[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: segfault in svn_client_cleanup()

From: Ivan Zhakov <chemodax_at_gmail.com>
Date: 2007-09-04 21:04:50 CEST

On 9/4/07, Stefan KŁng <tortoisesvn@gmail.com> wrote:
> Hi,
>
> During a cleanup where a working copy got messed up, TSVN crashed.
> Unfortunately, I'm not able to reproduce this. But I got a callstack of
> the crash from the user who has the problem:
>
>
> TortoiseProc.exe!convert_wcprops(svn_stringbuf_t *
> log_accum=0x01cefd08, svn_wc_adm_access_t * adm_access=0x01cd08e0,
> apr_pool_t * pool=0x01ce6c48) Line 190 C
> TortoiseProc.exe!maybe_upgrade_format(svn_wc_adm_access_t *
> adm_access=0x01cd08e0, apr_pool_t * pool=0x01ce6c48) Line 267 + 0x11
> bytes C
> TortoiseProc.exe!svn_wc__adm_steal_write_lock(svn_wc_adm_access_t *
> * adm_access=0x000fe040, svn_wc_adm_access_t * associated=0x00000000,
> const char * path=0x01cbb428, apr_pool_t * pool=0x01ce6c48) Line 531 +
> 0xd bytes C
> TortoiseProc.exe!svn_wc_cleanup2(const char * path=0x01cbb428,
> const char * diff3_cmd=0x00000000, svn_error_t * (void *)*
> cancel_func=0x0072cb73, void * cancel_baton=0x00126ee8, apr_pool_t *
> pool=0x01ce6c48) Line 2514 + 0x13 bytes C
> TortoiseProc.exe!svn_client_cleanup(const char * dir=0x01cbb428,
> svn_client_ctx_t * ctx=0x01cd8950, apr_pool_t * pool=0x01ce6c48) Line
> 52 + 0x1f bytes C
>
> The segault happens because the second argument in svn_path_join() is
> invalid.
> I've checked the code, and I have a little difficulties understanding
> the following code:
> libsvn_wc/lock.c, function convert_wcprops()
>
> for (hi = apr_hash_first(pool, entries); hi; hi = apr_hash_next(hi))
> {
> void *val;
> const svn_wc_entry_t *entry;
> apr_hash_t *wcprops;
> apr_hash_index_t *hj;
> const char *full_path
> = svn_path_join(svn_wc_adm_access_path(adm_access), entry->name,
> pool);
>
>
> This is the svn_path_join() that segaults in the stack trace above. But
> how can 'entry->name' even be valid? The 'entry' itself isn't set to
> anything valid until *after* svn_path_join() is called.
>
> Stefan
>
> P.S. sorry for the html-mail, but the text-mail doesn't show the
> stacktrace nicely because of the splitted lines.
>
Hi Stefan,

I've fixed this bug in r26441 today morning.

-- 
Ivan Zhakov
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Sep 4 21:01:45 2007

This is an archived mail posted to the Subversion Dev mailing list.