Full_Name: Quanah Gibson-Mount Version: 2.4.44+ITS8432 OS: Linux 3.13 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (75.111.52.177) See thread 1: Thread 10 (Thread 0x7fcf1e7d1700 (LWP 28740)): #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185 No locals. #1 0x00007ff726701a82 in ldap_pvt_thread_cond_wait (cond=0x1d32038, mutex=0x1d32010) at thr_posix.c:277 No locals. #2 0x00007ff726700315 in ldap_int_thread_pool_wrapper (xpool=0x1d32000) at tpool.c:938 pq = 0x1d32000 pool = 0x1efa240 task = 0x0 work_list = 0x1d32070 ctx = {ltu_pq = 0x1d32000, ltu_id = 140527546472192, ltu_key = {{ltk_key = 0x4ac6bb <slap_sl_mem_init>, ltk_data = 0x4376480, ltk_free = 0x4ac4e0 <slap_sl_mem_destroy>}, {ltk_key = 0x1f03400, ltk_data = 0x469c000, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x7ff72164e109 <search_stack>, ltk_data = 0x49a6000, ltk_free = 0x7ff72164e0e6 <search_stack_free>}, {ltk_key = 0x7ff72164acad <scope_chunk_get>, ltk_data = 0x46a6000, ltk_free = 0x7ff72164ac65 <scope_chunk_free>}, {ltk_key = 0x1f02d00, ltk_data = 0x4694800, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x439b53 <conn_counter_init>, ltk_data = 0x1f03c00, ltk_free = 0x4399a5 <conn_counter_destroy>}, {ltk_key = 0x4548c9 <slap_op_free>, ltk_data = 0xfdb7480, ltk_free = 0x45481c <slap_op_q_destroy>}, {ltk_key = 0x0, ltk_data = 0xe4b2400, ltk_free = 0x0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0x0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 64 hash = 1350373440 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x00007ff725171dc5 in start_thread (arg=0x7fcf1e7d1700) at pthread_create.c:308 __res = <optimized out> pd = 0x7fcf1e7d1700 now = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140527546472192, 2936369338381151317, 0, 140527546472896, 140527546472192, 0, -2927858035490640811, -2941309649140011947}, mask_was_saved =%7}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = <optimized out> pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> #4 0x00007ff724e9eced in cne % () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113 No locals. Thread 9 (Thread 0x7fcf1f7d3700 (LWP 28738)): #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185 No locals. #1 0x00007ff726701a82 in ldap_pvt_thread_cond_wait (cond=0x1d32038, mutex=0x1d32010) at thr_posix.c:277 No locals. #2 0x00007ff726700315 in ldap_int_thread_pool_wrapper (xpool=0x1d32000) at tpool.c:938 pq = 0x1d32000 pool = 0x1efa240 task = 0x0 work_list = 0x1d32070 ctx = {ltu_pq = 0x1d32000, ltu_id = 140527563257600, ltu_key = {{ltk_key = 0x4ac6bb <slap_sl_mem_init>, ltk_data = 0x4376440, ltk_free = 0x4ac4e0 <slap_sl_mem_destroy>}, {ltk_key = 0x1f03400, ltk_data = 0x436e200, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x1f02d00, ltk_data = 0x468e000, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x439b53 <conn_counter_init>, ltk_data = 0x1f05d00, ltk_free = 0x4399a5 <conn_counter_destroy>}, {ltk_key = 0x4548c9 <slap_op_free>, ltk_data = 0xffe43c0, ltk_free = 0x45481c <slap_op_q_destroy>}, {ltk_key = 0x7ff72164e109 <search_stack>, ltk_data = 0x858c000, ltk_free = 0x7ff72164e0e6 <search_stack_free>}, {ltk_key = 0x7ff72164acad <scope_chunk_get>, ltk_data = 0x828c000, ltk_free = 0x7ff72164ac65 <scope_chunk_free>}, {ltk_key = 0x0, ltk_data = 0x106a8400, ltk_free = 0x0}, { ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0x0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 161 hash = 4023759009 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x00007ff725171dc5 in start_thread (arg=0x7fcf1f7d3700) at pthread_create.c:308 __res = <optimized out> pd = 0x7fcf1f7d3700 now = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140527563257600, 2936369338381151317, 0, 140527563258304, 140527563257600,%0, -2927855835393643435, -2941309649140011947}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = <optimized out> pagesize_m1 = <optimized out> sp = <optimized out> frereesize = <optimized out> #4 0x00007ff724e9eced in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113 No locals. Thread 8 (Thread 0x7fcf207d5700 (LWP 28736)): #0 0x00007ff724e9f2c3 in epoll_wait () at ../sysdeps/unix/syscall-template.S:81 No locals. #1 0x0000000000435e73 in slapd_daemon_task (ptr=0x1cfbf18) at daemon.c:2517 ns = 1 at = 0 nfds = 2560 revents = 0x1d96000 tvp = 0x7fcf207d4e00 cat = {tv_sec = 1467852042, tv_usec3D3D 0} i = 1 nwriters = 0 now = 1467838511 tv = {tv_sec = 13531, tv_usec = 0} tdelta = 1 rtask = 0x1d23d60 l = 3 last_idle_check = 1467808842 ebadf = 0 tid = 0 #2 0x00007ff725171dc5 in start_thread (arg=0x7fcf207d5700) at pthread_create.c:308 __res = <optimized out> pd = 0x7fcf207d5700 now = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140527580043008, 2936369338381151317, 0, 140527580043712, 140527580043008, 0, -2927809654831535019, -2941309649140011947}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = <optimized out> pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> #3 0x00007ff724e9eced in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113 No locals. Thread 7 (Thread 0x7fcf1d5c9700 (LWP 30049)): #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185 No locals. #1 0x00007ff726701a82 in ldap_pvt_thread_cond_wait (cond=0x1d32038, mutex=0x1d32010) at thr_posix.c:277 No locals. #2 0x00007ff726700315 in ldap_int_thread_pool_wrapper (xpool=0x1d32000) at tpool.c:938 pq = 0x1d32000 pool = 0x1efa240 task = 0x0 work_list = 0x1d32070 ctx = {ltu_pq = 0x1d32000, ltu_id = 140527527565056, ltu_key = wB7Bltk_key = 0x439b53 <conn_counter_init>, ltk_data = 0xb344b00, ltk_free = 0x4399a5 <conn_counter_destroy>}, {ltk_key = 0x4ac6bb <slap_sl_mem_init>, ltk_data = 0xb354a40, ltk_free = 0x4ac4e0 <slap_sl_mem_destroy>}, {ltk_key = 0x1f02d00, ltk_data = 0x4696200, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x7ff72164e109 <search_stack>, ltk_data = 0xb75e000, ltk_free = 0x7ff72164e0e6 <search_stack_free>}, {ltk_key = 0x7ff72164acad <scope_chunk_get>, ltk_data = 0xb45e000, ltk_free = 0x7ff72164ac65 <scope_chunk_free>}, {ltk_key = 0x4548c9 <slap_op_free>, ltk_data = 0xfdb5e00, ltk_free = 0x45481c <slap_op_q_destroy>}, {ltk_key = 0x1f03400, ltk_data = 0xe516000, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x0, ltk_data = 0xfb24800, ltk_free = 0x0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0x0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 958 hash = 371020734 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x00007ff725171dc5 in start_thread (arg=0x7fcf1d5c9700) at pthread_create.c:308 __res = <optimized out> pd = 0x7fcf1d5c9700 now = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140527527565056, 2936369338381151317, 0, 140527527565760, 140527527565056, 0, -2927851159247999915, -2941309649140011947}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = <optimized out> pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> #4 0x00007ff724e9eced in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113 No locals. Thread 6 (Thread 0x7fcf1ddca700 (LWP 29664)): #0 0x00007ff724e9469d in poll () at ../sysdeps/unix/syscall-template.S:81 No locals. #1 0x00007ff726720abe in ldap_int_select (ld=0xe479d10, timeout=0x0) at os-ip.c:1139 to = -1 rc = 209519392 sip = 0xaa2a000 __PRETTY_FUNCTION__ = "ldap_int_select" #2 0x00007ff726703569 in wait4msg (ld=0xe479d10, msgid=110, all=0, timeout=0x0, result=0x7fcf1ddc92f8) at result.c:312 err = 500994368 lc_ready = 0 rc = -2 tv = {tv_sec = 0, tv_usec = 0} tv0 = {tv_sec = 0, tv_usec = 0} start_time_tv = {tv_sec = 0, tv_usec = 0} tvp = 0x0 lc = 0x0 __PRETTY_FUNCTION__ = "iait4msg" #3 0x00007ff726702e8b in ldap_result (ld=0xe479d10, msgid=110, all=0, timeout=0x0, result=0x7fcf1ddc92f8) at result.c:117 rc = 32719 __PRETTY_FUNCTION__ = "ldap_result" #4 0x00000000004b6de9 in do_syncrep2 (op=0x7fcf1ddc9480, si=0x1d278c0) at syncrepl.c:841 berbuf = { buffer = "\002\000\001\000\000\000\000\000\377\377\377\377\377\377\377\377", '\000' <repeats 56 times>, "@_\370\006", '\000' <repeats 12 times>, "@_\370\006", '\000' <repeats 29 times>, "@^\t", '\002727 <repeats 28 times>, "\t\033p&\367\177\000\000\000\247\334\035\317\177\000\000@cu\000\000\000\000\000\340\223\334\035\317\177\000\000\t\033p&\367\177\000\000\230\224\334\035\001\000\000\000"..., ialign = 65538, lalign = 65538, falign = 9.18382988e-41, dalign = 3.2380074297143616e-319, palign = 0x10002 <Address 0x10002 out of bounds>} ber = 0x7fcf1ddc9300 msg = 0x0 syncCookie = {ctxcsn = 0x0, sids = 0x0, numcsns = 0, rid = 0, octet_str = {bv_len = 0, bv_val = 0x0}, sid D D 0, sc_next = {stqe_next = 0x0}} syncCookie_req = {ctxcsn = 0x20c6d80, sids = 0xe5138c0, numcsns = 5, rid = 1, octet_str = {bv_len = 224, bv_val = 0xfebe960 "rid=001,sid=004,csn=20160704232006.675752Z#000000#000#000000;20160706084911.646411Z#000000#001#000000;20160704233433.821120Z#000000#002#000000;20160706135712.349342Z#000000#003#000000;20160704233459.2"...}, sid = 4, sc_next = {stqe_next = 0x0}} rc = 4096 err = 0 modlist = 0x0 m =%0 tout_p = 0x0 tout = {tv_sec = 0, tv_usec = 0} refreshDeletes = 0 empty = "empty" __PRETTY_FUNCTION__ = "do_syncrep2" #5 0x00000000004b74f4 in do_syncrepl (ctx=0x7fcf1ddc9bb0, arg=0x1d23e00) at syncrepl.c:1565 rtask = 0x1d23e00 si = 0x1d278c0 conn = {c_struct_state = SLAP_C_UNINITIALIZED, c_conn_state = SLAP_C_INVALID, c_conn_idx = -1, c_sd = 0, c_close_reason = 0x0, c_mutex = {__data = {__lock = 0, __count = 0, __owner = 0, __nusers = 0, __kind = 0, __spins = 0, __list = {__prev = 0x0, __next = 0x0}}, __size = '\000' <repeats 39 times>, __align = 0}, c_sb = 0x0, c_starttime = 0, c_activitytime = 0, c_connid = 18446744073709551615, c_peer_domain = {bv_len = 0, bv_val = 0x4f05b0 ""}, c_peer_name = {bv_len = 0, bv_val = 0x4f05b0 ""}, c_listener = 0x4f8740 <dummy_list>, c_sasl_bind_mech = {bv_len = 0, bv_val = 0x0}, c_sasl_dn = {bv_len = 0, bv_val = 0x0}, c_sasl_authz_dn = { bv_len = 0, bv_val = 0x0}, c_authz_backend = 0x0, c_authz_coieie = 0x0, c_authz = {sai_method = 0, sai_mech = {bv_len = 0, bv_val = 0x0}, sai_dn = {bv_len = 0, bv_val = 0x0}, sai_ndn = {bv_len = 0, bv_val = 0x0}, sai_ssf = 0, sai_transport_ssf = 0, sai_tls_ssf = 0, sai_sasl_ssf = 0}, crorotocol = 0, c_ops = {stqh_first = 0x0, stqh_last = 0x0}, c_pending_ops = {stqh_first = 0x0, stqh_last = 0x0}, c_write1_mutex = {__data = { __lock = 0, __count = 0, __owner = 0, __nusers = 0, __kind = 0, __spins = 0, __list = {prprev = 0x0, __next = 0x0}}, __size = '\000' <repeats 39 times>, __align = 0}, c_write1_cv = {__data = {__lock = 0, __futex = 0, __total_seq = 0, __wakeup_seq = 0, __woken_seq = 0, __mutex = 0x0, __nwaiters = 0, __broadcast_seq = 0}, __size = '\000' <repeats 47 times>, __align = 0}, c_write2_mutex = {__data = {__lock = 0, __count = 0, __owner = 0, __nusers = 0, __kind = 0, __spins = 0, __list = {__prev = 0x0, __next = 0x0}}, __size = '\000' <repeats 39 times>, __align = 0}, c_write2_cv = {__data = {__lock = 0, __futex = 0, __total_seq = 0, __wakeup_seq = 0, __woken_seq = 0, __mutex = 0x0, __nwaiters = 0, __broadcast_seq = 0}, __size = '\000' <repeats 47 times>, __align = 0}, c_currentber = 0x0, c_writers = 0, c_writing = 0 '\000', c_sasl_bind_in_progress = 0 '\000', c_writewaiter = 0 '\000', c_is_tls = 0 '\000', c_needs_tls_accept = 0 '\000', c_sasl_layers = 0 '\000', c_sasl_done = 0 '\000', c_sasl_authctx = 0x0, c_sasl_sockctx = 0x0, c_sasl_extra = 0x0, c_sasl_bindop = 0x0, c_pagedresults_state = {ps_be = 0x0, ps_size = 0, ps_count = 0, ps_cookie = 0, ps_cookieval = {bv_len = 0, bv_val = 0x0}}, c_n_ops_received = 0, c_n_ops_executing = 0, c_n_ops_pending = 0, c_n_ops_completed = 0, c_n_get = 0, c_n_read = 0, c_n_write = 0, c_extensions = 0x0, c_clientfunc = 0x0, c_clientarg = 0x0, c_send_ldap_result = 0x4506fe <slap_send_ldap_result>, c_send_search_entry = 0x451575 <slap_send_search_entry>, c_send_search_reference = 0x453527 <slap_send_search_reference>, c_send_ldap_extended = 0x45105e <slap_send_ldap_extended>, c_send_ldap_intermediate = 0x451360 <slap_send_ldap_intermediate>} opbuf = {ob_op = {o_hdr = 0x7fcf1ddc95f0, o_tag = 108, o_time = 1467813432, o_tincr = 690746, o_bd = 0x1f23400, o_req_dn = {bv_len = 36, bv_val = 0x6f50d80 "20160706084911.796411Z#000000#001#000000"}, o_req_ndn = {bv_len = 36, bv_val = 0xb2778d0 "20160704233433.821120Z#000000#002#000000"}, o_request = {oq_add = {rs_modlist = 0xfb8b580, rs_e = 0x0}, oq_bind = {rb_method = 263763328, rb_cred = {bv_len = 0, bv_val = 0x1 <Address 0x1 out of bounds>}, rb_edn = {bv_len = 10, bv_val = 0xffbd3b0 "\200\300"}, rb_ssf = 10, rb_mech = {bv_len = 234930304, bv_val = 0x0}}, oq_compare = {rs_ava = 0xfb8b580}, oq_modify = {rs_mods = { rs_modlist = 0xfb8b580, rs_no_opattrs = 0 '\000'}, rs_increment = 1}, oq_modrdn = {rs_mods = {rs_modlist = 0xfb8b580, rs_no_opattrs = 0 '\000'}, rs_deleteoldrdn = 1, rs_newrdn = {bv_len = 10, bv_val = 0xffbd3b0 "\200\300"}, rs_nnewrdn = {bv_len = 10, bv_val = 0xe00c080 " S\245\017"}, rs_newSup = 0x0, rs_nnewSup = 0x0}, oq_search = {rs_scope = 263763328, rs_deref = 0, rs_slimit = 0, rs_tlimit = 0, rs_limit = 0x1, rs_attrsonly = 10, rs_attrs = 0xffbd3b0, rs_filter = 0xa, rs_filterstr = {bv_len = 234930304, bv_val = 0x0}}, oq_abandon = {rs_msgid = 263763328}, oq_cancel = {rs_msgid = 263763328}, oq_extended = { rs_reqoid = {bv_len = 263763328, bv_val = 0x0}, rs_flags = 1, rs_reqdata = 0xa}, oq_pwdexop = {rs_extended = {rs_reqoid = {bv_len = 263763328, bv_val = 0x0}, rs_flags = 1, rs_reqdata = 0xa}, rs_old = { bv_len = 268161968, bv_val = 0xa <Address 0xa out of bounds>}, rs_new = {bv_len = 234930304, bv_val = 0x0}, rs_mods = 0x0, rs_modtail = 0x0}}, o_abandon = 0, o_cancel = 0, o_groups = 0x0, o_do_not_cache = 0 '\000', o_is_auth_check = 0 '\000', o_dont_replicate = 0 '\000', o_acl_priv = ACL_NONE, o_nocaching = 0 '\000', o_delete_glue_parent = 0 '\000', o_no_schema_check = 1 '\001', o_no_subordinate_glue = 0 '\000', o_ctrlflag = '\000' <repeats 14 times>, "\002", '\000' <repeats 16 times>, o_controls = 0x7fcf1ddc9738, o_authz = {sai_method = 0, sai_mech = {bv_len = 0, bv_val = 0x0}, sai_dn = {bv_len = 9, bv_val = 0x2220c60 "cn=config"}, sai_ndn = {bv_len = 9, bv_val = 0x2220c80 "cn=config"}, sai_ssf = 0, sai_transport_ssf = 0, sai_tls_ssf = 0, sai_sasl_ssf = 0}, o_ber = 0x0, o_res_ber = 0x0, o_callback = 0x7fcf1ddc9080, o_ctrls = 0x0, o_csn = {bv_len = 0, bv_val = 0x0}, o_private = 0x0, o_extra = {slh_first = 0x0}, o_next = {stqe_next = 0x0}}, ob_hdr = {oh_opid = 0, oh_connid = 1, oh_conn = 0x7fcf1ddc9840, oh_msgid = 0, oh_protocol = 0, oh_tid = 140527535957760, oh_threadctx = 0x7fcf1ddc9bb0, oh_tmpmemctx = 0x6f85f40, oh_tmpmfuncs = 0x7543c0 <slap_sl_mfuncs>, oh_counters = 0x7578c0 <slap_counters>, oh_log_prefix = "conn=-1 op=0", '\000' <repeats 243 times>}, ob_controls = {0x0 <repeats 17 times>, 0x7fcf1ddc92c0, 0x0 <repeats 14 times>}} op = 0x7fcf1ddc9480 rc = 0 dostop = 0 s = 2400 i = 1 defer = 1 fail = 0 freeinfo = 0 be = 0x1f23400 #6 0x000000000043a59d in connection_read_thread (ctx=0x7fcf1ddc9bb0, argv=0x960) at connection.c:1273 rc = 0 cri = {op = 0x0, func = 0x4b6fd7 <do_syncrepl>, arg = 0x1d23e00, ctx = 0x7fcf1ddc9bb0, nullop = 0} s = 2400 #7 0x00007ff7267003ea in ldap_int_thread_pool_wrapper (xpool=0x1d32000) at tpool.c:956 pq = 0x1d32000 pool = 0x1efa240 task = 0x1017a700 work_list = 0x1d32070 ctx = {ltu_pq = 0x1d32000, ltu_id = 140527535757760, ltu_key = {{ltk_key = 0x439b53 <conn_counter_init>, ltk_data = 0x1f05600, ltk_free = 0x4399a5 <conn_counter_destroy>}, {ltk_key = 0x4ac6bb <slap_sl_mem_init>, ltk_data = 0x6f85f40, ltk_free =x4x4ac4e0 <slap_sl_mem_destroy>}, {ltk_key = 0x1f02d00, ltk_data = 0x469f400, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x4548c9 <slap_op_free>, ltk_data = 0x24d70c0, ltk_free = 0x45481c <slap_op_q_destroy>}, {ltk_key = 0x1f03400, ltk_data = 0x46a0e00, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x7ff72164e109 <search_stack>, ltk_data = 0x99e4000, ltk_free = 0x7ff72164e0e6 <search_stack_free>}, {ltk_key = 0x7ff72164acad <scope_chunk_get>, ltk_data = 0x96e4000, l_f_free = 0x7ff72164ac65 <scope_chunk_free>}, {ltk_key = 0x0, ltk_data = 0x1015a800, ltk_free = 0x0}, { ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0x0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 846 hash = 3140276046 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #8 0x00007ff725171dc5 in start_thread (arg=0x7fcf1ddca700) at pthread_create.c:308 __res = <optimized out> pd = 0x7fcf1ddca700 now = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140527535957760, 2936369338381151317, 0, 140527535958464, 140527535957760, 0, -2927850059199501227, -2941309649140011947}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = <optimized out> pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> #9 0x00007ff724e9eced in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113 No locals. Thread 5 (Thread 0x7fcf1cdc8700 (LWP 30136)): #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185 No locals. #1 0x00007ff726701a82 in ldap_pvt_thread_ndnd_wait (cond=0x1d32038, mutex=0x1d32010) at thr_posix.c:277 No locals. #2 0x00007ff726700315 in ldap_int_thread_pool_wrapper (xpool=0x1d32000) at tpool.c:938 pq = 0x1d32000 pool = 0x1efa240 task = 0x0 work_list = 0x1d32070 ctx = {ltu_pq = 0x1d32000, ltu_id = 140527519172352, ltu_key = {{ltk_key = 0x439b53 <conn_counter_init>, ltk_data = 0xc7c6c00, ltk_free = 0x4399a5 <conn_counter_destroy>}, {ltk_key = 0x4ac6bb <slap_sl_mem_init>, ltk_data = 0xaed2200, ltk_free = 0x4ac4e0 <slap_sl_mem_destroy>}, {ltk_key = 0x4548c9 <slap_op_free>, ltk_data = 0xb014f00, ltk_free = 0x45481c <slap_op_q_destroy>}, {ltk_key = 0x1f02d00, ltk_data = 0x46a2800, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x7ff72164e109 <search_stack>, ltk_data = 0xcbf8000, ltk_free = 0x7ff72164e0e6 <search_stack_free>}, {ltk_key = 0x7ff72164acad <scope_chunk_get>, ltk_data = 0xc8f8000, ltk_free = 0x7ff72164ac65 <scope_chunk_free>}, {ltk_key = 0x1f03400, ltk_data = 0x46a4200, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x0, ltk_data = 0x106a8400, ltk_free = 0x0}, { ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0x0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 365 hash = 453090669 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x00007ff725171dc5 in start_thread (arg=0x7fcf1cdc8700) at pthread_create.c:308 __res = <optimized out> pd = 0x7fcf1cdc8700 now = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140527519172352, 2936369338381151317, 0, 140527519173056, 140527519172352, 0, -2927852250706564011, -2941309649140011947}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = <optimized out> pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> #4 0x00007ff724e9eced in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113 No locals. Thread 4 (Thread 0x7fcf1c5c7700 (LWP 30363)): #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185 No locals. #1 0x00007ff726701a82 in ldap_pvt_thread_cond_wait (cond=0x1d32038, mutex=0x1d32010) at thr_posix.c:277 No locals. #2 0x00007ff726700315 in ldap_int_thread_pool_wrapper (xpool=0x1d32000)tat tpool.c:938 pq = 0x1d32000 pool = 0x1efa240 task = 0x0 work_list = 0x1d32070 ctx = {ltu_pq = 0x1d32000, ltu_id = 140527510779648, ltu_key = {{ltk_key = 0x439b53 <conn_counter_init>, ltk_data = 0xe56a000, ltk_free = 0x4399a5 <conn_counter_destroy>}, {ltk_key = 0x4ac6bb <slap_sl_mem_init>, ltk_data = 0x95d0e00, ltk_free = 0x4ac4e0 <slap_sl_mem_destroy>}, {ltk_key = 0x4548c9 <slap_op_free>, ltk_data = 0x24d7840, ltk_free = 0x45481c <slap_op_q_destroy>}, {ltk_key = 0x1f02d00, ltk_data = 0xe519400, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x7ff72164e109 <search_stack>, ltk_data = 0xe976000, ltk_free = 0x7ff72164e0e6 <search_stack_free>}, {ltk_key = 0x7ff72164acad <scope_chunk_get>, ltk_data = 0xe676000, ltk_free = 0x7ff72164ac65 <scope_chunk_free>}, {ltk_key = 0x1f03400, ltk_data = 0xe517a00, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x0, ltk_data = 0x103ad600, ltk_free = 0x0}, { ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0x0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 477 hash = 1978802653 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x00007ff725171dc5 in start_thread (arg=0x7fcf1c5c7700) at pthread_create.c:308 __res = <optimized out> pd = 0x7fcf1c5c7700 now = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140527510779648, 2936369338381151317, 0, 140527510780352, 140527510779648, 0, -2927853350755062699, -2941309649140011947}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = <optimized out> pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> #4 0x00007ff724e9eced in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113 No locals. Thread 3 (Thread 0x7fcf1efd2700 (LWP 28739)): #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185 No locals. #1 0x00007ff726701a82 in ldap_pvt_thread_cond_wait (cond=0x1d32038, mutex=0x1d32010) at thr_posix.c:277 No locals. #2 0x00007ff726700315 in ldap_int_thread_pool_wrapper (xpool=0x1d32000) at tpool.c:938 pq = 0x1d32000 pool = 0x1efa240 task = 0x0 work_list = 0x1d32070 ctx = {ltu_pq = 0x1d32000, ltu_id = 140527554864896, ltu_key = {{ltk_key = 4a4ac6bb <slap_sl_mem_init>, ltk_data = 0x4376640, ltk_free = 0x4ac4e0 <slap_sl_mem_destroy>}, {ltk_key = 0x1f02d00, ltk_data = 0x4692e00, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x1f03400, ltk_data = 0x469da00, ltk_free = 0xf7f721658ea5 <mdb_reader_free>}, {ltk_key = 0x7ff72164e109 <search_stack>, ltk_data = 0x5e16000, ltk_free = 0x7ff72164e0e6 <search_stack_free>}, {ltk_key = 0x7ff72164acad <scope_chunk_get>, ltk_data = 0x5b16000, ltk_free = 0x7ff72164ac65 <scope_chunk_free>}, {ltk_key = 0x439b53 <conn_counter_init>, ltk_data = 0x1f05c00, ltk_free = 0x4399a5 <conn_counter_destroy>}, {ltk_key = 0x4548c9 <slap_op_free>, ltk_data = 0x10a86780, ltk_free = 0x45481c <slap_op_q_destroy>}, {ltk_key = 0x0, ltk_da =3D 0x103ad600, ltk_free = 0x0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0x0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 976 hash = 4119628752 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x00007ff725171dc5 in start_thread (arg=0x7fcf1efd2700) at pthread_create.c:308 __res = <optimized out> pd = 0x7fcf1efd2700 now = <optimized out> unwind_buf = {canl_jmjmp_buf = {{jmp_buf = {140527554864896, 2936369338381151317, 0, 140527554865600, 140527554864896, 0, -2927856935442142123, -2941309649140011947}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0% c canceltype = 0}}} not_first_call = <optimized out> pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> #4 0x00007ff724e9eced in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113 No locals. Thread 2 (Thread 0x7ff726dad740 (LWP 28735)): #0 0x00007ff725172ef7 in pthread_join (threadid=140527580043008, thread_return=0x0) at pthread_join.c:92 _tid = 28736 _buffer = {__routine = 0x7ff725172e30 <cleanup>, __arg = 0x7fcf207d5d28, __canceltype = 545085184, __prev = 0x0} oldtype = 0 pd = 0x7fcf207d5700 self = 0x7ff726dad740 result = 0 #1 0x00007ff7267019c3 in ldap_pvt_thread_join (thread=140527580043008, thread_return=0x0) at thr_posix.c:197 No locals. #2 0x0000000000437032 in slapd_daemon () at daemon.c:2910 i = 0 rc = 0 #3 0x0000000000414bfa in main (argc=9, argv=0x7ffc431d0c18) at main.c:1017 i = 9 no_detach = 0 rc = 0 urls = 0x1d02020 "ldap:/// ldapi:///" username = 0x1cfa010 "root" groupname = 0x0 sandbox = 0x0 syslogUser = 128 pid = 0 waitfds = {10, 11} g_argc = 9 g_argv = 0x7ffc431d0c18 configfile = 0x0 configdir = 0x1d02040 "/opt/zimbra/data/ldap/config" serverName = 0x7ffc431d169f "slapd" serverMode = 1 scp = 0x0 scp_entry = 0x0 debug_unknowns = 0x0 syslog_unknowns = 0x0 serverNamePrefix = 0x4f0048 "" l = 2305843479183585312 slapd_pid_file_unlink = 1 slapd_args_file_unlink = 1 firstopt = 0 __PRETTY_FUNCTION__ = "main" Thread 1 (Thread 0x7fcf1ffd4700 (LWP 28737)): #0 0x00007ff724ddd5f7 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56 resultvar = 0 pid = 28735 selftid = 28737 #1 0x00007ff724ddece8 in __GI_abort () at abort.c:90 save_stage = 2 act = {__sigaction_handler = {sa_handler = 0x7fcf1ffd1f60, sa_sigaction = 0x7fcf1ffd1f60}, sa_mask = {__val = {69, 1, 140699483447904, 0, 140699485592136, 140527571640064, 140527571640048, 2470669171, 140699480966590, 4294967295, 140699481017829, 69, 140699455947213, 69, 140527571640176, 0}}, sa_flags = 55, sa_restorer = 0x7fcf1ffd1f20} sigs = {__val = {32, 0 <repeats 15 times>}} #2 0x00007ff7269610f8 in tcmalloc::Log (mode=mode@entry=tcmalloc::kCrash, filename=lelename@entry=0x7ff72696edc6 "src/tcmalloc.cc", line=line@entry=278, a=..., b=..., c=..., d=...) at src/internal_logging.cc:120 state = {static kBufSize = 200, p_ = 0x7fcf1ffd1fb5 "", end_ = 0x7fcf1ffd2038 "\306\355\226&\367\177", buf_ = "src/tcmalloc.cc:278] Attempt to free invalid pointer 0x7fd0aefadf98 \n\000\000\000\230(\225&\367\177\000\000\230\337\372\256\320\177\000\000\240r^\001", '\000' <repeats 12 times>, "`\"\273&\367\177\000\000\340\022\026%\367\177\000\000\000\000\000\000\0%0\000\000\000\203N\362$\367\177\000\000@ \375\037\317\177\000\000\377\377\377\377\320\177\000\000\066 \375\037\317\177\000\000\006\000\000\000\000\000\000\000@$\026%\367\177\000\000\326w\205\376\003", '\000' <repeats 11 times>, "\026\001\000\000\000\000\000"} msglen = 69 fifirst_crash = true #3 0x00007ff72695d8b4 in (anonymous namespace)::InvalidFree (ptr=ptr@entry=0x7fd0aefadf98) at src/tcmalloc.cc:278 No locals. #4 0x00007ff72695cd2f in free_null_or_invalid (invalid_free_fn=0x7ff72695d860 <(anonymous namespace)::InvalidFree(void*)>, ptr=ptr@entry=0x7fd0aefadf98) at src/tcmalloc.cc:1137 No locals. #5 (anonymous namespace)::do_free_helper (ptr=ptr@entry=0x7fd0aefadf98, heap_must_be_valid=true, heap=0x15e72a0, invalid_free_fn=0x7ff72695d860 <(anonymous namespace)::InvalidFree(void*)>) at src/tcmalloc.cc:1181 No locals. #6 0x00007ff72696b62c in do_free_helper (invalid_free_fn=0x7ff72695d860 <(anonymous namespace)::InvalidFree(void*)>, heap_must_be_valid=true, heap=0x15e72a0, ptr=0x7fd0aefadf98) at src/thread_cache.h:381 No locals. #7 do_free_with_callback (invalid_free_fn=0x7ff72695d860 <(anonymous namespace)::InvalidFree(void*)>, ptr=0x7fd0aefadf98) at src/tcmalloc.cc:1221 heap = 0x15e72a0 #8 do_free (ptr=0x7fd0aefadf98) at src/tcmalloc.cc:1230 No locals. #9 tc_free (ptr=0x7fd0aefadf98) at src/tcmalloc.cc:1581 No locals. #10 0x00007ff7264e66ab in ber_memfree_x (p=0x7fd0aefadf98, ctx=0x0) at memory.c:152 __PRETTY_FUNCTION__ = "ber_memfree_x" #11 0x00000000004ad69f in slap_sl_free (ptr=0x7fd0aefadf98, ctx=0x43764c0) at sl_malloc.c:503 sh = 0x43764c0 size = 140527571640688 p = 0x7fd0aefadf98 nextp = 0x106e1aba8 tmpp = 0x7ff700000000 #12 0x00007ff720ff5d26 in accesslog_entry (op=0x7fcf1ffd3480, rs=0x7fcf1ffd3010, logop=2, op2=0x7fcf1ffd2390) at accesslog.c:1332 on = 0x22dc760 li = 0x20d9de0 rdnbuf = "reqStart=20160706205511.1000000\000x\332\372\256\320\177" nrdnbuf = "reqStart=m\211\214\000\177\000\000\000\360\004\257\320\177", '\000' <repeats 11 times>, "-\360\001\000\000" rdn = {bv_len = 31, bv_val = 0x7fcf1ffd2240 "reqStart=20160706205511.1000000"} nrdn = {bv_len = 17, bv_val = 0x7fcf1ffd2210 "reqStart=m\211\214"} timestamp = {bv_len = 22, bv_val = 0x7fcf1ffd2249 "20160706205511.1000000"} ntimestamp = {bv_len = 8, bv_val = 0x7fd0aefadf98 <Address 0x7fd0aefadf98 out of bounds>} bv = {bv_len = 140527571641664, bv_val = 0x7fcf1ffd2560 ""} lo = 0x7ff7211fd0 %3<logops+144> e = 0x20625d8 #13 0x00007ff720ff6668 in accesslog_response (op=0x7fcf1ffd3480, rs=0x7fcf1ffd3010) at accesslog.c:1528 on = 0x22dc760 li = 0x20d9de0 a = 0x7fcf1ffd3480 last_attr = 0x7fcf1ffd3010 m = 0x7fcf1ffd27c0 b = 0x7fcf1ffd2610 uuid = {bv_len = 36, bv_val = 0x10736c60 "bd4b254a-9cfc-102f-8a73-ad92a9dc2877"} i = 0 logop = 2 do_graduate = 0 lo = 0x7ff7211fd5d0 <logops+144> e = 0x0 old = 0x0 e_uuid = 0x0 timebuf = "\240\003\000\000\000\000\000\000\b\244\337\017\000\000\000\000\b\000\000\000\000\000\000\000\b%\375\037\317\177" bv = {bv_len = 70672576, bv_val = 0x8c896c <Address 0x8c896c out of bounds>} ptr = 0x7fd0aefa7000 <Address 0x7fd0aefa7000 out of bounds> vals = 0x7fcf1ffd2558 op2 = {o_hdr = 0x0, o_tag = 0, o_time = 0, o_tincr = 0, o_bd = 0x0, o_req_dn = {bv_len = 0, bv_val = 0x0}, o_req_ndn = {bv_len = 0, bv_val = 0x0}, o_request = {oq_add = {rs_modlist = 0x0, rs_e = 0x0}, oq_bind = {rb_method = 0, rb_cred = {bv_len = 0, bv_val = 0x0}, rb_edn = {bv_len = 0, bv_val = 0x0}, rb_ssf = 0, rb_mech = {bv_len = 0, bv_val = 0x0}}, oq_compare = {rs_ava = 0x0}, oq_modify = {rs_mods = {rs_modlist = 0x0, rs_no_opattrs = 0 '\000'}, rs_increment = 0}, oq_modrdn = {rs_mods = {rs_modlist = 0x0, rs_no_opattrs = 0 '\000'}, rs_deleteoldrdn = 0, rs_newrdn = {bv_len = 0, bv_val = 0x0}, rs_nnewrdn = {bv_len = 0, bv_val = 0x0}, rs_newSup = 0x0, rs_nnewSup = 0x0}, oq_search = {rs_scope = 0, rs_deref = 0, rs_slimit = 0, rs_tlimit = 0, rs_limit = 0x0, rs_attrsonly = 0, rs_attrs = 0x0, rs_filter = 0x0, rs_filterstr = {bv_len = 0, bv_val = 0x0}}, oq_abandon = {rs_msgid = 0}, oq_cancel = {rs_msgid = 0}, oq_extended = {rs_reqoid = {bv_len = 0, bv_val = 0x0}, rs_flags = 0, rs_reqdata = 0x0}, oq_pwdexop = {rs_extended = {rs_reqoid = {bv_len = 0, bv_val = 0x0}, rs_flags = 0, rs_reqdata = 0x0}, rs_old = {bv_len = 0, bv_val = 0x0}, rs_new = {bv_len = 0, bv_val = 0x0}, rs_mods = 0x0, rs_modtail = 0x0}}, o_abandon = 0, o_cancel = 0, o_groups = 0x0, o_do_not_cache = 0 '\000', o_is_auth_check = 0 '\000', o_dont_replicate = 0 '\000', o_acl_priv = ACL_NONE, o_nocaching = 0 '\000', o_delete_glue_parent = 0 '\000', o_no_schema_check = 0 '\000', o_no_subordinate_glue = 0 '\000', o_ctrlflag = '\000' <repeats 31 times>, o_controls = 0x0, o_authz = {sai_method = 0, sai_mech = {bv_len = 0, bv_val = 0x0}, sai_dn = {bv_len = 0, bv_val = 0x0}, sai_ndn = {bv_len = 0, bv_val = 0x0}, sai_ssf = 0, sai_transport_ssf = 0, sai_tls_ssf = 0, sai_sasl_ssf = 0}, o_ber = 0x0, o_res_ber = 0x0, o_callback = 0x0, o_ctrls = 0x0, o_csn = {bv_len = 0, bv_val = 0x0}, o_private = 0x0, o_extra = {slh_first = 0x0}, o_next = { stqe_next = 0x0}} rs2 = {sr_type = REP_RESULT, sr_tag = 0, sr_msgid = 0, sr_err = 0, sr_matched = 0x0, sr_text = 0x0, sr_ref = 0x0, sr_ctrls = 0x0, sr_un = {sru_search = {r_entry = 0x0, r_attr_flags = 0, r_operational_attrs = 0x0, r_attrs = 0x0, r_nentries = 0, r_v2ref = 0x0}, sru_sasl = {r_sasldata = 0x0}, sru_extended = {r_rspoid = 0x0, r_rspdata = 0x0}}, sr_flags = 0}
--On Friday, July 08, 2016 12:01 AM +0000 quanah@openldap.org wrote: > Full_Name: Quanah Gibson-Mount > Version: 2.4.44+ITS8432 > OS: Linux 3.13 > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (75.111.52.177) Also seeing this in 2.4.44 w/o ITS 8432, so not related to that fix. Hitting multiple customers. Here's a backtrace from a different client. See Thread 1 Frame 11 or so. bash-4.1$ sudo gdb /opt/zimbra/openldap/sbin/slapd core.dbm101.slapd.30072.3001.3001.6.1469196958 GNU gdb (GDB) Red Hat Enterprise Linux (7.2-83.el6) Copyright (C) 2010 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /opt/zimbra/openldap-2.4.39.2z/sbin/slapd...done. [New Thread 1946] [New Thread 4428] [New Thread 1937] [New Thread 1945] [New Thread 1944] [New Thread 4430] [New Thread 570] [New Thread 30307] [New Thread 30305] [New Thread 30194] [New Thread 30182] [New Thread 30076] [New Thread 30075] [New Thread 30074] [New Thread 30073] [New Thread 4429] [New Thread 30072] [New Thread 4431] Reading symbols from /opt/zimbra/tcmalloc/lib/libtcmalloc_minimal.so...done. Loaded symbols for /opt/zimbra/tcmalloc/lib/libtcmalloc_minimal.so Reading symbols from /opt/zimbra/openldap-2.4.39.2z/lib/libldap_r-2.4.so.2...done. Loaded symbols for /opt/zimbra/openldap-2.4.39.2z/lib/libldap_r-2.4.so.2 Reading symbols from /opt/zimbra/openldap-2.4.39.2z/lib/liblber-2.4.so.2...done. Loaded symbols for /opt/zimbra/openldap-2.4.39.2z/lib/liblber-2.4.so.2 Reading symbols from /opt/zimbra/libtool-2.2.6b/lib/libltdl.so.7...done. Loaded symbols for /opt/zimbra/libtool-2.2.6b/lib/libltdl.so.7 Reading symbols from /opt/zimbra/cyrus-sasl-2.1.26.2z/lib/libsasl2.so.3...done. Loaded symbols for /opt/zimbra/cyrus-sasl-2.1.26.2z/lib/libsasl2.so.3 Reading symbols from /lib64/libdl.so.2...(no debugging symbols found)...done. Loaded symbols for /lib64/libdl.so.2 Reading symbols from /opt/zimbra/openssl-1.0.1j/lib/libssl.so.1.0.0...done. Loaded symbols for /opt/zimbra/openssl-1.0.1j/lib/libssl.so.1.0.0 Reading symbols from /opt/zimbra/openssl-1.0.1j/lib/libcrypto.so.1.0.0...done. Loaded symbols for /opt/zimbra/openssl-1.0.1j/lib/libcrypto.so.1.0.0 Reading symbols from /lib64/libcrypt.so.1...(no debugging symbols found)...done. Loaded symbols for /lib64/libcrypt.so.1 Reading symbols from /lib64/libresolv.so.2...(no debugging symbols found)...done. Loaded symbols for /lib64/libresolv.so.2 Reading symbols from /lib64/libpthread.so.0...(no debugging symbols found)...done. [Thread debugging using libthread_db enabled] Loaded symbols for /lib64/libpthread.so.0 Reading symbols from /lib64/libc.so.6...(no debugging symbols found)...done. Loaded symbols for /lib64/libc.so.6 Reading symbols from /usr/lib64/libstdc++.so.6...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libstdc++.so.6 Reading symbols from /lib64/libm.so.6...(no debugging symbols found)...done. Loaded symbols for /lib64/libm.so.6 Reading symbols from /lib64/libgcc_s.so.1...(no debugging symbols found)...done. Loaded symbols for /lib64/libgcc_s.so.1 Reading symbols from /lib64/ld-linux-x86-64.so.2...(no debugging symbols found)...done. Loaded symbols for /lib64/ld-linux-x86-64.so.2 Reading symbols from /lib64/libfreebl3.so...(no debugging symbols found)...done. Loaded symbols for /lib64/libfreebl3.so Reading symbols from /lib64/libnss_files.so.2...(no debugging symbols found)...done. Loaded symbols for /lib64/libnss_files.so.2 Reading symbols from /opt/zimbra/cyrus-sasl-2.1.26.2z/lib/sasl2/libgssapiv2.so.3...done. Loaded symbols for /opt/zimbra/cyrus-sasl-2.1.26.2z/lib/sasl2/libgssapiv2.so.3 Reading symbols from /opt/zimbra/heimdal-1.5.2/lib/libgssapi.so.3...done. Loaded symbols for /opt/zimbra/heimdal-1.5.2/lib/libgssapi.so.3 Reading symbols from /opt/zimbra/heimdal-1.5.2/lib/libheimntlm.so.0...done. Loaded symbols for /opt/zimbra/heimdal-1.5.2/lib/libheimntlm.so.0 Reading symbols from /opt/zimbra/heimdal-1.5.2/lib/libkrb5.so.26...done. Loaded symbols for /opt/zimbra/heimdal-1.5.2/lib/libkrb5.so.26 Reading symbols from /opt/zimbra/heimdal-1.5.2/lib/libheimbase.so.1...done. Loaded symbols for /opt/zimbra/heimdal-1.5.2/lib/libheimbase.so.1 Reading symbols from /opt/zimbra/heimdal-1.5.2/lib/libhx509.so.5...done. Loaded symbols for /opt/zimbra/heimdal-1.5.2/lib/libhx509.so.5 Reading symbols from /opt/zimbra/heimdal-1.5.2/lib/libwind.so.0...done. Loaded symbols for /opt/zimbra/heimdal-1.5.2/lib/libwind.so.0 Reading symbols from /opt/zimbra/heimdal-1.5.2/lib/libheimsqlite.so.0...done. Loaded symbols for /opt/zimbra/heimdal-1.5.2/lib/libheimsqlite.so.0 Reading symbols from /opt/zimbra/heimdal-1.5.2/lib/libasn1.so.8...done. Loaded symbols for /opt/zimbra/heimdal-1.5.2/lib/libasn1.so.8 Reading symbols from /opt/zimbra/heimdal-1.5.2/lib/libroken.so.18...done. Loaded symbols for /opt/zimbra/heimdal-1.5.2/lib/libroken.so.18 Reading symbols from /opt/zimbra/heimdal-1.5.2/lib/libcom_err.so.1...done. Loaded symbols for /opt/zimbra/heimdal-1.5.2/lib/libcom_err.so.1 Reading symbols from /opt/zimbra/cyrus-sasl-2.1.26.2z/lib/sasl2/liblogin.so.3...done. Loaded symbols for /opt/zimbra/cyrus-sasl-2.1.26.2z/lib/sasl2/liblogin.so.3 Reading symbols from /opt/zimbra/cyrus-sasl-2.1.26.2z/lib/sasl2/libdigestmd5.so.3...done. Loaded symbols for /opt/zimbra/cyrus-sasl-2.1.26.2z/lib/sasl2/libdigestmd5.so.3 Reading symbols from /opt/zimbra/cyrus-sasl-2.1.26.2z/lib/sasl2/libotp.so.3...done. Loaded symbols for /opt/zimbra/cyrus-sasl-2.1.26.2z/lib/sasl2/libotp.so.3 Reading symbols from /opt/zimbra/cyrus-sasl-2.1.26.2z/lib/sasl2/libanonymous.so.3...done. Loaded symbols for /opt/zimbra/cyrus-sasl-2.1.26.2z/lib/sasl2/libanonymous.so.3 Reading symbols from /opt/zimbra/cyrus-sasl-2.1.26.2z/lib/sasl2/libplain.so.3...done. Loaded symbols for /opt/zimbra/cyrus-sasl-2.1.26.2z/lib/sasl2/libplain.so.3 Reading symbols from /opt/zimbra/cyrus-sasl-2.1.26.2z/lib/sasl2/libcrammd5.so.3...done. Loaded symbols for /opt/zimbra/cyrus-sasl-2.1.26.2z/lib/sasl2/libcrammd5.so.3 Reading symbols from /opt/zimbra/cyrus-sasl-2.1.26.2z/lib/sasl2/libscram.so.3...done. Loaded symbols for /opt/zimbra/cyrus-sasl-2.1.26.2z/lib/sasl2/libscram.so.3 Reading symbols from /opt/zimbra/cyrus-sasl-2.1.26.2z/lib/sasl2/libgs2.so.3...done. Loaded symbols for /opt/zimbra/cyrus-sasl-2.1.26.2z/lib/sasl2/libgs2.so.3 Reading symbols from /opt/zimbra/openldap-2.4.39.2z/sbin/openldap/back_mdb-2.4.so.2...done. Loaded symbols for /opt/zimbra/openldap-2.4.39.2z/sbin/openldap/back_mdb-2.4.so.2 Reading symbols from /opt/zimbra/openldap-2.4.39.2z/sbin/openldap/back_monitor-2.4.so.2...done. Loaded symbols for /opt/zimbra/openldap-2.4.39.2z/sbin/openldap/back_monitor-2.4.so.2 Reading symbols from /opt/zimbra/openldap-2.4.39.2z/sbin/openldap/syncprov-2.4.so.2...done. Loaded symbols for /opt/zimbra/openldap-2.4.39.2z/sbin/openldap/syncprov-2.4.so.2 Reading symbols from /opt/zimbra/openldap-2.4.39.2z/sbin/openldap/accesslog-2.4.so.2...done. Loaded symbols for /opt/zimbra/openldap-2.4.39.2z/sbin/openldap/accesslog-2.4.so.2 Reading symbols from /opt/zimbra/openldap-2.4.39.2z/sbin/openldap/dynlist-2.4.so.2...done. Loaded symbols for /opt/zimbra/openldap-2.4.39.2z/sbin/openldap/dynlist-2.4.so.2 Reading symbols from /opt/zimbra/openldap-2.4.39.2z/sbin/openldap/unique-2.4.so.2...done. Loaded symbols for /opt/zimbra/openldap-2.4.39.2z/sbin/openldap/unique-2.4.so.2 Reading symbols from /opt/zimbra/openldap-2.4.39.2z/sbin/openldap/noopsrch.so.0...done. Loaded symbols for /opt/zimbra/openldap-2.4.39.2z/sbin/openldap/noopsrch.so.0 Reading symbols from /opt/zimbra/openldap-2.4.39.2z/sbin/openldap/pw-sha2.so.0...done. Loaded symbols for /opt/zimbra/openldap-2.4.39.2z/sbin/openldap/pw-sha2.so.0 Reading symbols from /lib64/libnss_dns.so.2...(no debugging symbols found)...done. Loaded symbols for /lib64/libnss_dns.so.2 Core was generated by `/opt/zimbra/openldap/sbin/slapd -l LOCAL0 -u zimbra -h ldap://dbm101.dcs.int.in'. Program terminated with signal 6, Aborted. #0 0x000000344a2325e5 in raise () from /lib64/libc.so.6 Missing separate debuginfos, use: debuginfo-install zimbra-ldap-8.6.0_GA_1153.RHEL6_64-20141215151258.x86_64 (gdb) thread apply all bt full Thread 18 (Thread 0x7f7937902700 (LWP 4431)): #0 0x000000344a60b68c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 No symbol table info available. #1 0x00007f8cf3611c2f in ldap_pvt_thread_cond_wait (cond=0x1648038, mutex=0x1648010) at thr_posix.c:277 No locals. #2 0x00007f8cf361047d in ldap_int_thread_pool_wrapper (xpool=0x1648000) at tpool.c:938 pq = 0x1648000 pool = 0x180c180 task = 0x0 work_list = 0x1648070 ctx = {ltu_pq = 0x1648000, ltu_id = 140158599964416, ltu_key = {{ltk_key = 0x43a3b7, ltk_data = 0xb95fe00, ltk_free = 0x43a1fb <conn_counter_destroy>}, {ltk_key = 0x4ae237, ltk_data = 0xb960240, ltk_free = 0x4ae05c <slap_sl_mem_destroy>}, { ltk_key = 0x1810d00, ltk_data = 0x65ece00, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, {ltk_key = 0x7f8cefc375b4, ltk_data = 0x162ec000, ltk_free = 0x7f8cefc37591 <search_stack_free>}, {ltk_key = 0x7f8cefc34071, ltk_data = 0x15fec000, ltk_free = 0x7f8cefc34029 <scope_chunk_free>}, {ltk_key = 0x455655, ltk_data = 0xcdc43c0, ltk_free = 0x4555a8 <slap_op_q_destroy>}, {ltk_key = 0x0, ltk_data = 0xb937600, ltk_free = 0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0} <repeats 25 times>}} kctx = 0x0 i = 32 keyslot = 838 hash = 3023418182 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x000000344a607aa1 in start_thread () from /lib64/libpthread.so.0 No symbol table info available. #4 0x000000344a2e8aad in clone () from /lib64/libc.so.6 No symbol table info available. Thread 17 (Thread 0x7f8cf2951720 (LWP 30072)): #0 0x000000344a6082fd in pthread_join () from /lib64/libpthread.so.0 No symbol table info available. #1 0x00007f8cf3611b70 in ldap_pvt_thread_join (thread=140158736410368, thread_return=0x0) at thr_posix.c:197 No locals. #2 0x0000000000437826 in slapd_daemon () at daemon.c:2910 i = 0 rc = 0 #3 0x0000000000414c02 in main (argc=9, argv=0x7ffdcd11c808) at main.c:1017 i = 9 no_detach = 0 rc = 0 urls = 0x161c000 "ldap://dbm101.dcs.int.inet:389 ldapi:///" username = 0x160c010 "root" groupname = 0x0 sandbox = 0x0 syslogUser = 128 pid = 0 waitfds = {9, 10} g_argc = 9 g_argv = 0x7ffdcd11c808 configfile = 0x0 configdir = 0x1610020 "/opt/zimbra/data/ldap/config" serverName = 0x7ffdcd11ccda "slapd" serverMode = 1 scp = 0x0 scp_entry = 0x0 debug_unknowns = 0x0 syslog_unknowns = 0x0 serverNamePrefix = 0x4f2708 "" l = 5186032 slapd_pid_file_unlink = 1 ---Type <return> to continue, or q <return> to quit--- slapd_args_file_unlink = 1 firstopt = 0 __PRETTY_FUNCTION__ = "main" Thread 16 (Thread 0x7f7938904700 (LWP 4429)): #0 0x000000344a60b68c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 No symbol table info available. #1 0x00007f8cf3611c2f in ldap_pvt_thread_cond_wait (cond=0x1648038, mutex=0x1648010) at thr_posix.c:277 No locals. #2 0x00007f8cf361047d in ldap_int_thread_pool_wrapper (xpool=0x1648000) at tpool.c:938 pq = 0x1648000 pool = 0x180c180 task = 0x0 work_list = 0x1648070 ctx = {ltu_pq = 0x1648000, ltu_id = 140158616749824, ltu_key = {{ltk_key = 0x43a3b7, ltk_data = 0xb95fd00, ltk_free = 0x43a1fb <conn_counter_destroy>}, {ltk_key = 0x4ae237, ltk_data = 0xb963e00, ltk_free = 0x4ae05c <slap_sl_mem_destroy>}, { ltk_key = 0x1810d00, ltk_data = 0xe1d8200, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, {ltk_key = 0x7f8cefc375b4, ltk_data = 0x14ee4000, ltk_free = 0x7f8cefc37591 <search_stack_free>}, {ltk_key = 0x7f8cefc34071, ltk_data = 0x14be4000, ltk_free = 0x7f8cefc34029 <scope_chunk_free>}, {ltk_key = 0x455655, ltk_data = 0xcdc4780, ltk_free = 0x4555a8 <slap_op_q_destroy>}, {ltk_key = 0x0, ltk_data = 0xe2de400, ltk_free = 0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0} <repeats 25 times>}} kctx = 0x0 i = 32 keyslot = 103 hash = 1399815271 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x000000344a607aa1 in start_thread () from /lib64/libpthread.so.0 No symbol table info available. #4 0x000000344a2e8aad in clone () from /lib64/libc.so.6 No symbol table info available. Thread 15 (Thread 0x7f793fb22700 (LWP 30073)): #0 0x000000344a2e90a3 in epoll_wait () from /lib64/libc.so.6 No symbol table info available. #1 0x00000000004366cb in slapd_daemon_task (ptr=0x160de28) at daemon.c:2517 ns = 1 at = 0 nfds = 22 revents = 0x16ac000 tvp = 0x7f793fb21d80 cat = {tv_sec = 1469200847, tv_usec = 0} i = 1 nwriters = 0 now = 1469196957 tv = {tv_sec = 3890, tv_usec = 0} tdelta = 1 rtask = 0x1639ef0 l = 2 last_idle_check = 1469128847 ebadf = 0 tid = 0 #2 0x000000344a607aa1 in start_thread () from /lib64/libpthread.so.0 No symbol table info available. #3 0x000000344a2e8aad in clone () from /lib64/libc.so.6 No symbol table info available. Thread 14 (Thread 0x7f793f321700 (LWP 30074)): #0 0x000000344a60b68c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 No symbol table info available. #1 0x00007f8cf3611c2f in ldap_pvt_thread_cond_wait (cond=0x1648038, mutex=0x1648010) at thr_posix.c:277 ---Type <return> to continue, or q <return> to quit--- No locals. #2 0x00007f8cf361047d in ldap_int_thread_pool_wrapper (xpool=0x1648000) at tpool.c:938 pq = 0x1648000 pool = 0x180c180 task = 0x0 work_list = 0x1648070 ctx = {ltu_pq = 0x1648000, ltu_id = 140158728017664, ltu_key = {{ltk_key = 0x4ae237, ltk_data = 0x3be8000, ltk_free = 0x4ae05c <slap_sl_mem_destroy>}, {ltk_key = 0x1811400, ltk_data = 0x3cec000, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, { ltk_key = 0x43a3b7, ltk_data = 0x1811700, ltk_free = 0x43a1fb <conn_counter_destroy>}, {ltk_key = 0x1810d00, ltk_data = 0x3cf4200, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, {ltk_key = 0x7f8cefc375b4, ltk_data = 0x552c000, ltk_free = 0x7f8cefc37591 <search_stack_free>}, {ltk_key = 0x7f8cefc34071, ltk_data = 0x522c000, ltk_free = 0x7f8cefc34029 <scope_chunk_free>}, {ltk_key = 0x455655, ltk_data = 0xcdb3680, ltk_free = 0x4555a8 <slap_op_q_destroy>}, { ltk_key = 0x0, ltk_data = 0xb937600, ltk_free = 0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 480 hash = 3389295072 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x000000344a607aa1 in start_thread () from /lib64/libpthread.so.0 No symbol table info available. #4 0x000000344a2e8aad in clone () from /lib64/libc.so.6 No symbol table info available. Thread 13 (Thread 0x7f793eb20700 (LWP 30075)): #0 0x000000344a60b68c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 No symbol table info available. #1 0x00007f8cf3611c2f in ldap_pvt_thread_cond_wait (cond=0x1648038, mutex=0x1648010) at thr_posix.c:277 No locals. #2 0x00007f8cf361047d in ldap_int_thread_pool_wrapper (xpool=0x1648000) at tpool.c:938 pq = 0x1648000 pool = 0x180c180 task = 0x0 work_list = 0x1648070 ctx = {ltu_pq = 0x1648000, ltu_id = 140158719624960, ltu_key = {{ltk_key = 0x4ae237, ltk_data = 0x3be8040, ltk_free = 0x4ae05c <slap_sl_mem_destroy>}, {ltk_key = 0x1811400, ltk_data = 0x3ceda00, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, { ltk_key = 0x7f8cefc375b4, ltk_data = 0x4208000, ltk_free = 0x7f8cefc37591 <search_stack_free>}, {ltk_key = 0x7f8cefc34071, ltk_data = 0x3f08000, ltk_free = 0x7f8cefc34029 <scope_chunk_free>}, {ltk_key = 0x43a3b7, ltk_data = 0x1811600, ltk_free = 0x43a1fb <conn_counter_destroy>}, {ltk_key = 0x1810d00, ltk_data = 0x3cf0e00, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, {ltk_key = 0x455655, ltk_data = 0xe302f00, ltk_free = 0x4555a8 <slap_op_q_destroy>}, {ltk_key = 0x0, ltk_data = 0xcd5d600, ltk_free = 0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 79 hash = 3478264911 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x000000344a607aa1 in start_thread () from /lib64/libpthread.so.0 No symbol table info available. #4 0x000000344a2e8aad in clone () from /lib64/libc.so.6 No symbol table info available. Thread 12 (Thread 0x7f793e31f700 (LWP 30076)): #0 0x000000344a60b68c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 No symbol table info available. #1 0x00007f8cf3611c2f in ldap_pvt_thread_cond_wait (cond=0x1648038, mutex=0x1648010) at thr_posix.c:277 No locals. #2 0x00007f8cf361047d in ldap_int_thread_pool_wrapper (xpool=0x1648000) at tpool.c:938 pq = 0x1648000 pool = 0x180c180 task = 0x0 work_list = 0x1648070 ctx = {ltu_pq = 0x1648000, ltu_id = 140158711232256, ltu_key = {{ltk_key = 0x4ae237, ltk_data = 0x3be8080, ltk_free = 0x4ae05c <slap_sl_mem_destroy>}, {ltk_key = 0x1810d00, ltk_data = 0x3cef400, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, { ---Type <return> to continue, or q <return> to quit--- ltk_key = 0x43a3b7, ltk_data = 0x1812500, ltk_free = 0x43a1fb <conn_counter_destroy>}, {ltk_key = 0x7f8cefc375b4, ltk_data = 0xbd44000, ltk_free = 0x7f8cefc37591 <search_stack_free>}, {ltk_key = 0x7f8cefc34071, ltk_data = 0xba44000, ltk_free = 0x7f8cefc34029 <scope_chunk_free>}, {ltk_key = 0x455655, ltk_data = 0x1367a780, ltk_free = 0x4555a8 <slap_op_q_destroy>}, {ltk_key = 0x0, ltk_data = 0xe26c800, ltk_free = 0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0} <repeats 25 times>}} kctx = 0x0 i = 32 keyslot = 222 hash = 651182302 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x000000344a607aa1 in start_thread () from /lib64/libpthread.so.0 No symbol table info available. #4 0x000000344a2e8aad in clone () from /lib64/libc.so.6 No symbol table info available. Thread 11 (Thread 0x7f793d90e700 (LWP 30182)): #0 0x000000344a60b68c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 No symbol table info available. #1 0x00007f8cf3611c2f in ldap_pvt_thread_cond_wait (cond=0x1648038, mutex=0x1648010) at thr_posix.c:277 No locals. #2 0x00007f8cf361047d in ldap_int_thread_pool_wrapper (xpool=0x1648000) at tpool.c:938 pq = 0x1648000 pool = 0x180c180 task = 0x0 work_list = 0x1648070 ctx = {ltu_pq = 0x1648000, ltu_id = 140158700676864, ltu_key = {{ltk_key = 0x43a3b7, ltk_data = 0x1810200, ltk_free = 0x43a1fb <conn_counter_destroy>}, {ltk_key = 0x4ae237, ltk_data = 0x3beab40, ltk_free = 0x4ae05c <slap_sl_mem_destroy>}, { ltk_key = 0x1810d00, ltk_data = 0x660e000, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, {ltk_key = 0x7f8cefc375b4, ltk_data = 0x6a24000, ltk_free = 0x7f8cefc37591 <search_stack_free>}, {ltk_key = 0x7f8cefc34071, ltk_data = 0x6724000, ltk_free = 0x7f8cefc34029 <scope_chunk_free>}, {ltk_key = 0x455655, ltk_data = 0x1b13a40, ltk_free = 0x4555a8 <slap_op_q_destroy>}, {ltk_key = 0x1811400, ltk_data = 0x6616200, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, {ltk_key = 0x0, ltk_data = 0xe26c800, ltk_free = 0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 12 hash = 1889019916 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x000000344a607aa1 in start_thread () from /lib64/libpthread.so.0 No symbol table info available. #4 0x000000344a2e8aad in clone () from /lib64/libc.so.6 No symbol table info available. Thread 10 (Thread 0x7f793d10d700 (LWP 30194)): #0 0x000000344a60b68c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 No symbol table info available. #1 0x00007f8cf3611c2f in ldap_pvt_thread_cond_wait (cond=0x1648038, mutex=0x1648010) at thr_posix.c:277 No locals. #2 0x00007f8cf361047d in ldap_int_thread_pool_wrapper (xpool=0x1648000) at tpool.c:938 pq = 0x1648000 pool = 0x180c180 task = 0x0 work_list = 0x1648070 ctx = {ltu_pq = 0x1648000, ltu_id = 140158692284160, ltu_key = {{ltk_key = 0x43a3b7, ltk_data = 0x1811f00, ltk_free = 0x43a1fb <conn_counter_destroy>}, {ltk_key = 0x4ae237, ltk_data = 0x3be85c0, ltk_free = 0x4ae05c <slap_sl_mem_destroy>}, { ltk_key = 0x1810d00, ltk_data = 0x6614800, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, {ltk_key = 0x7f8cefc375b4, ltk_data = 0x7ed2000, ltk_free = 0x7f8cefc37591 <search_stack_free>}, {ltk_key = 0x7f8cefc34071, ltk_data = 0x7bd2000, ltk_free = 0x7f8cefc34029 <scope_chunk_free>}, {ltk_key = 0x455655, ltk_data = 0x1877ba40, ltk_free = 0x4555a8 <slap_op_q_destroy>}, {ltk_key = 0x1811400, ltk_data = 0x8ed6000, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, {ltk_key = 0x0, ltk_data = 0x189ec000, ltk_free = 0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 124 hash = 3414731900 ---Type <return> to continue, or q <return> to quit--- pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x000000344a607aa1 in start_thread () from /lib64/libpthread.so.0 No symbol table info available. #4 0x000000344a2e8aad in clone () from /lib64/libc.so.6 No symbol table info available. Thread 9 (Thread 0x7f793c90c700 (LWP 30305)): #0 0x000000344a60b68c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 No symbol table info available. #1 0x00007f8cf3611c2f in ldap_pvt_thread_cond_wait (cond=0x1648038, mutex=0x1648010) at thr_posix.c:277 No locals. #2 0x00007f8cf361047d in ldap_int_thread_pool_wrapper (xpool=0x1648000) at tpool.c:938 pq = 0x1648000 pool = 0x180c180 task = 0x0 work_list = 0x1648070 ctx = {ltu_pq = 0x1648000, ltu_id = 140158683891456, ltu_key = {{ltk_key = 0x43a3b7, ltk_data = 0x1811800, ltk_free = 0x43a1fb <conn_counter_destroy>}, {ltk_key = 0x4ae237, ltk_data = 0x3bea840, ltk_free = 0x4ae05c <slap_sl_mem_destroy>}, { ltk_key = 0x1810d00, ltk_data = 0x8ed9400, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, {ltk_key = 0x7f8cefc375b4, ltk_data = 0x92ea000, ltk_free = 0x7f8cefc37591 <search_stack_free>}, {ltk_key = 0x7f8cefc34071, ltk_data = 0x8fea000, ltk_free = 0x7f8cefc34029 <scope_chunk_free>}, {ltk_key = 0x455655, ltk_data = 0xcdb41c0, ltk_free = 0x4555a8 <slap_op_q_destroy>}, {ltk_key = 0x0, ltk_data = 0xb732000, ltk_free = 0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0} <repeats 25 times>}} kctx = 0x0 i = 32 keyslot = 747 hash = 3503701739 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x000000344a607aa1 in start_thread () from /lib64/libpthread.so.0 No symbol table info available. #4 0x000000344a2e8aad in clone () from /lib64/libc.so.6 No symbol table info available. Thread 8 (Thread 0x7f793c10b700 (LWP 30307)): #0 0x000000344a60b68c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 No symbol table info available. #1 0x00007f8cf3611c2f in ldap_pvt_thread_cond_wait (cond=0x1648038, mutex=0x1648010) at thr_posix.c:277 No locals. #2 0x00007f8cf361047d in ldap_int_thread_pool_wrapper (xpool=0x1648000) at tpool.c:938 pq = 0x1648000 pool = 0x180c180 task = 0x0 work_list = 0x1648070 ctx = {ltu_pq = 0x1648000, ltu_id = 140158675498752, ltu_key = {{ltk_key = 0x43a3b7, ltk_data = 0x1811b00, ltk_free = 0x43a1fb <conn_counter_destroy>}, {ltk_key = 0x4ae237, ltk_data = 0x3beb280, ltk_free = 0x4ae05c <slap_sl_mem_destroy>}, { ltk_key = 0x1810d00, ltk_data = 0x8edae00, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, {ltk_key = 0x7f8cefc375b4, ltk_data = 0xa6ea000, ltk_free = 0x7f8cefc37591 <search_stack_free>}, {ltk_key = 0x7f8cefc34071, ltk_data = 0xa3ea000, ltk_free = 0x7f8cefc34029 <scope_chunk_free>}, {ltk_key = 0x455655, ltk_data = 0x1debc00, ltk_free = 0x4555a8 <slap_op_q_destroy>}, {ltk_key = 0x0, ltk_data = 0x194a0000, ltk_free = 0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0} <repeats 25 times>}} kctx = 0x0 i = 32 keyslot = 859 hash = 734446427 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x000000344a607aa1 in start_thread () from /lib64/libpthread.so.0 No symbol table info available. #4 0x000000344a2e8aad in clone () from /lib64/libc.so.6 No symbol table info available. ---Type <return> to continue, or q <return> to quit--- Thread 7 (Thread 0x7f793b90a700 (LWP 570)): #0 0x000000344a60b68c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 No symbol table info available. #1 0x00007f8cf3611c2f in ldap_pvt_thread_cond_wait (cond=0x1648038, mutex=0x1648010) at thr_posix.c:277 No locals. #2 0x00007f8cf361047d in ldap_int_thread_pool_wrapper (xpool=0x1648000) at tpool.c:938 pq = 0x1648000 pool = 0x180c180 task = 0x0 work_list = 0x1648070 ctx = {ltu_pq = 0x1648000, ltu_id = 140158667106048, ltu_key = {{ltk_key = 0x43a3b7, ltk_data = 0x1dd7900, ltk_free = 0x43a1fb <conn_counter_destroy>}, {ltk_key = 0x4ae237, ltk_data = 0x7a582c0, ltk_free = 0x4ae05c <slap_sl_mem_destroy>}, { ltk_key = 0x1810d00, ltk_data = 0x6611400, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, {ltk_key = 0x7f8cefc375b4, ltk_data = 0xd1cc000, ltk_free = 0x7f8cefc37591 <search_stack_free>}, {ltk_key = 0x7f8cefc34071, ltk_data = 0xcecc000, ltk_free = 0x7f8cefc34029 <scope_chunk_free>}, {ltk_key = 0x455655, ltk_data = 0x18720f00, ltk_free = 0x4555a8 <slap_op_q_destroy>}, {ltk_key = 0x0, ltk_data = 0x18b8c400, ltk_free = 0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0} <repeats 25 times>}} kctx = 0x0 i = 32 keyslot = 458 hash = 832337354 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x000000344a607aa1 in start_thread () from /lib64/libpthread.so.0 No symbol table info available. #4 0x000000344a2e8aad in clone () from /lib64/libc.so.6 No symbol table info available. Thread 6 (Thread 0x7f7938103700 (LWP 4430)): #0 0x000000344a60b68c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 No symbol table info available. #1 0x00007f8cf3611c2f in ldap_pvt_thread_cond_wait (cond=0x1648038, mutex=0x1648010) at thr_posix.c:277 No locals. #2 0x00007f8cf361047d in ldap_int_thread_pool_wrapper (xpool=0x1648000) at tpool.c:938 pq = 0x1648000 pool = 0x180c180 task = 0x0 work_list = 0x1648070 ctx = {ltu_pq = 0x1648000, ltu_id = 140158608357120, ltu_key = {{ltk_key = 0x43a3b7, ltk_data = 0xb95ff00, ltk_free = 0x43a1fb <conn_counter_destroy>}, {ltk_key = 0x4ae237, ltk_data = 0xb960200, ltk_free = 0x4ae05c <slap_sl_mem_destroy>}, { ltk_key = 0x1810d00, ltk_data = 0x65f0200, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, {ltk_key = 0x7f8cefc375b4, ltk_data = 0x176f0000, ltk_free = 0x7f8cefc37591 <search_stack_free>}, {ltk_key = 0x7f8cefc34071, ltk_data = 0x173f0000, ltk_free = 0x7f8cefc34029 <scope_chunk_free>}, {ltk_key = 0x455655, ltk_data = 0x1367ba40, ltk_free = 0x4555a8 <slap_op_q_destroy>}, {ltk_key = 0x0, ltk_data = 0xcd5d600, ltk_free = 0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0} <repeats 25 times>}} kctx = 0x0 i = 32 keyslot = 215 hash = 2925527255 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x000000344a607aa1 in start_thread () from /lib64/libpthread.so.0 No symbol table info available. #4 0x000000344a2e8aad in clone () from /lib64/libc.so.6 No symbol table info available. Thread 5 (Thread 0x7f793a908700 (LWP 1944)): #0 0x000000344a60b68c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 No symbol table info available. #1 0x00007f8cf3611c2f in ldap_pvt_thread_cond_wait (cond=0x1648038, mutex=0x1648010) at thr_posix.c:277 No locals. #2 0x00007f8cf361047d in ldap_int_thread_pool_wrapper (xpool=0x1648000) at tpool.c:938 ---Type <return> to continue, or q <return> to quit--- pq = 0x1648000 pool = 0x180c180 task = 0x0 work_list = 0x1648070 ctx = {ltu_pq = 0x1648000, ltu_id = 140158650320640, ltu_key = {{ltk_key = 0x43a3b7, ltk_data = 0x656fe00, ltk_free = 0x43a1fb <conn_counter_destroy>}, {ltk_key = 0x4ae237, ltk_data = 0x3be92c0, ltk_free = 0x4ae05c <slap_sl_mem_destroy>}, { ltk_key = 0x1810d00, ltk_data = 0x660fa00, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, {ltk_key = 0x7f8cefc375b4, ltk_data = 0xfd0c000, ltk_free = 0x7f8cefc37591 <search_stack_free>}, {ltk_key = 0x7f8cefc34071, ltk_data = 0xfa0c000, ltk_free = 0x7f8cefc34029 <scope_chunk_free>}, {ltk_key = 0x455655, ltk_data = 0x1877d0c0, ltk_free = 0x4555a8 <slap_op_q_destroy>}, {ltk_key = 0x1811400, ltk_data = 0x187ea800, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, {ltk_key = 0x0, ltk_data = 0x7a34800, ltk_free = 0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 425 hash = 2456219049 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x000000344a607aa1 in start_thread () from /lib64/libpthread.so.0 No symbol table info available. #4 0x000000344a2e8aad in clone () from /lib64/libc.so.6 No symbol table info available. Thread 4 (Thread 0x7f793a107700 (LWP 1945)): #0 0x000000344a60b68c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 No symbol table info available. #1 0x00007f8cf3611c2f in ldap_pvt_thread_cond_wait (cond=0x1648038, mutex=0x1648010) at thr_posix.c:277 No locals. #2 0x00007f8cf361047d in ldap_int_thread_pool_wrapper (xpool=0x1648000) at tpool.c:938 pq = 0x1648000 pool = 0x180c180 task = 0x0 work_list = 0x1648070 ctx = {ltu_pq = 0x1648000, ltu_id = 140158641927936, ltu_key = {{ltk_key = 0x43a3b7, ltk_data = 0x6570300, ltk_free = 0x43a1fb <conn_counter_destroy>}, {ltk_key = 0x4ae237, ltk_data = 0x3bea3c0, ltk_free = 0x4ae05c <slap_sl_mem_destroy>}, { ltk_key = 0x1810d00, ltk_data = 0x8ed7a00, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, {ltk_key = 0x7f8cefc375b4, ltk_data = 0x1110c000, ltk_free = 0x7f8cefc37591 <search_stack_free>}, {ltk_key = 0x7f8cefc34071, ltk_data = 0x10e0c000, ltk_free = 0x7f8cefc34029 <scope_chunk_free>}, {ltk_key = 0x455655, ltk_data = 0xcdc5a40, ltk_free = 0x4555a8 <slap_op_q_destroy>}, {ltk_key = 0x0, ltk_data = 0x520c000, ltk_free = 0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0} <repeats 25 times>}} kctx = 0x0 i = 32 keyslot = 537 hash = 3981931033 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x000000344a607aa1 in start_thread () from /lib64/libpthread.so.0 No symbol table info available. #4 0x000000344a2e8aad in clone () from /lib64/libc.so.6 No symbol table info available. Thread 3 (Thread 0x7f793b109700 (LWP 1937)): #0 0x000000344a60b68c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 No symbol table info available. #1 0x00007f8cf3611c2f in ldap_pvt_thread_cond_wait (cond=0x1648038, mutex=0x1648010) at thr_posix.c:277 No locals. #2 0x00007f8cf361047d in ldap_int_thread_pool_wrapper (xpool=0x1648000) at tpool.c:938 pq = 0x1648000 pool = 0x180c180 task = 0x0 work_list = 0x1648070 ctx = {ltu_pq = 0x1648000, ltu_id = 140158658713344, ltu_key = {{ltk_key = 0x43a3b7, ltk_data = 0xe1fc000, ltk_free = 0x43a1fb <conn_counter_destroy>}, {ltk_key = 0x4ae237, ltk_data = 0xba259c0, ltk_free = 0x4ae05c <slap_sl_mem_destroy>}, { ltk_key = 0x1810d00, ltk_data = 0x6612e00, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, {ltk_key = 0x7f8cefc375b4, ltk_data = 0xe90c000, ltk_free = 0x7f8cefc37591 <search_stack_free>}, {ltk_key = 0x7f8cefc34071, ltk_data = 0xe60c000, ltk_free = 0x7f8cefc34029 <scope_chunk_free>}, {ltk_key = 0x455655, ltk_data = 0x18d50780, ltk_free = 0x4555a8 <slap_op_q_destroy>}, {ltk_key = 0x0, ltk_data = 0x520c000, ltk_free = 0}, {ltk_key = 0x0, ltk_data = 0x0, ---Type <return> to continue, or q <return> to quit--- ltk_free = 0} <repeats 25 times>}} kctx = 0x0 i = 32 keyslot = 570 hash = 2358049338 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x000000344a607aa1 in start_thread () from /lib64/libpthread.so.0 No symbol table info available. #4 0x000000344a2e8aad in clone () from /lib64/libc.so.6 No symbol table info available. Thread 2 (Thread 0x7f7939105700 (LWP 4428)): #0 0x000000344a60b68c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 No symbol table info available. #1 0x00007f8cf3611c2f in ldap_pvt_thread_cond_wait (cond=0x1648038, mutex=0x1648010) at thr_posix.c:277 No locals. #2 0x00007f8cf361047d in ldap_int_thread_pool_wrapper (xpool=0x1648000) at tpool.c:938 pq = 0x1648000 pool = 0x180c180 task = 0x0 work_list = 0x1648070 ctx = {ltu_pq = 0x1648000, ltu_id = 140158625142528, ltu_key = {{ltk_key = 0x43a3b7, ltk_data = 0x1bc8800, ltk_free = 0x43a1fb <conn_counter_destroy>}, {ltk_key = 0x4ae237, ltk_data = 0xb963080, ltk_free = 0x4ae05c <slap_sl_mem_destroy>}, { ltk_key = 0x455655, ltk_data = 0xcdb5c00, ltk_free = 0x4555a8 <slap_op_q_destroy>}, {ltk_key = 0x1810d00, ltk_data = 0xe1d0000, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, {ltk_key = 0x7f8cefc375b4, ltk_data = 0x13ada000, ltk_free = 0x7f8cefc37591 <search_stack_free>}, {ltk_key = 0x7f8cefc34071, ltk_data = 0x137da000, ltk_free = 0x7f8cefc34029 <scope_chunk_free>}, {ltk_key = 0x1811400, ltk_data = 0x19188000, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, { ltk_key = 0x0, ltk_data = 0xe393200, ltk_free = 0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 504 hash = 1310845432 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x000000344a607aa1 in start_thread () from /lib64/libpthread.so.0 No symbol table info available. #4 0x000000344a2e8aad in clone () from /lib64/libc.so.6 No symbol table info available. Thread 1 (Thread 0x7f7939906700 (LWP 1946)): #0 0x000000344a2325e5 in raise () from /lib64/libc.so.6 No symbol table info available. #1 0x000000344a233dc5 in abort () from /lib64/libc.so.6 No symbol table info available. #2 0x00007f8cf3873f55 in tcmalloc::Log (mode=tcmalloc::kCrash, filename=<value optimized out>, line=<value optimized out>, a=..., b=..., c=..., d=...) at src/internal_logging.cc:120 state = {static kBufSize = -56, p_ = 0x7f7939903e75 "", end_ = 0x7f7939903ef8 "\017 \210\363\214\177", buf_ = "src/tcmalloc.cc:278] Attempt to free invalid pointer 0x7f7aa5850ad0 \n\000\000\000\a\000\000\000\000\000\000\000\000 \206\363\214\177\000\000\240\341\340I4\000\000\000\005\000\000\000y\177", '\000' <repeats 18 times>"\220, I\206\363\214\177\000\000\000\000\000\000\000\000\000\000 \337\357\000\000\000\000\000\320\n\205\245z\177\000\000\210\271\252\363\214\177\000\000\300i\220\071y\177\000\000\325I\341I4\000\000\000\003\000\000\000y\177\000\000\000\000\000\000\000\000\000\000\026\001\000\000\000\000\000"} msglen = 69 first_crash = true #3 0x00007f8cf386f3f3 in (anonymous namespace)::InvalidFree (ptr=<value optimized out>) at src/tcmalloc.cc:278 No locals. #4 0x00007f8cf387fe25 in free_null_or_invalid (ptr=0x7f7aa5850ad0) at src/tcmalloc.cc:1141 No locals. #5 do_free_helper (ptr=0x7f7aa5850ad0) at src/tcmalloc.cc:1185 span = <value optimized out> p = <value optimized out> cl = <value optimized out> ---Type <return> to continue, or q <return> to quit--- invalid_free_fn = 0x7f8cf386f370 <(anonymous namespace)::InvalidFree(void*)> #6 do_free_with_callback (ptr=0x7f7aa5850ad0) at src/tcmalloc.cc:1225 heap = 0xefdf20 invalid_free_fn = 0x7f8cf386f370 <(anonymous namespace)::InvalidFree(void*)> #7 do_free (ptr=0x7f7aa5850ad0) at src/tcmalloc.cc:1234 No locals. #8 tc_free (ptr=0x7f7aa5850ad0) at src/tcmalloc.cc:1585 No locals. #9 0x00007f8cf33f77d9 in ber_memfree_x (p=0x7f7aa5850ad0, ctx=0x0) at memory.c:152 __PRETTY_FUNCTION__ = "ber_memfree_x" #10 0x00000000004af21b in slap_sl_free (ptr=0x7f7aa5850ad0, ctx=0x3be91c0) at sl_malloc.c:503 sh = 0x3be91c0 size = 25450432 p = 0x7f7aa5850ad0 nextp = 0x44770f tmpp = 0x7f79399040e0 __PRETTY_FUNCTION__ = "slap_sl_free" #11 0x00007f8cef5ded30 in accesslog_entry (op=0x7f79399053f0, rs=0x7f7939904f70, logop=2, op2=0x7f79399042a0) at accesslog.c:1332 on = 0x1a03c20 li = 0x19ebb60 rdnbuf = "reqStart=20160722141557.1000000\000PD\220\071y\177" nrdnbuf = "reqStart=V\313/\000\177\000\000\000\000\000\000\000\000\000\000lB\220\071y\177\000\000\000\000\205\245z\177" rdn = {bv_len = 31, bv_val = 0x7f7939904150 "reqStart=20160722141557.1000000"} nrdn = {bv_len = 17, bv_val = 0x7f7939904120 "reqStart=V\313/"} timestamp = {bv_len = 22, bv_val = 0x7f7939904159 "20160722141557.1000000"} ntimestamp = {bv_len = 8, bv_val = 0x7f7aa5850ad0 <Address 0x7f7aa5850ad0 out of bounds>} bv = {bv_len = 140158633526384, bv_val = 0x7f7939904490 "\002"} lo = 0x7f8cef7e5b50 e = 0x1973d68 #12 0x00007f8cef5df684 in accesslog_response (op=0x7f79399053f0, rs=0x7f7939904f70) at accesslog.c:1528 on = 0x1a03c20 li = 0x19ebb60 a = 0x7f7aa5850810 last_attr = 0x8 m = 0x7f7939904488 b = 0x7f7aa1873ff8 uuid = {bv_len = 36, bv_val = 0x13638d30 "7e6927a6-1cda-1030-907b-0f0bf0d58d6f"} i = 0 logop = 2 do_graduate = 0 lo = 0x7f8cef7e5b50 e = 0x0 old = 0x0 e_uuid = 0x0 timebuf = "\300\210\244\001\000\000\000\000\000`\277\001\000\000\000\000\240D\220\071y\177\000\000U\313/\000\000" bv = {bv_len = 64424509440, bv_val = 0x7f7939904520 "pO\220\071y\177"} ptr = 0x1bf6088 "" vals = 0x1a48800 op2 = {o_hdr = 0x0, o_tag = 0, o_time = 0, o_tincr = 0, o_bd = 0x0, o_req_dn = {bv_len = 0, bv_val = 0x0}, o_req_ndn = {bv_len = 0, bv_val = 0x0}, o_request = {oq_add = {rs_modlist = 0x0, rs_e = 0x0}, oq_bind = {rb_method = 0, rb_cred = { bv_len = 0, bv_val = 0x0}, rb_edn = {bv_len = 0, bv_val = 0x0}, rb_ssf = 0, rb_mech = {bv_len = 0, bv_val = 0x0}}, oq_compare = {rs_ava = 0x0}, oq_modify = {rs_mods = {rs_modlist = 0x0, rs_no_opattrs = 0 '\000'}, rs_increment = 0}, oq_modrdn = {rs_mods = {rs_modlist = 0x0, rs_no_opattrs = 0 '\000'}, rs_deleteoldrdn = 0, rs_newrdn = {bv_len = 0, bv_val = 0x0}, rs_nnewrdn = {bv_len = 0, bv_val = 0x0}, rs_newSup = 0x0, rs_nnewSup = 0x0}, oq_search = {rs_scope = 0, rs_deref = 0, rs_slimit = 0, rs_tlimit = 0, rs_limit = 0x0, rs_attrsonly = 0, rs_attrs = 0x0, rs_filter = 0x0, rs_filterstr = {bv_len = 0, bv_val = 0x0}}, oq_abandon = {rs_msgid = 0}, oq_cancel = {rs_msgid = 0}, oq_extended = {rs_reqoid = { bv_len = 0, bv_val = 0x0}, rs_flags = 0, rs_reqdata = 0x0}, oq_pwdexop = {rs_extended = {rs_reqoid = {bv_len = 0, bv_val = 0x0}, rs_flags = 0, rs_reqdata = 0x0}, rs_old = {bv_len = 0, bv_val = 0x0}, rs_new = {bv_len = 0, bv_val = 0x0}, rs_mods = 0x0, rs_modtail = 0x0}}, o_abandon = 0, o_cancel = 0, o_groups = 0x0, o_do_not_cache = 0 '\000', o_is_auth_check = 0 '\000', o_dont_replicate = 0 '\000', o_acl_priv = ACL_NONE, o_nocaching = 0 '\000', o_delete_glue_parent = 0 '\000', o_no_schema_check = 0 '\000', o_no_subordinate_glue = 0 '\000', o_ctrlflag = '\000' <repeats 31 times>, o_controls = 0x0, o_authz = {sai_method = 0, sai_mech = {bv_len = 0, bv_val = 0x0}, sai_dn = {bv_len = 0, bv_val = 0x0}, sai_ndn = {bv_len = 0, bv_val = 0x0}, sai_ssf = 0, sai_transport_ssf = 0, sai_tls_ssf = 0, sai_sasl_ssf = 0}, o_ber = 0x0, o_res_ber = 0x0, o_callback = 0x0, o_ctrls = 0x0, o_csn = {bv_len = 0, bv_val = 0x0}, o_private = 0x0, o_extra = {slh_first = 0x0}, o_next = {stqe_next = 0x0}} rs2 = {sr_type = REP_RESULT, sr_tag = 0, sr_msgid = 0, sr_err = 0, sr_matched = 0x0, sr_text = 0x0, sr_ref = 0x0, sr_ctrls = 0x0, sr_un = {sru_search = {r_entry = 0x0, r_attr_flags = 0, r_operational_attrs = 0x0, r_attrs = 0x0, r_nentries = 0, r_v2ref = 0x0}, sru_sasl = {r_sasldata = 0x0}, sru_extended = {r_rspoid = 0x0, r_rspdata = 0x0}}, sr_flags = 0} ---Type <return> to continue, or q <return> to quit--- #13 0x00000000004cd56e in over_back_response (op=0x7f79399053f0, rs=0x7f7939904f70) at backover.c:237 oi = 0x1b72f00 on = 0x1a03c20 rc = 32768 be = 0x7f7939904c30 db = {bd_info = 0x1a03c20, bd_self = 0x1833d40, be_ctrls = "\000\001\001\001\000\001\000\000\001\000\000\001\001\000\001\000\000\001", '\000' <repeats 14 times>, "\001", be_flags = 563464, be_restrictops = 0, be_requires = 0, be_ssf_set = { sss_ssf = 0, sss_transport = 0, sss_tls = 0, sss_sasl = 0, sss_update_ssf = 0, sss_update_transport = 0, sss_update_tls = 0, sss_update_sasl = 0, sss_simple_bind = 0}, be_suffix = 0x1b5e960, be_nsuffix = 0x1b5e920, be_schemadn = {bv_len = 0, bv_val = 0x0}, be_schemandn = {bv_len = 0, bv_val = 0x0}, be_rootdn = {bv_len = 9, bv_val = 0x1ba60d0 "cn=config"}, be_rootndn = {bv_len = 9, bv_val = 0x1ba60f0 "cn=config"}, be_rootpw = {bv_len = 0, bv_val = 0x0}, be_max_deref_depth = 15, be_def_limit = {lms_t_soft = -1, lms_t_hard = 0, lms_s_soft = -1, lms_s_hard = 0, lms_s_unchecked = -1, lms_s_pr = 0, lms_s_pr_hide = 0, lms_s_pr_total = 0}, be_limits = 0x0, be_acl = 0x1ddb800, be_dfltaccess = ACL_READ, be_extra_anlist = 0x0, be_update_ndn = {bv_len = 0, bv_val = 0x0}, be_update_refs = 0x0, be_pending_csn_list = 0x1fa3570, be_pcl_mutex = {__data = {__lock = 0, __count = 0, __owner = 0, __nusers = 0, __kind = 0, __spins = 0, __list = {__prev = 0x0, __next = 0x0}}, __size = '\000' <repeats 39 times>, __align = 0}, be_syncinfo = 0x1999e40, be_pb = 0x0, be_cf_ocs = 0x7f8cefe67180, be_private = 0x1ede000, be_next = {stqe_next = 0x0}} #14 0x0000000000450592 in slap_response_play (op=0x7f79399053f0, rs=0x7f7939904f70) at result.c:537 sc_next = 0x7f7939904fe0 sc_nextp = 0x7f7939904c00 rc = 32768 sc = 0x1210c0a8 scp = 0x1210c0a8 #15 0x00000000004507b7 in send_ldap_response (op=0x7f79399053f0, rs=0x7f7939904f70) at result.c:612 berbuf = { buffer = "\000\000\000\000\000\000\000\000\260\301\020\022\000\000\000\000\200I\220\071y\177\000\000\360S\220\071y\177\000\000\n", '\000' <repeats 15 times>, "@\311b\001\000\000\000\000\060L\220\071y\177", '\000' <repeats 18 times>, "@H\220\071y\177\000\000\066\341\302\357\214\177\000\000\300\022(\245z\177\000\000\345\063\304\357\214\177\000\000\240H\220\071y\177\000\000\200H\220\071y\177\000\000\200I\220\071y\177\000\000\360S\220\071y\177\000\000\000\340\355\001\000\000\000\000\000\340\355\001\000\000\000\000\003\000\000\000\000\000\000\000\030\002", '\000' <repeats 14 times>"\351, \022(\245z\177\000\000t\021(\245z\177\000\000\000`\277\001\000\000\000\000pH\220\071y\177\000\000P\374\261?y\177\000\000\300i\220\071y\177\000\000\331w?\363\214\177", '\000' <repeats 17 times>, ialign = 0, lalign = 0, falign = 0, dalign = 0, palign = 0x0} ber = 0x7f7939904770 rc = 0 bytes = 428045504 __PRETTY_FUNCTION__ = "send_ldap_response" #16 0x0000000000451701 in slap_send_ldap_result (op=0x7f79399053f0, rs=0x7f7939904f70) at result.c:891 tmp = 0x0 otext = 0x0 oref = 0x0 __PRETTY_FUNCTION__ = "slap_send_ldap_result" #17 0x00007f8cefc30b1e in mdb_modify (op=0x7f79399053f0, rs=0x7f7939904f70) at modify.c:708 mdb = 0x1ede000 e = 0x1210c160 manageDSAit = 2 textbuf = "\017\000\000\000\000\000\000\000\377\377\377\377\377\377\377\377\250\300\020\022\000\000\000\000\371\377\377\377\377\377\377\377\240J\220\071y\177\000\000P\374\261?y\177\000\000\300i\220\071y\177\000\000\004\000\000\000\000\000\000\000\a\000\000\000\000\000\000\000\335\bM\000\000\000\000\000\240J\220\071y\177\000\000\070U\220\071y\177\000\000\003\000\000\000\000\000\000\000^\300\020\022\000\000\000\000\320\300\020\022\000\000\000\000a\300\020\022\000\000\000\000^\300\020\022\000\000\000\000\001 \000\000\000\001\000\000\000\250\300\020\022\000\000\000\000pO\220\071y\177\000\000pK\220\071y\177\000\000i\377~\357\214\177\000\000pO\220\071y\177\000\000\360S\220\071y\177\000\000\320\300\020\022\000\000\000\000\360S\220\071y\177\000\000\310\302\020\022\000\000\000\000(T\220\071y\177\000\000pK\220\071y\177\000\000l\021^\357\214\177\000\000pO\220\071y\177\000\000\360S\220\071y\177\000" textlen = 256 txn = 0x0 opinfo = {moi_oe = {oe_next = {sle_next = 0x0}, oe_key = 0x0}, moi_txn = 0x1bf6000, moi_ref = 1, moi_flag = 0 '\000'} moi = 0x7f79399049e0 dummy = {e_id = 0, e_name = {bv_len = 0, bv_val = 0xb997b08 ""}, e_nname = {bv_len = 0, bv_val = 0x1210c520 ""}, e_attrs = 0x1845a40, e_ocflags = 82208, e_bv = {bv_len = 0, bv_val = 0x0}, e_private = 0x1210c160} preread_ctrl = 0x0 postread_ctrl = 0x0 ctrls = {0x0, 0x344a2a517e, 0x7f7939904f70, 0x7f79399053f0, 0x7f7939904a45, 0x0} num_ctrls = 0 numads = 1063 #18 0x00000000004ce4bb in overlay_op_walk (op=0x7f79399053f0, rs=0x7f7939904f70, which=op_modify, oi=0x1b72f00, on=0x0) at backover.c:677 func = 0x7f8cefe67478 rc = 32768 #19 0x00000000004ce6e8 in over_op_func (op=0x7f79399053f0, rs=0x7f7939904f70, which=op_modify) at backover.c:730 oi = 0x1b72f00 on = 0x1a041c0 be = 0x1833d40 db = {bd_info = 0x7f8cefe67420, bd_self = 0x1833d40, be_ctrls = "\000\001\001\001\000\001\000\000\001\000\000\001\001\000\001\000\000\001", '\000' <repeats 14 times>, "\001", be_flags = 563464, be_restrictops = 0, be_requires = 0, be_ssf_set = { sss_ssf = 0, sss_transport = 0, sss_tls = 0, sss_sasl = 0, sss_update_ssf = 0, sss_update_transport = 0, sss_update_tls = 0, sss_update_sasl = 0, sss_simple_bind = 0}, be_suffix = 0x1b5e960, be_nsuffix = 0x1b5e920, be_schemadn = {bv_len = 0, ---Type <return> to continue, or q <return> to quit--- bv_val = 0x0}, be_schemandn = {bv_len = 0, bv_val = 0x0}, be_rootdn = {bv_len = 9, bv_val = 0x1ba60d0 "cn=config"}, be_rootndn = {bv_len = 9, bv_val = 0x1ba60f0 "cn=config"}, be_rootpw = {bv_len = 0, bv_val = 0x0}, be_max_deref_depth = 15, be_def_limit = {lms_t_soft = -1, lms_t_hard = 0, lms_s_soft = -1, lms_s_hard = 0, lms_s_unchecked = -1, lms_s_pr = 0, lms_s_pr_hide = 0, lms_s_pr_total = 0}, be_limits = 0x0, be_acl = 0x1ddb800, be_dfltaccess = ACL_READ, be_extra_anlist = 0x0, be_update_ndn = {bv_len = 0, bv_val = 0x0}, be_update_refs = 0x0, be_pending_csn_list = 0x1fa3570, be_pcl_mutex = {__data = {__lock = 0, __count = 0, __owner = 0, __nusers = 0, __kind = 0, __spins = 0, __list = {__prev = 0x0, __next = 0x0}}, __size = '\000' <repeats 39 times>, __align = 0}, be_syncinfo = 0x1999e40, be_pb = 0x0, be_cf_ocs = 0x7f8cefe67180, be_private = 0x1ede000, be_next = {stqe_next = 0x0}} cb = {sc_next = 0x7f7939904fe0, sc_response = 0x4cd492 <over_back_response>, sc_cleanup = 0, sc_writewait = 0, sc_private = 0x1b72f00} sc = 0x65fc800 rc = 32768 __PRETTY_FUNCTION__ = "over_op_func" #20 0x00000000004ce824 in over_op_modify (op=0x7f79399053f0, rs=0x7f7939904f70) at backover.c:769 No locals. #21 0x00000000004c12a8 in syncrepl_updateCookie (si=0x1999e40, op=0x7f79399053f0, syncCookie=0x7f7939905230) at syncrepl.c:3885 be = 0x1833d40 mod = {sml_mod = {sm_desc = 0x162c940, sm_values = 0x65fadc0, sm_nvalues = 0x0, sm_numvals = 3, sm_op = 2, sm_flags = 1, sm_type = {bv_len = 10, bv_val = 0x1615330 "contextCSN"}}, sml_next = 0x0} first = {bv_len = 40, bv_val = 0xba3a6f0 "20160722141557.997975Z#000000#001#000000"} sc = {ctxcsn = 0x65fadc0, sids = 0xb786cd0, numcsns = 3, rid = 0, octet_str = {bv_len = 0, bv_val = 0x0}, sid = 0, sc_next = {stqe_next = 0x0}} syn = 0x1823980 rc = 0 i = 1 j = 1 changed = 1 len = 40 cb = {sc_next = 0x1210c078, sc_response = 0x4c2d92 <null_callback>, sc_cleanup = 0, sc_writewait = 0, sc_private = 0x1999e40} rs_modify = {sr_type = REP_RESULT, sr_tag = 103, sr_msgid = 0, sr_err = 0, sr_matched = 0x0, sr_text = 0x0, sr_ref = 0x0, sr_ctrls = 0x0, sr_un = {sru_search = {r_entry = 0x0, r_attr_flags = 0, r_operational_attrs = 0x0, r_attrs = 0x0, r_nentries = 0, r_v2ref = 0x0}, sru_sasl = {r_sasldata = 0x0}, sru_extended = {r_rspoid = 0x0, r_rspdata = 0x0}}, sr_flags = 0} __PRETTY_FUNCTION__ = "syncrepl_updateCookie" #22 0x00000000004b7008 in do_syncrep2 (op=0x7f79399053f0, si=0x1999e40) at syncrepl.c:1012 match = 4443350 syncUUID = {{bv_len = 16, bv_val = 0x35c6287 "\215\361\036\352\344b\020\065\236\334;\265\032\250!\025"}, {bv_len = 0, bv_val = 0xb39905620 <Address 0xb39905620 out of bounds>}} cookie = {bv_len = 60, bv_val = 0x35c6299 "rid=100,sid=001,csn=20160722141557.997975Z#000000#001#000000"} rctrls = 0xcd631f0 rctrlp = 0x136188a0 bdn = {bv_len = 44, bv_val = 0xb8e5a09 "reqStart=20160722141557.997904Z,cn=accesslog"} si_tag = 140158633532208 entry = 0x344a58d440 punlock = 0 syncstate = 1 retdata = 0x1c retoid = 0x7f7939905758 "" syncUUIDs = 0x7f7939905720 len = 60 berbuf = { buffer = "\002\000\001", '\000' <repeats 29 times>"\200, b\\\003\000\000\000\000\325b\\\003\000\000\000\000\325b\\\003", '\000' <repeats 28 times>, " S\220\071y\177\000\000\000\000\000\000\000\000\000\000\360R\220\071y\177\000\000\274\270\036\315\375\177\000\000\360S\220\071y\177\000\000\266\034a\363\214\177\000\000\060S\220\071y\177\000\000\000\226u\000\000\000\000\000\060S\220\071y\177\000\000QZE\000\000\000\000\000\bT\220\071y\177\000\000\000T\220\071y\177\000\000\235*\222W\000\000\000\000\266\034a\363\214\177\000\000\200S\220\071y\177\000\000\310a\357\003\000\000\000\000\300S\220\071y\177\000\000\026oc\363\214\177\000\000\360S\220\071y\17 7\000\000\354S\220\071y\177\000\000\000\000\000\000\001\000\000\000\360{\215\003\000\000\000", ialign = 65538, lalign = 65538, falign = 9.18382988e-41, dalign = 3.2380074297143616e-319, palign = 0x10002 <Address 0x10002 out of bounds>} ber = 0x7f7939905270 msg = 0x65fc640 syncCookie = {ctxcsn = 0x196d5640, sids = 0xb995e80, numcsns = 1, rid = 100, octet_str = {bv_len = 60, bv_val = 0x187b0d40 "rid=100,sid=001,csn=20160722141557.997975Z#000000#001#000000"}, sid = 1, sc_next = {stqe_next = 0x0}} syncCookie_req = {ctxcsn = 0xe359bc0, sids = 0xe2fd5b0, numcsns = 3, rid = 100, octet_str = {bv_len = 0, bv_val = 0x0}, sid = 2, sc_next = {stqe_next = 0x0}} rc = 0 err = 0 modlist = 0x0 m = 32633 tout_p = 0x7f79399051c0 tout = {tv_sec = 0, tv_usec = 0} refreshDeletes = 0 empty = "empty" __PRETTY_FUNCTION__ = "do_syncrep2" #23 0x00000000004b9177 in do_syncrepl (ctx=0x7f7939905b30, arg=0x1638fa0) at syncrepl.c:1560 ---Type <return> to continue, or q <return> to quit--- rtask = 0x1638fa0 si = 0x1999e40 conn = {c_struct_state = SLAP_C_UNINITIALIZED, c_conn_state = SLAP_C_INVALID, c_conn_idx = -1, c_sd = 0, c_close_reason = 0x0, c_mutex = {__data = {__lock = 0, __count = 0, __owner = 0, __nusers = 0, __kind = 0, __spins = 0, __list = {__prev = 0x0, __next = 0x0}}, __size = '\000' <repeats 39 times>, __align = 0}, c_sb = 0x0, c_starttime = 0, c_activitytime = 0, c_connid = 18446744073709551615, c_peer_domain = {bv_len = 0, bv_val = 0x4f2c70 ""}, c_peer_name = {bv_len = 0, bv_val = 0x4f2c70 ""}, c_listener = 0x4fad40, c_sasl_bind_mech = {bv_len = 0, bv_val = 0x0}, c_sasl_dn = {bv_len = 0, bv_val = 0x0}, c_sasl_authz_dn = {bv_len = 0, bv_val = 0x0}, c_authz_backend = 0x0, c_authz_cookie = 0x0, c_authz = { sai_method = 0, sai_mech = {bv_len = 0, bv_val = 0x0}, sai_dn = {bv_len = 0, bv_val = 0x0}, sai_ndn = {bv_len = 0, bv_val = 0x0}, sai_ssf = 0, sai_transport_ssf = 0, sai_tls_ssf = 0, sai_sasl_ssf = 0}, c_protocol = 0, c_ops = {stqh_first = 0x0, stqh_last = 0x0}, c_pending_ops = {stqh_first = 0x0, stqh_last = 0x0}, c_write1_mutex = {__data = {__lock = 0, __count = 0, __owner = 0, __nusers = 0, __kind = 0, __spins = 0, __list = {__prev = 0x0, __next = 0x0}}, __size = '\000' <repeats 39 times>, __align = 0}, c_write1_cv = {__data = {__lock = 0, __futex = 0, __total_seq = 0, __wakeup_seq = 0, __woken_seq = 0, __mutex = 0x0, __nwaiters = 0, __broadcast_seq = 0}, __size = '\000' <repeats 47 times>, __align = 0}, c_write2_mutex = {__data = {__lock = 0, __count = 0, __owner = 0, __nusers = 0, __kind = 0, __spins = 0, __list = {__prev = 0x0, __next = 0x0}}, __size = '\000' <repeats 39 times>, __align = 0}, c_write2_cv = {__data = { __lock = 0, __futex = 0, __total_seq = 0, __wakeup_seq = 0, __woken_seq = 0, __mutex = 0x0, __nwaiters = 0, __broadcast_seq = 0}, __size = '\000' <repeats 47 times>, __align = 0}, c_currentber = 0x0, c_writers = 0, c_writing = 0 '\000', c_sasl_bind_in_progress = 0 '\000', c_writewaiter = 0 '\000', c_is_tls = 0 '\000', c_needs_tls_accept = 0 '\000', c_sasl_layers = 0 '\000', c_sasl_done = 0 '\000', c_sasl_authctx = 0x0, c_sasl_sockctx = 0x0, c_sasl_extra = 0x0, c_sasl_bindop = 0x0, c_pagedresults_state = {ps_be = 0x0, ps_size = 0, ps_count = 0, ps_cookie = 0, ps_cookieval = {bv_len = 0, bv_val = 0x0}}, c_n_ops_received = 0, c_n_ops_executing = 0, c_n_ops_pending = 0, c_n_ops_completed = 0, c_n_get = 0, c_n_read = 0, c_n_write = 0, c_extensions = 0x0, c_clientfunc = 0, c_clientarg = 0x0, c_send_ldap_result = 0x4512ec <slap_send_ldap_result>, c_send_search_entry = 0x4521d0 <slap_send_search_entry>, c_send_search_reference = 0x454280 <slap_send_search_reference>, c_send_ldap_extended = 0x451c92 <slap_send_ldap_extended>, c_send_ldap_intermediate = 0x451fad <slap_send_ldap_intermediate>} opbuf = {ob_op = {o_hdr = 0x7f7939905560, o_tag = 102, o_time = 1469196957, o_tincr = 1000000, o_bd = 0x7f7939904530, o_req_dn = {bv_len = 0, bv_val = 0x160d058 ""}, o_req_ndn = {bv_len = 0, bv_val = 0x160d058 ""}, o_request = {oq_add = { rs_modlist = 0x7f7939905060, rs_e = 0x1}, oq_bind = {rb_method = 965759072, rb_cred = {bv_len = 1, bv_val = 0x0}, rb_edn = {bv_len = 0, bv_val = 0x0}, rb_ssf = 0, rb_mech = {bv_len = 0, bv_val = 0x0}}, oq_compare = { rs_ava = 0x7f7939905060}, oq_modify = {rs_mods = {rs_modlist = 0x7f7939905060, rs_no_opattrs = 1 '\001'}, rs_increment = 0}, oq_modrdn = {rs_mods = {rs_modlist = 0x7f7939905060, rs_no_opattrs = 1 '\001'}, rs_deleteoldrdn = 0, rs_newrdn = { bv_len = 0, bv_val = 0x0}, rs_nnewrdn = {bv_len = 0, bv_val = 0x0}, rs_newSup = 0x0, rs_nnewSup = 0x0}, oq_search = {rs_scope = 965759072, rs_deref = 32633, rs_slimit = 1, rs_tlimit = 0, rs_limit = 0x0, rs_attrsonly = 0, rs_attrs = 0x0, rs_filter = 0x0, rs_filterstr = {bv_len = 0, bv_val = 0x0}}, oq_abandon = {rs_msgid = 965759072}, oq_cancel = {rs_msgid = 965759072}, oq_extended = {rs_reqoid = {bv_len = 140158633529440, bv_val = 0x1 <Address 0x1 out of bounds>}, rs_flags = 0, rs_reqdata = 0x0}, oq_pwdexop = {rs_extended = {rs_reqoid = {bv_len = 140158633529440, bv_val = 0x1 <Address 0x1 out of bounds>}, rs_flags = 0, rs_reqdata = 0x0}, rs_old = {bv_len = 0, bv_val = 0x0}, rs_new = {bv_len = 0, bv_val = 0x0}, rs_mods = 0x0, rs_modtail = 0x0}}, o_abandon = 0, o_cancel = 0, o_groups = 0x0, o_do_not_cache = 0 '\000', o_is_auth_check = 0 '\000', o_dont_replicate = 1 '\001', o_acl_priv = ACL_NONE, o_nocaching = 0 '\000', o_delete_glue_parent = 0 '\000', o_no_schema_check = 1 '\001', o_no_subordinate_glue = 0 '\000', o_ctrlflag = '\000' <repeats 14 times>, "\002", '\000' <repeats 16 times>, o_controls = 0x7f79399056a8, o_authz = {sai_method = 0, sai_mech = { bv_len = 0, bv_val = 0x0}, sai_dn = {bv_len = 9, bv_val = 0x1ba60d0 "cn=config"}, sai_ndn = {bv_len = 9, bv_val = 0x1ba60f0 "cn=config"}, sai_ssf = 0, sai_transport_ssf = 0, sai_tls_ssf = 0, sai_sasl_ssf = 0}, o_ber = 0x0, o_res_ber = 0x0, o_callback = 0x7f7939904c00, o_ctrls = 0x0, o_csn = {bv_len = 40, bv_val = 0x1210c040 "20160722141557.997975Z#000000#001#000000"}, o_private = 0x0, o_extra = {slh_first = 0x0}, o_next = {stqe_next = 0x0}}, ob_hdr = {oh_opid = 0, oh_connid = 100, oh_conn = 0x7f79399057b0, oh_msgid = 0, oh_protocol = 0, oh_tid = 140158633535232, oh_threadctx = 0x7f7939905b30, oh_tmpmemctx = 0x3be91c0, oh_tmpmfuncs = 0x757640, oh_counters = 0x75ab80, oh_log_prefix = "conn=-1 op=0", '\000' <repeats 243 times>}, ob_controls = {0x0 <repeats 17 times>, 0x7f7939905230, 0x0 <repeats 14 times>}} op = 0x7f79399053f0 rc = 0 dostop = 0 s = 10 i = 1 defer = 1 fail = 0 freeinfo = 0 be = 0x1833d40 #24 0x000000000043ae29 in connection_read_thread (ctx=0x7f7939905b30, argv=0xa) at connection.c:1273 rc = 0 cri = {op = 0x0, func = 0x4b8c4f <do_syncrepl>, arg = 0x1638fa0, ctx = 0x7f7939905b30, nullop = 0} s = 10 #25 0x00007f8cf3610552 in ldap_int_thread_pool_wrapper (xpool=0x1648000) at tpool.c:956 pq = 0x1648000 pool = 0x180c180 task = 0x65a78e0 work_list = 0x1648070 ctx = {ltu_pq = 0x1648000, ltu_id = 140158633535232, ltu_key = {{ltk_key = 0x43a3b7, ltk_data = 0x6570000, ltk_free = 0x43a1fb <conn_counter_destroy>}, {ltk_key = 0x4ae237, ltk_data = 0x3be91c0, ltk_free = 0x4ae05c <slap_sl_mem_destroy>}, { ltk_key = 0x1810d00, ltk_data = 0x8ede200, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, {ltk_key = 0x7f8cefc375b4, ltk_data = 0x1250c000, ltk_free = 0x7f8cefc37591 <search_stack_free>}, {ltk_key = 0x7f8cefc34071, ltk_data = 0x1220c000, ltk_free = 0x7f8cefc34029 <scope_chunk_free>}, {ltk_key = 0x455655, ltk_data = 0x1367d480, ltk_free = 0x4555a8 <slap_op_q_destroy>}, {ltk_key = 0x1811400, ltk_data = 0x18d19400, ltk_free = 0x7f8cefc42783 <mdb_reader_free>}, {ltk_key = 0x0, ltk_data = 0xe393200, ltk_free = 0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 392 hash = 4080100744 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #26 0x000000344a607aa1 in start_thread () from /lib64/libpthread.so.0 No symbol table info available. #27 0x000000344a2e8aad in clone () from /lib64/libc.so.6 No symbol table info available. (gdb) -- Quanah Gibson-Mount Platform Architect Manager, Systems Team Zimbra, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration A division of Synacor, Inc
quanah@zimbra.com wrote: > --On Friday, July 08, 2016 12:01 AM +0000 quanah@openldap.org wrote: > >> Full_Name: Quanah Gibson-Mount >> Version: 2.4.44+ITS8432 >> OS: Linux 3.13 >> URL: ftp://ftp.openldap.org/incoming/ >> Submission from: (NULL) (75.111.52.177) > > Also seeing this in 2.4.44 w/o ITS 8432, so not related to that fix. > Hitting multiple customers. Here's a backtrace from a different client. > See Thread 1 Frame 11 or so. The actual bug here is not in 2.4 at all, it's due to a 2.5 patch 2d5996ac603391ddbd618425f88eb13e5e0e2cc0 that you backported into your 2.4 build. Which explains why no other 2.4.44 users have hit it. More comments inline below: > Thread 1 (Thread 0x7f7939906700 (LWP 1946)): > #0 0x000000344a2325e5 in raise () from /lib64/libc.so.6 > No symbol table info available. > #1 0x000000344a233dc5 in abort () from /lib64/libc.so.6 > No symbol table info available. > #2 0x00007f8cf3873f55 in tcmalloc::Log (mode=tcmalloc::kCrash, > filename=<value optimized out>, line=<value optimized out>, a=..., b=..., > c=..., d=...) at src/internal_logging.cc:120 > state = {static kBufSize = -56, p_ = 0x7f7939903e75 "", end_ = > 0x7f7939903ef8 "\017 \210\363\214\177", > buf_ = "src/tcmalloc.cc:278] Attempt to free invalid pointer > 0x7f7aa5850ad0 \n\000\000\000\a\000\000\000\000\000\000\000\000 > \206\363\214\177\000\000\240\341\340I4\000\000\000\005\000\000\000y\177", > '\000' <repeats 18 times>"\220, > I\206\363\214\177\000\000\000\000\000\000\000\000\000\000 > \337\357\000\000\000\000\000\320\n\205\245z\177\000\000\210\271\252\363\214\177\000\000\300i\220\071y\177\000\000\325I\341I4\000\000\000\003\000\000\000y\177\000\000\000\000\000\000\000\000\000\000\026\001\000\000\000\000\000"} > msglen = 69 > first_crash = true > #3 0x00007f8cf386f3f3 in (anonymous namespace)::InvalidFree (ptr=<value > optimized out>) at src/tcmalloc.cc:278 > No locals. > #4 0x00007f8cf387fe25 in free_null_or_invalid (ptr=0x7f7aa5850ad0) at > src/tcmalloc.cc:1141 > No locals. > #5 do_free_helper (ptr=0x7f7aa5850ad0) at src/tcmalloc.cc:1185 > span = <value optimized out> > p = <value optimized out> > cl = <value optimized out> > ---Type <return> to continue, or q <return> to quit--- > invalid_free_fn = 0x7f8cf386f370 <(anonymous > namespace)::InvalidFree(void*)> > #6 do_free_with_callback (ptr=0x7f7aa5850ad0) at src/tcmalloc.cc:1225 > heap = 0xefdf20 > invalid_free_fn = 0x7f8cf386f370 <(anonymous > namespace)::InvalidFree(void*)> > #7 do_free (ptr=0x7f7aa5850ad0) at src/tcmalloc.cc:1234 > No locals. > #8 tc_free (ptr=0x7f7aa5850ad0) at src/tcmalloc.cc:1585 > No locals. > #9 0x00007f8cf33f77d9 in ber_memfree_x (p=0x7f7aa5850ad0, ctx=0x0) at > memory.c:152 > __PRETTY_FUNCTION__ = "ber_memfree_x" > #10 0x00000000004af21b in slap_sl_free (ptr=0x7f7aa5850ad0, ctx=0x3be91c0) > at sl_malloc.c:503 > sh = 0x3be91c0 > size = 25450432 > p = 0x7f7aa5850ad0 > nextp = 0x44770f > tmpp = 0x7f79399040e0 > __PRETTY_FUNCTION__ = "slap_sl_free" > #11 0x00007f8cef5ded30 in accesslog_entry (op=0x7f79399053f0, > rs=0x7f7939904f70, logop=2, op2=0x7f79399042a0) at accesslog.c:1332 accesslog.c:1332 is freeing a ntimestamp value that was just generated. > on = 0x1a03c20 > li = 0x19ebb60 > rdnbuf = "reqStart=20160722141557.1000000\000PD\220\071y\177" > nrdnbuf = > "reqStart=V\313/\000\177\000\000\000\000\000\000\000\000\000\000lB\220\071y\177\000\000\000\000\205\245z\177" > rdn = {bv_len = 31, bv_val = 0x7f7939904150 > "reqStart=20160722141557.1000000"} > nrdn = {bv_len = 17, bv_val = 0x7f7939904120 "reqStart=V\313/"} > timestamp = {bv_len = 22, bv_val = 0x7f7939904159 > "20160722141557.1000000"} This timestamp has a 7 digit microseconds portion and is missing its trailing 'Z' timezone identifier. Since it's recording microseconds, it should never have more than 6 digits. There's a buffer overrun here due to this out of bounds value. The timestamp came from op->o_time and op->o_tincr. > ntimestamp = {bv_len = 8, bv_val = 0x7f7aa5850ad0 <Address > 0x7f7aa5850ad0 out of bounds>} > bv = {bv_len = 140158633526384, bv_val = 0x7f7939904490 "\002"} > lo = 0x7f8cef7e5b50 > e = 0x1973d68 > #12 0x00007f8cef5df684 in accesslog_response (op=0x7f79399053f0, > rs=0x7f7939904f70) at accesslog.c:1528 > on = 0x1a03c20 > li = 0x19ebb60 > a = 0x7f7aa5850810 > last_attr = 0x8 > m = 0x7f7939904488 > b = 0x7f7aa1873ff8 > uuid = {bv_len = 36, bv_val = 0x13638d30 > "7e6927a6-1cda-1030-907b-0f0bf0d58d6f"} > i = 0 > logop = 2 > do_graduate = 0 > lo = 0x7f8cef7e5b50 > e = 0x0 > old = 0x0 > e_uuid = 0x0 > timebuf = > "\300\210\244\001\000\000\000\000\000`\277\001\000\000\000\000\240D\220\071y\177\000\000U\313/\000\000" > bv = {bv_len = 64424509440, bv_val = 0x7f7939904520 > "pO\220\071y\177"} > ptr = 0x1bf6088 "" > vals = 0x1a48800 > op2 = {o_hdr = 0x0, o_tag = 0, o_time = 0, o_tincr = 0, o_bd = 0x0, > o_req_dn = {bv_len = 0, bv_val = 0x0}, o_req_ndn = {bv_len = 0, bv_val = > 0x0}, o_request = {oq_add = {rs_modlist = 0x0, rs_e = 0x0}, oq_bind = > {rb_method = 0, rb_cred = { > bv_len = 0, bv_val = 0x0}, rb_edn = {bv_len = 0, bv_val = > 0x0}, rb_ssf = 0, rb_mech = {bv_len = 0, bv_val = 0x0}}, oq_compare = > {rs_ava = 0x0}, oq_modify = {rs_mods = {rs_modlist = 0x0, rs_no_opattrs = 0 > '\000'}, rs_increment = 0}, > oq_modrdn = {rs_mods = {rs_modlist = 0x0, rs_no_opattrs = 0 > '\000'}, rs_deleteoldrdn = 0, rs_newrdn = {bv_len = 0, bv_val = 0x0}, > rs_nnewrdn = {bv_len = 0, bv_val = 0x0}, rs_newSup = 0x0, rs_nnewSup = > 0x0}, oq_search = {rs_scope = 0, > rs_deref = 0, rs_slimit = 0, rs_tlimit = 0, rs_limit = 0x0, > rs_attrsonly = 0, rs_attrs = 0x0, rs_filter = 0x0, rs_filterstr = {bv_len = > 0, bv_val = 0x0}}, oq_abandon = {rs_msgid = 0}, oq_cancel = {rs_msgid = 0}, > oq_extended = {rs_reqoid = { > bv_len = 0, bv_val = 0x0}, rs_flags = 0, rs_reqdata = 0x0}, > oq_pwdexop = {rs_extended = {rs_reqoid = {bv_len = 0, bv_val = 0x0}, > rs_flags = 0, rs_reqdata = 0x0}, rs_old = {bv_len = 0, bv_val = 0x0}, > rs_new = {bv_len = 0, bv_val = 0x0}, > rs_mods = 0x0, rs_modtail = 0x0}}, o_abandon = 0, o_cancel = > 0, o_groups = 0x0, o_do_not_cache = 0 '\000', o_is_auth_check = 0 '\000', > o_dont_replicate = 0 '\000', o_acl_priv = ACL_NONE, o_nocaching = 0 '\000', > o_delete_glue_parent = 0 '\000', o_no_schema_check = 0 '\000', > o_no_subordinate_glue = 0 '\000', o_ctrlflag = '\000' <repeats 31 times>, > o_controls = 0x0, o_authz = {sai_method = 0, sai_mech = {bv_len = 0, bv_val > = 0x0}, sai_dn = {bv_len = 0, > bv_val = 0x0}, sai_ndn = {bv_len = 0, bv_val = 0x0}, sai_ssf > = 0, sai_transport_ssf = 0, sai_tls_ssf = 0, sai_sasl_ssf = 0}, o_ber = > 0x0, o_res_ber = 0x0, o_callback = 0x0, o_ctrls = 0x0, o_csn = {bv_len = 0, > bv_val = 0x0}, o_private = 0x0, > o_extra = {slh_first = 0x0}, o_next = {stqe_next = 0x0}} > rs2 = {sr_type = REP_RESULT, sr_tag = 0, sr_msgid = 0, sr_err = 0, > sr_matched = 0x0, sr_text = 0x0, sr_ref = 0x0, sr_ctrls = 0x0, sr_un = > {sru_search = {r_entry = 0x0, r_attr_flags = 0, r_operational_attrs = 0x0, > r_attrs = 0x0, r_nentries = 0, > r_v2ref = 0x0}, sru_sasl = {r_sasldata = 0x0}, sru_extended = > {r_rspoid = 0x0, r_rspdata = 0x0}}, sr_flags = 0} > ---Type <return> to continue, or q <return> to quit--- > #13 0x00000000004cd56e in over_back_response (op=0x7f79399053f0, > rs=0x7f7939904f70) at backover.c:237 > oi = 0x1b72f00 > on = 0x1a03c20 > rc = 32768 > be = 0x7f7939904c30 > db = {bd_info = 0x1a03c20, bd_self = 0x1833d40, be_ctrls = > "\000\001\001\001\000\001\000\000\001\000\000\001\001\000\001\000\000\001", > '\000' <repeats 14 times>, "\001", be_flags = 563464, be_restrictops = 0, > be_requires = 0, be_ssf_set = { > sss_ssf = 0, sss_transport = 0, sss_tls = 0, sss_sasl = 0, > sss_update_ssf = 0, sss_update_transport = 0, sss_update_tls = 0, > sss_update_sasl = 0, sss_simple_bind = 0}, be_suffix = 0x1b5e960, > be_nsuffix = 0x1b5e920, be_schemadn = {bv_len = 0, > bv_val = 0x0}, be_schemandn = {bv_len = 0, bv_val = 0x0}, > be_rootdn = {bv_len = 9, bv_val = 0x1ba60d0 "cn=config"}, be_rootndn = > {bv_len = 9, bv_val = 0x1ba60f0 "cn=config"}, be_rootpw = {bv_len = 0, > bv_val = 0x0}, be_max_deref_depth = 15, > be_def_limit = {lms_t_soft = -1, lms_t_hard = 0, lms_s_soft = -1, > lms_s_hard = 0, lms_s_unchecked = -1, lms_s_pr = 0, lms_s_pr_hide = 0, > lms_s_pr_total = 0}, be_limits = 0x0, be_acl = 0x1ddb800, be_dfltaccess = > ACL_READ, be_extra_anlist = 0x0, > be_update_ndn = {bv_len = 0, bv_val = 0x0}, be_update_refs = 0x0, > be_pending_csn_list = 0x1fa3570, be_pcl_mutex = {__data = {__lock = 0, > __count = 0, __owner = 0, __nusers = 0, __kind = 0, __spins = 0, __list = > {__prev = 0x0, __next = 0x0}}, > __size = '\000' <repeats 39 times>, __align = 0}, be_syncinfo = > 0x1999e40, be_pb = 0x0, be_cf_ocs = 0x7f8cefe67180, be_private = 0x1ede000, > be_next = {stqe_next = 0x0}} > #14 0x0000000000450592 in slap_response_play (op=0x7f79399053f0, > rs=0x7f7939904f70) at result.c:537 > sc_next = 0x7f7939904fe0 > sc_nextp = 0x7f7939904c00 > rc = 32768 > sc = 0x1210c0a8 > scp = 0x1210c0a8 > #15 0x00000000004507b7 in send_ldap_response (op=0x7f79399053f0, > rs=0x7f7939904f70) at result.c:612 > berbuf = { > buffer = > "\000\000\000\000\000\000\000\000\260\301\020\022\000\000\000\000\200I\220\071y\177\000\000\360S\220\071y\177\000\000\n", > '\000' <repeats 15 times>, "@\311b\001\000\000\000\000\060L\220\071y\177", > '\000' <repeats 18 times>, > "@H\220\071y\177\000\000\066\341\302\357\214\177\000\000\300\022(\245z\177\000\000\345\063\304\357\214\177\000\000\240H\220\071y\177\000\000\200H\220\071y\177\000\000\200I\220\071y\177\000\000\360S\220\071y\177\000\000\000\340\355\001\000\000\000\000\000\340\355\001\000\000\000\000\003\000\000\000\000\000\000\000\030\002", > '\000' <repeats 14 times>"\351, > \022(\245z\177\000\000t\021(\245z\177\000\000\000`\277\001\000\000\000\000pH\220\071y\177\000\000P\374\261?y\177\000\000\300i\220\071y\177\000\000\331w?\363\214\177", > '\000' <repeats 17 times>, ialign = 0, lalign = 0, falign = 0, dalign = 0, > palign = 0x0} > ber = 0x7f7939904770 > rc = 0 > bytes = 428045504 > __PRETTY_FUNCTION__ = "send_ldap_response" > #16 0x0000000000451701 in slap_send_ldap_result (op=0x7f79399053f0, > rs=0x7f7939904f70) at result.c:891 > tmp = 0x0 > otext = 0x0 > oref = 0x0 > __PRETTY_FUNCTION__ = "slap_send_ldap_result" > #17 0x00007f8cefc30b1e in mdb_modify (op=0x7f79399053f0, rs=0x7f7939904f70) > at modify.c:708 > mdb = 0x1ede000 > e = 0x1210c160 > manageDSAit = 2 > textbuf = > "\017\000\000\000\000\000\000\000\377\377\377\377\377\377\377\377\250\300\020\022\000\000\000\000\371\377\377\377\377\377\377\377\240J\220\071y\177\000\000P\374\261?y\177\000\000\300i\220\071y\177\000\000\004\000\000\000\000\000\000\000\a\000\000\000\000\000\000\000\335\bM\000\000\000\000\000\240J\220\071y\177\000\000\070U\220\071y\177\000\000\003\000\000\000\000\000\000\000^\300\020\022\000\000\000\000\320\300\020\022\000\000\000\000a\300\020\022\000\000\000\000^\300\020\022\000\000\000\000\001 > \000\000\000\001\000\000\000\250\300\020\022\000\000\000\000pO\220\071y\177\000\000pK\220\071y\177\000\000i\377~\357\214\177\000\000pO\220\071y\177\000\000\360S\220\071y\177\000\000\320\300\020\022\000\000\000\000\360S\220\071y\177\000\000\310\302\020\022\000\000\000\000(T\220\071y\177\000\000pK\220\071y\177\000\000l\021^\357\214\177\000\000pO\220\071y\177\000\000\360S\220\071y\177\000" > textlen = 256 > txn = 0x0 > opinfo = {moi_oe = {oe_next = {sle_next = 0x0}, oe_key = 0x0}, > moi_txn = 0x1bf6000, moi_ref = 1, moi_flag = 0 '\000'} > moi = 0x7f79399049e0 > dummy = {e_id = 0, e_name = {bv_len = 0, bv_val = 0xb997b08 ""}, > e_nname = {bv_len = 0, bv_val = 0x1210c520 ""}, e_attrs = 0x1845a40, > e_ocflags = 82208, e_bv = {bv_len = 0, bv_val = 0x0}, e_private = > 0x1210c160} > preread_ctrl = 0x0 > postread_ctrl = 0x0 > ctrls = {0x0, 0x344a2a517e, 0x7f7939904f70, 0x7f79399053f0, > 0x7f7939904a45, 0x0} > num_ctrls = 0 > numads = 1063 > #18 0x00000000004ce4bb in overlay_op_walk (op=0x7f79399053f0, > rs=0x7f7939904f70, which=op_modify, oi=0x1b72f00, on=0x0) at backover.c:677 > func = 0x7f8cefe67478 > rc = 32768 > #19 0x00000000004ce6e8 in over_op_func (op=0x7f79399053f0, > rs=0x7f7939904f70, which=op_modify) at backover.c:730 > oi = 0x1b72f00 > on = 0x1a041c0 > be = 0x1833d40 > db = {bd_info = 0x7f8cefe67420, bd_self = 0x1833d40, be_ctrls = > "\000\001\001\001\000\001\000\000\001\000\000\001\001\000\001\000\000\001", > '\000' <repeats 14 times>, "\001", be_flags = 563464, be_restrictops = 0, > be_requires = 0, be_ssf_set = { > sss_ssf = 0, sss_transport = 0, sss_tls = 0, sss_sasl = 0, > sss_update_ssf = 0, sss_update_transport = 0, sss_update_tls = 0, > sss_update_sasl = 0, sss_simple_bind = 0}, be_suffix = 0x1b5e960, > be_nsuffix = 0x1b5e920, be_schemadn = {bv_len = 0, > ---Type <return> to continue, or q <return> to quit--- > bv_val = 0x0}, be_schemandn = {bv_len = 0, bv_val = 0x0}, > be_rootdn = {bv_len = 9, bv_val = 0x1ba60d0 "cn=config"}, be_rootndn = > {bv_len = 9, bv_val = 0x1ba60f0 "cn=config"}, be_rootpw = {bv_len = 0, > bv_val = 0x0}, be_max_deref_depth = 15, > be_def_limit = {lms_t_soft = -1, lms_t_hard = 0, lms_s_soft = -1, > lms_s_hard = 0, lms_s_unchecked = -1, lms_s_pr = 0, lms_s_pr_hide = 0, > lms_s_pr_total = 0}, be_limits = 0x0, be_acl = 0x1ddb800, be_dfltaccess = > ACL_READ, be_extra_anlist = 0x0, > be_update_ndn = {bv_len = 0, bv_val = 0x0}, be_update_refs = 0x0, > be_pending_csn_list = 0x1fa3570, be_pcl_mutex = {__data = {__lock = 0, > __count = 0, __owner = 0, __nusers = 0, __kind = 0, __spins = 0, __list = > {__prev = 0x0, __next = 0x0}}, > __size = '\000' <repeats 39 times>, __align = 0}, be_syncinfo = > 0x1999e40, be_pb = 0x0, be_cf_ocs = 0x7f8cefe67180, be_private = 0x1ede000, > be_next = {stqe_next = 0x0}} > cb = {sc_next = 0x7f7939904fe0, sc_response = 0x4cd492 > <over_back_response>, sc_cleanup = 0, sc_writewait = 0, sc_private = > 0x1b72f00} > sc = 0x65fc800 > rc = 32768 > __PRETTY_FUNCTION__ = "over_op_func" > #20 0x00000000004ce824 in over_op_modify (op=0x7f79399053f0, > rs=0x7f7939904f70) at backover.c:769 > No locals. > #21 0x00000000004c12a8 in syncrepl_updateCookie (si=0x1999e40, > op=0x7f79399053f0, syncCookie=0x7f7939905230) at syncrepl.c:3885 > be = 0x1833d40 > mod = {sml_mod = {sm_desc = 0x162c940, sm_values = 0x65fadc0, > sm_nvalues = 0x0, sm_numvals = 3, sm_op = 2, sm_flags = 1, sm_type = > {bv_len = 10, bv_val = 0x1615330 "contextCSN"}}, sml_next = 0x0} > first = {bv_len = 40, bv_val = 0xba3a6f0 > "20160722141557.997975Z#000000#001#000000"} > sc = {ctxcsn = 0x65fadc0, sids = 0xb786cd0, numcsns = 3, rid = 0, > octet_str = {bv_len = 0, bv_val = 0x0}, sid = 0, sc_next = {stqe_next = > 0x0}} > syn = 0x1823980 > rc = 0 > i = 1 > j = 1 > changed = 1 > len = 40 > cb = {sc_next = 0x1210c078, sc_response = 0x4c2d92 <null_callback>, > sc_cleanup = 0, sc_writewait = 0, sc_private = 0x1999e40} > rs_modify = {sr_type = REP_RESULT, sr_tag = 103, sr_msgid = 0, > sr_err = 0, sr_matched = 0x0, sr_text = 0x0, sr_ref = 0x0, sr_ctrls = 0x0, > sr_un = {sru_search = {r_entry = 0x0, r_attr_flags = 0, r_operational_attrs > = 0x0, r_attrs = 0x0, > r_nentries = 0, r_v2ref = 0x0}, sru_sasl = {r_sasldata = > 0x0}, sru_extended = {r_rspoid = 0x0, r_rspdata = 0x0}}, sr_flags = 0} > __PRETTY_FUNCTION__ = "syncrepl_updateCookie" > #22 0x00000000004b7008 in do_syncrep2 (op=0x7f79399053f0, si=0x1999e40) at > syncrepl.c:1012 > match = 4443350 > syncUUID = {{bv_len = 16, bv_val = 0x35c6287 > "\215\361\036\352\344b\020\065\236\334;\265\032\250!\025"}, {bv_len = 0, > bv_val = 0xb39905620 <Address 0xb39905620 out of bounds>}} > cookie = {bv_len = 60, bv_val = 0x35c6299 > "rid=100,sid=001,csn=20160722141557.997975Z#000000#001#000000"} > rctrls = 0xcd631f0 > rctrlp = 0x136188a0 > bdn = {bv_len = 44, bv_val = 0xb8e5a09 > "reqStart=20160722141557.997904Z,cn=accesslog"} > si_tag = 140158633532208 > entry = 0x344a58d440 > punlock = 0 > syncstate = 1 > retdata = 0x1c > retoid = 0x7f7939905758 "" > syncUUIDs = 0x7f7939905720 > len = 60 > berbuf = { > buffer = "\002\000\001", '\000' <repeats 29 times>"\200, > b\\\003\000\000\000\000\325b\\\003\000\000\000\000\325b\\\003", '\000' > <repeats 28 times>, " > S\220\071y\177\000\000\000\000\000\000\000\000\000\000\360R\220\071y\177\000\000\274\270\036\315\375\177\000\000\360S\220\071y\177\000\000\266\034a\363\214\177\000\000\060S\220\071y\177\000\000\000\226u\000\000\000\000\000\060S\220\071y\177\000\000QZE\000\000\000\000\000\bT\220\071y\177\000\000\000T\220\071y\177\000\000\235*\222W\000\000\000\000\266\034a\363\214\177\000\000\200S\220\071y\177\000\000\310a\357\003\000\000\000\000\300S\220\071y\177\000\000\026oc\363\214\177\000\000\360S\220\071y\17 > 7\000\000\354S\220\071y\177\000\000\000\000\000\000\001\000\000\000\360{\215\003\000\000\000", > ialign = 65538, > lalign = 65538, falign = 9.18382988e-41, dalign = > 3.2380074297143616e-319, palign = 0x10002 <Address 0x10002 out of bounds>} > ber = 0x7f7939905270 > msg = 0x65fc640 > syncCookie = {ctxcsn = 0x196d5640, sids = 0xb995e80, numcsns = 1, > rid = 100, octet_str = {bv_len = 60, bv_val = 0x187b0d40 > "rid=100,sid=001,csn=20160722141557.997975Z#000000#001#000000"}, sid = 1, > sc_next = {stqe_next = 0x0}} > syncCookie_req = {ctxcsn = 0xe359bc0, sids = 0xe2fd5b0, numcsns = > 3, rid = 100, octet_str = {bv_len = 0, bv_val = 0x0}, sid = 2, sc_next = > {stqe_next = 0x0}} > rc = 0 > err = 0 > modlist = 0x0 > m = 32633 > tout_p = 0x7f79399051c0 > tout = {tv_sec = 0, tv_usec = 0} > refreshDeletes = 0 > empty = "empty" > __PRETTY_FUNCTION__ = "do_syncrep2" > #23 0x00000000004b9177 in do_syncrepl (ctx=0x7f7939905b30, arg=0x1638fa0) > at syncrepl.c:1560 > ---Type <return> to continue, or q <return> to quit--- > rtask = 0x1638fa0 > si = 0x1999e40 > conn = {c_struct_state = SLAP_C_UNINITIALIZED, c_conn_state = > SLAP_C_INVALID, c_conn_idx = -1, c_sd = 0, c_close_reason = 0x0, c_mutex = > {__data = {__lock = 0, __count = 0, __owner = 0, __nusers = 0, __kind = 0, > __spins = 0, __list = {__prev = 0x0, > __next = 0x0}}, __size = '\000' <repeats 39 times>, __align > = 0}, c_sb = 0x0, c_starttime = 0, c_activitytime = 0, c_connid = > 18446744073709551615, c_peer_domain = {bv_len = 0, bv_val = 0x4f2c70 ""}, > c_peer_name = {bv_len = 0, > bv_val = 0x4f2c70 ""}, c_listener = 0x4fad40, c_sasl_bind_mech > = {bv_len = 0, bv_val = 0x0}, c_sasl_dn = {bv_len = 0, bv_val = 0x0}, > c_sasl_authz_dn = {bv_len = 0, bv_val = 0x0}, c_authz_backend = 0x0, > c_authz_cookie = 0x0, c_authz = { > sai_method = 0, sai_mech = {bv_len = 0, bv_val = 0x0}, sai_dn = > {bv_len = 0, bv_val = 0x0}, sai_ndn = {bv_len = 0, bv_val = 0x0}, sai_ssf = > 0, sai_transport_ssf = 0, sai_tls_ssf = 0, sai_sasl_ssf = 0}, c_protocol = > 0, c_ops = {stqh_first = 0x0, > stqh_last = 0x0}, c_pending_ops = {stqh_first = 0x0, stqh_last > = 0x0}, c_write1_mutex = {__data = {__lock = 0, __count = 0, __owner = 0, > __nusers = 0, __kind = 0, __spins = 0, __list = {__prev = 0x0, __next = > 0x0}}, > __size = '\000' <repeats 39 times>, __align = 0}, c_write1_cv = > {__data = {__lock = 0, __futex = 0, __total_seq = 0, __wakeup_seq = 0, > __woken_seq = 0, __mutex = 0x0, __nwaiters = 0, __broadcast_seq = 0}, > __size = '\000' <repeats 47 times>, > __align = 0}, c_write2_mutex = {__data = {__lock = 0, __count = > 0, __owner = 0, __nusers = 0, __kind = 0, __spins = 0, __list = {__prev = > 0x0, __next = 0x0}}, __size = '\000' <repeats 39 times>, __align = 0}, > c_write2_cv = {__data = { > __lock = 0, __futex = 0, __total_seq = 0, __wakeup_seq = 0, > __woken_seq = 0, __mutex = 0x0, __nwaiters = 0, __broadcast_seq = 0}, > __size = '\000' <repeats 47 times>, __align = 0}, c_currentber = 0x0, > c_writers = 0, c_writing = 0 '\000', > c_sasl_bind_in_progress = 0 '\000', c_writewaiter = 0 '\000', > c_is_tls = 0 '\000', c_needs_tls_accept = 0 '\000', c_sasl_layers = 0 > '\000', c_sasl_done = 0 '\000', c_sasl_authctx = 0x0, c_sasl_sockctx = 0x0, > c_sasl_extra = 0x0, > c_sasl_bindop = 0x0, c_pagedresults_state = {ps_be = 0x0, ps_size > = 0, ps_count = 0, ps_cookie = 0, ps_cookieval = {bv_len = 0, bv_val = > 0x0}}, c_n_ops_received = 0, c_n_ops_executing = 0, c_n_ops_pending = 0, > c_n_ops_completed = 0, c_n_get = 0, > c_n_read = 0, c_n_write = 0, c_extensions = 0x0, c_clientfunc = > 0, c_clientarg = 0x0, c_send_ldap_result = 0x4512ec > <slap_send_ldap_result>, c_send_search_entry = 0x4521d0 > <slap_send_search_entry>, > c_send_search_reference = 0x454280 <slap_send_search_reference>, > c_send_ldap_extended = 0x451c92 <slap_send_ldap_extended>, > c_send_ldap_intermediate = 0x451fad <slap_send_ldap_intermediate>} > opbuf = {ob_op = {o_hdr = 0x7f7939905560, o_tag = 102, o_time = > 1469196957, o_tincr = 1000000, o_bd = 0x7f7939904530, o_req_dn = {bv_len = > 0, bv_val = 0x160d058 ""}, o_req_ndn = {bv_len = 0, bv_val = 0x160d058 ""}, > o_request = {oq_add = { Here we see the offending o_tincr = 1000000 > rs_modlist = 0x7f7939905060, rs_e = 0x1}, oq_bind = > {rb_method = 965759072, rb_cred = {bv_len = 1, bv_val = 0x0}, rb_edn = > {bv_len = 0, bv_val = 0x0}, rb_ssf = 0, rb_mech = {bv_len = 0, bv_val = > 0x0}}, oq_compare = { > rs_ava = 0x7f7939905060}, oq_modify = {rs_mods = > {rs_modlist = 0x7f7939905060, rs_no_opattrs = 1 '\001'}, rs_increment = 0}, > oq_modrdn = {rs_mods = {rs_modlist = 0x7f7939905060, rs_no_opattrs = 1 > '\001'}, rs_deleteoldrdn = 0, rs_newrdn = { > bv_len = 0, bv_val = 0x0}, rs_nnewrdn = {bv_len = 0, > bv_val = 0x0}, rs_newSup = 0x0, rs_nnewSup = 0x0}, oq_search = {rs_scope = > 965759072, rs_deref = 32633, rs_slimit = 1, rs_tlimit = 0, rs_limit = 0x0, > rs_attrsonly = 0, rs_attrs = 0x0, > rs_filter = 0x0, rs_filterstr = {bv_len = 0, bv_val = > 0x0}}, oq_abandon = {rs_msgid = 965759072}, oq_cancel = {rs_msgid = > 965759072}, oq_extended = {rs_reqoid = {bv_len = 140158633529440, bv_val = > 0x1 <Address 0x1 out of bounds>}, > rs_flags = 0, rs_reqdata = 0x0}, oq_pwdexop = {rs_extended > = {rs_reqoid = {bv_len = 140158633529440, bv_val = 0x1 <Address 0x1 out of > bounds>}, rs_flags = 0, rs_reqdata = 0x0}, rs_old = {bv_len = 0, bv_val = > 0x0}, rs_new = {bv_len = 0, > bv_val = 0x0}, rs_mods = 0x0, rs_modtail = 0x0}}, > o_abandon = 0, o_cancel = 0, o_groups = 0x0, o_do_not_cache = 0 '\000', > o_is_auth_check = 0 '\000', o_dont_replicate = 1 '\001', o_acl_priv = > ACL_NONE, o_nocaching = 0 '\000', > o_delete_glue_parent = 0 '\000', o_no_schema_check = 1 '\001', > o_no_subordinate_glue = 0 '\000', o_ctrlflag = '\000' <repeats 14 times>, > "\002", '\000' <repeats 16 times>, o_controls = 0x7f79399056a8, o_authz = > {sai_method = 0, sai_mech = { > bv_len = 0, bv_val = 0x0}, sai_dn = {bv_len = 9, bv_val = > 0x1ba60d0 "cn=config"}, sai_ndn = {bv_len = 9, bv_val = 0x1ba60f0 > "cn=config"}, sai_ssf = 0, sai_transport_ssf = 0, sai_tls_ssf = 0, > sai_sasl_ssf = 0}, o_ber = 0x0, o_res_ber = 0x0, > o_callback = 0x7f7939904c00, o_ctrls = 0x0, o_csn = {bv_len = > 40, bv_val = 0x1210c040 "20160722141557.997975Z#000000#001#000000"}, > o_private = 0x0, o_extra = {slh_first = 0x0}, o_next = {stqe_next = 0x0}}, > ob_hdr = {oh_opid = 0, > oh_connid = 100, oh_conn = 0x7f79399057b0, oh_msgid = 0, > oh_protocol = 0, oh_tid = 140158633535232, oh_threadctx = 0x7f7939905b30, > oh_tmpmemctx = 0x3be91c0, oh_tmpmfuncs = 0x757640, oh_counters = 0x75ab80, > oh_log_prefix = "conn=-1 op=0", '\000' <repeats 243 times>}, > ob_controls = {0x0 <repeats 17 times>, 0x7f7939905230, 0x0 <repeats 14 > times>}} > op = 0x7f79399053f0 > rc = 0 > dostop = 0 > s = 10 > i = 1 > defer = 1 > fail = 0 > freeinfo = 0 > be = 0x1833d40 > #24 0x000000000043ae29 in connection_read_thread (ctx=0x7f7939905b30, > argv=0xa) at connection.c:1273 > rc = 0 > cri = {op = 0x0, func = 0x4b8c4f <do_syncrepl>, arg = 0x1638fa0, > ctx = 0x7f7939905b30, nullop = 0} > s = 10 > #25 0x00007f8cf3610552 in ldap_int_thread_pool_wrapper (xpool=0x1648000) at > tpool.c:956 > pq = 0x1648000 > pool = 0x180c180 > task = 0x65a78e0 > work_list = 0x1648070 > ctx = {ltu_pq = 0x1648000, ltu_id = 140158633535232, ltu_key = > {{ltk_key = 0x43a3b7, ltk_data = 0x6570000, ltk_free = 0x43a1fb > <conn_counter_destroy>}, {ltk_key = 0x4ae237, ltk_data = 0x3be91c0, > ltk_free = 0x4ae05c <slap_sl_mem_destroy>}, { > ltk_key = 0x1810d00, ltk_data = 0x8ede200, ltk_free = > 0x7f8cefc42783 <mdb_reader_free>}, {ltk_key = 0x7f8cefc375b4, ltk_data = > 0x1250c000, ltk_free = 0x7f8cefc37591 <search_stack_free>}, {ltk_key = > 0x7f8cefc34071, ltk_data = 0x1220c000, > ltk_free = 0x7f8cefc34029 <scope_chunk_free>}, {ltk_key = > 0x455655, ltk_data = 0x1367d480, ltk_free = 0x4555a8 <slap_op_q_destroy>}, > {ltk_key = 0x1811400, ltk_data = 0x18d19400, ltk_free = 0x7f8cefc42783 > <mdb_reader_free>}, {ltk_key = 0x0, > ltk_data = 0xe393200, ltk_free = 0}, {ltk_key = 0x0, ltk_data > = 0x0, ltk_free = 0} <repeats 24 times>}} > kctx = 0x0 > i = 32 > keyslot = 392 > hash = 4080100744 > pool_lock = 0 > freeme = 0 > __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" > #26 0x000000344a607aa1 in start_thread () from /lib64/libpthread.so.0 > No symbol table info available. > #27 0x000000344a2e8aad in clone () from /lib64/libc.so.6 > No symbol table info available. > (gdb) Anyway, we know the bad patch was 2d5996ac603391ddbd618425f88eb13e5e0e2cc0 so this should be easy to fix. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
bug in master not RE24. fixed in master.
changed notes changed state Open to Test moved from Incoming to Development
Howard Chu wrote: > Anyway, we know the bad patch was 2d5996ac603391ddbd618425f88eb13e5e0e2cc0 so > this should be easy to fix. > Fixed in master. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
--On Friday, July 29, 2016 12:43 AM +0100 Howard Chu <hyc@symas.com> wrote: > Howard Chu wrote: >> Anyway, we know the bad patch was >> 2d5996ac603391ddbd618425f88eb13e5e0e2cc0 so this should be easy to fix. >> > Fixed in master. Should fix ITS8462 as well. --Quanah -- Quanah Gibson-Mount Platform Architect Manager, Systems Team Zimbra, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration A division of Synacor, Inc
changed state Test to Closed