[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#3601) Test 29 fails in HEAD/2.3 with SASL(DIGEST-MD5)



Full_Name: Pierangelo Masarati
Version: HEAD/2.3
OS: Linux (whitebox)
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (81.72.89.40)


When running test029 with SASL enabled (SLAPD_USE_SASL=DIGEST-MD5), the test
fails during an ldapsearch with SASL auth.  The error appears to be inside the
search for auxprop; I'm confident SASL is well-built and configured; in fact,
test028 runs fine with SASL.

[masarati@ando tests]$ SASL_PATH=/usr/local/cyrus-sasl-2.1.20/lib/sasl2/ gdb
../servers/slapd/slapd
GNU gdb Red Hat Linux (6.1post-1.20040607.52rh)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu"...Using host libthread_db
lib
rary "/lib/tls/libthread_db.so.1".

(gdb) r -f testrun/slapd.1.conf -h ldap://:9011 -d 256
Starting program: /home/masarati/Lavoro/sysnet/Ldap/ldap-2.3/servers/slapd/slapd
 -f testrun/slapd.1.conf -h ldap://:9011 -d 256
[Thread debugging using libthread_db enabled]
[New Thread -1218557600 (LWP 3868)]
@(#) $OpenLDAP: slapd 2.3.X (Mar 15 2005 07:42:35) $
        masarati@ando:/home/masarati/Lavoro/sysnet/Ldap/ldap-2.3/servers/slapd
daemon: IPv6 socket() failed errno=97 (Address family not supported by
protocol)
bdb_db_init: Initializing BDB database
16: unknown tls_option <b>
slapd starting
[New Thread -1222054992 (LWP 3871)]
conn=0 fd=15 ACCEPT from IP=127.0.0.1:33064 (IP=0.0.0.0:9011)
[New Thread -1226253392 (LWP 3873)]
conn=0 op=0 BIND dn="" method=163
conn=0 op=1 BIND dn="" method=163

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1226253392 (LWP 3873)]
0x081242f5 in bdb_locker_id (op=0xb6e8d380, env=0x88e5d20, locker=0xb6dcd080)
    at cache.c:1327
1327                            rc = XLOCK_ID( env, &lockid );

The error occurs with HEAD and 2.3 from the CVS; I haven't checked earlier
versions yet, so there might be a regression problem; I also rebuilt everything
with a brand new install of Linux Whitebox, so there might be some issue related
to my system.

A stack backtrace using current (this morning's) 2.3 CVS tree yields

(gdb) thr apply all bt full
Thread 3 (Thread -1226253392 (LWP 3873)):
#0  0x081242f5 in bdb_locker_id (op=0xb6e8d380, env=0x88e5d20, 
    locker=0xb6dcd080) at cache.c:1327
        i = 0
        rc = 1
        lockid = 0
        data = (void *) 0x0
        ctx = (void *) 0xb6e8d900
#1  0x080e5626 in bdb_search (op=0xb6e8d380, rs=0xb6e8d300) at search.c:335
        bdb = (struct bdb_info *) 0x88e1938
        stoptime = 143675512
        id = 3068711344
        cursor = 0
        candidates = {0 <repeats 127950 times>, 132, 3658112, 72, 3658624, 
  143825512, 72, 3658112, 3658184, 49, 143825600, 7, 53, 3658112, 3655832, 0, 
  143825424, 3068698920, 2860484, 3658112, 143825424, 4, 143825528, 32, 32, 
  3658184, 16, 16, 3658184, 0, 3658164, 3658168, 3655832, 3658112, 1, 
  3068698972, 2857721, 3658112, 2855254, 0, 3659136, 3658184, 1033, 72, 9, 
  1037, 3658112, 3655832, 3658112, 1, 3658112, 3655832, 3658112, 143825520, 
  3068699016, 2854936, 3658112, 143825520, 3655832, 3068699092, 1, 3068710568, 
  3180061, 143825520, 256, 3655832, 143825840, 143825840, 143825840, 
  143825840, 11276, 0, 0, 0, 0, 1, 1, 143825520, 1, 1, 143825520, 
  0 <repeats 232 times>, 3068713884, 3068711712, 3068713904, 3068711388, 
  3068700088, 134989687, 134989566, 135916426, 0, 0, 0, 0, 0, 0, 143602104, 
  3068702360, 3068700136, 135916508, 135916374, 134989888, 0, 0, 0, 0, 0, 
  143602104, 0, 3068711712, 3068700184, 134990004, 134989778, 134979937, 
  134989566, 134979161, 134978836, 134979805, 0, 143601960, 143601960, 
  143602104, 3068702408, 134982175, 134979627, 134800410, 1032, 
  0 <repeats 268 times>, 2778875, 0 <repeats 222 times>, 3068702280, 
  135059710, 135058081, 136147044, 0, 0, 0, 0, 0, 3063464972, 0, 0, 0, 0, 
  3063464972, 0, 0, 0, 0, 4294967295, 4294967295, 0, 7, 0, 3068702376, 
  135059710, 135058081, 136147044, 3068702392, 135062514, 135060512, 
  136146645, 3068702360, 3063464980...}
        scopes = {0 <repeats 65536 times>}
        e = (Entry *) 0x0
        base = {e_id = 0, e_name = {bv_len = 0, bv_val = 0x0}, e_nname = {
    bv_len = 0, bv_val = 0x0}, e_attrs = 0x0, e_ocflags = 0, e_bv = {
    bv_len = 0, bv_val = 0x0}, e_private = 0x0}
        e_root = {e_id = 0, e_name = {bv_len = 0, bv_val = 0x0}, e_nname = {
    bv_len = 0, bv_val = 0x0}, e_attrs = 0x0, e_ocflags = 0, e_bv = {
    bv_len = 0, bv_val = 0x0}, e_private = 0x0}
        matched = (Entry *) 0x0
        ei = (EntryInfo *) 0x0
        ei_root = {bei_parent = 0x0, bei_id = 0, bei_lockpad = 0 '\0', 
  bei_state = 0, bei_nrdn = {bv_len = 0, bv_val = 0x0}, bei_e = 0x0, 
  bei_kids = 0x0, bei_kids_mutex = {__m_reserved = 0, __m_count = 0, 
    __m_owner = 0x0, __m_kind = 0, __m_lock = {__status = 0, __spinlock = 0}}, 
  bei_lrunext = 0x0, bei_lruprev = 0x0}
        realbase = {bv_len = 0, bv_val = 0x0}
        mask = 0
        manageDSAit = 0
        tentries = 0
        lastid = 4294967295
        attrs = (AttributeName *) 0x0
        locker = 0
        lock = {off = 0, ndx = 0, gen = 0, mode = DB_LOCK_NG}
        opinfo = (struct bdb_op_info *) 0x0
        ltid = (DB_TXN *) 0x0
#2  0x080d8e39 in over_op_func (op=0xb6e8d380, rs=0xb6e8d300, which=op_search)
    at backover.c:293
        oi = (slap_overinfo *) 0x8905218
        on = (slap_overinst *) 0x0
        func = (BI_op_bind **) 0x8251128
        be = (BackendDB *) 0x8905814
        db = {bd_info = 0x82510fc, 
  be_ctrls = "\000\001\000\000\000\001\000\001\001\001\001", '\0' <repeats 21
times>, "\001", be_flags = 272, be_restrictops = 0, be_requires = 0, 
  be_ssf_set = {sss_ssf = 0, sss_transport = 0, sss_tls = 0, sss_sasl = 0, 
    sss_update_ssf = 0, sss_update_transport = 0, sss_update_tls = 0, 
    sss_update_sasl = 0, sss_simple_bind = 0}, be_suffix = 0x8904f88, 
  be_nsuffix = 0x8904fa0, be_schemadn = {bv_len = 0, bv_val = 0x0}, 
  be_schemandn = {bv_len = 0, bv_val = 0x0}, be_rootdn = {bv_len = 28, 
    bv_val = 0x88e5f10 "cn=Manager,dc=example,dc=com"}, be_rootndn = {
    bv_len = 28, bv_val = 0x89050e0 "cn=manager,dc=example,dc=com"}, 
  be_rootpw = {bv_len = 6, bv_val = 0x88e5f38 "secret"}, 
  be_max_deref_depth = 15, be_def_limit = {lms_t_soft = 3600, lms_t_hard = 0, 
    lms_s_soft = 500, lms_s_hard = 0, lms_s_unchecked = -1, lms_s_pr = 0, 
    lms_s_pr_hide = 0, lms_s_pr_total = 0}, be_limits = 0x0, 
  be_acl = 0x88e6e00, be_dfltaccess = ACL_READ, be_replica = 0x0, 
  be_replogfile = 0x0, be_update_ndn = {bv_len = 0, bv_val = 0x0}, 
  be_update_refs = 0x0, be_pending_csn_list = 0x8913d48, be_pcl_mutex = {
    __m_reserved = 0, __m_count = 0, __m_owner = 0x0, __m_kind = 0, 
    __m_lock = {__status = 0, __spinlock = 0}}, be_pcl_mutexp = 0x89058e4, 
  be_syncinfo = 0x0, be_pb = 0x0, be_cf_table = 0x82526c0, 
  be_private = 0x8904d68}
        cb = {sc_next = 0xb6e8d340, 
  sc_response = 0x80d8b5e <over_back_response>, sc_cleanup = 0, 
  sc_private = 0x8905218}
        rc = 32768
        __PRETTY_FUNCTION__ = "over_op_func"
#3  0x080d8fe2 in over_op_search (op=0xb6e8d380, rs=0xb6e8d300)
    at backover.c:333
No locals.
#4  0x080c7a2d in slap_auxprop_lookup (glob_context=0x0, sparams=0x89296a8, 
    flags=0, user=0x8929581 "bjorn", ulen=5) at sasl.c:308
        rs = {sr_type = REP_RESULT, sr_tag = 0, sr_msgid = 0, sr_err = 0, 
  sr_matched = 0x0, sr_text = 0x0, sr_ref = 0x0, sr_ctrls = 0x0, sr_un = {
    sru_sasl = {r_sasldata = 0x0}, sru_extended = {r_rspoid = 0x0, 
      r_rspdata = 0x0}, sru_search = {r_entry = 0x0, r_attr_flags = 0, 
      r_operational_attrs = 0x0, r_attrs = 0x0, r_nentries = 0, 
      r_v2ref = 0x0}}, sr_flags = 0}
        cb = {sc_next = 0x0, sc_response = 0x80c7249 <sasl_ap_lookup>, 
  sc_cleanup = 0, sc_private = 0xb6e8d360}
        op = {o_hdr = 0x8929e60, o_tag = 99, o_time = 1110871582, 
  o_bd = 0x890561c, o_req_dn = {bv_len = 37, 
    bv_val = 0xb698c414 "uid=bjorn,ou=people,dc=example,dc=com"}, o_req_ndn = {
    bv_len = 37, bv_val = 0xb698c414 "uid=bjorn,ou=people,dc=example,dc=com"}, 
  o_request = {oq_add = {rs_e = 0x0, rs_modlist = 0x0}, oq_bind = {
      rb_method = 0, rb_cred = {bv_len = 0, 
        bv_val = 0x1 <Address 0x1 out of bounds>}, rb_edn = {
        bv_len = 4294967295, bv_val = 0x0}, rb_ssf = 0, rb_tmp_mech = {
        bv_len = 0, bv_val = 0x8250ec8 "\207"}}, oq_compare = {rs_ava = 0x0}, 
    oq_modify = {rs_modlist = 0x0, rs_increment = 0}, oq_modrdn = {
      rs_newrdn = {bv_len = 0, bv_val = 0x0}, rs_nnewrdn = {bv_len = 1, 
        bv_val = 0xffffffff <Address 0xffffffff out of bounds>}, 
      rs_newSup = 0x0, rs_nnewSup = 0x0, rs_deleteoldrdn = 0}, oq_search = {
      rs_scope = 0, rs_deref = 0, rs_slimit = 1, rs_tlimit = -1, 
      rs_limit = 0x0, rs_attrsonly = 0, rs_attrs = 0x0, rs_filter = 0x8250ec8, 
      rs_filterstr = {bv_len = 15, bv_val = 0x81fdf08 "(objectclass=*)"}}, 
    oq_abandon = {rs_msgid = 0}, oq_cancel = {rs_msgid = 0}, oq_extended = {
      rs_reqoid = {bv_len = 0, bv_val = 0x0}, rs_flags = 1, 
      rs_reqdata = 0xffffffff}, oq_pwdexop = {rs_reqoid = {bv_len = 0, 
        bv_val = 0x0}, rs_flags = 1, rs_old = {bv_len = 4294967295, 
        bv_val = 0x0}, rs_new = {bv_len = 0, bv_val = 0x0}, 
      rs_mods = 0x8250ec8, rs_modtail = 0xf}}, o_abandon = 0, o_cancel = 0, 
  o_groups = 0x0, o_do_not_cache = 1 '\001', o_is_auth_check = 1 '\001', 
  o_ctrlflag = '\0' <repeats 31 times>, o_controls = 0x0, o_authz = {
    sai_method = 0, sai_mech = {bv_len = 0, bv_val = 0x0}, sai_dn = {
      bv_len = 0, bv_val = 0x0}, sai_ndn = {bv_len = 0, bv_val = 0x0}, 
    sai_ssf = 0, sai_transport_ssf = 0, sai_tls_ssf = 0, sai_sasl_ssf = 0}, 
  o_ber = 0x0, o_res_ber = 0x0, o_callback = 0xb6e8d1a0, o_ctrls = 0x0, 
  o_private = 0x0, o_next = {stqe_next = 0x0}, o_nocaching = 0, 
  o_delete_glue_parent = 0}
        i = 0
        doit = 1
        conn = (Connection *) 0xb72904a8
        sl = {flags = 0, list = 0x892a99c, sparams = 0x89296a8}
#5  0x00f57f16 in _sasl_auxprop_lookup (sparams=0x89296a8, flags=0, 
    user=0x8929581 "bjorn", ulen=5) at auxprop.c:870
        getopt = (sasl_getopt_t *) 0xf5eaef <_sasl_conn_getopt>
        ret = -1
        found = 1
        context = (void *) 0x8928b70
        plist = 0x0
        ptr = (auxprop_plug_list_t *) 0x88bb3a8
#6  0x00f58896 in _sasl_canon_user (conn=0x8928b70, user=0x8929581 "bjorn", 
    ulen=5, flags=1, oparams=0x89293d0) at canonusr.c:190
        ptr = (canonuser_plug_list_t *) 0x88bb490
        sconn = (sasl_server_conn_t *) 0x8928b70
        cconn = (sasl_client_conn_t *) 0x0
        cuser_cb = (sasl_canon_user_t *) 0x80c8194 <slap_sasl_canonicalize>
        getopt = (sasl_getopt_t *) 0xf5eaef <_sasl_conn_getopt>
        context = (void *) 0x8928b70
        result = 0
        plugin_name = 0xf6a576 "INTERNAL"
        user_buf = 0x8929581 "bjorn"
        lenp = (unsigned int *) 0x89293e0
#7  0x009a5243 in digestmd5_server_mech_step2 (stext=0x8929fd8, 
    sparams=0x89296a8, 
    clientin=0x892a25f
"username=\"bjorn\",realm=\"ando\",nonce=\"2+aYAZz6kMlfB0
mwgieAMX+a0mzABTsrvkb8nzZ0UXo=\",cnonce=\"jzTq2KXfBxpwR7j1SYVDMMmORQVEz+s9C9MsCnK2onU=\",nc=00000001,qop=auth-conf,cipher=\"rc4\",maxbuf=65536,digest-uri="...,
clientinlen=253, serverout=0xb6e8d744, serveroutlen=0xb6e8d73c, 
    oparams=0x89293d0) at digestmd5.c:2278
        text = (context_t *) 0x8929fd8
        sec = (sasl_secret_t *) 0x0
        result = 0
        serverresponse = 0x0
        username = 0x8929fb8 "bjorn"
        authorization_id = 0x0
        realm = 0x892a0b0 "ando"
        nonce = (
    unsigned char *) 0x891f650 "2+aYAZz6kMlfB0mwgieAMX+a0mzABTsrvkb8nzZ0UXo="
        cnonce = (
    unsigned char *) 0x892a490 "jzTq2KXfBxpwR7j1SYVDMMmORQVEz+s9C9MsCnK2onU="
        noncecount = 1
        qop = 0x892a0c0 "auth-conf"
        digesturi = 0x892a4d8 "ldap/ando"
        response = 0x892a4e8 "f4548781af3f7bd5ae622272860ad716"
        client_maxbuf = 65536
        maxbuf_count = 1
        charset = 0x0
        cipher = 0x892a4c8 "rc4"
        n = 0
        Secret = "\000\000\000\000JR&#65533;\000\220F&#65533;\000\2207&#65533;\000\b"
        password_request = {0x9ab605 "*userPassword", 
  0x9ab613 "*cmusaslsecretDIGEST-MD5", 0x0}
        len = 10622081
        auxprop_values = {{name = 0x37d180 "", values = 0x892a500, 
    nvalues = 3655832, valsize = 3068712488}, {name = 0xb6e8d648 "", 
    values = 0xb6e8d7a4, nvalues = 3279683, valsize = 143828224}}
        in_start = 0x892a388 "username"
        in = 0x892a485 ""
#8  0x009a619d in digestmd5_server_mech_step (conn_context=0x8929fd8, 
    sparams=0x89296a8, 
    clientin=0x892a25f
"username=\"bjorn\",realm=\"ando\",nonce=\"2+aYAZz6kMlfB0mwgieAMX+a0mzABTsrvkb8nzZ0UXo=\",cnonce=\"jzTq2KXfBxpwR7j1SYVDMMmORQVEz+s9C9MsCnK2onU=\",nc=00000001,qop=auth-conf,cipher=\"rc4\",maxbuf=65536,digest-uri="...,
clientinlen=253, serverout=0xb6e8d744, serveroutlen=0xb6e8d73c, 
    oparams=0x89293d0) at digestmd5.c:2666
        text = (context_t *) 0x8929fd8
        stext = (server_context_t *) 0x8929fd8
#9  0x00f6656d in sasl_server_step (conn=0x8928b70, 
    clientin=0x892a25f
"username=\"bjorn\",realm=\"ando\",nonce=\"2+aYAZz6kMlfB0mwgieAMX+a0mzABTsrvkb8nzZ0UXo=\",cnonce=\"jzTq2KXfBxpwR7j1SYVDMMmORQVEz+s9C9MsCnK2onU=\",nc=00000001,qop=auth-conf,cipher=\"rc4\",maxbuf=65536,digest-uri="...,

clientinlen=253, serverout=0xb6e8d744, serveroutlen=0xb6e8d73c)
    at server.c:1408
        ret = 16147462
        s_conn = (sasl_server_conn_t *) 0x8928b70
#10 0x080c9a6f in slap_sasl_bind (op=0x8929d98, rs=0xb6e8d870) at sasl.c:1214
        ctx = (sasl_conn_t *) 0x8928b70
        response = {bv_len = 135939331, bv_val = 0x0}
        reslen = 0
        sc = -1226254504
#11 0x08099320 in fe_op_bind (op=0x8929d98, rs=0xb6e8d870) at bind.c:280
        mech = {bv_len = 10, bv_val = 0x892a252 "DIGEST-MD5"}
#12 0x08098f1e in do_bind (op=0x8929d98, rs=0xb6e8d870) at bind.c:204
        ber = (BerElement *) 0x8924750
        version = 3
        method = 163
        mech = {bv_len = 10, bv_val = 0x892a252 "DIGEST-MD5"}
        dn = {bv_len = 0, bv_val = 0x892a24c ""}
        tag = 0
        be = (Backend *) 0x0
#13 0x080766c5 in connection_operation (ctx=0xb6e8d900, arg_v=0x8929d98)
    at connection.c:1038
        rc = 80
        op = (Operation *) 0x8929d98
        rs = {sr_type = REP_RESULT, sr_tag = 0, sr_msgid = 0, sr_err = 0, 
  sr_matched = 0x0, sr_text = 0x0, sr_ref = 0x0, sr_ctrls = 0x0, sr_un = {
    sru_sasl = {r_sasldata = 0x0}, sru_extended = {r_rspoid = 0x0, 
      r_rspdata = 0x0}, sru_search = {r_entry = 0x0, r_attr_flags = 0, 
      r_operational_attrs = 0x0, r_attrs = 0x0, r_nentries = 0, 
      r_v2ref = 0x0}}, sr_flags = 0}
        tag = 96
        opidx = 0
        conn = (Connection *) 0xb72904a8
        memctx = (void *) 0x8929f90
        memctx_null = (void *) 0x0
        memsiz = 1048576
        __PRETTY_FUNCTION__ = "connection_operation"
#14 0x081a330f in ldap_int_thread_pool_wrapper (xpool=0x88bb088) at tpool.c:479
        pool = (struct ldap_int_thread_pool_s *) 0x88bb088
        ctx = (ldap_int_thread_ctx_t *) 0x8928840
        ltc_key = {{ltk_key = 0x80ccceb, ltk_data = 0x8929f90, 
    ltk_free = 0x80ccaf0 <slap_sl_mem_destroy>}, {ltk_key = 0x0, 
    ltk_data = 0x0, ltk_free = 0} <repeats 31 times>}
        tid = 3068713904
        i = 809
        keyslot = 809
        hash = 809
#15 0x0071ddec in start_thread () from /lib/tls/libpthread.so.0
No symbol table info available.
#16 0x00324a2a in clone () from /lib/tls/libc.so.6
No symbol table info available.

Thread 2 (Thread -1222054992 (LWP 3871)):
#0  0x0031dcb7 in ___newselect_nocancel () from /lib/tls/libc.so.6
No symbol table info available.
#1  0x08072ff2 in slapd_daemon_task (ptr=0x0) at daemon.c:1697
        i = 16
        nrfds = 0
        tdelta = 1
        ns = 0
        now = 1110871582
        tvp = (struct timeval *) 0x0
        cat = (struct timeval *) 0x0
        nwriters = 0
        readfds = {__fds_bits = {37120, 0 <repeats 127 times>}}
        writefds = {__fds_bits = {0 <repeats 128 times>}}
        tv = {tv_sec = 0, tv_usec = 0}
        rtask = (struct re_s *) 0x0
        at = 0
        nfds = 16
        nwfds = 0
        l = 1
        last_idle_check = 0
        idle = {tv_sec = 0, tv_usec = 0}
        ebadf = 0
#2  0x0071ddec in start_thread () from /lib/tls/libpthread.so.0
No symbol table info available.
#3  0x00324a2a in clone () from /lib/tls/libc.so.6
No symbol table info available.

Thread 1 (Thread -1218557600 (LWP 3868)):
#0  0x0071ec78 in pthread_join () from /lib/tls/libpthread.so.0
No symbol table info available.
#1  0x081a41f8 in ldap_pvt_thread_join (thread=3072912304, thread_return=0x0)
    at thr_posix.c:165
No locals.
#2  0x08073bfe in slapd_daemon () at daemon.c:2048
        listener_tid = 3072912304
        rc = 0
#3  0x0806390f in main (argc=7, argv=0xbfffa464) at main.c:770
        i = 7
        no_detach = 1
        rc = 0
        urls = 0x88ae040 "ldap://:9011";
        username = 0x0
        groupname = 0x0
        sandbox = 0x0
        syslogUser = 160
        g_argc = 7
        g_argv = (char **) 0xbfffa464
        configfile = 0x88ae020 "testrun/slapd.1.conf"
        serverName = 0xbfffe96a "slapd"
        serverMode = 1
        scp = (struct sync_cookie *) 0x0
        scp_entry = (struct sync_cookie *) 0x0
        serverNamePrefix = 0x81e866b ""
        l = 2437324
        __PRETTY_FUNCTION__ = "main"
0x081242f5      1327                            rc = XLOCK_ID( env, &lockid );