Crash in sendto_kdc.c at
Thu Oct 4 08:47:06 EDT 2018

Hi Team,

This is in continuation with below threads:



We could get a crash dump for the scenarios explained above. From the dump,
below are the observations:

   1. The crash is happening within “service_tcp_write” function of
   “sendto_kdc.c”, while executing the if condition “if ((size_t)nwritten <
   2. The issue doesn’t happen for all the requests, but is frequent in a
   specific environment. We have not been able to determine a specific pattern
   3. The observed values for relevant fields/variables from one of the
   dumps are as below, all the dumps have the values in same pattern:

conn.state = WRITING

conn.addr.transport = TCP = 2

conn.addr.len = 16

conn.out.sgbuf[0] = {len = 4, buff = ‘\0’}

conn.out.sgbuf[1] = {len = 1882, buff = ‘some data’}

conn.out.sgp = {len=??? buf=??? }

conn.out.sg_count = -10339

conn.out.msg_len_buf = ""

nwritten = 3199132154

>From the values above, it looks similar to the second possibility suggested
However, we do not have any clue yet on what could be causing this.

Any help on this will be appreciated. Thanks

PS: We are using krb5 tag version 1.16-final (



More information about the krbdev mailing list