[Openais] RE: Library core dump using evt.

Steven Dake sdake at mvista.com
Tue Jan 10 14:47:28 PST 2006


ok now we are getting some where.

We see that edi->channel_handle is set in the edi data structure which
is set directly from the called channelHandle.

This points to some kind of corruption.

Could you print the dereference of edi and value of hl?
gdb> print *edi
gdb> print hl

Thanks
-steve


On Tue, 2006-01-10 at 15:42 -0600, Kristen Smith wrote:
> I should have included this before (sorry - been a little distracted
> with various things) - the stack trace shows us that the line in
> lib/evt.c that is calling the saHandleInstancePut is:
> 
> alloc_put1:
>     saHandleInstancePut (&channel_handle_db, edi->edi_channel_handle);
> 
> The values of the dbs are (from the saEvtEventAllocate level):
> 
> (gdb) p &event_handle_db
> $2 = (struct saHandleDatabase *) 0xb7480200
> (gdb) p &evt_instance_handle_db
> $3 = (struct saHandleDatabase *) 0xb7480180
> (gdb) p &channel_handle_db
> $4 = (struct saHandleDatabase *) 0xb74801c0
> 
> -----Original Message-----
> From: Steven Dake [mailto:sdake at mvista.com] 
> Sent: Tuesday, January 10, 2006 2:24 PM
> To: Smith, Kristen [RICH1:B670:EXCH]
> Cc: Mark Haverkamp; openais at lists.osdl.org; scd at broked.org; Bajpai, Muni
> [RICH1:B670:EXCH]
> Subject: RE: Library core dump using evt.
> 
> 
> On Tue, 2006-01-10 at 07:54 -0600, Kristen Smith wrote: 
> > Steve,
> > 
> > Here is the core info:
> > 
> > (gdb) print *handleDatabase
> > $1 = {handleCount = 1, handles = 0x80bcfd0, mutex = {__m_reserved = 2,
> 
> > __m_count = 0,
> >     __m_owner = 0xc9f, __m_kind = 0, __m_lock = {__status = 1, 
> > __spinlock = 0}},
> >   handleInstanceDestructor = 0xb747f638 
> > <chanHandleInstanceDestructor>}
> > (gdb) print handleDatabase->mutex
> > $2 = {__m_reserved = 2, __m_count = 0, __m_owner = 0xc9f, __m_kind =
> 0,
> > __m_lock = {
> >     __status = 1, __spinlock = 0}}
> > (gdb) print handleDatabase->handles
> > $3 = (struct saHandle *) 0x80bcfd0
> > (gdb) print handle
> > No symbol "handle" in current context.
> > (gdb) print inHandle
> > $4 = 931264244833698761
> > 
> > 
> 
> We need to know the addresses of event_handle_db and channel_handle_db.
> I think in gdb, you can get this with print &evt_handle_db and
> evt_instance_db.
> 
> In any case, they all have a handle count of 1, which tells us that the
> value passed to the put is corrupted.  We need to trace up to where that
> data is generated.
> 
> > (gdb) up
> > #1  0xb747e12a in saEvtEventAllocate
> (channelHandle=7222815479134420992,
> >     eventHandle=0xb49e4870) at evt.c:1361
> > 1361            saHandleInstancePut (&channel_handle_db,
> > edi->edi_channel_handle);
> > (gdb) p event_handle_db
> > $1 = {handleCount = 1, handles = 0x80b7850, mutex = {__m_reserved = 0,
> 
> > __m_count = 0,
> >     __m_owner = 0x0, __m_kind = 0, __m_lock = {__status = 0, 
> > __spinlock = 0}},
> >   handleInstanceDestructor = 0xb747f6b8 
> > <eventHandleInstanceDestructor>}
> > (gdb) p evt_instance_handle_db
> > $2 = {handleCount = 1, handles = 0x80b7838, mutex = {__m_reserved = 1,
> > __m_count = 0,
> >     __m_owner = 0xba9, __m_kind = 0, __m_lock = {__status = 1,
> > __spinlock = 0}},
> >   handleInstanceDestructor = 0xb747f5a8 <evtHandleInstanceDestructor>}
> > (gdb) p channel_handle_db
> > $3 = {handleCount = 1, handles = 0x80bcfd0, mutex = {__m_reserved = 2,
> > __m_count = 0,
> >     __m_owner = 0xc9f, __m_kind = 0, __m_lock = {__status = 1,
> > __spinlock = 0}},
> >   handleInstanceDestructor = 0xb747f638
> <chanHandleInstanceDestructor>}
> > (gdb) p channel_handle_db->mutex
> > $4 = {__m_reserved = 2, __m_count = 0, __m_owner = 0xc9f, __m_kind =
> 0,
> > __m_lock = {
> >     __status = 1, __spinlock = 0}}
> > (gdb) p channel_handle_db->handles
> > $5 = (struct saHandle *) 0x80bcfd0
> > 
> > As for freeing - yes. The code is basically this (in a while loop):
> > 
> > saEvtEventAllocate
> > saEvtEventAttributesSet
> > saEvtEventPublish  - inside a second while loop looking at AGAIN error
> 
> > - loops a few times saEvtEventFree(event_handle);
> > 
> > Let me know what else I can get for you.
> > 
> > Kristen
> > 
> >        
> 
> 




More information about the Openais mailing list