[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#3404) sockber stack SEGVs

Overall testing results:

Finally, the syncrepl provider seems stable. I haven't been running this
long enough to make a formal declaration, but I believe this/ITS#3420 is
the root cause of (my) ITS#3296, 3300, and possibly other submitters'
syncrepl issues. I have not applied the patch to syncrepl consumers (if
it's not broken, don't touch it...)

Some technical notes from the debugger:

The memory debugger I'm running in makes "Actual leaks" and "Possible
leaks" reports. The size of the "Actual leaks" reported goes up
dramatically when using the patch, from 1860 bytes to ~34k. Here's the
report, although I'm not sure if there's anything to take from this:

Actual leaks report (actual leaks: 1802  total size: 35646 bytes)

  Total     Num of  Leaked     Allocation call stack
  Size      Blocks  Block
==========  ====== =========== =======================================
      9312     581      -      ber_memalloc_x < ber_dupbv_x
      9240     577      -      ber_memalloc_x < ber_memalloc

ITS#3420 patch traded the uninitalized write for an uninitalized read.
This also doesn't seem nearly as important, but I again include the trace
for completeness:

<rtc> Read from uninitialized (rui) on thread 3:
Attempting to read 1 byte at address 0x655ac8
    which is 1240 bytes into a heap block of size 1048576 bytes at 0x6555f0
This block was allocated from:
        [1] ber_memalloc_x() at line 232 in "memory.c"
        [2] ch_malloc() at 0x7fe38
        [3] sl_mem_create() at line 82 in "sl_malloc.c"
        [4] connection_operation() at line 1030 in "connection.c"
        [5] ldap_int_thread_pool_wrapper() at line 467 in "tpool.c"
        [6] _lwp_start() at 0xde1157b8
Location of error:
current thread: t@3
=>[1] sl_realloc(ptr = 0x655a7c, size = 88U, ctx = 0x63b658), line 207 in "sl_malloc.c"
  [2] ber_memrealloc_x(p = 0x655a7c, s = 80U, ctx = 0x63b658), line 363 in "memory.c"
  [3] ber_bvarray_add_x(a = 0xa7b3f7e0, bv = 0xa7b3f72c, ctx = 0x63b658), line 775 in "memory.c"
  [4] slap_build_syncUUID_set(0x640338, 0xa7b3f7e0, 0x75f9d0, 0xa7b3f968, 0x0, 0x71), at 0xd25d4
  [5] hdb_do_search(op = 0x640338, rs = 0xa7bffd58, sop = 0x640338, ps_e = (nil), ps_type = 0), line 1308 in "search.c"
  [6] hdb_search(op = 0x640338, rs = 0xa7bffd58), line 422 in "search.c"
  [7] do_search(op = 0x640338, rs = 0xa7bffd58), line 412 in "search.c"
  [8] connection_operation(ctx = 0xa7bffe14, arg_v = 0x640338), line 1079 in "connection.c"
  [9] ldap_int_thread_pool_wrapper(xpool = 0x558c48), line 467 in "tpool.c"