httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stas Bekman <s...@stason.org>
Subject segfault ap_save_brigage in the latest 2.0
Date Sun, 26 Sep 2004 23:45:24 GMT

I get the following segfault with the latest cvs 2.0 branch:

#0  0x080eaed2 in ap_save_brigade (f=0x9541448, saveto=0x9541488,
     b=0xbfffebd4, p=0x9550ba8) at util_filter.c:539
539         APR_BRIGADE_CONCAT(*saveto, *b);

Here is the relevant part of the trace:

gdb) bt
#0  0x080eaed2 in ap_save_brigade (f=0x9541448, saveto=0x9541488,
     b=0xbfffebd4, p=0x9550ba8) at util_filter.c:539
#1  0x080f5339 in core_output_filter (f=0x9541448, b=0x9550be0) at core.c:4173
#2  0x080eae13 in ap_pass_brigade (next=0x9541448, bb=0x9554e78)
     at util_filter.c:511
#3  0x080a7225 in ap_http_header_filter (f=0x9549e38, b=0x9554e78)
     at http_protocol.c:1690
#4  0x080eae13 in ap_pass_brigade (next=0x9549e38, bb=0x9554e78)
     at util_filter.c:511
#5  0x080edb4f in ap_content_length_filter (f=0x9549e20, b=0x9554e78)
     at protocol.c:1256
#6  0x080eae13 in ap_pass_brigade (next=0x9549e20, bb=0x9554e78)
     at util_filter.c:511
#7  0x080a8c93 in ap_byterange_filter (f=0x9549e08, bb=0x9554e78)
     at http_protocol.c:2875
#8  0x080eae13 in ap_pass_brigade (next=0x9549e08, bb=0x9554e78)
     at util_filter.c:511
#9  0x4044dd75 in myfunc (wb=0x9552bb0,
     buf=0x9552bb4 "1..10\n# Running u... ", len=1455)
     at foo.c:223

myfunc does:

     bucket = apr_bucket_transient_create(buf, len, ba);
     bb = apr_brigade_create(wb->pool, ba);
     APR_BRIGADE_INSERT_TAIL(bb, bucket);
     ap_pass_brigade(f, bb);


(gdb) up 9
(gdb) info locals
ba = (apr_bucket_alloc_t *) 0x9544f78
bb = (apr_bucket_brigade *) 0x9554e78
bucket = (apr_bucket *) 0x9544f98
__func__ = "myfunc"
(gdb) source /home/stas/apache.org/httpd-2.0/.gdbinit
(gdb) dump_bucket bucket
  bucket=HEAP     (0x09544f98) length=1455   data=0x09545178
      contents=[1..10~# Running u...] rc=1
(gdb) dump_brigade bb
dump of brigade 0x9554e78
    | type     (address)    | length | data addr  | contents 
  | rc
--------------------------------------------------------------------------------
brigade is empty
end of brigade

(gdb) down 9
#0  0x080eaed2 in ap_save_brigade (f=0x9541448, saveto=0x9541488,
     b=0xbfffebd4, p=0x9550ba8) at util_filter.c:539
539         APR_BRIGADE_CONCAT(*saveto, *b);
(gdb) p **saveto
$1 = {p = 0x203a6c61, list = {next = 0x206e7553, prev = 0x20706553},
   bucket_alloc = 0x31203632}
(gdb) p **b
$2 = {p = 0x20353030, list = {next = 0x20726f66, prev = 0x756e696c},
   bucket_alloc = 0x20230a78}
(gdb) p (**b)->list
$3 = {next = 0x20726f66, prev = 0x756e696c}
(gdb) p (**saveto)->list
$4 = {next = 0x206e7553, prev = 0x20706553}
(gdb) dump_brigade b
dump of brigade 0xbfffebd4
    | type     (address)    | length | data addr  | contents 
  | rc
--------------------------------------------------------------------------------
  0 | § (0xbfffebf8) | 156585592 | 0x405cbc18 | [**unknown**]          | n/a
  1 | ÐÎl
  (0xbfffec48) | 156585592 | 0x404edd4e | [**unknown**]          | n/a
  2 | ÐÎl
  (0xbfffec78) | 156585592 | 0x00000004 | [**unknown**]          | n/a
  3 | ¨ (0xbfffecc8) | 156585592 | 0x080ead44 | [**unknown**]          | n/a
  4 | ¨ (0xbfffecf8) | 156585592 | 0xbfffed9c | [**unknown**]          | n/a
  5 |#
  (0xbfffed68) | 156585592 | 0x00000000 | [**unknown**]          | n/a
  6 |#
  (0xbfffed98) | 156585592 | 0x4044d9fd | [**unknown**]          | n/a
  7 | Cannot access memory at address 0x0

One important note is that it doesn't happen when run first on the server 
startup, but later on after some other requests, so it must be some 
earlier state that affects the later runs.

Any help with this one? Thanks!

-- 
__________________________________________________________________
Stas Bekman            JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/     mod_perl Guide ---> http://perl.apache.org
mailto:stas@stason.org http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

Mime
View raw message