[Date Prev][Date Next] [Chronological] [Thread] [Top]

slapd crash in bdb_entry_return() (ITS#1994)

To: openldap-its@OpenLDAP.org
Subject: slapd crash in bdb_entry_return() (ITS#1994)
From: kervin@blueprint-tech.com
Date: Mon, 29 Jul 2002 19:09:12 GMT

Full_Name: Kervin Pierre
Version: 2.1.3
OS: Windows 2000
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (163.118.3.50)



slapd crashes with large amount of entries added.  

The function bdb_cache_add_entry_rw() in back-bdb/cache.c might be at fault. 
When the crash occurs cache->c_cursize seems to always equal cache->c_maxsize.
[...]
while ( cache->c_lrutail != NULL &&
	BEI(cache->c_lrutail)->bei_refcnt == 0 &&
	cache->c_cursize > cache->c_maxsize )
{
	e = cache->c_lrutail;

	/* delete from cache and lru q */
	/* XXX do we need rc ? */
	rc = bdb_cache_delete_entry_internal( cache, e );
	bdb_cache_entry_private_destroy( e );
	bdb_entry_return( e );
}
[...]


With MEMORY_DEBUG and TRACE, the output is as below.  It seems like the last
successful free before the crash frees more memory than is allocated (?).  I'm
not sure I'm reading the output right but it looks like 20 bytes is allocated
for 857301 but 32 is free'ed.

[...]
bdb_dn2entry_rw("cn=paul
cezanne,ou=client10,ou=vendor20,ou=modifydn,o=imc,c=us")
=> bdb_dn2id_matched( "cn=paul
cezanne,ou=client10,ou=vendor20,ou=modifydn,o=imc,c=us" )
0x0004df1f 0x01118bc0 -a- 64 ber_memalloc 857073
<= bdb_dn2id_matched: id=0x000002cc: matched
ou=client10,ou=vendor20,ou=modifydn,o=imc,c=us
0x0004df1f 0x01118bc0 -f- 64 ber_memfree 857009
0x0004df20 0x01118bc0 -a- 272 ber_memcalloc 857281
entry_decode: "ou=Client10,ou=Vendor20,ou=ModifyDN,o=IMC,c=US"
<= entry_decode(ou=Client10,ou=Vendor20,ou=ModifyDN,o=IMC,c=US)
0x0004df21 0x010d9418 -a- 20 ber_memcalloc 857301
0x0004df22 0x011190a8 -a- 32 ber_memcalloc 857333
0x0004df23 0x01119110 -a- 16 ber_memalloc 857349
0x0004df24 0x01119168 -a- 16 ber_memalloc 857365
0x00037200 0x0192ea58 -f- 16 ber_memfree 857349
0x00037201 0x01932a90 -f- 16 ber_memfree 857333
0x000371ff 0x0192fed0 -f- 32 ber_memfree 857301
0x000371fe 0x01932d40 -f- 20 ber_memfree 857281
Assertion failed: mh->bm_top == LLBER_MEM_JUNK, file D:\kervin's stuff - do not
delete!\src\openldap-release\openldap-2.1.3-win\libraries\liblber\memory.c, line
130

I have the full '-d -1' + memory trace output if needed ( 57Megs ).

The call stack...

_assert(void * 0x0051a534, void * 0x0051a4cc, unsigned int 0x00000082) line 267
ber_memfree(void * 0x01168ed0) line 130 + 31 bytes
ch_free(void * 0x01168ed0) line 125 + 9 bytes
bdb_entry_return(slap_entry * 0x01932950) line 227 + 12 bytes
bdb_cache_add_entry_rw(__db_env * 0x011669f8, bdb_cache * 0x010c4384, slap_entry
* 0x01932950, int 0x00000000, unsigned int 0x00000d18, __db_lock_u * 0x0174fd6c)
line 601 + 9 bytes
bdb_id2entry_rw(slap_backend_db * 0x010bfbc0, __db_txn * 0x00000000, unsigned
long 0x000002cc, slap_entry * * 0x0174fd60, int 0x00000000, unsigned int
0x00000d18, __db_lock_u * 0x0174fd6c) line 128 + 36 bytes
bdb_dn2entry_rw(slap_backend_db * 0x010bfbc0, __db_txn * 0x00000000, berval *
0x01967af4, slap_entry * * 0x0174fd5c, slap_entry * * 0x0174fd60, int
0x00000000, int 0x00000000, unsigned int 0x00000d18, __db_lock_u * 0x0174fd6c)
line 59 + 31 bytes
bdb_referrals(slap_backend_db * 0x010bfbc0, slap_conn * 0x010c5028, slap_op *
0x01930a08, berval * 0x01967aec, berval * 0x01967af4, const char * * 0x0174fd9c)
line 46 + 35 bytes
backend_check_referrals(slap_backend_db * 0x010bfbc0, slap_conn * 0x010c5028,
slap_op * 0x01930a08, berval * 0x01967aec, berval * 0x01967af4) line 996 + 32
bytes
do_add(slap_conn * 0x010c5028, slap_op * 0x01930a08) line 230 + 31 bytes
connection_operation(void * 0x01117c50) line 952 + 16 bytes
ldap_int_thread_pool_wrapper(void * 0x009b7bd0) line 401 + 13 bytes


--Kervin

Prev by Date: Search problem with non-default attributes. (ITS#1993)
Next by Date: Re: Search problem with non-default attributes. (ITS#1993)
Index(es):
- Chronological
- Thread