quetz-mod_python-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Barry Pederson ...@barryp.org>
Subject Re: 3.2.6 test period - how long do we wait?
Date Sun, 29 Jan 2006 23:10:58 GMT
> I don't know if this is the answer to the problem, but it looks like a 
> bug anyway. In connobject.c starting at line 133:
> 
>         /* time to grow destination string? */
>         if (len == 0 && bytes_read == bufsize) {
> 
>             _PyString_Resize(&result, bufsize + HUGE_STRING_LEN);
>             buffer = PyString_AS_STRING((PyStringObject *) result);
>             buffer += HUGE_STRING_LEN;
>             bufsize += HUGE_STRING_LEN;
>         }
> 
> 
> It looks like we've just set the buffer pointer to an address somewhere 
> inside the buffer. That can't be good. The buffer pointer should be set 
> to the bytes_read position. Perhaps one of you FreeBSD heads could try 
> the attached patch.
> 
> Jim

> ------------------------------------------------------------------------
> 
> Index: src/connobject.c
> ===================================================================
> --- src/connobject.c	(revision 369511)
> +++ src/connobject.c	(working copy)
> @@ -135,7 +135,7 @@
>  
>              _PyString_Resize(&result, bufsize + HUGE_STRING_LEN);
>              buffer = PyString_AS_STRING((PyStringObject *) result);
> -            buffer += HUGE_STRING_LEN;
> +            buffer += bytes_read;
>              bufsize += HUGE_STRING_LEN;
>          }
>  

Sorry, that doesn't seem to fix it.  I did a fresh extraction of 
mod_python-3.2.6.tgz, applied the patch, did ./configure, make, su, make 
install, exit su, cd test, ran test.py - got the same result as before, 
with the same core dump apparently.

I think this is the general kind of thing we're looking for though, with 
some mistaken pointer/memory operation.

-------

As I mentioned in another message, I did some experimenting with 
disabling other unittests and found if you disable just 
"test_fileupload", all the remaining tests including 
"test_connectionhandler" pass.

If you disable everything except "test_fileupload" and 
"test_connectionhandler", then "test_connectionhandler" still crashes.

So I suspect that it's code involved with running "test_fileupload" 
(Testing 1 MB file upload support) that's really the source of the 
problem, and it's screwing up some part of memory thats only tripped 
over later later during the connectionhandler test.

	Barry

Mime
View raw message