You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zookeeper.apache.org by "jiang guangran (JIRA)" <ji...@apache.org> on 2011/06/23 08:15:47 UTC
[jira] [Created] (ZOOKEEPER-1106) mt c client core when create
node
mt c client core when create node
----------------------------------
Key: ZOOKEEPER-1106
URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1106
Project: ZooKeeper
Issue Type: Bug
Components: c client
Affects Versions: 3.3.2
Reporter: jiang guangran
in deserialize_CreateResponse
rc = rc ? : in->deserialize_String(in, "path", &v->path);
in deserialize_String
len = -1
so v->path is uninitialised, and free, so core
do_io thread
#0 0x00000039fb030265 in raise () from /lib64/libc.so.6
#1 0x00000039fb031d10 in abort () from /lib64/libc.so.6
#2 0x00000039fb06a84b in __libc_message () from /lib64/libc.so.6
#3 0x00000039fb0722ef in _int_free () from /lib64/libc.so.6
#4 0x00000039fb07273b in free () from /lib64/libc.so.6
#5 0x00002b0afd755dd1 in deallocate_String (s=0x5a490f40) at src/recordio.c:29
#6 0x00002b0afd754ade in zookeeper_process (zh=0x131e3870, events=<value optimized out>) at src/zookeeper.c:2071
#7 0x00002b0afd75b2ef in do_io (v=<value optimized out>) at src/mt_adaptor.c:310
#8 0x00000039fb8064a7 in start_thread () from /lib64/libpthread.so.0
#9 0x00000039fb0d3c2d in clone () from /lib64/libc.so.6
create_node thread
#0 0x00000039fb80ab99 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
#1 0x00002b0afd75af5c in wait_sync_completion (sc=0x131e4c90) at src/mt_adaptor.c:82
#2 0x00002b0afd751750 in zoo_create (zh=0x131e3870, path=0x13206fa8 "/jsq/zr2/hb/10.250.8.139:8102",
value=0x131e86a8 "\n\021\061\060.250.8.139:8102\022\035/home/shaoqiang/workdir2/qrs/\030\001 \001*%\n\020\n",
valuelen=102, acl=0x2b0afd961700, flags=1, path_buffer=0x0, path_buffer_len=0) at src/zookeeper.c:3028
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (ZOOKEEPER-1106) mt c client core when create
node
Posted by "zhang yafei (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-1106?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13098552#comment-13098552 ]
zhang yafei commented on ZOOKEEPER-1106:
----------------------------------------
i met the same core dump today.
if *s in ia_deserialize_string was inialized in any case, things will get better.
a patch (based on r1163106) may help:
--- recordio.c (revision 1165953)
+++ recordio.c (working copy)
@@ -266,6 +266,7 @@
return -E2BIG;
}
if (len < 0) {
+ *s = NULL;
return -EINVAL;
}
*s = malloc(len+1);
> mt c client core when create node
> ----------------------------------
>
> Key: ZOOKEEPER-1106
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1106
> Project: ZooKeeper
> Issue Type: Bug
> Components: c client
> Affects Versions: 3.3.2
> Reporter: jiang guangran
> Attachments: patch.txt
>
>
> in deserialize_CreateResponse
> rc = rc ? : in->deserialize_String(in, "path", &v->path);
> in deserialize_String
> len = -1
> so v->path is uninitialised, and free, so core
> do_io thread
> #0 0x00000039fb030265 in raise () from /lib64/libc.so.6
> #1 0x00000039fb031d10 in abort () from /lib64/libc.so.6
> #2 0x00000039fb06a84b in __libc_message () from /lib64/libc.so.6
> #3 0x00000039fb0722ef in _int_free () from /lib64/libc.so.6
> #4 0x00000039fb07273b in free () from /lib64/libc.so.6
> #5 0x00002b0afd755dd1 in deallocate_String (s=0x5a490f40) at src/recordio.c:29
> #6 0x00002b0afd754ade in zookeeper_process (zh=0x131e3870, events=<value optimized out>) at src/zookeeper.c:2071
> #7 0x00002b0afd75b2ef in do_io (v=<value optimized out>) at src/mt_adaptor.c:310
> #8 0x00000039fb8064a7 in start_thread () from /lib64/libpthread.so.0
> #9 0x00000039fb0d3c2d in clone () from /lib64/libc.so.6
> create_node thread
> #0 0x00000039fb80ab99 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
> #1 0x00002b0afd75af5c in wait_sync_completion (sc=0x131e4c90) at src/mt_adaptor.c:82
> #2 0x00002b0afd751750 in zoo_create (zh=0x131e3870, path=0x13206fa8 "/jsq/zr2/hb/10.250.8.139:8102",
> value=0x131e86a8 "\n\021\061\060.250.8.139:8102\022\035/home/shaoqiang/workdir2/qrs/\030\001 \001*%\n\020\n",
> valuelen=102, acl=0x2b0afd961700, flags=1, path_buffer=0x0, path_buffer_len=0) at src/zookeeper.c:3028
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (ZOOKEEPER-1106) mt c client core when create
node
Posted by "zhang yafei (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-1106?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13098553#comment-13098553 ]
zhang yafei commented on ZOOKEEPER-1106:
----------------------------------------
sorry, the patch(above) format is incorrect.
--- recordio.c (revision 1165953)
+++ recordio.c (working copy)
@@ -266,6 +266,7 @@
return -E2BIG;
}
if (len < 0) {
+ *s = NULL;
return -EINVAL;
}
*s = malloc(len+1);
> mt c client core when create node
> ----------------------------------
>
> Key: ZOOKEEPER-1106
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1106
> Project: ZooKeeper
> Issue Type: Bug
> Components: c client
> Affects Versions: 3.3.2
> Reporter: jiang guangran
> Attachments: patch.txt
>
>
> in deserialize_CreateResponse
> rc = rc ? : in->deserialize_String(in, "path", &v->path);
> in deserialize_String
> len = -1
> so v->path is uninitialised, and free, so core
> do_io thread
> #0 0x00000039fb030265 in raise () from /lib64/libc.so.6
> #1 0x00000039fb031d10 in abort () from /lib64/libc.so.6
> #2 0x00000039fb06a84b in __libc_message () from /lib64/libc.so.6
> #3 0x00000039fb0722ef in _int_free () from /lib64/libc.so.6
> #4 0x00000039fb07273b in free () from /lib64/libc.so.6
> #5 0x00002b0afd755dd1 in deallocate_String (s=0x5a490f40) at src/recordio.c:29
> #6 0x00002b0afd754ade in zookeeper_process (zh=0x131e3870, events=<value optimized out>) at src/zookeeper.c:2071
> #7 0x00002b0afd75b2ef in do_io (v=<value optimized out>) at src/mt_adaptor.c:310
> #8 0x00000039fb8064a7 in start_thread () from /lib64/libpthread.so.0
> #9 0x00000039fb0d3c2d in clone () from /lib64/libc.so.6
> create_node thread
> #0 0x00000039fb80ab99 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
> #1 0x00002b0afd75af5c in wait_sync_completion (sc=0x131e4c90) at src/mt_adaptor.c:82
> #2 0x00002b0afd751750 in zoo_create (zh=0x131e3870, path=0x13206fa8 "/jsq/zr2/hb/10.250.8.139:8102",
> value=0x131e86a8 "\n\021\061\060.250.8.139:8102\022\035/home/shaoqiang/workdir2/qrs/\030\001 \001*%\n\020\n",
> valuelen=102, acl=0x2b0afd961700, flags=1, path_buffer=0x0, path_buffer_len=0) at src/zookeeper.c:3028
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (ZOOKEEPER-1106) mt c client core when create
node
Posted by "zhang yafei (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-1106?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
zhang yafei updated ZOOKEEPER-1106:
-----------------------------------
Attachment: patch.txt
> mt c client core when create node
> ----------------------------------
>
> Key: ZOOKEEPER-1106
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1106
> Project: ZooKeeper
> Issue Type: Bug
> Components: c client
> Affects Versions: 3.3.2
> Reporter: jiang guangran
> Attachments: patch.txt
>
>
> in deserialize_CreateResponse
> rc = rc ? : in->deserialize_String(in, "path", &v->path);
> in deserialize_String
> len = -1
> so v->path is uninitialised, and free, so core
> do_io thread
> #0 0x00000039fb030265 in raise () from /lib64/libc.so.6
> #1 0x00000039fb031d10 in abort () from /lib64/libc.so.6
> #2 0x00000039fb06a84b in __libc_message () from /lib64/libc.so.6
> #3 0x00000039fb0722ef in _int_free () from /lib64/libc.so.6
> #4 0x00000039fb07273b in free () from /lib64/libc.so.6
> #5 0x00002b0afd755dd1 in deallocate_String (s=0x5a490f40) at src/recordio.c:29
> #6 0x00002b0afd754ade in zookeeper_process (zh=0x131e3870, events=<value optimized out>) at src/zookeeper.c:2071
> #7 0x00002b0afd75b2ef in do_io (v=<value optimized out>) at src/mt_adaptor.c:310
> #8 0x00000039fb8064a7 in start_thread () from /lib64/libpthread.so.0
> #9 0x00000039fb0d3c2d in clone () from /lib64/libc.so.6
> create_node thread
> #0 0x00000039fb80ab99 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
> #1 0x00002b0afd75af5c in wait_sync_completion (sc=0x131e4c90) at src/mt_adaptor.c:82
> #2 0x00002b0afd751750 in zoo_create (zh=0x131e3870, path=0x13206fa8 "/jsq/zr2/hb/10.250.8.139:8102",
> value=0x131e86a8 "\n\021\061\060.250.8.139:8102\022\035/home/shaoqiang/workdir2/qrs/\030\001 \001*%\n\020\n",
> valuelen=102, acl=0x2b0afd961700, flags=1, path_buffer=0x0, path_buffer_len=0) at src/zookeeper.c:3028
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (ZOOKEEPER-1106) mt c client core when create
node
Posted by "jiang guangran (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-1106?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13056964#comment-13056964 ]
jiang guangran commented on ZOOKEEPER-1106:
-------------------------------------------
the bug https://issues.apache.org/jira/browse/ZOOKEEPER-1090 leads to data not same
CreateTxn createTxn = (CreateTxn) txn;
debug = "Create transaction for " + createTxn.getPath();
createNode(
createTxn.getPath(),
createTxn.getData(),
createTxn.getAcl(),
createTxn.getEphemeral() ? header.getClientId() : 0,
header.getZxid(), header.getTime());
rc.path = createTxn.getPath();
createNode in follower throw KeeperException.NodeExistsException
let rc.path=null rc.err = 0
int mt c client
int ia_deserialize_string(struct iarchive *ia, const char *name, char **s)
{
struct buff_struct *priv = ia->priv;
int32_t len;
int rc = ia_deserialize_int(ia, "len", &len);
if (rc < 0)
return rc;
if ((priv->len - priv->off) < len) {
LOG_ERROR(("Invalid length and offset: %d - %d < %d",
priv->len, priv->off, len ));
return -E2BIG;
}
if (len < 0) {
LOG_ERROR(("Invalid length: %d", len));
return -EINVAL;
}
*s = malloc(len+1);
if (!*s) {
return -ENOMEM;
}
memcpy(*s, priv->buffer+priv->off, len);
(*s)[len] = '\0';
priv->off += len;
return 0;
}
len = -1 so *s is not initialized, random value
free(*s) lead to core
> mt c client core when create node
> ----------------------------------
>
> Key: ZOOKEEPER-1106
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1106
> Project: ZooKeeper
> Issue Type: Bug
> Components: c client
> Affects Versions: 3.3.2
> Reporter: jiang guangran
>
> in deserialize_CreateResponse
> rc = rc ? : in->deserialize_String(in, "path", &v->path);
> in deserialize_String
> len = -1
> so v->path is uninitialised, and free, so core
> do_io thread
> #0 0x00000039fb030265 in raise () from /lib64/libc.so.6
> #1 0x00000039fb031d10 in abort () from /lib64/libc.so.6
> #2 0x00000039fb06a84b in __libc_message () from /lib64/libc.so.6
> #3 0x00000039fb0722ef in _int_free () from /lib64/libc.so.6
> #4 0x00000039fb07273b in free () from /lib64/libc.so.6
> #5 0x00002b0afd755dd1 in deallocate_String (s=0x5a490f40) at src/recordio.c:29
> #6 0x00002b0afd754ade in zookeeper_process (zh=0x131e3870, events=<value optimized out>) at src/zookeeper.c:2071
> #7 0x00002b0afd75b2ef in do_io (v=<value optimized out>) at src/mt_adaptor.c:310
> #8 0x00000039fb8064a7 in start_thread () from /lib64/libpthread.so.0
> #9 0x00000039fb0d3c2d in clone () from /lib64/libc.so.6
> create_node thread
> #0 0x00000039fb80ab99 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
> #1 0x00002b0afd75af5c in wait_sync_completion (sc=0x131e4c90) at src/mt_adaptor.c:82
> #2 0x00002b0afd751750 in zoo_create (zh=0x131e3870, path=0x13206fa8 "/jsq/zr2/hb/10.250.8.139:8102",
> value=0x131e86a8 "\n\021\061\060.250.8.139:8102\022\035/home/shaoqiang/workdir2/qrs/\030\001 \001*%\n\020\n",
> valuelen=102, acl=0x2b0afd961700, flags=1, path_buffer=0x0, path_buffer_len=0) at src/zookeeper.c:3028
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (ZOOKEEPER-1106) mt c client core when create
node
Posted by "jiang guangran (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-1106?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13056962#comment-13056962 ]
jiang guangran commented on ZOOKEEPER-1106:
-------------------------------------------
the DataTree of follower and leader are not same
follower:
cZxid = 0xd020d24e9
ctime = Tue Jun 28 20:44:30 CST 2011
mZxid = 0xd02136bab
mtime = Wed Jun 29 10:30:34 CST 2011
pZxid = 0xd020d24e9
cversion = 0
dataVersion = 1
aclVersion = 0
ephemeralOwner = 0x330d6478acd0000
dataLength = 107
numChildren = 0
leader:
cZxid = 0xd02136b49
ctime = Wed Jun 29 10:30:23 CST 2011
mZxid = 0xd02136b59
mtime = Wed Jun 29 10:30:23 CST 2011
pZxid = 0xd02136b49
cversion = 0
dataVersion = 1
aclVersion = 0
ephemeralOwner = 0x330d93ba7bb000c
dataLength = 107
numChildren = 0
> mt c client core when create node
> ----------------------------------
>
> Key: ZOOKEEPER-1106
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1106
> Project: ZooKeeper
> Issue Type: Bug
> Components: c client
> Affects Versions: 3.3.2
> Reporter: jiang guangran
>
> in deserialize_CreateResponse
> rc = rc ? : in->deserialize_String(in, "path", &v->path);
> in deserialize_String
> len = -1
> so v->path is uninitialised, and free, so core
> do_io thread
> #0 0x00000039fb030265 in raise () from /lib64/libc.so.6
> #1 0x00000039fb031d10 in abort () from /lib64/libc.so.6
> #2 0x00000039fb06a84b in __libc_message () from /lib64/libc.so.6
> #3 0x00000039fb0722ef in _int_free () from /lib64/libc.so.6
> #4 0x00000039fb07273b in free () from /lib64/libc.so.6
> #5 0x00002b0afd755dd1 in deallocate_String (s=0x5a490f40) at src/recordio.c:29
> #6 0x00002b0afd754ade in zookeeper_process (zh=0x131e3870, events=<value optimized out>) at src/zookeeper.c:2071
> #7 0x00002b0afd75b2ef in do_io (v=<value optimized out>) at src/mt_adaptor.c:310
> #8 0x00000039fb8064a7 in start_thread () from /lib64/libpthread.so.0
> #9 0x00000039fb0d3c2d in clone () from /lib64/libc.so.6
> create_node thread
> #0 0x00000039fb80ab99 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
> #1 0x00002b0afd75af5c in wait_sync_completion (sc=0x131e4c90) at src/mt_adaptor.c:82
> #2 0x00002b0afd751750 in zoo_create (zh=0x131e3870, path=0x13206fa8 "/jsq/zr2/hb/10.250.8.139:8102",
> value=0x131e86a8 "\n\021\061\060.250.8.139:8102\022\035/home/shaoqiang/workdir2/qrs/\030\001 \001*%\n\020\n",
> valuelen=102, acl=0x2b0afd961700, flags=1, path_buffer=0x0, path_buffer_len=0) at src/zookeeper.c:3028
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira