apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeffrey Crowell <jcrow...@google.com>
Subject Issues/questions with apr_memcache_multigetp
Date Wed, 23 Sep 2015 19:23:58 GMT

I work on mod_pagespeed, where we use a forked version of apr_memcache.c (
to interact with memcached.

Recently we've become aware of a bug where we end up hanging in
apr_memcache2_multigetp, pinning cpu at 100%.

We have some patches which were created in an attempt to fix some signed
bugs in the original code that I think may be causing our issue.

Namely here:
 vs here
The original code uses an atoi(), which has undefined behavior when called
on non integer strings, leaving len to be 0.

Second, the check here
vs https://gist.github.com/crowell/59bfa1bb9f0cda30c48a#file-multiget-c-L199

In the original apr code, this check will never fail. len is an apr_size_t,
and will never be < 0.

The issue here now is that the check in the "server sent back a key that i
didn't ask for"
(same in both forked and upstream), apr_pollset_remove, is never called,
and the number of queries sent is never changed.

Does it seem possible that this is causing the server to spin here, and
would apr be interested in accepting a patch to fix the signedness issues?


View raw message