httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Erenkrantz <jerenkra...@ebuilt.com>
Subject Coredump on daedalus?
Date Wed, 20 Feb 2002 02:28:04 GMT
One so far in /usr/local/apache/corefiles/httpd.core.1, but I'm not
sure how this even happened:

#0  0x28158990 in kill () from /usr/lib/libc.so.4
#1  0x28194b02 in abort () from /usr/lib/libc.so.4
#2  0x8066a46 in ap_log_assert (
    szExp=0x8083d80 "total_bytes_left > 0 && tmplen > 0", 
    szFile=0x80833ea "core.c", nLine=2437) at log.c:590
#3  0x8071fab in sendfile_it_all (c=0x81253a8, fd=0x8132408, hdtr=0xbfbff4c8, 
    file_offset=811008, file_bytes_left=998899, total_bytes_left=187891, 
    flags=1) at core.c:2437

Relevant code snippet:

rv = apr_sendfile(c->client_socket, fd, hdtr, &file_offset, &tmplen,
                  flags);
total_bytes_left -= tmplen;
if (!total_bytes_left || rv != APR_SUCCESS) {
    return rv;        /* normal case & error exit */
}

AP_DEBUG_ASSERT(total_bytes_left > 0 && tmplen > 0);

(gdb) print rv
$9 = 20132
(gdb) print total_bytes_left
$10 = 187891
(gdb) print tmplen
$11 = 0

How did we bypass that rv != APR_SUCCESS check?  We should have bailed
out since rv == 20132.

And, I think that this tmplen > 0 should be tmplen >= 0 regardless.
Isn't it possible to send 0 bytes?  -- justin


Mime
View raw message