed in 0.079973 secs) Date: Fri, 21 May 2004 23:25:45 -0400 (EDT) From: Cliff Woolley X-X-Sender: jcw5q@cobra.cs.Virginia.EDU To: Stas Bekman cc: Joe Orton , APR Development Subject: Re: segfault in apr_bucket_delete In-Reply-To: <40AE44A5.7070605@stason.org> Message-ID: References: <40AC77F0.4040808@stason.org> <40AC7D57.8000408@stason.org> <20040520110708.GA10291@manyfish.co.uk> <40AD0327.8080200@stason.org> <40AD2706.7080102@stason.org> <40AD3742.10901@stason.org> <20040521100836.GA20247@manyfish.co.uk> <40AE44A5.7070605@stason.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Rating: hermes.apache.org 1.6.2 0/1000/N X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N On Fri, 21 May 2004, Stas Bekman wrote: > Joe Orton wrote: > > On Thu, May 20, 2004 at 03:54:58PM -0700, Stas Bekman wrote: > > > >> fb = apr_bucket_flush_create(ba); > >> db = apr_bucket_transient_create("aaa", 3, ba); > >> APR_BRIGADE_INSERT_HEAD(bb, db); > >> APR_BUCKET_INSERT_BEFORE(fb, db); > > > > The arguments to APR_BUCKET_INSERT_BEFORE are reversed, right? It works > > for me with the arguments switched. > > right, but why does it hang when reversed. APR_BUCKET_INSERT_BEFORE(fb, db) expands to something like: APR_BUCKET_NEXT(db) = fb; APR_BUCKET_PREV(db) = APR_BUCKET_PREV(fb); APR_BUCKET_NEXT(APR_BUCKET_PREV(fb)) = db; APR_BUCKET_PREV(fb) = db; Obviously for this to work, all that has to happen is that fb's prev pointer and the next pointer of that bucket must correctly point to each other. Everything else is arbitrarily overwritten. Did you try running this with bucket debugging turned on like I suggested? If you do that, then a bunch of ring consistency checks will be run for you at strategic times that might help you discern when it is that your brigade gets corrupted. > Shouldn't it work both ways? If > not, then it should produce an error and not hang. No... it's just a macro manipulating some pointers. Error handling would be difficult (given the number of layers of macros) and expensive. --Cliff