From bab3ee566c883ac88df369ec32df0c9100f97343 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Tue, 26 Jan 2010 16:54:35 +0100 Subject: bugfix: queues in direct mode could case a segfault,... especially if an action failed for action queues. The issue was an invalid increment of a stack-based pointer which lead to destruction of the stack frame and thus a segfault on function return. Thanks to Michael Biebl for alerting us on this problem. --- ChangeLog | 5 +++++ action.c | 6 +++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index f667b1f3..9f8c4a25 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,6 +4,11 @@ Version 5.5.2 [DEVEL] (rgerhards), 2009-11-?? under some circumstances (this smells like a gcc problem, but a simple solution was available). Thanks to Kenneth Marshall for some advice. - extended testbench +- bugfix: queues in direct mode could case a segfault, especially if an + action failed for action queues. The issue was an invalid increment of + a stack-based pointer which lead to destruction of the stack frame and + thus a segfault on function return. + Thanks to Michael Biebl for alerting us on this problem. - bugfix: hostname accidently set to IP address for some message sources, for example imudp. Thanks to Anton for reporting this bug. [imported v4] - bugfix: ompgsql had problems with transaction support, what actually diff --git a/action.c b/action.c index b3600e4f..e9d0def4 100644 --- a/action.c +++ b/action.c @@ -901,7 +901,6 @@ submitBatch(action_t *pAction, batch_t *pBatch, int nElem, int *pbShutdownImmedi bDone = 0; do { localRet = tryDoAction(pAction, pBatch, &nElem, pbShutdownImmediate); -dbgprintf("submitBatch: state of tryDoAction %d\n", localRet); if(localRet == RS_RET_FORCE_TERM) FINALIZE; if( localRet == RS_RET_OK @@ -925,12 +924,13 @@ dbgprintf("submitBatch: state of tryDoAction %d\n", localRet); } else if(localRet == RS_RET_ACTION_FAILED) { /* in this case, the whole batch can not be processed */ for(i = 0 ; i < nElem ; ++i) { - pBatch->pElem[++pBatch->iDoneUpTo].state = BATCH_STATE_BAD; + pBatch->pElem[pBatch->iDoneUpTo++].state = BATCH_STATE_BAD; } bDone = 1; } else { if(nElem == 1) { - pBatch->pElem[++pBatch->iDoneUpTo].state = BATCH_STATE_BAD; + pBatch->pElem[pBatch->iDoneUpTo++].state = BATCH_STATE_BAD; +// TODO: This is a mark, remove when no longer needed - Here was the bug, postincrement needs to be used, not preinc bDone = 1; } else { /* retry with half as much. Depth is log_2 batchsize, so recursion is not too deep */ -- cgit v1.2.3