httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 50520] Segment fault in brigade_consume
Date Fri, 24 Dec 2010 20:30:12 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=50520

--- Comment #2 from Joel <j-comm@westvi.com> 2010-12-24 15:30:08 EST ---
Here is extra info. Note that "bb->list.next->type" is really bogus. It has a
garbage name, garbage name_func, is_metadata is a mess, and the 'read' function
is the value '0x58'. It looks like the data stored here makes no sense at all,
and whatever caused that is the core problem.

This is in brigade_consume


(gdb) print *b
$4 = {link = {next = 0x8541bf8, prev = 0x85490c4}, type = 0x8541ad0, length =
139759840, start = -5190357751035555528,
  data = 0x808ca4c, free = 0x853d7e8, list = 0x854915c}
(gdb) print *(b->type)
$5 = {name = 0x853b7e0 "\250\020'\310\372S\370\361\063\254\020'\b\271S\b",
num_func = 139704152, is_metadata = 139729632,
  destroy = 0x8541ab8, read = 0x58, setaside = 0x8541ad0, split = 0x8541ab8,
copy = 0}
(gdb) print bb
$6 = (apr_bucket_brigade *) 0x85490c0
(gdb) print *bb
$7 = {p = 0x853d7e8, list = {next = 0x854913c, prev = 0x8541af0}, bucket_alloc
= 0x8541ad0}
(gdb) print *(bb->list.next)
$8 = {link = {next = 0x8541bf8, prev = 0x85490c4}, type = 0x8541ad0, length =
139759840, start = -5190357751035555528,
  data = 0x808ca4c, free = 0x853d7e8, list = 0x854915c}
(gdb) print *(bb->list.next->type)
$9 = {name = 0x853b7e0 "\250\020'\310\372S\370\361\063\254\020'\b\271S\b",
num_func = 139704152, is_metadata = 139729632,
  destroy = 0x8541ab8, read = 0x58, setaside = 0x8541ad0, split = 0x8541ab8,
copy = 0}
(gdb) print *(bb->list.prev->type)
$10 = {name = 0xb7f94f40 "HEAP", num_func = 5, is_metadata = APR_BUCKET_DATA,
destroy = 0xb7f817a0 <heap_bucket_destroy>,
  read = 0xb7f81780 <heap_bucket_read>, setaside = 0x808c96c
<apr_bucket_setaside_noop@plt>,
  split = 0x808ca8c <apr_bucket_shared_split@plt>, copy = 0x808ce7c
<apr_bucket_shared_copy@plt>}
(gdb) up
#2  bio_filter_in_read (bio=0x853f968, in=0x85515de "", inlen=79) at
ssl_engine_io.c:534
534         inctx->rc = brigade_consume(inctx->bb, block, in, &inl);
(gdb)

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message