[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn list broken

From: Philip Martin <philip.martin_at_wandisco.com>
Date: Thu, 06 Mar 2014 18:56:29 +0000

Stefan Kueng <tortoisesvn_at_gmail.com> writes:

> svn list -v https://svn.apache.org/repos/asf/subversion/trunk
>
> shows a lot of garbage in the author column.
>
> Also linked with:
> apr 1.5.0
> apr-util 1.5.3
> serf 1.3.3
> OpenSSL 1.0.1f 6 Jan 2014
> zlib 1.2.8
>
> in case that's relevant.
>
> I think this was introduced a while ago, I noticed it today when I was
> using a TSVN nightly build, but I was using a nightly build from last
> week.

I see a huge number of valgrind warnings. Starts with a number of these:

==26601== Conditional jump or move depends on uninitialised value(s)
==26601== at 0x402DACF: memchr (mc_replace_strmem.c:762)
==26601== by 0x66E6683: serf_util_readline (buckets.c:253)
==26601== by 0x66E6A34: serf_databuf_readline (buckets.c:398)
==26601== by 0x66EF459: serf_ssl_readline (ssl_buckets.c:1754)
==26601== by 0x66E6084: serf_barrier_readline (barrier_buckets.c:65)
==26601== by 0x66E6BF9: serf_linebuf_fetch (buckets.c:501)
==26601== by 0x66EB241: fetch_line (response_buckets.c:122)
==26601== by 0x66EB51A: run_machine (response_buckets.c:219)
==26601== by 0x66EB9AD: serf_bucket_response_status (response_buckets.c:383)
==26601== by 0x66EFA2C: serf__handle_auth_response (auth.c:329)
==26601== by 0x66E3943: handle_response (outgoing.c:919)
==26601== by 0x66E3D02: read_from_connection (outgoing.c:1126)
==26601== by 0x66E3F23: serf__process_connection (outgoing.c:1247)
==26601== by 0x66E1A80: serf_event_trigger (context.c:226)
==26601== by 0x66E1C03: serf_context_run (context.c:300)
==26601== by 0x5239B02: svn_ra_serf__context_run (util.c:855)
==26601== by 0x5239D5F: svn_ra_serf__context_run_wait (util.c:926)
==26601== by 0x5239E21: svn_ra_serf__context_run_one (util.c:950)
==26601== by 0x5229494: svn_ra_serf__exchange_capabilities (options.c:491)
==26601== by 0x522F297: svn_ra_serf__open (serf.c:587)
==26601== by 0x41BE52E: svn_ra_open4 (ra_loader.c:481)
==26601== by 0x40A5A3D: svn_client__open_ra_session_internal (ra.c:417)
==26601== by 0x40A5F3B: svn_client__ra_session_from_path2 (ra.c:537)
==26601== by 0x40767E5: list_internal (list.c:262)
==26601== by 0x4076FAE: svn_client_list3 (list.c:468)
==26601== by 0x417229: svn_cl__list (list-cmd.c:367)
==26601== by 0x42A297: sub_main (svn.c:2942)
==26601== by 0x42A57C: main (svn.c:3028)

then some of these:

==26601== Conditional jump or move depends on uninitialised value(s)
==26601== at 0x4B89109: apr_date_checkmask (apr_date.c:90)
==26601== by 0x66EB26B: parse_status_line (response_buckets.c:132)
==26601== by 0x66EB566: run_machine (response_buckets.c:225)
==26601== by 0x66EB9AD: serf_bucket_response_status (response_buckets.c:383)
==26601== by 0x66EFA2C: serf__handle_auth_response (auth.c:329)
==26601== by 0x66E3943: handle_response (outgoing.c:919)
==26601== by 0x66E3D02: read_from_connection (outgoing.c:1126)
==26601== by 0x66E3F23: serf__process_connection (outgoing.c:1247)
==26601== by 0x66E1A80: serf_event_trigger (context.c:226)
==26601== by 0x66E1C03: serf_context_run (context.c:300)
==26601== by 0x5239B02: svn_ra_serf__context_run (util.c:855)
==26601== by 0x5239D5F: svn_ra_serf__context_run_wait (util.c:926)
==26601== by 0x5239E21: svn_ra_serf__context_run_one (util.c:950)
==26601== by 0x5229494: svn_ra_serf__exchange_capabilities (options.c:491)
==26601== by 0x522F297: svn_ra_serf__open (serf.c:587)
==26601== by 0x41BE52E: svn_ra_open4 (ra_loader.c:481)
==26601== by 0x40A5A3D: svn_client__open_ra_session_internal (ra.c:417)
==26601== by 0x40A5F3B: svn_client__ra_session_from_path2 (ra.c:537)
==26601== by 0x40767E5: list_internal (list.c:262)
==26601== by 0x4076FAE: svn_client_list3 (list.c:468)
==26601== by 0x417229: svn_cl__list (list-cmd.c:367)
==26601== by 0x42A297: sub_main (svn.c:2942)
==26601== by 0x42A57C: main (svn.c:3028)

and these:

==26601== Use of uninitialised value of size 8
==26601== at 0x4E27EF0: ____strtol_l_internal (strtol_l.c:298)
==26601== by 0x4BACF40: apr_strtoi64 (apr_strings.c:249)
==26601== by 0x66EB2CB: parse_status_line (response_buckets.c:140)
==26601== by 0x66EB566: run_machine (response_buckets.c:225)
==26601== by 0x66EB9AD: serf_bucket_response_status (response_buckets.c:383)
==26601== by 0x66EFA2C: serf__handle_auth_response (auth.c:329)
==26601== by 0x66E3943: handle_response (outgoing.c:919)
==26601== by 0x66E3D02: read_from_connection (outgoing.c:1126)
==26601== by 0x66E3F23: serf__process_connection (outgoing.c:1247)
==26601== by 0x66E1A80: serf_event_trigger (context.c:226)
==26601== by 0x66E1C03: serf_context_run (context.c:300)
==26601== by 0x5239B02: svn_ra_serf__context_run (util.c:855)
==26601== by 0x5239D5F: svn_ra_serf__context_run_wait (util.c:926)
==26601== by 0x5239E21: svn_ra_serf__context_run_one (util.c:950)
==26601== by 0x5229494: svn_ra_serf__exchange_capabilities (options.c:491)
==26601== by 0x522F297: svn_ra_serf__open (serf.c:587)
==26601== by 0x41BE52E: svn_ra_open4 (ra_loader.c:481)
==26601== by 0x40A5A3D: svn_client__open_ra_session_internal (ra.c:417)
==26601== by 0x40A5F3B: svn_client__ra_session_from_path2 (ra.c:537)
==26601== by 0x40767E5: list_internal (list.c:262)
==26601== by 0x4076FAE: svn_client_list3 (list.c:468)
==26601== by 0x417229: svn_cl__list (list-cmd.c:367)
==26601== by 0x42A297: sub_main (svn.c:2942)
==26601== by 0x42A57C: main (svn.c:3028)
==26601==

Another bug is talking http on https port:

$ svn ls http://svn.apache.org:443/repos/asf/subversion
SEGV

==26620== Invalid read of size 8
==26620== at 0x523BC1E: handler_cleanup (util.c:1878)
==26620== by 0x4BBA3C2: run_cleanups (apr_pools.c:2352)
==26620== by 0x4BB912A: pool_clear_debug (apr_pools.c:1553)
==26620== by 0x4BB934D: pool_destroy_debug (apr_pools.c:1638)
==26620== by 0x4BB910D: pool_clear_debug (apr_pools.c:1550)
==26620== by 0x4BB934D: pool_destroy_debug (apr_pools.c:1638)
==26620== by 0x4BB910D: pool_clear_debug (apr_pools.c:1550)
==26620== by 0x4BB934D: pool_destroy_debug (apr_pools.c:1638)
==26620== by 0x4BB9436: apr_pool_destroy_debug (apr_pools.c:1680)
==26620== by 0x42A5E1: main (svn.c:3040)
==26620== Address 0x80bf1d0 is 0 bytes inside a block of size 56 free'd
==26620== at 0x402AF4C: free (vg_replace_malloc.c:468)
==26620== by 0x4BB91F9: pool_clear_debug (apr_pools.c:1576)
==26620== by 0x4BB934D: pool_destroy_debug (apr_pools.c:1638)
==26620== by 0x4BB910D: pool_clear_debug (apr_pools.c:1550)
==26620== by 0x4BB934D: pool_destroy_debug (apr_pools.c:1638)
==26620== by 0x4BB910D: pool_clear_debug (apr_pools.c:1550)
==26620== by 0x4BB934D: pool_destroy_debug (apr_pools.c:1638)
==26620== by 0x4BB910D: pool_clear_debug (apr_pools.c:1550)
==26620== by 0x4BB934D: pool_destroy_debug (apr_pools.c:1638)
==26620== by 0x4BB9436: apr_pool_destroy_debug (apr_pools.c:1680)
==26620== by 0x42A5E1: main (svn.c:3040)
==26620==
==26620== Invalid read of size 8
==26620== at 0x66E2F27: reset_connection (outgoing.c:563)
==26620== by 0x66E43DA: serf_connection_reset (outgoing.c:1421)
==26620== by 0x523BC28: handler_cleanup (util.c:1878)
==26620== by 0x4BBA3C2: run_cleanups (apr_pools.c:2352)
==26620== by 0x4BB912A: pool_clear_debug (apr_pools.c:1553)
==26620== by 0x4BB934D: pool_destroy_debug (apr_pools.c:1638)
==26620== by 0x4BB910D: pool_clear_debug (apr_pools.c:1550)
==26620== by 0x4BB934D: pool_destroy_debug (apr_pools.c:1638)
==26620== by 0x4BB910D: pool_clear_debug (apr_pools.c:1550)
==26620== by 0x4BB934D: pool_destroy_debug (apr_pools.c:1638)
==26620== by 0x4BB9436: apr_pool_destroy_debug (apr_pools.c:1680)
==26620== by 0x42A5E1: main (svn.c:3040)
==26620== Address 0x4141414141414141 is not stack'd, malloc'd or (recently) free'd
==26620==
==26620==
==26620== Process terminating with default action of signal 11 (SIGSEGV)
==26620== General Protection Fault
==26620== at 0x66E2F27: reset_connection (outgoing.c:563)
==26620== by 0x66E43DA: serf_connection_reset (outgoing.c:1421)
==26620== by 0x523BC28: handler_cleanup (util.c:1878)
==26620== by 0x4BBA3C2: run_cleanups (apr_pools.c:2352)
==26620== by 0x4BB912A: pool_clear_debug (apr_pools.c:1553)
==26620== by 0x4BB934D: pool_destroy_debug (apr_pools.c:1638)
==26620== by 0x4BB910D: pool_clear_debug (apr_pools.c:1550)
==26620== by 0x4BB934D: pool_destroy_debug (apr_pools.c:1638)
==26620== by 0x4BB910D: pool_clear_debug (apr_pools.c:1550)
==26620== by 0x4BB934D: pool_destroy_debug (apr_pools.c:1638)
==26620== by 0x4BB9436: apr_pool_destroy_debug (apr_pools.c:1680)
==26620== by 0x42A5E1: main (svn.c:3040)
Segmentation fault

-- 
Philip Martin | Subversion Committer
WANdisco // *Non-Stop Data*
Received on 2014-03-06 19:57:15 CET

This is an archived mail posted to the Subversion Dev mailing list.