[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4179) slapd-meta seg faults if a time attribute is mal formed



This is a multipart message in MIME format.
--=_alternative 00313D1FC12570C1_=
Content-Type: text/plain; charset="us-ascii"

Now I use OpenLdap 2.3.12 (which includes the fix to the ITS 4107), but my 
problem is not fixed yet.
I remark that the seg fault happens randomly at two different points.
I attach the back trace of each case.
Best Regards
Ali Pouya

Case 1 :
(gdb) bt
#0  0x0811cdde in ber_bvarray_free_x (a=0x7373616c, ctx=0x0) at 
memory.c:757
#1  0x0811ce30 in ber_bvarray_free (a=0x7373616c) at memory.c:771
#2  0x08060263 in attr_free (a=0x8f55370) at attr.c:64
#3  0x080bc18f in meta_back_search (op=0x8f54cf8, rs=0xb7698230) at 
search.c:1075
#4  0x0805bb82 in fe_op_search (op=0x8f54cf8, rs=0xb7698230) at 
search.c:349
#5  0x0805b489 in do_search (op=0x8f54cf8, rs=0xb7698230) at search.c:219
#6  0x0805a321 in connection_operation (ctx=0xb76982b0, arg_v=0x8f54cf8) 
at connection.c:1061
#7  0x081018c9 in ldap_int_thread_pool_wrapper (xpool=0x8ed3b20) at 
tpool.c:485
#8  0x007c1341 in start_thread (arg=0xb7698bb0) at pthread_create.c:261
#9  0x002a5fee in ?? () from /lib/tls/libc.so.6

--------------------------------------------------------------

Case 2)

(gdb) bt
#0  0x080fdc6f in avl_insert (root=0x85ff2f8, data=0x866a068, 
fcmp=0x80e6e9c <meta_dncache_cmp>,
    fdup=0x80e6ee0 <meta_dncache_dup>) at avl.c:121
#1  0x080e70be in meta_dncache_update_entry (cache=0x85ff2e0, 
ndn=0xb7b98dcc, target=0)
    at dncache.c:190
#2  0x080e1bb9 in meta_back_single_bind (op=0xb7b98db0, rs=0xb7b9a230, 
mc=0x8669d48, candidate=0)
    at bind.c:442
#3  0x080e2c41 in meta_back_dobind (op=0x86590e0, rs=0xb7b9a230, 
mc=0x8669d48,
    sendok=LDAP_BACK_SENDERR) at bind.c:692
#4  0x080ba910 in meta_back_search (op=0x86590e0, rs=0xb7b9a230) at 
search.c:262
#5  0x0805bb82 in fe_op_search (op=0x86590e0, rs=0xb7b9a230) at 
search.c:349
#6  0x0805b489 in do_search (op=0x86590e0, rs=0xb7b9a230) at search.c:219
#7  0x0805a321 in connection_operation (ctx=0xb7b9a2b0, arg_v=0x86590e0) 
at connection.c:1061
#8  0x081018c9 in ldap_int_thread_pool_wrapper (xpool=0x85e8b20) at 
tpool.c:485
#9  0x00f49341 in start_thread (arg=0xb7b9abb0) at pthread_create.c:261
#10 0x00adffee in ?? () from /lib/tls/libc.so.6
(gdb)
--=_alternative 00313D1FC12570C1_=
Content-Type: text/html; charset="us-ascii"


<br><font size=2 face="sans-serif">Now I use OpenLdap 2.3.12 (which includes the fix to the ITS 4107), but my problem is not fixed yet.</font>
<br><font size=2 face="sans-serif">I remark that the seg fault happens randomly at two different points.</font>
<br><font size=2 face="sans-serif">I attach the back trace of each case.</font>
<br><font size=2 face="sans-serif">Best Regards</font>
<br><font size=2 face="sans-serif">Ali Pouya</font>
<br>
<br><font size=2 face="sans-serif">Case 1 :</font>
<br><font size=2 face="Arial">(gdb) bt</font>
<br><font size=2 face="Arial">#0 &nbsp;0x0811cdde in ber_bvarray_free_x (a=0x7373616c, ctx=0x0) at memory.c:757</font>
<br><font size=2 face="Arial">#1 &nbsp;0x0811ce30 in ber_bvarray_free (a=0x7373616c) at memory.c:771</font>
<br><font size=2 face="Arial">#2 &nbsp;0x08060263 in attr_free (a=0x8f55370) at attr.c:64</font>
<br><font size=2 face="Arial">#3 &nbsp;0x080bc18f in meta_back_search (op=0x8f54cf8, rs=0xb7698230) at search.c:1075</font>
<br><font size=2 face="Arial">#4 &nbsp;0x0805bb82 in fe_op_search (op=0x8f54cf8, rs=0xb7698230) at search.c:349</font>
<br><font size=2 face="Arial">#5 &nbsp;0x0805b489 in do_search (op=0x8f54cf8, rs=0xb7698230) at search.c:219</font>
<br><font size=2 face="Arial">#6 &nbsp;0x0805a321 in connection_operation (ctx=0xb76982b0, arg_v=0x8f54cf8) at connection.c:1061</font>
<br><font size=2 face="Arial">#7 &nbsp;0x081018c9 in ldap_int_thread_pool_wrapper (xpool=0x8ed3b20) at tpool.c:485</font>
<br><font size=2 face="Arial">#8 &nbsp;0x007c1341 in start_thread (arg=0xb7698bb0) at pthread_create.c:261</font>
<br><font size=2 face="Arial">#9 &nbsp;0x002a5fee in ?? () from /lib/tls/libc.so.6</font>
<br>
<br><font size=2 face="sans-serif">--------------------------------------------------------------</font>
<br>
<br><font size=2 face="sans-serif">Case 2)</font>
<br>
<br><font size=2 face="Arial">(gdb) bt</font>
<br><font size=2 face="Arial">#0 &nbsp;0x080fdc6f in avl_insert (root=0x85ff2f8, data=0x866a068, fcmp=0x80e6e9c &lt;meta_dncache_cmp&gt;,</font>
<br><font size=2 face="Arial">&nbsp; &nbsp; fdup=0x80e6ee0 &lt;meta_dncache_dup&gt;) at avl.c:121</font>
<br><font size=2 face="Arial">#1 &nbsp;0x080e70be in meta_dncache_update_entry (cache=0x85ff2e0, ndn=0xb7b98dcc, target=0)</font>
<br><font size=2 face="Arial">&nbsp; &nbsp; at dncache.c:190</font>
<br><font size=2 face="Arial">#2 &nbsp;0x080e1bb9 in meta_back_single_bind (op=0xb7b98db0, rs=0xb7b9a230, mc=0x8669d48, candidate=0)</font>
<br><font size=2 face="Arial">&nbsp; &nbsp; at bind.c:442</font>
<br><font size=2 face="Arial">#3 &nbsp;0x080e2c41 in meta_back_dobind (op=0x86590e0, rs=0xb7b9a230, mc=0x8669d48,</font>
<br><font size=2 face="Arial">&nbsp; &nbsp; sendok=LDAP_BACK_SENDERR) at bind.c:692</font>
<br><font size=2 face="Arial">#4 &nbsp;0x080ba910 in meta_back_search (op=0x86590e0, rs=0xb7b9a230) at search.c:262</font>
<br><font size=2 face="Arial">#5 &nbsp;0x0805bb82 in fe_op_search (op=0x86590e0, rs=0xb7b9a230) at search.c:349</font>
<br><font size=2 face="Arial">#6 &nbsp;0x0805b489 in do_search (op=0x86590e0, rs=0xb7b9a230) at search.c:219</font>
<br><font size=2 face="Arial">#7 &nbsp;0x0805a321 in connection_operation (ctx=0xb7b9a2b0, arg_v=0x86590e0) at connection.c:1061</font>
<br><font size=2 face="Arial">#8 &nbsp;0x081018c9 in ldap_int_thread_pool_wrapper (xpool=0x85e8b20) at tpool.c:485</font>
<br><font size=2 face="Arial">#9 &nbsp;0x00f49341 in start_thread (arg=0xb7b9abb0) at pthread_create.c:261</font>
<br><font size=2 face="Arial">#10 0x00adffee in ?? () from /lib/tls/libc.so.6</font>
<br><font size=2 face="Arial">(gdb)</font>
--=_alternative 00313D1FC12570C1_=--