[Date Prev][Date Next] [Chronological] [Thread] [Top]
Re: (ITS#3695) [devel]test026-dn segfaults

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#3695) [devel]test026-dn segfaults
From: hyc@symas.com
Date: Fri, 29 Apr 2005 23:09:51 GMT
Tracing this with gdb shows that slap_sl_realloc is causing the slab to 
become misaligned. The code in RE22 correctly maintains alignment, so 
this is a new regression in HEAD/2.3.

quanah@stanford.edu wrote:

>Full_Name: Quanah Gibson-Mount
>Version: HEAD
>OS: Solaris 8
>URL: ftp://ftp.openldap.org/incoming/
>Submission from: (NULL) (171.64.19.82)
>
>
>test026-dn fails in the 4/28 checkout of HEAD I took, with a segfault:
>
>gdb) cont
>Continuing.
>[New LWP 2]
>[New LWP 3]
>
>Program received signal SIGSEGV, Segmentation fault.
>[Switching to LWP 3]
>slap_sl_malloc (size=16, ctx=0x1cbd68) at sl_malloc.c:267
>267                     *new++ = size - sizeof(ber_len_t);
>(gdb) bt
>#0  slap_sl_malloc (size=16, ctx=0x1cbd68) at sl_malloc.c:267
>#1  0x00028198 in get_filter (op=0x1f66f8, ber=0x1f5960, filt=0x1f6734,
>text=0xfdfffd6c) at filter.c:282
>#2  0x000272ec in do_search (op=0x0, rs=0x1f5960) at search.c:138
>
>(gdb) frame 2
>#2  0x000272ec in do_search (op=0x0, rs=0x1f5960) at search.c:138
>138             rs->sr_err = get_filter( op, op->o_ber, &op->ors_filter,
>&rs->sr_text );
>(gdb) l
>138             rs->sr_err = get_filter( op, op->o_ber, &op->ors_filter,
>&rs->sr_text );
>139             if( rs->sr_err != LDAP_SUCCESS ) {
>140                     if( rs->sr_err == SLAPD_DISCONNECT ) {
>141                             rs->sr_err = LDAP_PROTOCOL_ERROR;
>142                             send_ldap_disconnect( op, rs );
>143                             rs->sr_err = SLAPD_DISCONNECT;
>144                     } else {
>145                             send_ldap_result( op, rs );
>146                     }
>147                     goto return_results;
>
>
>(gdb) frame 1
>#1  0x00028198 in get_filter (op=0x1f66f8, ber=0x1f5960, filt=0x1f6734,
>text=0xfdfffd6c) at filter.c:282
>282                     *filt = op->o_tmpalloc( sizeof(f), op->o_tmpmemctx );
>(gdb) l
>277                     f.f_result = SLAPD_COMPARE_UNDEFINED;
>278                     err = LDAP_SUCCESS;
>279             }
>280
>281             if ( err == LDAP_SUCCESS ) {
>282                     *filt = op->o_tmpalloc( sizeof(f), op->o_tmpmemctx );
>283                     **filt = f;
>284             }
>285
>286             Debug( LDAP_DEBUG_FILTER, "end get_filter %d\n", err, 0, 0 );
>
>
>
>
>(gdb) frame 0
>#0  slap_sl_malloc (size=16, ctx=0x1cbd68) at sl_malloc.c:267
>267                     *new++ = size - sizeof(ber_len_t);
>(gdb) l
>262                                     "slap_sl_malloc of %lu bytes failed,
>using ch_malloc\n",
>263                                     (long)size, 0, 0);
>264                             return ch_malloc(size);
>265                     }
>266                     new = sh->sh_last;
>267                     *new++ = size - sizeof(ber_len_t);
>268                     sh->sh_last = (char *) sh->sh_last + size;
>269                     return( (void *)new );
>270             } else {
>271                     size_shift = size - 1;
>
>--Quanah
>
>
>
>
>  
>


-- 
  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support
Prev by Date: Re: (ITS#3612) lm_chain_tail crasher
Index(es):
- Chronological
- Thread