[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#6005) error free() function ber_memfree_x, file memory.c
Full_Name: NIkolay Ermolovich
Version: 2.4.15
OS: FreeBSD 7.0
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (217.76.176.1)
ldapsearch: @(#) $OpenLDAP: ldapsearch 2.4.15 (Mar 6 2009 18:48:23) $
root@serv1.olympus.ru:/usr/ports/net/openldap24-client/work/openldap-2.4.15/clients/tools
(LDAP library: OpenLDAP 20415)
----------
...
bm_top: 0xdeaddada
0x00000017 0x48402160 -f- 24 ber_memfree 399
bm_top: 0xdeaddada
0x00000011 0x48425040 -f- 236 ber_memfree 163
bm_top: 0xdeaddada
0x00000010 0x484020d0 -f- 21 ber_memfree 142
bm_top: 0xdeaddada
0x00000001 0x48403040 -f- 27 ber_memfree 115
bm_top: 0x00000000
Assertion failed: (mh->bm_top == LBER_MEM_JUNK), function ber_memfree_x, file
memory.c, line 137.
Program received signal SIGABRT, Aborted.
0x48340b93 in kill () from /lib/libc.so.7
(gdb) bt
#0 0x48340b93 in kill () from /lib/libc.so.7
#1 0x48340af2 in raise () from /lib/libc.so.7
#2 0x4833f8a8 in abort () from /lib/libc.so.7
#3 0x4832896e in __assert () from /lib/libc.so.7
#4 0x480cd134 in ber_memfree_x (p=0x48357fc0, ctx=0x0) at memory.c:137
#5 0x480ce308 in ber_memfree (p=0x48357fc0) at memory.c:164
#6 0x080519ca in ?? ()
#7 0x48357fc0 in __stack_chk_guard () from /lib/libc.so.7
#8 0x00000000 in ?? ()
#9 0x7fbfec48 in ?? ()
#10 0x0804dfeb in ?? ()
#11 0x48425054 in ?? ()
#12 0x08055b46 in ?? ()
#13 0x00000000 in ?? ()
#14 0x00000000 in ?? ()
#15 0x00000000 in ?? ()
#16 0x00000000 in ?? ()
#17 0x00000000 in ?? ()
#18 0xffffffff in ?? ()
#19 0x48274674 in ?? () from /usr/lib/libcom_err.so.4
#20 0x480832c4 in ?? ()
#21 0x7fbfec88 in ?? ()
#22 0x08055b46 in ?? ()
#23 0x00000000 in ?? ()
#24 0x00000000 in ?? ()
#25 0x00000000 in ?? ()
#26 0x48425054 in ?? ()
#27 0x00000000 in ?? ()
#28 0x00000000 in ?? ()
#29 0x7fbfea2c in ?? ()
#30 0x00000000 in ?? ()
#31 0x00000000 in ?? ()
#32 0x00000000 in ?? ()
#33 0x7fbfea2c in ?? ()
#34 0x48084e00 in ?? ()
#35 0x00000003 in ?? ()
#36 0x480832a0 in ?? ()
#37 0x00000000 in ?? ()
#38 0x00000000 in ?? ()
#39 0x00000000 in ?? ()
#40 0x00000000 in ?? ()
#41 0x00000000 in ?? ()
#42 0x00000000 in ?? ()
#43 0x00000000 in ?? ()
---Type <return> to continue, or q <return> to quit---
#44 0x00000000 in ?? ()
#45 0x4805b4bb in _rtld_error () from /libexec/ld-elf.so.1
Previous frame inner to this frame (corrupt stack?)
(gdb)
----------------
memory.c
...
void
ber_memfree_x( void *p, void *ctx )
{
if( p == NULL ) {
return;
}
BER_MEM_VALID( p );
if( ber_int_memory_fns == NULL || ctx == NULL ) {
#ifdef LDAP_MEMORY_DEBUG
struct ber_mem_hdr *mh = (struct ber_mem_hdr *)
((char *)p - sizeof(struct ber_mem_hdr));
fprintf(stderr, "bm_top: 0x%08lx\n", (long)mh->bm_top);
assert( mh->bm_top == LBER_MEM_JUNK);
assert( testdatatop( mh));
assert( testend( (char *)&mh[1] + mh->bm_length) );
ber_int_meminuse -= mh->bm_length;
#ifdef LDAP_MEMORY_TRACE
fprintf(stderr, "0x%08lx 0x%08lx -f- %ld ber_memfree %ld\n",
(long)mh->bm_sequence, (long)mh, (long)mh->bm_length,
ber_int_meminuse);
#endif
/* Fill the free space with poison */
memset( mh, 0xff, mh->bm_length + sizeof(struct ber_mem_hdr) +
sizeof(ber_int_t));
free( mh );
#else
free( p );
#endif
return;
}
assert( ber_int_memory_fns->bmf_free != 0 );
(*ber_int_memory_fns->bmf_free)( p, ctx );
}