You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2012/06/22 10:30:48 UTC
[Bug 53452] New: Segmentation fault in dbd_remove
https://issues.apache.org/bugzilla/show_bug.cgi?id=53452
Priority: P2
Bug ID: 53452
Assignee: bugs@httpd.apache.org
Summary: Segmentation fault in dbd_remove
Severity: normal
Classification: Unclassified
OS: Linux
Reporter: rebanerebane@gmail.com
Hardware: PC
Status: NEW
Version: 2.4-HEAD
Component: mod_session_dbd
Product: Apache httpd-2
Description:
Experiencing a segmentation fault in the module mod_session_dbd, in the
function dbd_remove. The segmentation fault is caused by an uninitialized
function pointer session_dbd_acquire_fn.
Some trial and error showed that the segmentation fault occurs when there is no
entries present in the session_rec structure. No segmentation fault occurs when
I add some entries.
I bug seems to be related to these:
* https://issues.apache.org/bugzilla/show_bug.cgi?id=53029
* https://issues.apache.org/bugzilla/show_bug.cgi?id=50012
Relevant configuration:
LoadModule dbd_module modules/mod_dbd.so
LoadModule session_module modules/mod_session.so
LoadModule session_dbd_module modules/mod_session_dbd.so
DBDriver sqlite3
DBDParams "/usr/local/apache2/db/webcontrollerproxy.db"
DBDPrepareSQL "delete from session where key = %s" deletesession
DBDPrepareSQL "update session set value = %s, expiry = %lld where key = %s"
updatesession
DBDPrepareSQL "insert into session (value, expiry, key) values (%s, %lld, %s)"
insertsession
DBDPrepareSQL "select value from session where key = %s and (expiry = 0 or
expiry > %lld)" selectsession
GDB output:
sudo gdb httpd
GNU gdb (GDB) 7.2-ubuntu
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/local/apache2/bin/httpd...done.
(gdb) run -X -d /usr/local/apache2
Starting program: /usr/local/apache2/bin/httpd -X -d /usr/local/apache2
[Thread debugging using libthread_db enabled]
[New Thread 0x7ffff0c99700 (LWP 7768)]
[New Thread 0x7ffff0498700 (LWP 7769)]
[New Thread 0x7fffefc97700 (LWP 7770)]
[New Thread 0x7fffef496700 (LWP 7771)]
[New Thread 0x7fffeec95700 (LWP 7772)]
[New Thread 0x7fffee494700 (LWP 7773)]
[New Thread 0x7fffedc93700 (LWP 7774)]
[New Thread 0x7fffed492700 (LWP 7775)]
[New Thread 0x7fffecc91700 (LWP 7776)]
[New Thread 0x7fffec490700 (LWP 7777)]
[New Thread 0x7fffebc8f700 (LWP 7778)]
[New Thread 0x7fffeb48e700 (LWP 7779)]
[New Thread 0x7fffeac8d700 (LWP 7780)]
[New Thread 0x7fffea48c700 (LWP 7781)]
[New Thread 0x7fffe9c8b700 (LWP 7782)]
[New Thread 0x7fffe948a700 (LWP 7783)]
[New Thread 0x7fffe8c89700 (LWP 7784)]
[New Thread 0x7fffe8488700 (LWP 7785)]
[New Thread 0x7fffe7c87700 (LWP 7786)]
[New Thread 0x7fffe7486700 (LWP 7787)]
[New Thread 0x7fffe6c85700 (LWP 7788)]
[New Thread 0x7fffe6484700 (LWP 7789)]
[New Thread 0x7fffe5c83700 (LWP 7790)]
[New Thread 0x7fffe5482700 (LWP 7791)]
[New Thread 0x7fffe4c81700 (LWP 7792)]
[New Thread 0x7fffe4480700 (LWP 7793)]
[New Thread 0x7fffe3c7f700 (LWP 7794)]
[Thread 0x7ffff0c99700 (LWP 7768) exited]
/* Here I make a request to the custom module that uses mod_session(_dbd).
* Note that the custom module handler returns successfully.
*/
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffe6c85700 (LWP 7788)]
0x0000000000000000 in ?? ()
(gdb) bt
#0 0x0000000000000000 in ?? ()
#1 0x00007ffff3972e60 in dbd_remove (r=0x859c20, key=0x85eae0
"1a2448b1-8f03-4fdd-8562-f9a5c4eee525") at mod_session_dbd.c:341
#2 0x00007ffff39731a7 in session_dbd_save (r=0x859c20, z=0x85e498) at
mod_session_dbd.c:428
#3 0x00007ffff3d7a9fc in ap_run_session_save (r=0x859c20, z=0x85e498) at
mod_session.c:37
#4 0x00007ffff3d7b5ba in ap_session_save (r=0x859c20, z=0x85e498) at
mod_session.c:209
#5 0x00007ffff3d7bcb1 in session_output_filter (f=0x85e710, in=0x85ea80) at
mod_session.c:455
#6 0x000000000043338e in ap_pass_brigade (next=0x85e710, bb=0x85ea80) at
util_filter.c:533
#7 0x00000000004395c6 in ap_old_write_filter (f=0x85e788, bb=0x85ea80) at
protocol.c:1483
#8 0x000000000043338e in ap_pass_brigade (next=0x85e788, bb=0x85ea80) at
util_filter.c:533
#9 0x0000000000438abb in end_output_stream (r=0x859c20) at protocol.c:1210
#10 0x0000000000438b17 in ap_finalize_request_protocol (r=0x859c20) at
protocol.c:1232
#11 0x000000000046ee4b in ap_process_async_request (r=0x859c20) at
http_request.c:346
#12 0x000000000046b271 in ap_process_http_async_connection (c=0x855e80) at
http_core.c:143
#13 0x000000000046b45d in ap_process_http_connection (c=0x855e80) at
http_core.c:228
#14 0x000000000045fa96 in ap_run_process_connection (c=0x855e80) at
connection.c:41
#15 0x00000000004797a6 in process_socket (thd=0x6d8308, p=0x855b88,
sock=0x855c00, cs=0x855e08, my_child_num=0, my_thread_num=19) at event.c:917
#16 0x000000000047bc0c in worker_thread (thd=0x6d8308, dummy=0x851110) at
event.c:1744
#17 0x00007ffff740d933 in ?? () from /usr/lib/libapr-1.so.0
#18 0x00007ffff71cc971 in start_thread () from /lib/libpthread.so.0
#19 0x00007ffff6f27f3d in clone () from /lib/libc.so.6
#20 0x0000000000000000 in ?? ()
(gdb) p session_dbd_acquire_fn
$1 = (ap_dbd_t *(*)(request_rec *)) 0
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 53452] [Patch] Segmentation fault in dbd_remove
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53452
--- Comment #8 from Jackie Rosen <ja...@hushmail.com> ---
*** Bug 260998 has been marked as a duplicate of this bug. ***
Seen from the domain http://volichat.com
Page where seen: http://volichat.com/adult-chat-rooms
Marked for reference. Resolved as fixed @bugzilla.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 53452] Segmentation fault in dbd_remove
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53452
Chris <ch...@cxtsoftware.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |chris@cxtsoftware.com
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 53452] [Patch] Segmentation fault in dbd_remove
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53452
Christophe JAILLET <ch...@wanadoo.fr> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |zhaozg@gmail.com
--- Comment #4 from Christophe JAILLET <ch...@wanadoo.fr> ---
*** Bug 50012 has been marked as a duplicate of this bug. ***
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 53452] [Patch] Segmentation fault in dbd_remove
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53452
Christophe JAILLET <ch...@wanadoo.fr> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |FixedInTrunk
--- Comment #6 from Christophe JAILLET <ch...@wanadoo.fr> ---
Will be part of 2.4.4
r1416583
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 53452] Segmentation fault in dbd_remove
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53452
--- Comment #1 from Chris <ch...@cxtsoftware.com> ---
Created attachment 29117
--> https://issues.apache.org/bugzilla/attachment.cgi?id=29117&action=edit
Patch to fix segfault
The remove method wasn't properly initializing the dbd methods. This fixes that
issue by using the init method like the rest of the code.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 53452] [Patch] Segmentation fault in dbd_remove
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53452
Chris <ch...@cxtsoftware.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|Segmentation fault in |[Patch] Segmentation fault
|dbd_remove |in dbd_remove
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 53452] [Patch] Segmentation fault in dbd_remove
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53452
--- Comment #5 from Christophe JAILLET <ch...@wanadoo.fr> ---
Trunk patch
http://svn.apache.org/viewvc?view=revision&sortby=date&revision=1408958
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 53452] [Patch] Segmentation fault in dbd_remove
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53452
Christophe JAILLET <ch...@wanadoo.fr> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |PatchAvailable
--- Comment #3 from Christophe JAILLET <ch...@wanadoo.fr> ---
Thanks for the report.
I will apply a slightly modified version of your patch to trunk and propose it
for backport in 2.4.x branch next week or so.
The applied patch includes an additional test against the return value from
dbd_init. This avoids a potential NULL pointer deference if APR_EGENERAL was
returned. In such a case, dbd remains unmodified.
rv = apr_dbd_pvbquery(dbd->driver
^
|_____
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 53452] [Patch] Segmentation fault in dbd_remove
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53452
Stefan Fritsch <sf...@sfritsch.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #7 from Stefan Fritsch <sf...@sfritsch.de> ---
fixed in 2.4.4
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 53452] Segmentation fault in dbd_remove
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53452
--- Comment #2 from Chris <ch...@cxtsoftware.com> ---
*** Bug 53029 has been marked as a duplicate of this bug. ***
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org