[19833] in Kerberos_V5_Development
Crash in sendto_kdc.c
daemon@ATHENA.MIT.EDU (mogasale.tech)
Thu Oct 4 08:47:44 2018
MIME-Version: 1.0
From: "mogasale.tech" <mogasale.tech@gmail.com>
Date: Thu, 4 Oct 2018 18:17:06 +0530
Message-ID: <CALwnZ7SEG-VVujU6RS273ap27a1YhKUsN=jmu9rNE5LTYux-bg@mail.gmail.com>
To: kfwdev@mit.edu, krbdev@mit.edu
Content-Type: text/plain; charset="utf-8"
Errors-To: krbdev-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Hi Team,
This is in continuation with below threads:
1.
http://mailman.mit.edu/pipermail/kfwdev/2018-February/date.html
2. http://mailman.mit.edu/pipermail/kfwdev/2018-May/date.html
We could get a crash dump for the scenarios explained above. From the dump,
below are the observations:
1. The crash is happening within “service_tcp_write” function of
“sendto_kdc.c”, while executing the if condition “if ((size_t)nwritten <
SG_LEN(sgp))”.
2. The issue doesn’t happen for all the requests, but is frequent in a
specific environment. We have not been able to determine a specific pattern
yet.
3. The observed values for relevant fields/variables from one of the
dumps are as below, all the dumps have the values in same pattern:
conn.state = WRITING
conn.addr.transport = TCP
conn.addr.family = 2
conn.addr.len = 16
conn.out.sgbuf[0] = {len = 4, buff = ‘\0’}
conn.out.sgbuf[1] = {len = 1882, buff = ‘some data’}
conn.out.sgp = {len=??? buf=??? }
conn.out.sg_count = -10339
conn.out.msg_len_buf = ""
nwritten = 3199132154
From the values above, it looks similar to the second possibility suggested
in http://mailman.mit.edu/pipermail/kfwdev/2018-February/000892.html.
However, we do not have any clue yet on what could be causing this.
Any help on this will be appreciated. Thanks
PS: We are using krb5 tag version 1.16-final (
https://github.com/krb5/krb5/blob/krb5-1.16-final/src/lib/krb5/os/sendto_kdc.c
)
Regards,
Rama
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev