Segfault in NGINX - testcase
Maxim Dounin
mdounin at mdounin.ru
Sat Mar 20 23:30:28 MSK 2010
Hello!
On Sat, Mar 20, 2010 at 04:43:56AM -0400, double wrote:
> Hello,
>
> The root node of the nginx-rbtree is *always* NULL, because
> "ngx_rbtree_insert()" provides that feature. Only if the rbtree
> has 2 elements and you delete the root node, then "parent" of the
> root-node points to the deleted element. Why not fixing it?
As you already pointed out, there is at least one place where
root->parent becomes non-NULL (and I'm not sure it's the only
place where it happens). And this doesn't cause any harm as nginx
doesn't assume it should be NULL.
While I tend to think that it's good idea to keep it NULL at least
with NGX_DEBUG defined (to simplify debugging) - there is no bug
here. The bug is in your tree traversal code which tries to use
assumption that root->parent == NULL. And even if your patch will
be applied (it's up to Igor anyway) - your tree traversal code
should be fixed if you are planning to use it somewhere in
production.
Maxim Dounin
More information about the nginx
mailing list