[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#6478) slapd crashes with segfault
We managed to install it with debug-symbols now,
but did not have a new crash (yet).
However we did a deeper anaylysis of existing
crashes.
Here is the outcome:
GNU gdb Red Hat Linux (6.5-25.el5rh)
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you ar=
e
welcome to change it and/or distribute copies of it under certain condition=
s.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu"...Using host libthread=
_db library "/lib64/libthread_db.so.1".
Reading symbols from /usr/lib64/libltdl.so.3...done.
Loaded symbols for /usr/lib64/libltdl.so.3
Reading symbols from /lib64/libdl.so.2...done.
Loaded symbols for /lib64/libdl.so.2
Reading symbols from /lib64/libuuid.so.1...done.
Loaded symbols for /lib64/libuuid.so.1
Reading symbols from /usr/lib64/libslapd_db-4.7.so...done.
Loaded symbols for /usr/lib64/libslapd_db-4.7.so
Reading symbols from /usr/lib64/libodbc.so.1...done.
Loaded symbols for /usr/lib64/libodbc.so.1
Reading symbols from /usr/lib64/libsasl2.so.2...done.
Loaded symbols for /usr/lib64/libsasl2.so.2
Reading symbols from /lib64/libssl.so.6...done.
Loaded symbols for /lib64/libssl.so.6
Reading symbols from /lib64/libcrypto.so.6...done.
Loaded symbols for /lib64/libcrypto.so.6
Reading symbols from /lib64/libcrypt.so.1...done.
Loaded symbols for /lib64/libcrypt.so.1
Reading symbols from /lib64/libresolv.so.2...done.
Loaded symbols for /lib64/libresolv.so.2
Reading symbols from /lib64/libpthread.so.0...done.
Loaded symbols for /lib64/libpthread.so.0
Reading symbols from /usr/lib64/libwrap.so.0...done.
Loaded symbols for /usr/lib64/libwrap.so.0
Reading symbols from /lib64/libc.so.6...done.
Loaded symbols for /lib64/libc.so.6
Reading symbols from /lib64/ld-linux-x86-64.so.2...done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
Reading symbols from /usr/lib64/libgssapi_krb5.so.2...done.
Loaded symbols for /usr/lib64/libgssapi_krb5.so.2
Reading symbols from /usr/lib64/libkrb5.so.3...done.
Loaded symbols for /usr/lib64/libkrb5.so.3
Reading symbols from /lib64/libcom_err.so.2...done.
Loaded symbols for /lib64/libcom_err.so.2
Reading symbols from /usr/lib64/libk5crypto.so.3...done.
Loaded symbols for /usr/lib64/libk5crypto.so.3
Reading symbols from /usr/lib64/libz.so.1...done.
Loaded symbols for /usr/lib64/libz.so.1
Reading symbols from /lib64/libnsl.so.1...done.
Loaded symbols for /lib64/libnsl.so.1
Reading symbols from /usr/lib64/libkrb5support.so.0...done.
Loaded symbols for /usr/lib64/libkrb5support.so.0
Reading symbols from /lib64/libkeyutils.so.1...done.
Loaded symbols for /lib64/libkeyutils.so.1
Reading symbols from /lib64/libselinux.so.1...done.
Loaded symbols for /lib64/libselinux.so.1
Reading symbols from /lib64/libsepol.so.1...done.
Loaded symbols for /lib64/libsepol.so.1
Reading symbols from /lib64/libnss_dns.so.2...done.
Loaded symbols for /lib64/libnss_dns.so.2
Reading symbols from /lib64/libnss_files.so.2...done.
Loaded symbols for /lib64/libnss_files.so.2
Reading symbols from /usr/lib64/sasl2/libplain.so.2...done.
Loaded symbols for /usr/lib64/sasl2/libplain.so.2
Reading symbols from /usr/lib64/sasl2/libanonymous.so.2...done.
Loaded symbols for /usr/lib64/sasl2/libanonymous.so.2
Reading symbols from /usr/lib64/sasl2/liblogin.so.2...done.
Loaded symbols for /usr/lib64/sasl2/liblogin.so.2
Reading symbols from /usr/lib64/openldap/syncprov-2.4.so.2...Reading symbol=
s from /usr/lib/debug/usr/lib64/openldap/syncprov-2.4.so.2.5.4.debug...done=
.
done.
Loaded symbols for /usr/lib64/openldap/syncprov-2.4.so.2
Reading symbols from /usr/lib64/openldap/cms_template-2.4.so.2...Reading sy=
mbols from /usr/lib/debug/usr/lib64/openldap/cms_template-2.4.so.2.5.4.debu=
g...done.
done.
Loaded symbols for /usr/lib64/openldap/cms_template-2.4.so.2
Reading symbols from /usr/lib64/openldap/cms_modif-2.4.so.2...Reading symbo=
ls from /usr/lib/debug/usr/lib64/openldap/cms_modif-2.4.so.2.5.4.debug...do=
ne.
done.
Loaded symbols for /usr/lib64/openldap/cms_modif-2.4.so.2
Reading symbols from /lib64/libgcc_s.so.1...done.
Loaded symbols for /lib64/libgcc_s.so.1
Core was generated by `/usr/sbin/slapd -h ldap:/// -u ldap'.
Program terminated with signal 6, Aborted.
#0 0x00000037a4e30045 in raise () from /lib64/libc.so.6
(gdb) thread apply all bt
Thread 10 (process 12403):
#0 0x00000037a5a075a5 in pthread_join () from /lib64/libpthread.so.0
#1 0x000000000043402c in slapd_daemon () at ../../../servers/slapd/daemon.=
c:2834
#2 0x0000000000420d75 in main (argc=3D5, argv=3D0x7fff57a47818) at ../../.=
./servers/slapd/main.c:953
Thread 9 (process 12406):
#0 0x00000037a5a0a496 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/lib=
pthread.so.0
#1 0x00000000005302bd in ldap_int_thread_pool_wrapper (xpool=3D<value opti=
mized out>) at ../../../libraries/libldap_r/tpool.c:712
#2 0x00000037a5a062e7 in start_thread () from /lib64/libpthread.so.0
#3 0x00000037a4ece3bd in clone () from /lib64/libc.so.6
Thread 8 (process 12407):
#0 0x00000037a5a0a496 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/lib=
pthread.so.0
#1 0x00000000005302bd in ldap_int_thread_pool_wrapper (xpool=3D<value opti=
mized out>) at ../../../libraries/libldap_r/tpool.c:712
#2 0x00000037a5a062e7 in start_thread () from /lib64/libpthread.so.0
#3 0x00000037a4ece3bd in clone () from /lib64/libc.so.6
Thread 7 (process 12408):
#0 0x00000037a5a0a496 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/lib=
pthread.so.0
#1 0x00000000005302bd in ldap_int_thread_pool_wrapper (xpool=3D<value opti=
mized out>) at ../../../libraries/libldap_r/tpool.c:712
#2 0x00000037a5a062e7 in start_thread () from /lib64/libpthread.so.0
#3 0x00000037a4ece3bd in clone () from /lib64/libc.so.6
Thread 6 (process 12409):
#0 0x00000037a5a0a496 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/lib=
pthread.so.0
#1 0x00000000005302bd in ldap_int_thread_pool_wrapper (xpool=3D<value opti=
mized out>) at ../../../libraries/libldap_r/tpool.c:712
#2 0x00000037a5a062e7 in start_thread () from /lib64/libpthread.so.0
#3 0x00000037a4ece3bd in clone () from /lib64/libc.so.6
Thread 5 (process 12410):
#0 0x00000037a5a0a496 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/lib=
pthread.so.0
#1 0x00000000005302bd in ldap_int_thread_pool_wrapper (xpool=3D<value opti=
mized out>) at ../../../libraries/libldap_r/tpool.c:712
#2 0x00000037a5a062e7 in start_thread () from /lib64/libpthread.so.0
#3 0x00000037a4ece3bd in clone () from /lib64/libc.so.6
Thread 4 (process 12411):
#0 0x00000037a5a0a496 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/lib=
pthread.so.0
#1 0x00000000005302bd in ldap_int_thread_pool_wrapper (xpool=3D<value opti=
mized out>) at ../../../libraries/libldap_r/tpool.c:712
#2 0x00000037a5a062e7 in start_thread () from /lib64/libpthread.so.0
#3 0x00000037a4ece3bd in clone () from /lib64/libc.so.6
Thread 3 (process 12412):
#0 0x00000037a4eda178 in __lll_mutex_lock_wait () from /lib64/libc.so.6
#1 0x00000037a4e73c07 in _L_lock_14089 () from /lib64/libc.so.6
#2 0x00000037a4e72a61 in free () from /lib64/libc.so.6
#3 0x0000000000438a99 in connection2anonymous (c=3D0x2af6540b0a50) at ../.=
./../servers/slapd/connection.c:563
#4 0x0000000000438df3 in connection_close (c=3D0x2af6540b0a50) at ../../..=
/servers/slapd/connection.c:616
#5 0x0000000000439c50 in connection_operation (ctx=3D0x44e17db0, arg_v=3D<=
value optimized out>) at ../../../servers/slapd/connection.c:1159
#6 0x000000000043a201 in connection_read_thread (ctx=3D0x44e17db0, argv=3D=
<value optimized out>) at ../../../servers/slapd/connection.c:1440
#7 0x0000000000530268 in ldap_int_thread_pool_wrapper (xpool=3D0x16fafc80)=
at ../../../libraries/libldap_r/tpool.c:700
#8 0x00000037a5a062e7 in start_thread () from /lib64/libpthread.so.0
#9 0x00000037a4ece3bd in clone () from /lib64/libc.so.6
Thread 2 (process 12413):
#0 0x00000037a5a0a496 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/lib=
pthread.so.0
#1 0x00000000005302bd in ldap_int_thread_pool_wrapper (xpool=3D<value opti=
mized out>) at ../../../libraries/libldap_r/tpool.c:712
#2 0x00000037a5a062e7 in start_thread () from /lib64/libpthread.so.0
#3 0x00000037a4ece3bd in clone () from /lib64/libc.so.6
Thread 1 (process 12405):
#0 0x00000037a4e30045 in raise () from /lib64/libc.so.6
#1 0x00000037a4e31ae0 in abort () from /lib64/libc.so.6
#2 0x00000037a4e681bb in __libc_message () from /lib64/libc.so.6
#3 0x00000037a4e6da07 in malloc_consolidate () from /lib64/libc.so.6
#4 0x00000037a4e6f1fb in _int_free () from /lib64/libc.so.6
#5 0x00000037a4e72a6c in free () from /lib64/libc.so.6
#6 0x00000037a4ecabda in __vsyslog_chk () from /lib64/libc.so.6
#7 0x00000037a4ecaf33 in __syslog_chk () from /lib64/libc.so.6
#8 0x0000000000437869 in slapd_daemon_task (ptr=3D<value optimized out>) a=
t ../../../servers/slapd/daemon.c:2771
#9 0x00000037a5a062e7 in start_thread () from /lib64/libpthread.so.0
#10 0x00000037a4ece3bd in clone () from /lib64/libc.so.6
(gdb) thread 3
[Switching to thread 3 (process 12412)]#0 0x00000037a4eda178 in __lll_mute=
x_lock_wait () from /lib64/libc.so.6
(gdb) bt
#0 0x00000037a4eda178 in __lll_mutex_lock_wait () from /lib64/libc.so.6
#1 0x00000037a4e73c07 in _L_lock_14089 () from /lib64/libc.so.6
#2 0x00000037a4e72a61 in free () from /lib64/libc.so.6
#3 0x0000000000438a99 in connection2anonymous (c=3D0x2af6540b0a50) at ../.=
./../servers/slapd/connection.c:563
#4 0x0000000000438df3 in connection_close (c=3D0x2af6540b0a50) at ../../..=
/servers/slapd/connection.c:616
#5 0x0000000000439c50 in connection_operation (ctx=3D0x44e17db0, arg_v=3D<=
value optimized out>) at ../../../servers/slapd/connection.c:1159
#6 0x000000000043a201 in connection_read_thread (ctx=3D0x44e17db0, argv=3D=
<value optimized out>) at ../../../servers/slapd/connection.c:1440
#7 0x0000000000530268 in ldap_int_thread_pool_wrapper (xpool=3D0x16fafc80)=
at ../../../libraries/libldap_r/tpool.c:700
#8 0x00000037a5a062e7 in start_thread () from /lib64/libpthread.so.0
#9 0x00000037a4ece3bd in clone () from /lib64/libc.so.6
(gdb) fr 3
#3 0x0000000000438a99 in connection2anonymous (c=3D0x2af6540b0a50) at ../.=
./../servers/slapd/connection.c:563
563 if ( !BER_BVISNULL( &c->c_authmech ) ) {
(gdb) p * 0x2af6540b0a50
$1 =3D 3
(gdb) thread 1
[Switching to thread 1 (process 12405)]#0 0x00000037a4e30045 in raise () f=
rom /lib64/libc.so.6
(gdb) bt
#0 0x00000037a4e30045 in raise () from /lib64/libc.so.6
#1 0x00000037a4e31ae0 in abort () from /lib64/libc.so.6
#2 0x00000037a4e681bb in __libc_message () from /lib64/libc.so.6
#3 0x00000037a4e6da07 in malloc_consolidate () from /lib64/libc.so.6
#4 0x00000037a4e6f1fb in _int_free () from /lib64/libc.so.6
#5 0x00000037a4e72a6c in free () from /lib64/libc.so.6
#6 0x00000037a4ecabda in __vsyslog_chk () from /lib64/libc.so.6
#7 0x00000037a4ecaf33 in __syslog_chk () from /lib64/libc.so.6
#8 0x0000000000437869 in slapd_daemon_task (ptr=3D<value optimized out>) a=
t ../../../servers/slapd/daemon.c:2771
#9 0x00000037a5a062e7 in start_thread () from /lib64/libpthread.so.0
#10 0x00000037a4ece3bd in clone () from /lib64/libc.so.6
(gdb) fr 8
#8 0x0000000000437869 in slapd_daemon_task (ptr=3D<value optimized out>) a=
t ../../../servers/slapd/daemon.c:2771
2771 Debug( LDAP_DEBUG_ANY,
(gdb) thread 3
[Switching to thread 3 (process 12412)]#0 0x00000037a4eda178 in __lll_mute=
x_lock_wait () from /lib64/libc.so.6
(gdb) fr 4
#4 0x0000000000438df3 in connection_close (c=3D0x2af6540b0a50) at ../../..=
/servers/slapd/connection.c:616
616 backend_connection_destroy(c);
(gdb) p * 0x2af6540b0a50
$2 =3D 3
(gdb) fr 3
#3 0x0000000000438a99 in connection2anonymous (c=3D0x2af6540b0a50) at ../.=
./../servers/slapd/connection.c:563
563 if ( !BER_BVISNULL( &c->c_authmech ) ) {
(gdb) p * 0x2af6540b0a50
$3 =3D 3
(gdb) quit
GNU gdb Red Hat Linux (6.5-25.el5rh)
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you ar=
e
welcome to change it and/or distribute copies of it under certain condition=
s.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu"...Using host libthread=
_db library "/lib64/libthread_db.so.1".
Reading symbols from /usr/lib64/libltdl.so.3...done.
Loaded symbols for /usr/lib64/libltdl.so.3
Reading symbols from /lib64/libdl.so.2...done.
Loaded symbols for /lib64/libdl.so.2
Reading symbols from /lib64/libuuid.so.1...done.
Loaded symbols for /lib64/libuuid.so.1
Reading symbols from /usr/lib64/libslapd_db-4.7.so...done.
Loaded symbols for /usr/lib64/libslapd_db-4.7.so
Reading symbols from /usr/lib64/libodbc.so.1...done.
Loaded symbols for /usr/lib64/libodbc.so.1
Reading symbols from /usr/lib64/libsasl2.so.2...done.
Loaded symbols for /usr/lib64/libsasl2.so.2
Reading symbols from /lib64/libssl.so.6...done.
Loaded symbols for /lib64/libssl.so.6
Reading symbols from /lib64/libcrypto.so.6...done.
Loaded symbols for /lib64/libcrypto.so.6
Reading symbols from /lib64/libcrypt.so.1...done.
Loaded symbols for /lib64/libcrypt.so.1
Reading symbols from /lib64/libresolv.so.2...done.
Loaded symbols for /lib64/libresolv.so.2
Reading symbols from /lib64/libpthread.so.0...done.
Loaded symbols for /lib64/libpthread.so.0
Reading symbols from /usr/lib64/libwrap.so.0...done.
Loaded symbols for /usr/lib64/libwrap.so.0
Reading symbols from /lib64/libc.so.6...done.
Loaded symbols for /lib64/libc.so.6
Reading symbols from /lib64/ld-linux-x86-64.so.2...done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
Reading symbols from /usr/lib64/libgssapi_krb5.so.2...done.
Loaded symbols for /usr/lib64/libgssapi_krb5.so.2
Reading symbols from /usr/lib64/libkrb5.so.3...done.
Loaded symbols for /usr/lib64/libkrb5.so.3
Reading symbols from /lib64/libcom_err.so.2...done.
Loaded symbols for /lib64/libcom_err.so.2
Reading symbols from /usr/lib64/libk5crypto.so.3...done.
Loaded symbols for /usr/lib64/libk5crypto.so.3
Reading symbols from /usr/lib64/libz.so.1...done.
Loaded symbols for /usr/lib64/libz.so.1
Reading symbols from /lib64/libnsl.so.1...done.
Loaded symbols for /lib64/libnsl.so.1
Reading symbols from /usr/lib64/libkrb5support.so.0...done.
Loaded symbols for /usr/lib64/libkrb5support.so.0
Reading symbols from /lib64/libkeyutils.so.1...done.
Loaded symbols for /lib64/libkeyutils.so.1
Reading symbols from /lib64/libselinux.so.1...done.
Loaded symbols for /lib64/libselinux.so.1
Reading symbols from /lib64/libsepol.so.1...done.
Loaded symbols for /lib64/libsepol.so.1
Reading symbols from /lib64/libnss_dns.so.2...done.
Loaded symbols for /lib64/libnss_dns.so.2
Reading symbols from /lib64/libnss_files.so.2...done.
Loaded symbols for /lib64/libnss_files.so.2
Reading symbols from /usr/lib64/sasl2/libplain.so.2...done.
Loaded symbols for /usr/lib64/sasl2/libplain.so.2
Reading symbols from /usr/lib64/sasl2/libanonymous.so.2...done.
Loaded symbols for /usr/lib64/sasl2/libanonymous.so.2
Reading symbols from /usr/lib64/sasl2/liblogin.so.2...done.
Loaded symbols for /usr/lib64/sasl2/liblogin.so.2
Reading symbols from /usr/lib64/openldap/syncprov-2.4.so.2...Reading symbol=
s from /usr/lib/debug/usr/lib64/openldap/syncprov-2.4.so.2.5.4.debug...done=
.
done.
Loaded symbols for /usr/lib64/openldap/syncprov-2.4.so.2
Reading symbols from /usr/lib64/openldap/cms_template-2.4.so.2...Reading sy=
mbols from /usr/lib/debug/usr/lib64/openldap/cms_template-2.4.so.2.5.4.debu=
g...done.
done.
Loaded symbols for /usr/lib64/openldap/cms_template-2.4.so.2
Reading symbols from /usr/lib64/openldap/cms_modif-2.4.so.2...Reading symbo=
ls from /usr/lib/debug/usr/lib64/openldap/cms_modif-2.4.so.2.5.4.debug...do=
ne.
done.
Loaded symbols for /usr/lib64/openldap/cms_modif-2.4.so.2
Reading symbols from /lib64/libgcc_s.so.1...done.
Loaded symbols for /lib64/libgcc_s.so.1
Core was generated by `/usr/sbin/slapd -h ldap:/// -u ldap'.
Program terminated with signal 6, Aborted.
#0 0x00000037a4e30045 in raise () from /lib64/libc.so.6
(gdb) thread apply all bt
Thread 3 (process 17892):
#0 0x00000037a5a075a5 in pthread_join () from /lib64/libpthread.so.0
#1 0x000000000043402c in slapd_daemon () at ../../../servers/slapd/daemon.=
c:2834
#2 0x0000000000420d75 in main (argc=3D5, argv=3D0x7fff3a6ee4b8) at ../../.=
./servers/slapd/main.c:953
Thread 2 (process 17894):
#0 0x00000037a5a0a496 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/lib=
pthread.so.0
#1 0x000000000052fdab in ldap_pvt_thread_pool_destroy (tpool=3D0x8635e8, r=
un_pending=3D487320688) at ../../../libraries/libldap_r/tpool.c:558
#2 0x000000000043767c in slapd_daemon_task (ptr=3D<value optimized out>) a=
t ../../../servers/slapd/daemon.c:2764
#3 0x00000037a5a062e7 in start_thread () from /lib64/libpthread.so.0
#4 0x00000037a4ece3bd in clone () from /lib64/libc.so.6
Thread 1 (process 17895):
#0 0x00000037a4e30045 in raise () from /lib64/libc.so.6
#1 0x00000037a4e31ae0 in abort () from /lib64/libc.so.6
#2 0x00000037a4e681bb in __libc_message () from /lib64/libc.so.6
#3 0x00000037a4e6f444 in _int_free () from /lib64/libc.so.6
#4 0x00000037a4e72a6c in free () from /lib64/libc.so.6
#5 0x0000000000559e07 in sb_rdahead_remove (sbiod=3D0x2aaac488d0d0) at ../=
../../libraries/liblber/sockbuf.c:606
#6 0x0000000000559fb9 in ber_sockbuf_free (sb=3D0x2aaac488d0d0) at ../../.=
./libraries/liblber/sockbuf.c:71
#7 0x0000000000000000 in ?? ()
(gdb) thread 1
[Switching to thread 1 (process 17895)]#0 0x00000037a4e30045 in raise () f=
rom /lib64/libc.so.6
(gdb) bt
#0 0x00000037a4e30045 in raise () from /lib64/libc.so.6
#1 0x00000037a4e31ae0 in abort () from /lib64/libc.so.6
#2 0x00000037a4e681bb in __libc_message () from /lib64/libc.so.6
#3 0x00000037a4e6f444 in _int_free () from /lib64/libc.so.6
#4 0x00000037a4e72a6c in free () from /lib64/libc.so.6
#5 0x0000000000559e07 in sb_rdahead_remove (sbiod=3D0x2aaac488d0d0) at ../=
../../libraries/liblber/sockbuf.c:606
#6 0x0000000000559fb9 in ber_sockbuf_free (sb=3D0x2aaac488d0d0) at ../../.=
./libraries/liblber/sockbuf.c:71
#7 0x0000000000000000 in ?? ()
(gdb) frame 5
#5 0x0000000000559e07 in sb_rdahead_remove (sbiod=3D0x2aaac488d0d0) at ../=
../../libraries/liblber/sockbuf.c:606
in ../../../libraries/liblber/sockbuf.c
(gdb) p sbiod
$1 =3D (Sockbuf_IO_Desc *) 0x2aaac488d0d0
(gdb) p * 0x2aaac488d0d0
$2 =3D 10
(gdb) p * sbiod
$3 =3D {sbiod_level =3D 10, sbiod_sb =3D 0x2aaac49fc5c0, sbiod_io =3D 0x7e8=
340, sbiod_pvt =3D 0x2aaac48944c0, sbiod_next =3D 0x0}
(gdb) p * 0x2aaac49fc5c0
$4 =3D 3
(gdb) p * 0x2aaac48944c0
$5 =3D 1601201012
(gdb) quit
[root@ts2mstsv010 dumps]#
From: De Bonis Hamelin, Marie Antoinette (Marian - HP Software - CMS)
Sent: Donnerstag, 25. M=E4rz 2010 14:20
To: Hummel, Wolfgang
Subject: ldap core analysis
Wolfgang,
If you check I have let 2 files which have all stack trace for a core.<pid>=
on the ldap.
In one of the core file txt anayzis, we can see the call to sb_rdahead_remo=
ve() just after the libc is doing is malloc/free check and it aborts.
I have checked the code (see below), sbiod is not null plus we have an asse=
rt in the code.
So according to me, p is corrupted because sbiod->sbiod_pvt is not a valid =
address.
Marian
-> openldap/dist/libraries/liblber/sockbuf.c
static int sb_rdahead_remove( Sockbuf_IO_Desc *sbiod )
{
Sockbuf_Buf *p;
assert( sbiod !=3D NULL );
p =3D (Sockbuf_Buf *)sbiod->sbiod_pvt;
if ( p->buf_ptr !=3D p->buf_end ) return -1;
ber_pvt_sb_buf_destroy( (Sockbuf_Buf *)(sbiod->sbiod_pvt) );
LBER_FREE( sbiod->sbiod_pvt );
sbiod->sbiod_pvt =3D NULL;
return 0;
}
Wolfgang Hummel