Bugs item #1913465, was opened at 2008-03-13 14:29
Message generated for change (Comment added) made by bogdan_iancu
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=743020&aid=1913465&group_id=139143
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: modules
Group: ver 1.3.x
>Status: Closed
>Resolution: Fixed
Priority: 5
Private: No
Submitted By: Stanislaw Pitucha (viraptor)
Assigned to: Bogdan-Andrei Iancu (bogdan_iancu)
Summary: dialog from db fixes
Initial Comment:
Posted in maillist by mistake - reposting:
(Patch made by / please attribute to Ben Smithurst)
@modules/dialog/dlg_db_handler.c:
#define GET_STR_VALUE(_res, _values, _index, _not_null, _unref)\
do{\
if (VAL_NULL((_values)+ (_index))) { \
if (_not_null) {\
if (_unref) unref_dlg(dlg,1);\
continue; \
} else { \
(_res).s = 0; \
(_res).len = 0; \
}\
} else { \
(_res).s = VAL_STR((_values)+ (_index)).s;\
(_res).len = strlen(VAL_STR((_values)+ (_index)).s);\
} \
}while(0);
I guess that "continue" is supposed to skip processing of dialog in
load_dialog_info_from_db(), but it won't really work, because continue is only
getting out of do{}while() macro loop - it leaves _res uninitialized and
continues processing. Fixed by removing "do" and "while" - GET_STR_VALUE isn't
used in parent "if" so it's safe currently.
Then there's destroy_dlg() @modules/dialog/dlg_hash.c which doesn't handle
dialog timer (if unref_dlg() was ran in previous case) - fixed by adding
remove_dlg_timer(&dlg->tl);
----------------------------------------------------------------------
>Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2008-04-17 16:01
Message:
Logged In: YES
user_id=1275325
Originator: NO
OK - the remaining patch was uploaded on SVN (trunk, 1.3, 1.2)
Thanks and regards,
Bogdan
----------------------------------------------------------------------
Comment By: Ovidiu Sas (osas)
Date: 2008-04-15 17:39
Message:
Logged In: YES
user_id=1395524
Originator: NO
Patch tested ok against #1921630 - dialog: crash in dlg_timer_routine (see
comment from 2008-04-15 10:33).
Thanks and regards,
Ovidiu Sas
----------------------------------------------------------------------
Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2008-04-04 16:07
Message:
Logged In: YES
user_id=1275325
Originator: NO
I see - I will try to review a bit the timer list issue - I tent to agree
that this is somehow related to #1921630.
Thanks and regards,
Bogdan
----------------------------------------------------------------------
Comment By: Stanislaw Pitucha (viraptor)
Date: 2008-03-31 14:20
Message:
Logged In: YES
user_id=598346
Originator: YES
I've just noticed bug #1921630 (dialog: crash in dlg_timer_routine) and
problem with overwriting memory looks rather similar (it was also on
dereferencing ->prev (being 0x0, or 0x8)... while whole structure was
really freed before). We've tracked it down using valgrind - it was the
only problem visible during loading, so it's easy to spot if it happens.
I am not sure though, if it was the same function as bug #1921630 crashing
or something else.
----------------------------------------------------------------------
Comment By: Stanislaw Pitucha (viraptor)
Date: 2008-03-31 14:11
Message:
Logged In: YES
user_id=598346
Originator: YES
Unfortunately I haven't saved database from that time, but patch was
written because openser crashed on startup when loading old dialogs in
db_mode=1 in openser-1.3. After loading and deciding to timeout old
dialogs, it tried to... I'm not sure - call or destroy that timer, even
though dialog didn't exist anymore (caused memory overwrite on malloc
metadata). We've never seen it happening on openser that was already
running.
After forcing remove_dlg_timer on destroying dialog, it started to behave
properly. Also, it was observed only when using same database for 2 openser
servers, but I don't know which one registered the dialog, or if that made
any difference.
----------------------------------------------------------------------
Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2008-03-31 13:26
Message:
Logged In: YES
user_id=1275325
Originator: NO
Hi Stanislaw,
Regarding the destroy_dlg() - I do not see the reason for this. The dialog
is removed from timer before calling the destroy function - or maybe a
missed some case(s) ? :)
Regards,
Bogdan
----------------------------------------------------------------------
Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2008-03-13 14:47
Message:
Logged In: YES
user_id=1275325
Originator: NO
Hi Stanislaw,
I will take a look on this asap.
Regards,
Bogdan
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=743020&aid=1913465&group_id=139143
_______________________________________________
Devel mailing list
Devel@lists.openser.org
http://lists.openser.org/cgi-bin/mailman/listinfo/devel
