[Nut-upsuser] newhidups crashes intermittently (double free or corruption)

Arnaud Quette aquette.dev at gmail.com
Wed Apr 5 07:15:59 UTC 2006 

hi Nick,

2006/4/4, Nick Rosier <nick.rosier at gmail.com>:
> On 4/4/06, Nick Rosier <nick.rosier at gmail.com> wrote:
> > On 4/4/06, Charles Lepple <clepple at gmail.com> wrote:
> > > On 4/4/06, Nick Rosier <nick.rosier at gmail.com> wrote:
> > > > *** glibc detected *** /usr/lib/nut/newhidups: double free or
> > > > corruption (fasttop): 0x08066f10 ***
> > >
> > > Unfortunately, this address doesn't help unless you have debugging
> > > symbols for the newhidups driver. Is this compiled from a Gentoo
> > > package, or straight from source?
> >
> > It's built from an "unofficial" ebuild. I've just compiled it now and
> > copied newhidups to a safe location before it got stripped. I'll try
> > running that and see if I can get some more information.
> >
> > > Also, does the driver dump core?
> >
> > Coredumping is enabled but no coredump was created :-(
>
> Again, with an unstripped version of newhidups. But it doesn't seem to
> give more information; no core dump either. Anything else I can try?
> Strace it and hope the file doesn't fill up my disk :-)
>
> =>Got 2 HID Objects...
> upsdrv_updateinfo...
>
> =>Got 2 HID Objects...
> upsdrv_updateinfo...
> upsdrv_updateinfo...
>
> =>Got 2 HID Objects...
> upsdrv_updateinfo...
> upsdrv_updateinfo...
> upsdrv_updateinfo...
>
> =>Got to reconnect!
>
> *** glibc detected *** ./newhidups: double free or corruption
> (fasttop): 0x0806be50 ***

* this problem is known:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=354305

* this is linked to the reconnexion mechanism, and has appeared since
the add of mfrs other than MGE since it wasn't present before (maybe
sits inside the libusb/usb_close() function).

* It's also easy to reproduce (tested on 2.0.3 and trunk):
1) launch newhidups, and wait for some notification
2) unplug the usb cord and wait a bit... you got it!

* a gdb trace (won't tell much without compiling libusb in debug mode!):
...
=>Got to reconnect!

==================================================
= device has been disconnected, try to reconnect =
==================================================
Closing device
*** glibc detected *** double free or corruption (fasttop): 0x0806a5e0 ***

Program received signal SIGABRT, Aborted.
0xb7e3ba97 in raise () from /lib/tls/libc.so.6
(gdb) bt
#0  0xb7e3ba97 in raise () from /lib/tls/libc.so.6
#1  0xb7e3d329 in abort () from /lib/tls/libc.so.6
#2  0xb7e6f896 in __fsetlocking () from /lib/tls/libc.so.6
#3  0xb7e75fcf in malloc_usable_size () from /lib/tls/libc.so.6
#4  0xb7e7636a in free () from /lib/tls/libc.so.6
#5  0xb7f437a7 in usb_close () from /lib/libusb-0.1.so.4
#6  0x08050e85 in libusb_close ()
#7  0x0804ffd2 in HIDCloseDevice ()
#8  0x0804ab06 in reconnect_ups ()
#9  0x0804a022 in upsdrv_updateinfo ()
#10 0x0804bc4f in main ()

I'll investigate it and get back asap.

Arnaud
--
Linux / Unix Expert - MGE UPS SYSTEMS - R&D Dpt
Network UPS Tools (NUT) Project Leader - http://www.networkupstools.org/
Debian Developer - http://people.debian.org/~aquette/
OpenSource Developer - http://arnaud.quette.free.fr/

More information about the Nut-upsuser mailing list