[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: assertion failure in ber_free_buf() of io.c (ITS#2655)
I believe this bug was being caused by a double
free() of a malloc'd pointer in a custom back end.
ITS 2655 can be cleared.
Sorry for the noise.
Vic Abell
> -----Original Message-----
> From: owner-openldap-bugs@OpenLDAP.org
> [mailto:owner-openldap-bugs@OpenLDAP.org]On Behalf Of Vic Abell
> Sent: Thursday, July 17, 2003 9:03 AM
> To: openldap-bugs@OpenLDAP.org
> Subject: Re: assertion failure in ber_free_buf() of io.c (ITS#2655)
>
>
> maxchern@yahoo.com wrote:
> >
> > Try disable referrals in slapd.conf (comment them out)
> > and see whether you run into this problem again.
> > The problem is that you got an invalid ber, referral
> > freeing is one of the place that invalid ber will
> > occur.
>
> Thanks for the response.
>
> No referrals were enabled in slapd.conf when the crash
> occurred. The only clue that I can add is that load on
> slapd had grown high enough to cause an increase in the
> thread pool from the starting 4 entries to 8. That
> suggests that a new connection might have tried to use a
> ninth thread and exposed a bug in thread pool management.
> (That's only my guess.)
>
> Vic Abell
>
> --- abe@purdue.edu wrote:
> > Full_Name: Victor A. Abell
> > Version: 2.1.21
> > OS: Solaris 8
> > URL: ftp://ftp.openldap.org/incoming/
> > Submission from: (NULL) (128.210.177.112)
> >
> >
> > OpenLDAP 2.1.21 has crashed once in the four days
> > since it was put into
> > production. The crash occurred at an assert() at
> > line 161 of the
> > ber_free_buf() function of the
> > libraries/liblber/io.c translation unit.
> >
> > The core file stack trace says:
> >
> > Current function is ber_free_buf
> > 161 assert( LBER_VALID( ber ) );
> > (dbx 1) where
> > current thread: t@13
> > [1] __sigprocmask(0x0, 0xfa001540, 0x0, 0x0, 0x0,
> > 0x0), at 0xfef29ab8
> > [2] _resetsig(0xfef2c340, 0x0, 0x0, 0xfa001d78,
> > 0xfef3e000, 0x0), at
> > 0xfef1e50
> > c
> > [3] _sigon(0xfa001d78, 0xfef45980, 0x6,
> > 0xfa001614, 0xfa001d78, 0xfef9155d),
> > a
> > t 0xfef1dcac
> > [4] _thrp_kill(0x0, 0xd, 0x6, 0xfef3e000, 0xd,
> > 0xff03c4a0), at 0xfef20cc0
> > [5] raise(0x6, 0x0, 0x0, 0xffffffff, 0x1e6550,
> > 0x0), at 0xfefcb190
> > [6] abort(0xff03801c, 0xfa001768, 0x39,
> > 0x7efefeff, 0x81010100, 0xff00), at
> > 0x
> > fefb57bc
> > [7] _assert(0x1af5c8, 0x1af5dc, 0xa1, 0x1af5dc,
> > 0x0, 0x1d3e48), at 0xfefb5a60
> > =>[8] ber_free_buf(ber = 0x2a23d0), line 161 in
> > "io.c"
> > [9] ber_free(ber = 0x2a23d0, freebuf = 1), line
> > 187 in "io.c"
> > [10] slap_op_free(op = 0x2a30b8), line 48 in
> > "operation.c"
> > [11] connection_operation(ctx = 0x2ac520, arg_v =
> > 0x2a30b8), line 1060 in
> > "con
> > nection.c"
> > [12] ldap_int_thread_pool_wrapper(xpool =
> > 0x1eb408), line 426 in "tpool.c"
> >
> > The ber pointer used by ber_free_buf() derefences
> > to:
> >
> > *ber = {
> > ber_opts = {
> > lbo_valid = 49
> > lbo_options = 5136U
> > lbo_debug = 0;
> > lbo_meminuse = 2497312
> > }
> > ber_tag = 119U
> > ber_len = 2848856U
> > ber_usertag = 0
> > ber_buf = 0x2f8300 ""
> > ber_ptr = 0x2fd4bc ""
> > ber_end = 0x2fd4bc ""
> > ber_sos = (nil)
> > ber_rwptr = 0x2a23c8 ""
> > }
> >
> > The ber_valid (ber->ber_opts.lbo_valid) value, 49,
> > is clearly invalid.
> >
> > I have discovered a similar issuereport, but in a
> > different io.c function,
> > in Incoming/2633. It, too, applies to OpenDLAP
> > 2.1.21 on Solaris 8.
> >
> > Any suggestions on further core analysis, available
> > patches, etc., would
> > be most welcome.
> >
> > Vic Abell
>