[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#5999) syncprov_op_mod seg. fault
Full_Name: Rein Tollevik
Version: CVS HEAD
OS: Solaris10
URL:
Submission from: (NULL) (81.93.160.250)
Submitted by: rein
Seg. fault seen when running (an extended) test050. Looks to me as if the "mt"
was freed and reused while syncprov_op_mod waited for it to get to the head of
the list.
Rein Tollevik
Basefarm AS
t@5 (l@5) terminated by signal SEGV (no mapping at the fault address)
0xfffffd7ffecb7534: _ceil_mylist_del+0x0024: cmpq
%rdi,0x0000000000000008(%rax)
Current function is ldap_pvt_thread_mutex_unlock
308 return ERRVAL( pthread_mutex_unlock( mutex ) );
(dbx) threads
t@1 a l@1 ?() LWP suspended in __lwp_wait()
t@2 a l@2 slapd_daemon_task() LWP suspended in __pollsys()
t@3 a l@3 ldap_int_thread_pool_wrapper() LWP suspended in
__fdsync()
t@4 a l@4 ldap_int_thread_pool_wrapper() sleep on 0x6d7e00 in
__lwp_park()
o> t@5 a l@5 ldap_int_thread_pool_wrapper() signal SIGSEGV in
_ceil_mylist_del()
t@6 a l@6 ldap_int_thread_pool_wrapper() sleep on 0x6d7e00 in
__lwp_park()
t@7 a l@7 ldap_int_thread_pool_wrapper() LWP suspended in
lwp_yield()
(dbx) where
current thread: t@5
[1] _ceil_mylist_del(0x7efa18, 0xfffffd7ffeb52400, 0x7efa18, 0x0, 0x7efa00,
0x6d7de0), at 0xfffffd7ffecb7534
[2] mutex_unlock_internal(0x0, 0x0, 0x0, 0x0, 0x0, 0x0), at 0xfffffd7ffecb9da8
[3] __mutex_unlock(0x0, 0x0, 0x0, 0x0, 0x0, 0x0), at 0xfffffd7ffecb9fea
=>[4] ldap_pvt_thread_mutex_unlock(mutex = 0x7efa18), line 308 in "thr_posix.c"
[5] syncprov_op_mod(op = 0xfffffd7ffc9ff5b0, rs = 0xfffffd7ffc9ff0e8), line
1951 in "syncprov.c"
[6] overlay_op_walk(op = 0xfffffd7ffc9ff5b0, rs = 0xfffffd7ffc9ff0e8, which =
op_add, oi = 0x74abc0, on = 0x744980), line 659 in "backover.c"
[7] over_op_func(op = 0xfffffd7ffc9ff5b0, rs = 0xfffffd7ffc9ff0e8, which =
op_add), line 721 in "backover.c"
[8] over_op_add(op = 0xfffffd7ffc9ff5b0, rs = 0xfffffd7ffc9ff0e8), line 767 in
"backover.c"
[9] syncrepl_entry(si = 0x7973b0, op = 0xfffffd7ffc9ff5b0, entry = 0x7b55b8,
modlist = 0xfffffd7ffc9ff350, syncstate = 1, syncUUID = 0xfffffd7ffc9ff3f0,
syncCSN = (nil)), line 2165 in "syncrepl.c"
[10] do_syncrep2(op = 0xfffffd7ffc9ff5b0, si = 0x7973b0), line 892 in
"syncrepl.c"
[11] do_syncrepl(ctx = 0xfffffd7ffc9ffc88, arg = 0x790140), line 1345 in
"syncrepl.c"
[12] connection_read_thread(ctx = 0xfffffd7ffc9ffc88, argv = 0x13), line 1225
in "connection.c"
[13] ldap_int_thread_pool_wrapper(xpool = 0x6d7de0), line 663 in "tpool.c"
[14] _thr_setup(0x0, 0x0, 0x0, 0x0, 0x0, 0x0), at 0xfffffd7ffecc0bfb
[15] _lwp_start(0x0, 0x0, 0x0, 0x0, 0x0, 0x0), at 0xfffffd7ffecc0e30
(dbx) up
Current function is syncprov_op_mod
1951 ldap_pvt_thread_mutex_unlock(
&mt->mt_mutex );
(dbx) print *mt
*mt = {
mt_mods = 0x73206c6c613d6e63
mt_tail = 0x3d756f2c66666174
mt_op = 0x642c7370756f7267
mt_mutex = {
__pthread_mutex_flags = {
__pthread_mutex_flag1 = 15714U
__pthread_mutex_flag2 = 'e'
__pthread_mutex_ceiling = 'x'
__pthread_mutex_type = 28001U
__pthread_mutex_magic = 27760U
}
__pthread_mutex_lock = {
__pthread_mutex_lock64 = {
__pthread_mutex_pad = ""
}
__pthread_mutex_lock32 = {
__pthread_ownerpid = 0
__pthread_lockword = 7299901U
}
__pthread_mutex_owner64 = 31352836059037696U
}
__pthread_mutex_data = 0
}
}
(dbx) print (char *) mt
(char *) mt = 0x7efa00 "cn=all staff,ou=groups,db=exampl"