[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#4966) OpenLDAP 2.3.35 crashes on valsort overlay
eagle@windlord.stanford.edu wrote:
> We've reproduced the crash and I have it in a crashed state in gdb right
> now.
Should be fixed now in valsort.c in HEAD.
>
> Program received signal SIGSEGV, Segmentation fault.
> [Switching to Thread 1107294576 (LWP 32735)]
> valsort_modify (op=0x2aabaeae0058, rs=0x41ffef10) at valsort.c:455
> 455 for (i=0; !BER_BVISNULL( &ml->sml_values[i] ); i++) {
> (gdb) bt
> #0 valsort_modify (op=0x2aabaeae0058, rs=0x41ffef10) at valsort.c:455
> #1 0x0000000000478a2a in overlay_op_walk (op=0x2aabaeae0058, rs=0x41ffef10,
> which=op_modify, oi=0x2b240a786518, on=0x2b240a786cd8) at backover.c:498
> #2 0x0000000000478e65 in over_op_func (op=0x2aabaeae0058, rs=0x41ffef10,
> which=op_modify) at backover.c:560
> #3 0x000000000043c962 in fe_op_modify (op=0x2aabaeae0058, rs=0x41ffef10)
> at modify.c:395
> #4 0x000000000043d45a in do_modify (op=0x2aabaeae0058, rs=0x41ffef10)
> at modify.c:200
> #5 0x0000000000427af9 in connection_operation (ctx=Variable "ctx" is not available.
> ) at connection.c:1133
> #6 0x0000000000427fa4 in connection_read_thread (ctx=0x41fff060, argv=Variable "argv" is not available.
> )
> at connection.c:1261
> #7 0x00002b2408673894 in ldap_int_thread_pool_wrapper (xpool=0x2b2409d10058)
> at tpool.c:478
> #8 0x00002b24083ad9af in startMeUp () from /usr/local/lib/libhoard.so
> #9 0x00002b24090bfb55 in start_thread () from /lib/libpthread.so.0
> #10 0x00002b24092a07f0 in clone () from /lib/libc.so.6
> [...]
> (gdb) frame 0
> #0 valsort_modify (op=0x2aabaeae0058, rs=0x41ffef10) at valsort.c:455
> 455 for (i=0; !BER_BVISNULL( &ml->sml_values[i] ); i++) {
> (gdb) list
> 450 if ( ml->sml_desc == vi->vi_ad )
> 451 break;
> 452 }
> 453 if ( !ml )
> 454 continue;
> 455 for (i=0; !BER_BVISNULL( &ml->sml_values[i] ); i++) {
> 456 ptr = ber_bvchr(&ml->sml_values[i], '{' );
> 457 if ( !ptr ) {
> 458 Debug(LDAP_DEBUG_TRACE, "weight missing from attribute %s\n",
> 459 vi->vi_ad->ad_cname.bv_val, 0, 0);
> (gdb) print *ml
> $2 = {sml_mod = {sm_op = 1, sm_flags = 0, sm_desc = 0x2b2409a344d0, sm_type = {
> bv_len = 20, bv_val = 0x2aabaea1f8e9 "suorgcontactstanford"},
> sm_values = 0x0, sm_nvalues = 0x0}, sml_next = 0x2aabaeaf4770}
> (gdb) print i
> No symbol "i" in current context.
> (gdb) print ml->sml_mod.sm_values
> $3 = 0x0
>
> I'll leave it running in gdb so that I can find additional information for
> you as needed.
>
>
>
--
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support