On Wed, Sep 23, 2015 at 2:33 PM, Plüm, Rüdiger, Vodafone Group
<[email protected]> wrote:
>
>> -----Original Message-----
>> From: Steffen [mailto:[email protected]]
>> Sent: Mittwoch, 23. September 2015 14:28
>> To: [email protected]
>> Subject: Re: 2.4.17-dev crash libapr-1.dll
>>
>> > mod_security2.so!00007ff9e6bb1d07() Unknown
>
> We could now easily blame mod_security2 on this and case closed :-p.
> But maybe mod_security2 gets wrong data from httpd due to a change there
> that causes this crash. So it would be handy to know where in mod_security
> this crashes and if this is related to data it just forwards from httpd.
Indeed.
>> >
>> > Unhandled exception at 0x000000006DEEAE8D (libapr-1.dll) in memory.hdmp:
>> > 0xC0000005: Access violation writing location 0x0000000000000008.
>> >
>> > Call Stack Frame apr_palloc:
>> >
>> >>libapr-1.dll!apr_palloc(apr_pool_t * pool, unsigned __int64 in_size)
>> Line
>> >> 693
>> >
>> > libapr-1.dll!apr_pstrdup(apr_pool_t * a, const char * s) Line 78
>> >
>> > +active 0x00000011ce3291e0 {next=0x00000011ce3251c0
>> > {next=0x0000000000000000 <NULL> ref=0x00000011ce3211a0 {...} ...} ...}
>> > apr_memnode_t *
>> >
>> > +active->next 0x00000011ce3251c0 {next=0x0000000000000000 <NULL>
>> > ref=0x00000011ce3211a0 {0x0000000000000000 <NULL>} ...} apr_memnode_t *
>> >
>> > +node 0x00000011ce3251c0 {next=0x0000000000000000 <NULL>
>> > ref=0x00000011ce3211a0 {0x0000000000000000 <NULL>} ...} apr_memnode_t *
>> > size 64 unsigned __int64
>> >
>> > Next statement that will be executed:
>> > node = active->next;
>> > if (size <= node_free_space(node)) {
>> > ==> list_remove(node);
I'm puzzled about how node->next (ie. pool->active->next->next) can be
NULL, this is supposed to be a ring (AFAICT)...
The other pointers don't seem to be corrupted.
