You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficserver.apache.org by "Leif Hedstrom (JIRA)" <ji...@apache.org> on 2013/05/04 03:07:13 UTC
[jira] [Updated] (TS-1605) crash at mime_parse_int64
[ https://issues.apache.org/jira/browse/TS-1605?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Leif Hedstrom updated TS-1605:
------------------------------
Labels: A crash (was: crash)
> crash at mime_parse_int64
> -------------------------
>
> Key: TS-1605
> URL: https://issues.apache.org/jira/browse/TS-1605
> Project: Traffic Server
> Issue Type: Bug
> Components: HTTP, MIME
> Reporter: Bin Chen
> Assignee: Bin Chen
> Labels: A, crash
> Fix For: sometime
>
>
> {code}
> #0 0x0000000000610f76 in mime_parse_int64 (buf=0x3fb <Address 0x3fb out of bounds>,
> end=0x380f74 <Address 0x380f74 out of bounds>) at MIME.cc:3076
> /usr/src/debug/trafficserver-3.2.0/proxy/hdrs/MIME.cc:3076:106103:beg:0x610f76
> Missing separate debuginfos, use: debuginfo-install expat-2.0.1-9.1.el6.x86_64 glibc-2.12-1.47.el6.x86_64 keyutils-libs-1.4-3.el6.x86_64 krb5-libs-1.9-22.el6.x86_64 libcom_err-1.41.12-11.el6.x86_64 libgcc-4.4.6-3.el6.x86_64 libselinux-2.0.94-5.2.el6.x86_64 libstdc++-4.4.6-3.el6.x86_64 ncurses-libs-5.7-3.20090208.el6.x86_64 openssl-1.0.0-20.el6.x86_64 pcre-7.8-3.1.el6.x86_64 readline-6.0-3.el6.x86_64 tcl-8.5.7-6.el6.x86_64 xz-libs-4.999.9-0.3.beta.20091007git.el6.x86_64 zlib-1.2.3-27.el6.x86_64
> (gdb) bt
> #0 0x0000000000610f76 in mime_parse_int64 (buf=0x3fb <Address 0x3fb out of bounds>,
> end=0x380f74 <Address 0x380f74 out of bounds>) at MIME.cc:3076
> #1 0x000000000060d7a6 in mime_field_value_get_int64 (field=0x2af6853bfdd0) at MIME.cc:1694
> #2 0x000000000057d41c in MIMEHdr::value_get_int64 (this=0x2af6853bf5c8, name=0x2db7388 "Age", name_length=3)
> at ../../proxy/hdrs/MIME.h:1217
> #3 0x00000000005a9230 in MIMEHdr::get_age (this=0x2af6853bf5c8) at ../../proxy/hdrs/MIME.h:1356
> #4 0x00000000005aac0b in HttpTransactHeaders::calculate_document_age (request_time=1353920547, response_time=1353920547,
> base_response=0x2af6853bf5c8, base_response_date=1352509636, now=1354258269) at HttpTransactHeaders.cc:400
> #5 0x0000000000581d73 in HttpTransactCache::SelectFromAlternates (cache_vector=0x2af5f0a057c0,
> client_request=0x2af5f0a05780, http_config_params=0x2af6005fda30) at HttpTransactCache.cc:221
> #6 0x0000000000692c34 in CacheVC::openReadStartHead (this=0x2af5f0a056c0, event=3900, e=0x0) at CacheRead.cc:1019
> #7 0x00000000004e6fae in Continuation::handleEvent (this=0x2af5f0a056c0, event=3900, data=0x0)
> at ../iocore/eventsystem/I_Continuation.h:146
> #8 0x00000000006717e2 in CacheVC::handleReadDone (this=0x2af5f0a056c0, event=3900, e=0x2af5f0a05840) at Cache.cc:1952
> #9 0x00000000004e6fae in Continuation::handleEvent (this=0x2af5f0a056c0, event=3900, data=0x2af5f0a05840)
> at ../iocore/eventsystem/I_Continuation.h:146
> #10 0x00000000006761cc in AIOCallbackInternal::io_complete (this=0x2af5f0a05840, event=1, data=0x2af79c001420)
> at ../../iocore/aio/P_AIO.h:80
> #11 0x00000000004e6fae in Continuation::handleEvent (this=0x2af5f0a05840, event=1, data=0x2af79c001420)
> at ../iocore/eventsystem/I_Continuation.h:146
> #12 0x00000000006d99b8 in EThread::process_event (this=0x2af4f84e6010, e=0x2af79c001420, calling_code=1)
> at UnixEThread.cc:189
> #13 0x00000000006d9b86 in EThread::execute (this=0x2af4f84e6010) at UnixEThread.cc:240
> #14 0x00000000006d89e7 in spawn_thread_internal (a=0x2af4fc603b00) at Thread.cc:88
> #15 0x00000034bfc077f1 in start_thread () from /lib64/libpthread.so.0
> #16 0x00000034bf8e570d in clone () from /lib64/libc.so.6
> (gdb) f 0
> #0 0x0000000000610f76 in mime_parse_int64 (buf=0x3fb <Address 0x3fb out of bounds>,
> end=0x380f74 <Address 0x380f74 out of bounds>) at MIME.cc:3076
> /usr/src/debug/trafficserver-3.2.0/proxy/hdrs/MIME.cc:3076:106103:beg:0x610f76
> (gdb) l
> 3071 bool negative;
> 3072
> 3073 if (!buf || (buf == end))
> 3074 return 0;
> 3075
> 3076 if (is_digit(*buf)) // fast case
> 3077 {
> 3078 num = *buf++ - '0';
> 3079 while ((buf != end) && is_digit(*buf))
> 3080 num = (num * 10) + (*buf++ - '0');
> (gdb) p buf
> $1 = 0x3fb <Address 0x3fb out of bounds>
> {code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira