Crash in apr_file_close() (Win32)

["Yuri V. Vishnevskiy" <yu...@gmail.com>]

Dear All,
I have a problem with using stdout stream opened by apr_file_open_stdout()  
function. If I open several stdout handlers in my program then it crashes  
when calls apr_file_close() function more than one time.

The following simple code reproduces such error:

int main(int a, char** b)
{
apr_pool_t * pool;
apr_file_t *file1, *file2;


  apr_initialize();
  apr_pool_create(&pool, NULL);

  apr_file_open_stdout(&file1, pool);
  apr_file_open_stdout(&file2, pool);

  apr_file_puts("Hello World (1)\n", file1);
  apr_file_puts("Hello World (2)\n", file2);

  apr_file_close(file1);
  apr_file_close(file2); // <-- crash is here.

  apr_terminate();

  return(0);
}

-------------------------------------------------
System: WinXP SP3, x86.
APR: 1.3.8
Compiler: Visual Studio 2008 SP1 (15.00.30729.01)


Is this bug or feature?


Regards,
Yura Vishnevskiy

Re: Crash in apr_file_close() (Win32)

["William A. Rowe, Jr." <wr...@rowe-clan.net>]

Mladen Turk wrote:
> 
> Indeed the crash happens on second _close(1) call.
> I presume the _close(x) should be called *only* if
> the file was dup2'ed (at least according to the comment
> in the code), so I'll try to figure out how to fix that
> unless Bill has some other ideas or suggestions.

The real question is what does MSVCRT80 do with _close(1) on an
application started as a service or in windows, where there is no
file in fd[1]?

The best would be to mark fd[1] as closed, and avoid closing it
again with _close[1], but report an error instead.

>> The following simple code reproduces such error:
>>
>> apr_file_open_stdout(&file1, pool);
>> apr_file_open_stdout(&file2, pool);

The presumption here is that stdout opens two handles; but it does
not.  On all platforms, file1 == file2

>> apr_file_close(file1);
>> apr_file_close(file2); // <-- crash is here.

Agreed crashing isn't nice, but it's not incorrect; this is a code bug
attempting to close the same handle twice.  We should return an error
instead, however.

Re: Crash in apr_file_close() (Win32)

[Mladen Turk <mt...@apache.org>]

Just an update from the conversation I had with Yuri.

He confirmed that the APR crashes if build with VS2008.
(both debug and release version of msvcrt90(d).dll)
Now looking at the MSVCRT source for _close, I suspect
it crashes with VS2005 as well.

Since it doesn't crash if linked to msvcrt.dll I presume
the cause is the following comment:

<snip>
In order to avoid later segfaults with handle 'reuse',
we must protect against the case that a dup2'ed handle
is being closed, and invalidate the corresponding StdHandle
We also tell msvcrt when stdhandles are closed.
</snip>

Indeed the crash happens on second _close(1) call.
I presume the _close(x) should be called *only* if
the file was dup2'ed (at least according to the comment
in the code), so I'll try to figure out how to fix that
unless Bill has some other ideas or suggestions.



>
> The following simple code reproduces such error:
>
> int main(int a, char** b)
> {
> apr_pool_t * pool;
> apr_file_t *file1, *file2;
>
>
> apr_initialize();
> apr_pool_create(&pool, NULL);
>
> apr_file_open_stdout(&file1, pool);
> apr_file_open_stdout(&file2, pool);
>
> apr_file_puts("Hello World (1)\n", file1);
> apr_file_puts("Hello World (2)\n", file2);
>
> apr_file_close(file1);
> apr_file_close(file2); // <-- crash is here.
>
> apr_terminate();
>
> return(0);
> }
>

Regards
-- 
^TM

Re: Crash in apr_file_close() (Win32)

["Yuri V. Vishnevskiy" <yu...@gmail.com>]

> On Sun, 2009-09-20 at 09:56 +0700, Yuri V. Vishnevskiy wrote:
>> Here is a call stack:
>>
>> test.exe!_crt_debugger_hook(int _Reserved=2)  Line 62   C
>
> Thanks.
>
> I just now realised this is Windows. I guess someone else will have to
> have a look. I don't have that platform and I'm not at all familiar with
> it.
>

Yes, this issue is related only to Windows.
Under Linux (both x86 and x86_64), FreeBSD x86_64, Solaris x86 and OS/2  
there are no such problems.

Re: Crash in apr_file_close() (Win32)

[Bojan Smojver <bo...@rexursive.com>]

On Sun, 2009-09-20 at 09:56 +0700, Yuri V. Vishnevskiy wrote:
> Here is a call stack:
> 
> test.exe!_crt_debugger_hook(int _Reserved=2)  Line 62   C

Thanks.

I just now realised this is Windows. I guess someone else will have to
have a look. I don't have that platform and I'm not at all familiar with
it.

-- 
Bojan

Re: Crash in apr_file_close() (Win32)

["Yuri V. Vishnevskiy" <yu...@gmail.com>]

> On Sat, 2009-09-19 at 23:34 +0700, Yuri V. Vishnevskiy wrote:
>> I have a problem with using stdout stream opened by
>> apr_file_open_stdout()
>> function. If I open several stdout handlers in my program then it
>> crashes
>> when calls apr_file_close() function more than one time.
>
> Could you run it within a debugger and then give us a stack trace?
>

Here is a call stack:

test.exe!_crt_debugger_hook(int _Reserved=2)  Line 62	C
test.exe!_invalid_parameter(const wchar_t * pszExpression=0x00481474,  
const wchar_t * pszFunction=0x004814a0, const wchar_t *  
pszFile=0x004814b0, unsigned int nLine=48, unsigned int pReserved=0)  Line  
112 + 0x7 bytes	C++
test.exe!_close(int fh=1)  Line 48 + 0x7b bytes	C
> test.exe!file_cleanup(void * thefile=0x0035d880)  Line 303 + 0x7 bytes	C
test.exe!apr_file_close(apr_file_t * file=0x0035d880)  Line 494 + 0x9  
bytes	C
test.exe!main(int a=1, char * * b=0x00353128)  Line 27	C
test.exe!__tmainCRTStartup()  Line 266 + 0x19 bytes	C
test.exe!mainCRTStartup()  Line 182	C
kernel32.dll!7c817077() 	
[Frames below may be incorrect and/or missing, no symbols loaded for  
kernel32.dll]	


Regards,
Yura Vishnevskiy

Re: Crash in apr_file_close() (Win32)

[Bojan Smojver <bo...@rexursive.com>]

On Sat, 2009-09-19 at 23:34 +0700, Yuri V. Vishnevskiy wrote:
> I have a problem with using stdout stream opened by
> apr_file_open_stdout()  
> function. If I open several stdout handlers in my program then it
> crashes  
> when calls apr_file_close() function more than one time.

Could you run it within a debugger and then give us a stack trace?

-- 
Bojan