You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@apr.apache.org by Keisuke Nishida <ke...@gmail.com> on 2007/01/31 12:15:13 UTC

program crash with apr_thread_pool

Hi,

I'm using apr_thread_pool of APR-util from the trunk.

When I compile and run the code below, the program crashes due to double free
in apr_pool_destroy.  It seems I must call apr_thread_pool_destroy explicitly to
avoid the crash.

As far as I can understand, apr_thread_pool_destroy is implicitly executed when
I call apr_pool_destroy(pool) in the code.  Can anybody kindly explain why the
double free happens without apr_thread_pool_destroy?

I am using RHEL4 (Linux 2.6.9-42.0.3, glibc 2.3.4).

Thanks in advance.

Keisuke Nishida

----------------------------------------------------------------
#include <apr_general.h>
#include <apr_thread_pool.h>

int
main(int argc, char **argv, char **env)
{
  apr_pool_t *pool;
  apr_thread_pool_t *thread_pool;

  apr_app_initialize(&argc,
		     (const char * const **)&argv,
		     (const char * const **)&env);
  atexit(apr_terminate);

  apr_pool_create(&pool, NULL);

  apr_thread_pool_create(&thread_pool, 1, 1, pool);

  /* the program craches without this call */
  // apr_thread_pool_destroy(thread_pool);

  apr_pool_destroy(pool);

  return 0;
}
----------------------------------------------------------------

$ cc -g `apr-1-config --cflags --cppflags --includes` sample.c -lapr-1
-laprutil-1
$ gdb a.out
gdb a.out
GNU gdb Red Hat Linux (6.3.0.0-1.132.EL4rh)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu"...Using host
libthread_db library "/lib/tls/libthread_db.so.1".

(gdb) r
Starting program: a.out
[Thread debugging using libthread_db enabled]
[New Thread -1208060224 (LWP 27065)]
[New Thread -1208063056 (LWP 27068)]
[Thread -1208063056 (zombie) exited]
*** glibc detected *** double free or corruption (!prev): 0x08155090 ***

Program received signal SIGABRT, Aborted.
[Switching to Thread -1208060224 (LWP 27065)]
0x001d57a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
(gdb) bt
#0  0x001d57a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
#1  0x002157a5 in raise () from /lib/tls/libc.so.6
#2  0x00217209 in abort () from /lib/tls/libc.so.6
#3  0x0024971a in __libc_message () from /lib/tls/libc.so.6
#4  0x0024ffbf in _int_free () from /lib/tls/libc.so.6
#5  0x0025033a in free () from /lib/tls/libc.so.6
#6  0x00405958 in apr_allocator_destroy (allocator=0x814f008)
    at memory/unix/apr_pools.c:134
#7  0x004072e9 in apr_pool_destroy (pool=0x814f090)
    at memory/unix/apr_pools.c:800
#8  0x0040732b in apr_pool_terminate () at memory/unix/apr_pools.c:591
#9  0x004076c3 in apr_terminate () at misc/unix/start.c:82
#10 0x00218527 in exit () from /lib/tls/libc.so.6
#11 0x00202ded in __libc_start_main () from /lib/tls/libc.so.6
#12 0x0804858d in _start ()