With test050 and defined(HAVE_EPOLL), valgrind sometimes reports invalid reads/writes in slapd_daemon_task(). Maybe that clobbers some memory (like the garbage contextCSN mentioned previously).
Turning SLAP_EPOLL_SOCK_SET(s, mode) into a function shows that s == 9 but SLAP_EPOLL_SOCK_IX(s) == -1, so slap_daemon.sd_epolls[] gets a negative index.
I don't know where to go from there. Maybe hangup (below) doesn't clean up after itself.
static void SLAP_EPOLL_SOCK_SET(int s, long mode) { long ix = SLAP_EPOLL_SOCK_IX(s); assert(ix >= 0); long ev = (slap_daemon.sd_epolls[ix]).events; if ( (ev & (mode)) != (mode) ) { SLAP_EPOLL_SOCK_EV(s) |= (mode); epoll_ctl( slap_daemon.sd_epfd, EPOLL_CTL_MOD, (s), &SLAP_EPOLL_SOCK_EP(s) ); } }
(gdb) thread 3 [Switching to thread 3 (process 3915)]#3 0x0000000000419b9c in SLAP_EPOLL_SOCK_SET (s=9, mode=-2147483648) at daemon.c:181 181 assert(ix >= 0); (gdb) backtrace #0 0x000000350e230215 in raise () from /lib64/libc.so.6 #1 0x000000350e231cc0 in abort () from /lib64/libc.so.6 #2 0x000000350e229696 in __assert_fail () from /lib64/libc.so.6 #3 0x0000000000419b9c in SLAP_EPOLL_SOCK_SET (s=9, mode=-2147483648) at daemon.c:181 #4 0x000000000041ef40 in slapd_daemon_task (ptr=0x0) at daemon.c:2557 #5 0x000000350ee06367 in start_thread () from /lib64/libpthread.so.0 (gdb) frame 3 #3 0x0000000000419b9c in SLAP_EPOLL_SOCK_SET (s=9, mode=-2147483648) at daemon.c:181 181 assert(ix >= 0);
(gdb) print ix $9 = -1 (gdb) print *slap_daemon.sd_index@128 $10 = {-1, -1, -1, -1, 0, -1, -1, 1, -1 <repeats 120 times>}
(gdb) up #4 0x000000000041ef40 in slapd_daemon_task (ptr=0x0) at daemon.c:2557 2557 SLAP_EPOLL_SOCK_SET( fd, EPOLLET ); (gdb) list 2552 Debug( LDAP_DEBUG_CONNS, 2553 "daemon: hangup on %d\n", fd, 0, 0 ); 2554 #ifdef HAVE_EPOLL 2555 /* Don't keep reporting the hangup 2556 */ 2557 SLAP_EPOLL_SOCK_SET( fd, EPOLLET ); 2558 #endif