httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mathihalli, Madhusudan" <mad...@hp.com>
Subject FW: SEGV in allocator_free
Date Fri, 19 Mar 2004 19:02:16 GMT
Somehow the message just went to Sander !

-Madhu

>-----Original Message-----
>From: Mathihalli, Madhusudan 
>Sent: Friday, March 19, 2004 11:01 AM
>To: 'Sander Striker'
>Subject: RE: SEGV in allocator_free
>
>
>
>
>>-----Original Message-----
>>From: Sander Striker [mailto:striker@apache.org]
>[SNIP]
>>> But shouldn't APR protect itself against NULL pointers in 
>>allocator_free ?
>>
>>And then what?  abort()?  
>
>YES ! IMHO applications shouldn't SEGFAULT - expecially 
>functions like allocator_free() !
>They should bail-out with a error message.
>
>
>[SNIP]
>>
>>Dropping dev@apr, given I suspect this is not an APR issue.
>>
>>Can you give a backtrace of where it does abort?  And maybe the name
>>of the pool that is being checked (p pool->tag)?  Have you stepped
>>through the code with gdb?
>
>
>Sure.. here it is. There are 2 traces - 
>
>Let me know if you need more info.
>
>-Madhu
>
>TRACE -1: APR compiled as-is, dumps core because of SIGBUS 
>(fixable error - see TRACE-2)
>(gdb) r -X -DSSL
>Starting program: /opt/hpws/apache/bin/httpd -X -DSSL
>(no debugging symbols found)...(no debugging symbols found)...
>(no debugging symbols found)...(no debugging symbols found)...
>(no debugging symbols found)...POOL DEBUG: [PID/TID] ACTION  
>(SIZE      /POOL SIZE /TOTAL SIZE) POOL       "TAG" 
><__FILE__:__LINE__> (ALLOCS/TOTAL ALLOCS/CLEARS)
>POOL DEBUG: [6431/1]  GLOBAL                                   
> 0x0001A240 <apr_pools.c:apr_pool_initialize> 
>
>Program received signal SIGBUS, Bus error (si_code: 1).
>apr_atomic_cas (mem=0x600000000001e144, with=1, cmp=0) at 
>apr_atomic.c:169
>169             prev = *(long*)mem;
>(gdb) bt
>#0  apr_atomic_cas (mem=0x600000000001e144, with=1, cmp=0) at 
>apr_atomic.c:169
>#1  0x9fffffffef61b740:0 in apr_thread_mutex_lock 
>(mutex=0x600000000001e0e0)
>    at thread_mutex.c:129
>#2  0x9fffffffef624e80:0 in apr_pool_create_ex_debug (
>    newpool=0x9fffffffffffed90, parent=0x600000000001a240, abort_fn=0, 
>    allocator=0x0, file_line=0x9fffffffef5e26c0 "start.c:96")
>    at apr_pools.c:1560
>#3  0x9fffffffef617fb0:0 in apr_initialize () at start.c:96
>#4  0x9fffffffef617dd0:0 in apr_app_initialize 
>(argc=0x9fffffffffffedd4, 
>    argv=0x9fffffffffffedd8, env=0x0) at start.c:74
>#5  0x400000000006a670:0 in main+0xa0 ()
>
>
>
>TRACE - 2: After fixing apr_atomic_cas.c (basically making 
>long* to apr_int32_t *...)
>
>(gdb) 
>#0  0x9fffffffec1f75b0:0 in kill+0x30 () from /usr/lib/hpux64/libc.so.1
>#1  0x9fffffffec11c7f0:0 in raise+0x30 () from 
>/usr/lib/hpux64/libc.so.1
>#2  0x9fffffffec1b8e90:0 in abort+0x190 () from 
>/usr/lib/hpux64/libc.so.1
>#3  0x9fffffffef6239c0:0 in apr_pool_check_integrity 
>(pool=0x600000000001dc60)
>    at apr_pools.c:1250
>#4  0x9fffffffef624260:0 in apr_palloc_debug (pool=0x600000000001dc60, 
>    size=40, file_line=0x9fffffffef5e2b50 "undefined") at 
>apr_pools.c:1370
>#5  0x9fffffffef627140:0 in apr_palloc 
>(pool=0x600000000001dc60, size=40)
>    at apr_pools.c:2207
>#6  0x40000000000550b0:0 in start_threads+0xa0 ()
>#7  0x9fffffffef612f50:0 in dummy_worker (opaque=0x600000000014edd0)
>    at thread.c:145
>#8  0x9fffffffef30d1a0:0 in __pthread_unbound_body+0x490 ()
>   from /usr/lib/hpux64/libpthread.so.1
>(gdb) fr 5
>#5  0x9fffffffef627140:0 in apr_palloc 
>(pool=0x600000000001dc60, size=40)
>    at apr_pools.c:2207
>2207        return apr_palloc_debug(pool, size, "undefined");
>(gdb) p *pool
>$1 = {parent = 0x600000000001a420, child = 0x60000000000e59d0, 
>  sibling = 0x600000000001d4e0, ref = 0x600000000001a428, 
>cleanups = 0x0, 
>  allocator = 0x0, subprocesses = 0x0, abort_fn = 0, user_data = 0x0, 
>  tag = 0x9fffffffef5e2b90 "undefined", nodes = 0x60000000000be1b0, 
>  file_line = 0x9fffffffef5e2b90 "undefined", creation_flags = 0, 
>  stat_alloc = 5, stat_total_alloc = 5, stat_clear = 0, owner = 1, 
>  mutex = 0x600000000001e0e0}
>(gdb) 
>

Mime
View raw message