Gareth McCaughan <gareth.mccaughan@pobox.com> writes:
> #0 0x284b77f8 in vfprintf () from /usr/lib/libc.so.4
> (gdb) backtrace
> #0 0x284b77f8 in vfprintf () from /usr/lib/libc.so.4
> #1 0x28481e24 in vsnprintf () from /usr/lib/libc.so.4
> #2 0x282e5a81 in ne_set_error () from /usr/local/lib/libneon.so.23
> #3 0x282edbc0 in gz_reader () from /usr/local/lib/libneon.so.23
> #4 0x282e4568 in ne_read_response_block () from /usr/local/lib/libneon.so.23
> #5 0x282e5293 in ne_request_dispatch () from /usr/local/lib/libneon.so.23
> #6 0x280f371a in svn_ra_dav__request_dispatch (code=0xbfbff4fc,
> request=0x8078800, session=0x8066800, method=0x280f402c "GET",
> url=0x28028b88
> "/repos/svn/!svn/bc/6365/branches/fs-schema-changes/www/project_license.html",
> okay_1=200, okay_2=226, pool=0x8079018)
> at subversion/libsvn_ra_dav/util.c:454
[...]
> I haven't checked whether the segfault is reproducible; so it's conceivable
> that dodgy hardware could be at fault. I don't have any strong reason
> to believe that my hardware *is* dodgy, though.
>
> My libneon wasn't built with debugging turned on, but apparently
> Subversion was. "info locals" in frame #6 says:
>
> error_parser = (ne_xml_parser *) 0x80a8000
> rv = 672088108
> msg = 0x0
> err = (svn_error_t *) 0x0
This all looks fine. rv is set when svn_ra_dav__request_dispatch()
returns (and isn't initialized previously). The other vars are fine,
too.
ne_set_error() is used all over the Neon library in exactly the same
way. The only one in your stack that at a glance I can't feel
comfortable about is here:
In ne_compress.c:gz_reader()
[...]
case NE_Z_BEFORE_DATA:
/* work out whether this is a compressed response or not. */
if (ctx->enchdr && strcasecmp(ctx->enchdr, "gzip") == 0) {
NE_DEBUG(NE_DBG_HTTP, "compress: got gzipped stream.\n");
/* This is the magic bit: using plain inflateInit()
* doesn't work, and this does, but I have no idea why..
* Google showed me the way. */
if (inflateInit2(&ctx->zstr, -MAX_WBITS) != Z_OK) {
ne_set_error(ctx->session, ctx->zstr.msg);
ctx->state = NE_Z_ERROR;
return;
}
ctx->zstrinit = 1;
[...]
Other neon code does stuff like:
ctx->zstr.msg?ctx->zstr.msg:"(no message)"
to make sure that it isn't dereferencing a NULL pointer. Perhaps this
code should be doing the same thing, and perhaps the fact that it
isn't is what has caused your segfault.
Joe Orton: thoughts?
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Jun 28 11:13:09 2003