axis-c-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ivan Pechorin (JIRA)" <j...@apache.org>
Subject [jira] Created: (AXIS2C-1499) double-freeing in axis2_http_worker_process_request()
Date Sat, 30 Oct 2010 20:45:19 GMT
double-freeing in axis2_http_worker_process_request()
-----------------------------------------------------

                 Key: AXIS2C-1499
                 URL: https://issues.apache.org/jira/browse/AXIS2C-1499
             Project: Axis2-C
          Issue Type: Bug
          Components: core/transport
    Affects Versions: 1.7.0
         Environment: Windows 7, Visual Studio 2010, 32-bit build
            Reporter: Ivan Pechorin


It seems like change from svn revision #961258 (a fix for https://issues.apache.org/jira/browse/AXIS2C-1472),
results in double-freeing of freed memory. I hit it every time when processing a request with
wrong URI (such as request to non-existent or misspelled service). 

The first time is when we free fault_ctx->soap_envelope (thanks to this patch), here is
the call stack: 

>	axiom.dll!axiom_soap_envelope_free(axiom_soap_envelope * soap_envelope=0x03a51020, const
axutil_env * env=0x03a48478) Line 155	C 
 	axis2_engine.dll!axis2_msg_ctx_free(axis2_msg_ctx * msg_ctx=0x03a52de0, const axutil_env
* env=0x03a48478) 
msg_ctx.c:426 
 	axis2_engine.dll!axis2_http_worker_process_request(axis2_http_worker * http_worker=0x03a47700,
const axutil_env * env=0x03a48478, axis2_simple_http_svr_conn * svr_conn=0x03a484d0, axis2_http_simple_request
* simple_request=0x03a48580) 
http_worker.c:1076 
 	axis2_http_receiver.dll!axis2_svr_thread_worker_func(axutil_thread_t * thd=0x03a48130, void
* data=0x03a480e0) Line 270 + 0x15 bytes	C 
 	axutil.dll!dummy_worker(void * opaque=0x03a48130) Line 88	C 


The second time we free the same soap envelope as msg_ctx->fault_soap_envelope when called
from http_worker.c, line 1830: 

else 
{ 
/* cases like HEAD, WSDL */ 
axis2_msg_ctx_free(msg_ctx, env); 
} 

Here is the corresponding call stack: 

>	axiom.dll!axiom_soap_envelope_free(axiom_soap_envelope * soap_envelope=0x03a51020, const
axutil_env * env=0x03a48478) Line 155	C 
 	axis2_engine.dll!axis2_msg_ctx_free(axis2_msg_ctx * msg_ctx=0x03a49e78, const axutil_env
* env=0x03a48478) Line 434	C 
msg_ctx.c:431 
 	axis2_engine.dll!axis2_http_worker_process_request(axis2_http_worker * http_worker=0x03a47700,
const axutil_env * env=0x03a48478, axis2_simple_http_svr_conn * svr_conn=0x03a484d0, axis2_http_simple_request
* simple_request=0x03a48580) Line 1833	C 
http_worker.cpp:1830 
 	axis2_http_receiver.dll!axis2_svr_thread_worker_func(axutil_thread_t * thd=0x03a48130, void
* data=0x03a480e0) Line 270 + 0x15 bytes	C 
 	axutil.dll!dummy_worker(void * opaque=0x03a48130) Line 88	C 


I had to revert this particular change from revision #961258 in my working copy. And there
are no problems with double freeing anymore after reverting. 

Details of my platform: 
 - compiler: Visual C++ 2010, 32-bit release build 
 - OS: Windows 7 64-bit 

P.S. If there is such need, I'll try to reproduce the problem on other platforms, such as
Linux, Solaris or HP-UX.


-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: c-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: c-dev-help@axis.apache.org


Mime
View raw message