You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2008/05/28 07:04:41 UTC
DO NOT REPLY [Bug 45086] New: (reslist_cleanup.c) A potential bug
discovered by a static program analysis approach
https://issues.apache.org/bugzilla/show_bug.cgi?id=45086
Summary: (reslist_cleanup.c) A potential bug discovered by a
static program analysis approach
Product: Apache httpd-2
Version: 2.2.8
Platform: PC
OS/Version: Windows XP
Status: NEW
Severity: normal
Priority: P2
Component: Core
AssignedTo: bugs@httpd.apache.org
ReportedBy: rxc92@case.edu
File Name: /srclib/apr-util/misc/apr_reslist.c
Function Name: reslist_cleanup()
Buggy Code:
144: apr_thread_mutex_lock(rl->listlock);
145:
146: while (rl->nidle > 0) {
147: res = pop_resource(rl);
148: rl->ntotal--;
149: rv = destroy_resource(rl, res);
150: if (rv != APR_SUCCESS)
151: return rv;
// the execution of apr_thread_mutex_unlock() is missed.
Description: We found a rule requiring that apr_thread_mutex_unlock() be called
after the execution of apr_thread_mutex_lock(). The call of
apr_thread_mutex_unlock() is missed in the above code.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
Re: DO NOT REPLY [Bug 45086] New: (reslist_cleanup.c) A potential
bug discovered by a static program analysis approach
Posted by Ruediger Pluem <rp...@apache.org>.
On 05/28/2008 08:10 AM, Nick Kew wrote:
> On Tue, 27 May 2008, bugzilla@apache.org wrote:
>
>> File Name: /srclib/apr-util/misc/apr_reslist.c
>> Function Name: reslist_cleanup()
>> Buggy Code:
>>
>> 144: apr_thread_mutex_lock(rl->listlock);
>> 145:
>> 146: while (rl->nidle > 0) {
>> 147: res = pop_resource(rl);
>> 148: rl->ntotal--;
>> 149: rv = destroy_resource(rl, res);
>> 150: if (rv != APR_SUCCESS)
>> 151: return rv;
>> // the execution of apr_thread_mutex_unlock() is missed.
>
> That return looks like a relatively serious issue. Shouldn't
> the cleanup plough on and destroy_resource on every resource
> (i.e. while ntotal > 0) regardless in that loop?
IMHO yes. We can save a non APR_SUCCESS return value and return it
at the end.
Regards
RĂ¼diger
Re: DO NOT REPLY [Bug 45086] New: (reslist_cleanup.c) A potential
bug discovered by a static program analysis approach
Posted by Nick Kew <ni...@apache.org>.
On Tue, 27 May 2008, bugzilla@apache.org wrote:
> File Name: /srclib/apr-util/misc/apr_reslist.c
> Function Name: reslist_cleanup()
> Buggy Code:
>
> 144: apr_thread_mutex_lock(rl->listlock);
> 145:
> 146: while (rl->nidle > 0) {
> 147: res = pop_resource(rl);
> 148: rl->ntotal--;
> 149: rv = destroy_resource(rl, res);
> 150: if (rv != APR_SUCCESS)
> 151: return rv;
> // the execution of apr_thread_mutex_unlock() is missed.
That return looks like a relatively serious issue. Shouldn't
the cleanup plough on and destroy_resource on every resource
(i.e. while ntotal > 0) regardless in that loop?
--
Nick Kew
DO NOT REPLY [Bug 45086] (reslist_cleanup.c) A potential bug
discovered by a static program analysis approach
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=45086
Nick Kew <ni...@webthing.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Component|Core |APR-util
OS/Version|Windows XP |All
Product|Apache httpd-2 |APR
Platform|PC |All
Version|2.2.8 |HEAD
--- Comment #1 from Nick Kew <ni...@webthing.com> 2008-05-27 22:57:50 PST ---
Please select the correct project, component, platform and OS when creating a
bug report.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 45086] (reslist_cleanup.c) A potential bug
discovered by a static program analysis approach
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=45086
Nick Kew <ni...@webthing.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
AssignedTo|bugs@httpd.apache.org |bugs@apr.apache.org
--- Comment #3 from Nick Kew <ni...@webthing.com> 2008-05-28 07:16:37 PST ---
Last time you reported bugs (and non-bugs), you posted to the mailinglist.
Given your approach, that was a sensible thing to do.
This is a genuine bug, too - thank you. But you reported it (and two others,
which I haven't looked at because they're probably inconsequential) in the
wrong place.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 45086] (reslist_cleanup.c) A potential bug
discovered by a static program analysis approach
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=45086
--- Comment #2 from Raymond <rx...@case.edu> 2008-05-28 06:25:22 PST ---
(In reply to comment #1)
> Please select the correct project, component, platform and OS when creating a
> bug report.
In our research project, we develop an approach to discover potential software
defects from source code directly by using static program analysis and data
mining techniques. In other words, the approach is able to detect potential
software defects before the application is deployed. Therefore, this reported
bug is not a run-time bug so that I don't have information about the project,
component, platform and OS which this bug may be involved in. We would like to
know whether this potential bug is a real bug in the source code.
(Actually, some bugs discovered by our approach have been confirmed by Apache
developers recently).
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org