[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Subversion 1.4.0 crashes in libapr.dll on Windows

From: Garrett Rooney <rooneg_at_electricjellyfish.net>
Date: 2006-10-27 16:04:15 CEST

On 10/26/06, Kenneth Porter <shiva@sewingwitch.com> wrote:
> --On Tuesday, October 10, 2006 7:06 PM -0600 "D.J. Heap" <djheap@gmail.com>
> wrote:
>
> > Has this been recreated with a trunk build? I provided a trunk build
> > to the first reporter (I think that is who it was) and they said it
> > started working fine. Maybe we just need to identify a fix to
> > backport.
> >
> > I haven't been able to get far with the minidumps. We really need to
> > reproduce it or have someone who can be willing to debug it
> > themselves.
>
> I just encountered it again on an svn import. I let VS2005 load it for
> post-mortem. I grabbed the 1.4.0 source zips and pointed the debugger at
> those. It has a little trouble lining up the symbols but I think I see
> what's happening from looking at the disassembly and the structure
> definitions.
>
> In this case the failure happens after the commit has completed and when
> the committed message is about to be sent to stdout.
>
> Around line 242 of apr_hash.c is this loop:
>
> for (hep = &ht->array[hash & ht->max], he = *hep;
> he; hep = &he->next, he = *hep) {
> if (he->hash == hash
> && he->klen == klen
> && memcmp(he->key, key, klen) == 0)
> break;
> }
>
> The failure occurs in the memcmp (which is inlined with a REPE CMPS).
> he->key (0xFAD6B8) is pointing to non-existent memory. It seems to be
> pointing to just after the hash entry memory. (he is 0xFAB8D0.) The rest of
> the hash entry looks sane (has correct hash value and key length). I'm
> wondering if the key was prematurely freed and the page was released.
>
> I also chased the next pointer and looked at its key, and it has the same
> issue. So the block holding the keys for this table seems to have been
> released from VM.

Could you possibly get a backtrace? The fact that the error occurs in
the apr hash code is interesting, but in order for that information to
be really useful we'd need to know which hash it's talking about, what
is going on when it gets to this point, etc.

-garrett

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Oct 27 16:04:40 2006

This is an archived mail posted to the Subversion Dev mailing list.