[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PATCH: glibc detected *** double free or corruption (top)



On Thu, Apr 06, 2006 at 02:00:57PM +0100, Darryl L. Miles wrote:
> I'm unable to commission a new mail server with more recent Linux OS 
> build.  /lib/libc-2.3.4.so.
....
> 15167 writev(2, [{"*** glibc detected *** ", 23}, {"double free or 
> corruption (top)", 31}, {": 0x", 4}, {"0815ace0", 8}, {" ***\n", 5}], 5) = 
> 71
.... 
> 
> The wait4() call above is the return from the smtp-auth-pipe callout. I 
> think this fixes it, my debugging finds the fclose(wfp) to be the cause 
> of the problem.

  Yes.  And that is correct fix so that it won't be closed again
  futher below.  My bad.

 
> $ cvs diff -u zpwmatch-pipe.c
> Index: zpwmatch-pipe.c
> ===================================================================
> RCS file: /cvsroot/zmailer/smtpserver/zpwmatch-pipe.c,v
> retrieving revision 1.9
> diff -u -r1.9 zpwmatch-pipe.c
> --- zpwmatch-pipe.c     20 Jun 2005 10:59:42 -0000      1.9
> +++ zpwmatch-pipe.c     6 Apr 2006 12:45:28 -0000
> @@ -144,6 +144,7 @@
>         fprintf( wfp, "%s\n", password );
>        fflush(wfp);
>         fclose( wfp );
> +        wfp = NULL;
>        /* Following weird thing is because we have top-level
>           child-death reaper code at the main part of this
>           program... */
> 
> 
> Arrgghhh.... now I can see this problem:
> 
> 
> pid 16230] read(0, 0x8161310, 34821)   = -1 EAGAIN (Resource temporarily 
> unavailable)
> [pid 16230] time([1144327344])          = 1144327344
> [pid 16230] select(1, [0], [], NULL, {1200, 0}) = 1 (in [0], left {1199, 
> 980000})
> [pid 16230] read(0, "\27\3\1\0\26 
> M\317a\357F\364\232\266\265\203\333\260\v"..., 34821) = 27
> [pid 16230] time([1144327344])          = 1144327344
> [pid 16230] write(3, "FMmVD9i0003r\tQUIT\n", 18) = 18
> [pid 16230] time([1144327344])          = 1144327344
> [pid 16230] write(3, "FMmVD9i0003w\t221 2.0.0 post.myco"..., 45) = 45
> [pid 16230] time([1144327344])          = 1144327344
> [pid 16230] write(0, "\27\3\1\0001\5\324\342%sP\224X\22\5.\260[Q\347G\272 
> \370"..., 54) = 54
> [pid 16230] time([1144327344])          = 1144327344
> [pid 16230] write(3, "FMmVD9i0003#\t000-TLS stopping; m"..., 44) = 44
> [pid 16230] write(0, 
> "\25\3\1\0\22\212\331\302\217\340\177\2\250@\300Q\24<\373"..., 23) = 23
> [pid 16230] time([1144327344])          = 1144327344
> [pid 16230] write(3, "FMmVD9i0003#\t000-SSL3 alert writ"..., 55) = 55
> [pid 16230] open("/dev/tty", O_RDWR|O_NONBLOCK|O_NOCTTY) = -1 ENXIO (No 
> such device or address)
> [pid 16230] writev(2, [{"*** glibc detected *** ", 23}, {"free(): invalid 
> pointer", 23}, {": 0x", 4}, {"0810fc34", 8}, {" ***\n", 5}], 5) = 63
> [pid 16230] rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0
> [pid 16230] tgkill(16230, 16230, SIGABRT) = 0
> [pid 16230] --- SIGABRT (Aborted) @ 0 (0) ---
> 
> 
> Maybe I will try and patch that one, it looks like it occurs after the 
> QUIT under a TLS connection. I'm going to start looking around Z_cleanup().

It is apparently something very late in the QUIT sequence under TLS.
Something that I observe very rarely myself either. 

You followed up on that, I see in my inbox. 


> Time to get gcc-checker out.
> -- 
> Darryl L. Miles
-- 
/Matti Aarnio	<mea@nic.funet.fi>
-
To unsubscribe from this list: send the line "unsubscribe zmailer" in
the body of a message to majordomo@nic.funet.fi