This macro in axis_env.h is not going to work if env is NULL:
#define AXIS2_ENV_CHECK(env, error_return) \if(!env || !(*env)) \ !!!!!!!!!!BAD!!!!!!!!!!!!!!!
{ \
axis2_allocator_t *allocator = axis2_allocator_init (NULL); \
*env = axis2_env_create (allocator); \
AXIS2_ERROR_SET_STATUS_CODE((*env)->error, AXIS2_CRTICAL_FAILURE); \
AXIS2_ERROR_SET_ERROR_NUMBER((*env)->error, \
AXIS2_ERROR_ENVIRONMENT_IS_NULL); \
return error_return; \
} \
else \
{ \
AXIS2_ERROR_SET_STATUS_CODE((*env)->error, AXIS2_SUCCESS); \
}
Something like...
#define AXIS2_ENV_CHECK(env, error_return) \
if(!env)\
{\
/* need some sort of major failure here - cannot return or set an error*/ \
printf("CheckEnv found a NULL environment \n");
exit (0); \
}\
else if (
!(*env)) \{ \
axis2_allocator_t *allocator = axis2_allocator_init (NULL); \
*env = axis2_env_create (allocator); \
AXIS2_ERROR_SET_STATUS_CODE((*env)->error, AXIS2_CRTICAL_FAILURE); \
AXIS2_ERROR_SET_ERROR_NUMBER((*env)->error, \
AXIS2_ERROR_ENVIRONMENT_IS_NULL); \
return error_return; \
} \
else \
{ \
AXIS2_ERROR_SET_STATUS_CODE((*env)->error, AXIS2_SUCCESS); \
}
Also - how did the env get to be NULL from expand array - should it be the current environment instead?...
static void
expand_array (axis2_hash_t * ht)
{
axis2_hash_index_t *hi;
axis2_hash_entry_t **new_array;
unsigned int new_max;
new_max = ht->max * 2 + 1;
new_array = alloc_array (ht, new_max);
for (hi = axis2_hash_first (ht, ht->environment /* NULL */ ); hi;
hi = axis2_hash_next (/* NULL */ ht->environment, hi))
{
unsigned int i = hi->this->hash & new_max;
hi->this->next = new_array[i];
new_array[i] = hi->this;
}
ht->array = new_array;
ht->max = new_max;
}
axis2_hash_t crashes while resizing
-----------------------------------
Key: AXIS2C-66
URL: http://issues.apache.org/jira/browse/AXIS2C-66
Project: Axis2-C
Type: Bug
Components: util
Versions: Current (Nightly)
Environment: Linux/Windows
Reporter: Sahan Gamage
When server started and echo request is sent 16 times consecutively server seg faults.
I suspect this is because hash's expand_array(). hash's array's default size is 16. When this limit
exceeds segfault happens.
see below
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1208883520 (LWP 5580)]
0x0061e736 in axis2_hash_first (ht=0x9857ee8, environment=0x0) at hash.c :144
144 AXIS2_ENV_CHECK(environment, NULL);
(gdb) bt
#0 0x0061e736 in axis2_hash_first (ht=0x9857ee8, environment=0x0) at hash.c:144
#1 0x0061e897 in expand_array (ht=0x9857ee8) at hash.c:183
#2 0x0061edbe in axis2_hash_set (ht=0x9857ee8, key=0x98e1310, klen=4294967295, val=0x98e6840) at hash.c:380
#3 0x00750350 in axis2_conf_ctx_register_svc_grp_ctx (conf_ctx=0x9858648, env=0xbf8459f8,
svc_grp_id=0x98e1310 "675a9c58-9956-1da1-24a0-0014380ce4a9", svc_grp_ctx=0x98e6840) at conf_ctx.c:303
#4 0x00751181 in axis2_conf_ctx_fill_ctxs (conf_ctx=0x9858648, env=0xbf8459f8, msg_ctx=0x98d8330) at conf_ctx.c:539
#5 0x00135e12 in axis2_ctx_handler_invoke (handler=0x9822328, env=0xbf8459f8, msg_ctx=0x98d8330) at ctx_handler.c:144
#6 0x0012e284 in axis2_phase_invoke (phase=0x98216b8, env=0xbf8459f8, msg_ctx=0x98d8330) at phase.c:238
#7 0x00137c7a in axis2_engine_invoke_phases (engine=0x98e5d48, env=0xbf8459f8, phases=0x9804800, msg_ctx=0x98d8330)
at engine.c:665
#8 0x001369e7 in axis2_engine_receive (engine=0x98e5d48, env=0xbf8459f8, msg_ctx=0x98d8330) at engine.c:290
#9 0x00115feb in axis2_http_transport_utils_process_http_post_request (env=0xbf8459f8, msg_ctx=0x98d8330,
in_stream=0x9852b40, out_stream=0x98d82a0, content_type=0x98e1c20 "application/soap+xml", content_length=299,
soap_action_header=0x98cf660 "", request_uri=0x98e0b78 "axis2/services/echo/echo") at http_transport_utils.c:306
#10 0x00114a79 in axis2_http_worker_process_request (http_worker=0x9859da8, env=0xbf8459f8, svr_conn=0x9859dc8,
simple_request=0x98e1c70) at http_worker.c:286
#11 0x00fe1966 in axis2_http_svr_thread_run (svr_thread=0x98599f8, env=0xbf8459f8) at http_svr_thread.c:183
#12 0x00fe2816 in axis2_http_server_start (server=0x9804248, env=0xbf8459f8) at http_server.c:190
#13 0x08048e56 in main (argc=1, argv=0xbf845aa4) at http_server_main.c:133
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
