[Issue 9626] Segmentation fault on mdb_midl_append_list

Mon, 09 Aug 2021 04:06:09 -0700 

https://bugs.openldap.org/show_bug.cgi?id=9626

--- Comment #3 from [email protected] ---
(In reply to Howard Chu from comment #2)
> (In reply to carlos.velasco from comment #1)
> > It seems ids get corrupted.
> > 
> > 
> > Program terminated with signal SIGSEGV, Segmentation fault.
> > #0  0x00007f2a32a4109f in mdb_midl_append_list (idp=0x7f29f8041b13,
> > app=0x25fa538) at midl.c:175
> > 175             if (ids[0] + app[0] >= ids[-1]) {
> > [Current thread is 1 (Thread 0x7f2a09ffb640 (LWP 204177))]
> > (gdb) bt
> > #0  0x00007f2a32a4109f in mdb_midl_append_list (idp=0x7f29f8041b13,
> > app=0x25fa538) at midl.c:175
> > #1  0x00007f2a32a325bf in mdb_txn_commit (txn=0xf9bda0) at mdb.c:3485
> 
> In frame 1 can you get the output for:
>    info locals
>    print *txn
>    print *parent

(gdb) f 1
#1  0x00007f2a32a325bf in mdb_txn_commit (txn=0xf9bda0) at mdb.c:3485
3485                    rc = mdb_midl_append_list(&parent->mt_free_pgs,
txn->mt_free_pgs);
(gdb) info locals
parent = 0x7f29f8041aeb
lp = 0x7f2a09ff9120
dst = 0x7f2a09ff90e0
pspill = 0x7f2a09ff90b0
y = 167743792
len = 0
src = 0x40009000d0006
x = 32554
ps_len = 32554
rc = 32554
i = 167743728
end_mode = 2097201
env = 0x1fd9d40
__func__ = "mdb_txn_commit"
(gdb) p *txn
$1 = {mt_parent = 0x7f29f8041aeb, mt_child = 0x0, mt_next_pgno = 255, mt_txnid
= 47589, mt_env = 0x1fd9d40, mt_free_pgs = 0x25fa538, mt_loose_pgs = 0x0,
mt_loose_count = 0, mt_spill_pgs = 0x0, mt_u = {
    dirty_list = 0x26fa540, reader = 0x26fa540}, mt_dbxs = 0x1fd9e40, mt_dbs =
0xf9be28, mt_dbiseqs = 0xf9be98, mt_cursors = 0xf9be88, mt_dbflags = 0xf9bea0
"\b\030", mt_numdbs = 2, mt_flags = 524288, 
  mt_dirty_room = 131067}
(gdb) p *parent
$2 = {mt_parent = 0x9b99d10000000000, mt_child = 0x8d000007f2e0a, mt_next_pgno
= 3276218095827364344, mt_txnid = 7814437141411426150, mt_env =
0x7c6465646f636e65, mt_free_pgs = 0x7069746c756d7c20, 
  mt_loose_pgs = 0x6d726f662f747261, mt_loose_count = 1952539693, mt_spill_pgs
= 0x72617069746c756d, mt_u = {dirty_list = 0x6574616c65722f74, reader =
0x6574616c65722f74}, mt_dbxs = 0x747865747c207c64, 
  mt_dbs = 0x617c207c6c6d782f, mt_dbiseqs = 0x69746163696c7070, mt_cursors =
0x207c6c6d782f6e6f, mt_dbflags = 0x6163696c7070617c <error: Cannot access
memory at address 0x6163696c7070617c>, 
  mt_numdbs = 1852795252, mt_flags = 1634693935, mt_dirty_room = 1836591984}
(gdb) 

> Does your code actually use nested transactions?

I don't know, the code is from modsecurity:
https://github.com/SpiderLabs/ModSecurity

-- 
You are receiving this mail because:
You are on the CC list for the issue.

Reply via email to