On Fri, Jun 21, 2013 at 12:30 AM, Greg Stein <gst...@gmail.com> wrote: > On Thu, Jun 20, 2013 at 2:19 PM, Stefan Küng <tortoise...@gmail.com> wrote: >> Hi, >> >> Another crash that's climbing up in the crash report statistics for TSVN. >> Seems to be related to the previously discussed problem with checkouts in >> TSVN. >> >> The stack trace: >> >> BowPad >> >> libsvn_tsvn.dll!svn_ra_serf__credentials_callback(char * * >> username=0xffffffffffffffff, char * * password=0x0000000002ba0210, >> serf_request_t * request=0x0000000002ba0280, void * >> baton=0x0000000002c12588, int code=407, const char * >> authn_type=0x000007fee0bf0b58, const char * realm=0x0000000002c12b60, >> apr_pool_t * pool=0x0000000002bb8258) Line 1789 C > > The 407 code means a proxy authorization is needed. > > The problem in this stack frame is the username address. It clearly > has a problematic value. It should only be about four bytes off from > the password value. > The compiler may optimize the code and dump files doesn't have enough information to find parameters values.
>> libsvn_tsvn.dll!serf__handle_basic_auth(int code=-524813808, serf_request_t >> * request=0x0000000002ba8368, serf_bucket_t * response=0x0000000000000001, >> const char * auth_hdr=0x0000000002bb30be, const char * >> auth_attr=0x0000000002bb30be, void * baton=0x0000000002bac270, apr_pool_t * >> pool=0x0000000002ba0198) Line 89 C > > The code parameter in this traceback is clearly incorrect. It should > be 407, just like what got passed to the callback. > > Either these tracebacks are wonky, or there may be some stack smashing > going on. Stefan? > >>... >> The crash is in libsvn_ra_serf\util.c, Snippet >> svn_ra_serf__credentials_callback, line 1789: >> BowPad *username = apr_pstrdup(pool, session->proxy_username); >> *password = apr_pstrdup(pool, session->proxy_password); > > Was session bad? Or was the proxy_username bad? > I've checked disassembly and it crashes on attempt to read proxy_password from session. Because session pointer is zero, most likely because 'handler' points to freed memory. -- Ivan Zhakov CTO | VisualSVN | http://www.visualsvn.com
