You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Dean Gaudet <dg...@arctic.org> on 1997/11/25 08:41:41 UTC

[PATCH] general/1387: scoreboard_image memory allocation is inconsistent


On 10 Nov 1997, Ben Hyde wrote:

> >Description:
> in http_main.c reinit_scoreboard allocates scoreboard_image once as 
>    calloc(HARD_SERVER_LIMIT, sizeof(short_score))
> while othertimes as  
>    SCOREBOARD_SIZE
> which is defined as sizeof(scoreboard).

Uh, win32 folks, this is a nice source of memory corruption.  Try this
patch which I haven't even compiled. 

Dean

Index: http_main.c
===================================================================
RCS file: /export/home/cvs/apachen/src/main/http_main.c,v
retrieving revision 1.254
diff -u -r1.254 http_main.c
--- http_main.c	1997/11/25 04:07:11	1.254
+++ http_main.c	1997/11/25 07:36:19
@@ -1248,7 +1248,8 @@
 void reinit_scoreboard(pool *p)
 {
     ap_assert(!scoreboard_image);
-    scoreboard_image = (scoreboard *) calloc(HARD_SERVER_LIMIT, sizeof(short_score));
+    scoreboard_image = (scoreboard *) malloc(SCOREBOARD_SIZE);
+    memset (scoreboard_image, 0, SCOREBOARD_SIZE);
 }
 
 void cleanup_scoreboard()

Re: [PATCH] general/1387: scoreboard_image memory allocation is inconsistent

Posted by Martin Kraemer <Ma...@mch.sni.de>.

On Tue, Nov 25, 1997 at 10:59:17AM -0800, Dean Gaudet wrote:
> Actually, why the heck is there a SCOREBOARD_SIZE define at all?  I'd
> prefer this patch.

+1.

    Martin
-- 
| S I E M E N S |  <Ma...@mch.sni.de>  |      Siemens Nixdorf
| ------------- |   Voice: +49-89-636-46021     |  Informationssysteme AG
| N I X D O R F |   FAX:   +49-89-636-44994     |   81730 Munich, Germany
~~~~~~~~~~~~~~~~My opinions only, of course; pgp key available on request

Re: [PATCH] general/1387: scoreboard_image memory allocation is inconsistent

Posted by Dean Gaudet <dg...@arctic.org>.

On Wed, 26 Nov 1997, Ben Laurie wrote:

> I presume the motivation was to allow for future variable size
> scoreboards.

Hum.  Ok I'll buy it I suppose.  Ben Hyde said the same thing to me in
private email.

I need to go add my thoughts on scoreboards to the process model page.  I
want a very restricted API to them available to the general code; I expect
each process model to implement their own mod_status using whatever
intimate knowledge necessary. 

Dean

Re: [PATCH] general/1387: scoreboard_image memory allocation is inconsistent

Posted by Ben Laurie <be...@algroup.co.uk>.

Dean Gaudet wrote:
> 
> On Mon, 24 Nov 1997, Dean Gaudet wrote:
> 
> > On 10 Nov 1997, Ben Hyde wrote:
> >
> > > >Description:
> > > in http_main.c reinit_scoreboard allocates scoreboard_image once as
> > >    calloc(HARD_SERVER_LIMIT, sizeof(short_score))
> > > while othertimes as
> > >    SCOREBOARD_SIZE
> > > which is defined as sizeof(scoreboard).
> >
> > Uh, win32 folks, this is a nice source of memory corruption.  Try this
> > patch which I haven't even compiled.
> 
> Actually, why the heck is there a SCOREBOARD_SIZE define at all?  I'd
> prefer this patch.

I presume the motivation was to allow for future variable size
scoreboards.

Cheers,

Ben.

-- 
Ben Laurie            |Phone: +44 (181) 735 0686|Apache Group member
Freelance Consultant  |Fax:   +44 (181) 735 0689|http://www.apache.org
and Technical Director|Email: ben@algroup.co.uk |Apache-SSL author
A.L. Digital Ltd,     |http://www.algroup.co.uk/Apache-SSL
London, England.      |"Apache: TDG" http://www.ora.com/catalog/apache

Re: [PATCH] general/1387: scoreboard_image memory allocation is inconsistent

Posted by Dean Gaudet <dg...@arctic.org>.

On Mon, 24 Nov 1997, Dean Gaudet wrote:

> On 10 Nov 1997, Ben Hyde wrote:
> 
> > >Description:
> > in http_main.c reinit_scoreboard allocates scoreboard_image once as 
> >    calloc(HARD_SERVER_LIMIT, sizeof(short_score))
> > while othertimes as  
> >    SCOREBOARD_SIZE
> > which is defined as sizeof(scoreboard).
> 
> Uh, win32 folks, this is a nice source of memory corruption.  Try this
> patch which I haven't even compiled. 

Actually, why the heck is there a SCOREBOARD_SIZE define at all?  I'd
prefer this patch.

Dean

Index: http_main.c
===================================================================
RCS file: /export/home/cvs/apachen/src/main/http_main.c,v
retrieving revision 1.254
diff -u -r1.254 http_main.c
--- http_main.c	1997/11/25 04:07:11	1.254
+++ http_main.c	1997/11/25 18:54:20
@@ -1248,7 +1248,8 @@
 void reinit_scoreboard(pool *p)
 {
     ap_assert(!scoreboard_image);
-    scoreboard_image = (scoreboard *) calloc(HARD_SERVER_LIMIT, sizeof(short_score));
+    scoreboard_image = (scoreboard *) malloc(sizeof(scoreboard));
+    memset (scoreboard_image, 0, sizeof(scoreboard));
 }
 
 void cleanup_scoreboard()
@@ -1281,7 +1282,7 @@
     char errstr[MAX_STRING_LEN];
     int rc;
 
-    m = (caddr_t) create_shared_heap("\\SHAREMEM\\SCOREBOARD", SCOREBOARD_SIZE);
+    m = (caddr_t) create_shared_heap("\\SHAREMEM\\SCOREBOARD", sizeof(scoreboard));
     if (m == 0) {
 	fprintf(stderr, "httpd: Could not create OS/2 Shared memory pool.\n");
 	exit(1);
@@ -1327,13 +1328,13 @@
 	perror("httpd: could not open(create) scoreboard");
 	exit(1);
     }
-    if (ltrunc(fd, (off_t) SCOREBOARD_SIZE, SEEK_SET) == -1) {
+    if (ltrunc(fd, (off_t) sizeof(scoreboard), SEEK_SET) == -1) {
 	perror("httpd: could not ltrunc scoreboard");
 	shm_unlink(scoreboard_fname);
 	exit(1);
     }
     if ((m = (caddr_t) mmap((caddr_t) 0,
-			    (size_t) SCOREBOARD_SIZE, PROT_READ | PROT_WRITE,
+			    (size_t) sizeof(scoreboard), PROT_READ | PROT_WRITE,
 			    MAP_SHARED, fd, (off_t) 0)) == (caddr_t) - 1) {
 	perror("httpd: cannot mmap scoreboard");
 	shm_unlink(scoreboard_fname);
@@ -1356,13 +1357,13 @@
      * returned (rounded up to a page boundary).
      */
     {
-	unsigned len = SCOREBOARD_SIZE;
+	unsigned len = sizeof(scoreboard);
 
 	m = mmap((caddr_t) 0xC0000000, &len,
 		 PROT_READ | PROT_WRITE, MAP_ANON | MAP_SHARED, NOFD, 0);
     }
 #else
-    m = mmap((caddr_t) 0, SCOREBOARD_SIZE,
+    m = mmap((caddr_t) 0, sizeof(scoreboard),
 	     PROT_READ | PROT_WRITE, MAP_ANON | MAP_SHARED, -1, 0);
 #endif
     if (m == (caddr_t) - 1) {
@@ -1380,7 +1381,7 @@
 	fprintf(stderr, "httpd: Could not open /dev/zero\n");
 	exit(1);
     }
-    m = mmap((caddr_t) 0, SCOREBOARD_SIZE,
+    m = mmap((caddr_t) 0, sizeof(scoreboard),
 	     PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0);
     if (m == (caddr_t) - 1) {
 	perror("mmap");
@@ -1404,7 +1405,7 @@
     char *obrk;
 #endif
 
-    if ((shmid = shmget(shmkey, SCOREBOARD_SIZE, IPC_CREAT | SHM_R | SHM_W)) == -1) {
+    if ((shmid = shmget(shmkey, sizeof(scoreboard), IPC_CREAT | SHM_R | SHM_W)) == -1) {
 #ifdef LINUX
 	if (errno == ENOSYS) {
 	    aplog_error(APLOG_MARK, APLOG_NOERRNO|APLOG_EMERG, server_conf,
@@ -1535,7 +1536,7 @@
     if (scoreboard_image == NULL) {
 	setup_shared_mem(p);
     }
-    memset(scoreboard_image, 0, SCOREBOARD_SIZE);
+    memset(scoreboard_image, 0, sizeof(scoreboard));
     scoreboard_image->global.exit_generation = exit_gen;
 #else
     scoreboard_image = &_scoreboard_image;
Index: scoreboard.h
===================================================================
RCS file: /export/home/cvs/apachen/src/main/scoreboard.h,v
retrieving revision 1.33
diff -u -r1.33 scoreboard.h
--- scoreboard.h	1997/10/22 20:29:50	1.33
+++ scoreboard.h	1997/11/25 18:54:20
@@ -145,8 +145,6 @@
     global_score global;
 } scoreboard;
 
-#define SCOREBOARD_SIZE		sizeof(scoreboard)
-
 API_EXPORT(void) sync_scoreboard_image(void);
 API_EXPORT(int) exists_scoreboard_image(void);