Re: 2.4 testing ?

Ok,

I'm about to give this another try tonight. Andres, how exactly are you
(not) triggering this bug? I would REALLY like this bug fixed before
we release 2.4 snapshots to the general public for testing ..

Thanks!

Adrian

On Sat, Nov 18, 2000, Andres Kroonmaa wrote:
>
> I'm seeing this difficult crashing. I think this is what Henrik meant.
> The patch to ftp.c was another issue. I'm having real trouble to track
> it, both because it is pretty rare, and I'm not able to produce it on
> will. Still, from several crashes I'm seeing the same pattern: they
> are related to client_side.c
>
> assert crashes occur in 2 scenarios:
> (ALL related to mempool: MEM_CLIENT_SOCK_BUF)
> 1) memFree from clientSendMoreData() after CommWriteStateCallbackAndFree()
> 2) memAlloc from clientWriteComplete after CommWriteStateCallbackAndFree()
> 3) memAlloc from random places after a corruption...
>
> Seems that a CLIENT_SOCK_BUF is used shortly after its free, corrupting free space.
> Then some time after, either memAlloc for a new buf or memFree of another one
> triggers a crash.
> I think it must be misuse of buffer, because in chunked mempools I can
> see that mem area before the causing buffer is not trashed. Maybe the buffer
> is overrun. xmalloc-debug does not catch any malloc/free issues.
>
>
> #9 0x80dc3a9 in memPoolPush (pool=0x84b8210, obj=0xa553f40) at MemPool.c:190
> #10 0x80dcc87 in memPoolFree (pool=0x84b8210, obj=0xa553f40) at MemPool.c:406
> #11 0x80a6def in memFree (p=0xa553f40, type=22) at mem.c:136
> #12 0x8078a79 in clientSendMoreData (data=0x935c068,
> buf=0xa553f40 "{i^TQSWadkv\177"..., size=1448) at client_side.c:1744
> #13 0x80c6b2c in storeClientCopy2 (e=0xde984fb8, sc=0x8b26900) at store_client.c:255
> #14 0x80c6834 in storeClientCopy (e=0xde984fb8, seen_offset=1448, copy_offset=1448, size=16384,
> buf=0xa553f40 "{i^TQSWadkv\177"..., callback=0x80783d4 <clientSendMoreData>, data=0x935c068)
> at store_client.c:187
> #15 0x8078fd4 in clientWriteComplete (fd=291, bufnotused=0x0, size=1543, errflag=0, data=0x935c068) at client_side.c:1838
> #16 0x807c1c6 in CommWriteStateCallbackAndFree (fd=291, code=0) at comm.c:96
> #17 0x807e40e in commHandleWrite (fd=291, data=0x8b8dd48) at comm.c:861
> #18 0x807f702 in comm_poll (msec=10) at comm_select.c:465
> #19 0x80a647e in main (argc=2, argv=0x80478ac) at main.c:708
>
>
>
>
> #9 0x80dc611 in memPoolGet (pool=0x84b8210) at MemPool.c:254
> #10 0x80dcaba in memPoolAlloc (pool=0x84b8210) at MemPool.c:373
> #11 0x80a6dbb in memAllocate (type=MEM_CLIENT_SOCK_BUF) at mem.c:129
> #12 0x8078fb2 in clientWriteComplete (fd=231, bufnotused=0x0, size=1448, errflag=0, data=0x8b7b890) at client_side.c:1838
> #13 0x807c1c6 in CommWriteStateCallbackAndFree (fd=231, code=0) at comm.c:96
> #14 0x807e40e in commHandleWrite (fd=231, data=0x8b95e18) at comm.c:861
> #15 0x807f702 in comm_poll (msec=10) at comm_select.c:465
> #16 0x80a647e in main (argc=2, argv=0x80478ac) at main.c:708
>
>
>
> #9 0x80dc611 in memPoolGet (pool=0x84b8210) at MemPool.c:254
> #10 0x80dcaba in memPoolAlloc (pool=0x84b8210) at MemPool.c:373
> #11 0x80a6dbb in memAllocate (type=MEM_CLIENT_SOCK_BUF) at mem.c:129
> #12 0x8074718 in clientCreateStoreEntry (h=0x8b76088, m=1, flags={range = 0, nocache = 0, ims = 0, auth = 0,
> cachable = 0, hierarchical = 0, loopdetect = 0, proxy_keepalive = 1, proxying = 0, refresh = 0,
> used_proxy_auth = 0, redirected = 0, need_validation = 0,
> nocache_hack = 0, accelerated = 0, internal = 0}) at client_side.c:192
> #13 0x8079a2a in clientProcessMiss (http=0x8b76088) at client_side.c:2054
> #14 0x80797c4 in clientProcessRequest (http=0x8b76088) at client_side.c:2008
> #15 0x8074d22 in clientRedirectDone (data=0x8b76088, result=0x0) at client_side.c:298
> #16 0x80b3ce6 in redirectStart (http=0x8b76088, handler=0x80749f4 <clientRedirectDone>, data=0x8b76088) at redirect.c:103
> #17 0x807486d in clientAccessCheckDone (answer=1, data=0x8b76088) at client_side.c:214
> #18 0x8062d0b in aclCheckCallback (checklist=0x8b32480, answer=ACCESS_ALLOWED) at acl.c:1660
> #19 0x8062b54 in aclCheck (checklist=0x8b32480) at acl.c:1620
> #20 0x8063095 in aclNBCheck (checklist=0x8b32480, callback=0x8074740 <clientAccessCheckDone>,
> callback_data=0x8b76088) at acl.c:1770
> #21 0x80745fa in clientAccessCheck (data=0x8b76088) at client_side.c:161
> #22 0x807b38c in clientReadRequest (fd=224, data=0x8b650a0) at client_side.c:2552
> #23 0x807f5fa in comm_poll (msec=10) at comm_select.c:449
> #24 0x80a647e in main (argc=2, argv=0x80478ac) at main.c:708
>
>
> #9 0x80dc611 in memPoolGet (pool=0x84b8210) at MemPool.c:254
> #10 0x80dcaba in memPoolAlloc (pool=0x84b8210) at MemPool.c:373
> #11 0x80a6dbb in memAllocate (type=MEM_CLIENT_SOCK_BUF) at mem.c:129
> #12 0x807978c in clientProcessRequest (http=0x8b835a0) at client_side.c:1999
> #13 0x8074d22 in clientRedirectDone (data=0x8b835a0, result=0x0) at client_side.c:298
> #14 0x80b3ce6 in redirectStart (http=0x8b835a0, handler=0x80749f4 <clientRedirectDone>, data=0x8b835a0) at redirect.c:103
> #15 0x807486d in clientAccessCheckDone (answer=1, data=0x8b835a0) at client_side.c:214
> #16 0x8062d0b in aclCheckCallback (checklist=0x8b32a14, answer=ACCESS_ALLOWED) at acl.c:1660
> #17 0x8062b54 in aclCheck (checklist=0x8b32a14) at acl.c:1620
> #18 0x8063095 in aclNBCheck (checklist=0x8b32a14, callback=0x8074740 <clientAccessCheckDone>, callback_data=0x8b835a0) at
> acl.c:1770
> #19 0x80745fa in clientAccessCheck (data=0x8b835a0) at client_side.c:161
> #20 0x807b38c in clientReadRequest (fd=110, data=0x8b6d460) at client_side.c:2552
> #21 0x807f5fa in comm_poll (msec=10) at comm_select.c:449
> #22 0x80a647e in main (argc=2, argv=0x80478ac) at main.c:708
>
>
> #9 0x80dc3a9 in memPoolPush (pool=0x84b8210, obj=0xdd2ec008) at MemPool.c:190
> #10 0x80dcc87 in memPoolFree (pool=0x84b8210, obj=0xdd2ec008) at MemPool.c:406
> #11 0x80a6def in memFree (p=0xdd2ec008, type=22) at mem.c:136
> #12 0x8078a79 in clientSendMoreData (data=0x8b7fca0, buf=0xdd2ec008 "£¦¼\224§·¸´QÂʫĤ+¦©¿OÒ'­\212Õ", size=1449) at
> client_side.c:1744
> #13 0x80c6b2c in storeClientCopy2 (e=0xddfd3fd8, sc=0x8b26360) at store_client.c:255
> #14 0x80c7844 in InvokeHandlers (e=0xddfd3fd8) at store_client.c:532
> #15 0x80c2f7c in storeAppend (e=0xddfd3fd8, buf=0x814c380 "£¦¼\224§·¸´QÂʫĤ+¦©¿OÒ'­\212Õ", len=1449) at store.c:463
> #16 0x8096974 in httpReadReply (fd=55, data=0x8b91fac) at http.c:565
> #17 0x807f5fa in comm_poll (msec=10) at comm_select.c:449
> #18 0x80a647e in main (argc=2, argv=0x80478ac) at main.c:708
>
>
>
> #9 0x80dc3a9 in memPoolPush (pool=0x84b8210, obj=0xdc494008) at MemPool.c:190
> #10 0x80dcc87 in memPoolFree (pool=0x84b8210, obj=0xdc494008) at MemPool.c:406
> #11 0x80a6def in memFree (p=0xdc494008, type=22) at mem.c:136
> #12 0x8078a79 in clientSendMoreData (data=0x8b76388, buf=0xdc494008 "ï\034é\222", size=4344) at client_side.c:1744
> #13 0x80c6b2c in storeClientCopy2 (e=0xdf851e68, sc=0x8b262a0) at store_client.c:255
> #14 0x80c7844 in InvokeHandlers (e=0xdf851e68) at store_client.c:532
> #15 0x80c2f7c in storeAppend (e=0xdf851e68, buf=0x814c380 "ï\034é\222", len=4344) at store.c:463
> #16 0x8096974 in httpReadReply (fd=84, data=0x8b95eac) at http.c:565
> #17 0x807f5fa in comm_poll (msec=10) at comm_select.c:449
> #18 0x80a647e in main (argc=2, argv=0x80478ac) at main.c:708
>
>
>
> ------------------------------------
> Andres Kroonmaa <andre@online.ee>
> Delfi Online
> Tel: 6501 731, Fax: 6501 708
> Pärnu mnt. 158, Tallinn,
> 11317 Estonia
>

-- 
Adrian Chadd			"God: Damn! I left pot everywhere!
<adrian@creative.net.au>	  Now I'll have to create Republicans!"
				    - Bill Hicks