On Thu, 24 Jan 2013 09:26:16 +0100 "Robert Milasan" <[email protected]> wrote:
> On Wed, 23 Jan 2013 20:58:45 +0100 > "Robert Milasan" <[email protected]> wrote: > > > I'm running polipo as a non-transparent caching proxy server and > > privoxy as the transparent proxy forwarding request to polipo. > > > > All works fine, but there is a segfault in server.c:1798 function > > httpServerReplyHandler due to connection->request being NULL making > > HTTPRequestPtr request also NULL. > > > > (gdb) bt > > #0 0x0806a466 in httpServerReplyHandler (status=0, event=0x517b508, > > srequest=0x517b518) at server.c:1798 #1 0x0804da4d in > > do_scheduled_stream (status=0, event=0x517b508) at io.c:366 #2 > > 0x0804ca0b in eventLoop () at event.c:713 #3 0x08059dee in main > > (argc=3, argv=0xbebc4cd4) at main.c:165 (gdb) l > > 1793 HTTPRequestPtr request = connection->request; > > 1794 int i, body; > > 1795 int bufsize = > > 1796 (connection->flags & CONN_BIGBUF) ? > > bigBufferSize : CHUNK_SIZE; 1797 > > 1798 assert(request->object->flags & OBJECT_INPROGRESS); > > 1799 if(status < 0) { > > 1800 if(connection->serviced >= 1) { > > 1801 httpServerRestart(connection); > > 1802 return 1; > > (gdb) p request > > $1 = (HTTPRequestPtr) 0x0 > > (gdb) p connection > > $2 = (HTTPConnectionPtr) 0x6c57b28 > > (gdb) p connection->request > > $3 = (struct _HTTPRequest *) 0x0 > > > > As you can see under some circumstances connection->request is NULL > > so request will be also NULL. > > > > I didn't come up with the actually issue why sometimes > > connection->request is NULL, still investigating. > > > > NOTE: This issue happens with both 1.0.4 and 1.0.5 version. > Here is some information from valgrind: Restarting pipeline to dx.com:80. ==758== Invalid read of size 4 ==758== at 0x804D648: do_scheduled_stream (io.c:279) ==758== by 0x804CA0A: eventLoop (event.c:713) ==758== by 0x8059DED: main (main.c:165) ==758== Address 0x6c57b30 is 8 bytes inside a block of size 88 free'd ==758== at 0x4023B6A: free (vg_replace_malloc.c:366) ==758== by 0x80690D3: httpServerFinish (server.c:1313) ==758== by 0x8069587: httpServerRestart (server.c:1459) ==758== by 0x806A282: httpServerHandler (server.c:1740) ==758== by 0x804DA86: do_scheduled_stream (io.c:369) ==758== by 0x804D39B: schedule_stream (io.c:205) ==758== by 0x804CE24: do_stream (io.c:69) ==758== by 0x806A422: httpServerSendRequest (server.c:1781) ==758== by 0x8067E11: httpServerTrigger (server.c:872) ==758== by 0x806919F: httpServerFinish (server.c:1335) ==758== by 0x806BAC7: httpServerHandlerHeaders (server.c:2290) ==758== by 0x806A5A0: httpServerReplyHandler (server.c:1816) ==758== ==758== Invalid write of size 4 ==758== at 0x804D67D: do_scheduled_stream (io.c:280) ==758== by 0x804CA0A: eventLoop (event.c:713) ==758== by 0x8059DED: main (main.c:165) ==758== Address 0x6c57b30 is 8 bytes inside a block of size 88 free'd ==758== at 0x4023B6A: free (vg_replace_malloc.c:366) ==758== by 0x80690D3: httpServerFinish (server.c:1313) ==758== by 0x8069587: httpServerRestart (server.c:1459) ==758== by 0x806A282: httpServerHandler (server.c:1740) ==758== by 0x804DA86: do_scheduled_stream (io.c:369) ==758== by 0x804D39B: schedule_stream (io.c:205) ==758== by 0x804CE24: do_stream (io.c:69) ==758== by 0x806A422: httpServerSendRequest (server.c:1781) ==758== by 0x8067E11: httpServerTrigger (server.c:872) ==758== by 0x806919F: httpServerFinish (server.c:1335) ==758== by 0x806BAC7: httpServerHandlerHeaders (server.c:2290) ==758== by 0x806A5A0: httpServerReplyHandler (server.c:1816) ==758== ==758== Invalid read of size 4 ==758== at 0x804D67F: do_scheduled_stream (io.c:280) ==758== by 0x804CA0A: eventLoop (event.c:713) ==758== by 0x8059DED: main (main.c:165) ==758== Address 0x6c57b30 is 8 bytes inside a block of size 88 free'd ==758== at 0x4023B6A: free (vg_replace_malloc.c:366) ==758== by 0x80690D3: httpServerFinish (server.c:1313) ==758== by 0x8069587: httpServerRestart (server.c:1459) ==758== by 0x806A282: httpServerHandler (server.c:1740) ==758== by 0x804DA86: do_scheduled_stream (io.c:369) ==758== by 0x804D39B: schedule_stream (io.c:205) ==758== by 0x804CE24: do_stream (io.c:69) ==758== by 0x806A422: httpServerSendRequest (server.c:1781) ==758== by 0x8067E11: httpServerTrigger (server.c:872) ==758== by 0x806919F: httpServerFinish (server.c:1335) ==758== by 0x806BAC7: httpServerHandlerHeaders (server.c:2290) ==758== by 0x806A5A0: httpServerReplyHandler (server.c:1816) ==758== Invalid read of size 4 ==758== at 0x806A442: httpServerReplyHandler (server.c:1793) ==758== by 0x804DA4C: do_scheduled_stream (io.c:366) ==758== by 0x804CA0A: eventLoop (event.c:713) ==758== by 0x8059DED: main (main.c:165) ==758== Address 0x6c57b3c is 20 bytes inside a block of size 88 free'd ==758== at 0x4023B6A: free (vg_replace_malloc.c:366) ==758== by 0x80690D3: httpServerFinish (server.c:1313) ==758== by 0x8069587: httpServerRestart (server.c:1459) ==758== by 0x806A282: httpServerHandler (server.c:1740) ==758== by 0x804DA86: do_scheduled_stream (io.c:369) ==758== by 0x804D39B: schedule_stream (io.c:205) ==758== by 0x804CE24: do_stream (io.c:69) ==758== by 0x806A422: httpServerSendRequest (server.c:1781) ==758== by 0x8067E11: httpServerTrigger (server.c:872) ==758== by 0x806919F: httpServerFinish (server.c:1335) ==758== by 0x806BAC7: httpServerHandlerHeaders (server.c:2290) ==758== by 0x806A5A0: httpServerReplyHandler (server.c:1816) ==758== ==758== Invalid read of size 4 ==758== at 0x806A44B: httpServerReplyHandler (server.c:1796) ==758== by 0x804DA4C: do_scheduled_stream (io.c:366) ==758== by 0x804CA0A: eventLoop (event.c:713) ==758== by 0x8059DED: main (main.c:165) ==758== Address 0x6c57b28 is 0 bytes inside a block of size 88 free'd ==758== at 0x4023B6A: free (vg_replace_malloc.c:366) ==758== by 0x80690D3: httpServerFinish (server.c:1313) ==758== by 0x8069587: httpServerRestart (server.c:1459) ==758== by 0x806A282: httpServerHandler (server.c:1740) ==758== by 0x804DA86: do_scheduled_stream (io.c:369) ==758== by 0x804D39B: schedule_stream (io.c:205) ==758== by 0x804CE24: do_stream (io.c:69) ==758== by 0x806A422: httpServerSendRequest (server.c:1781) ==758== by 0x8067E11: httpServerTrigger (server.c:872) ==758== by 0x806919F: httpServerFinish (server.c:1335) ==758== by 0x806BAC7: httpServerHandlerHeaders (server.c:2290) ==758== by 0x806A5A0: httpServerReplyHandler (server.c:1816) ==758== ==758== Invalid read of size 4 ==758== at 0x806A466: httpServerReplyHandler (server.c:1798) ==758== by 0x804DA4C: do_scheduled_stream (io.c:366) ==758== by 0x804CA0A: eventLoop (event.c:713) ==758== by 0x8059DED: main (main.c:165) ==758== Address 0x8 is not stack'd, malloc'd or (recently) free'd ==758== ==758== ==758== Process terminating with default action of signal 11 (SIGSEGV): dumping core ==758== Access not within mapped region at address 0x8 ==758== at 0x806A466: httpServerReplyHandler (server.c:1798) ==758== by 0x804DA4C: do_scheduled_stream (io.c:366) ==758== by 0x804CA0A: eventLoop (event.c:713) ==758== by 0x8059DED: main (main.c:165) It looks something gets free wrongly or at least thats how I see it. -- Robert Milasan L3 Support Engineer SUSE Linux (http://www.suse.com) email: [email protected] GPG fingerprint: B6FE F4A8 0FA3 3040 3402 6FE7 2F64 167C 1909 6D1A ------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. ON SALE this month only -- learn more at: http://p.sf.net/sfu/learnnow-d2d _______________________________________________ Polipo-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/polipo-users
