OpenLDAP
Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest

Viewing Incoming/6426
Full headers

From: a.afzali2003@gmail.com
Subject: slapd crash with 'Bus error'
Compose comment
Download message
State:
0 replies:
6 followups: 1 2 3 4 5 6

Major security issue: yes  no

Notes:

Notification:


Date: Wed, 09 Dec 2009 12:56:53 +0000
From: a.afzali2003@gmail.com
To: openldap-its@OpenLDAP.org
Subject: slapd crash with 'Bus error'
Full_Name: afshin afzali
Version: 2.4.19
OS: CentOS 5 - 64Bit
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (94.182.20.153)


I use "Apache Directory Studio" to manage my directory service. Randomly I used
an invalid attribute ( cn ) to create an country object. 

Regards,
-- afshin


>>> slap_listener(ldap:///)
connection_get(13)
connection_get(13): got connid=0
connection_read(13): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 42 contents:
op tag 0x60, time 1260363040
ber_get_next
conn=0 op=0 do_bind
ber_scanf fmt ({imt) ber:
ber_scanf fmt (m}) ber:
>>> dnPrettyNormal: <cn=root,dc=callee,dc=ir>
=> ldap_bv2dn(cn=root,dc=callee,dc=ir,0)
<= ldap_bv2dn(cn=root,dc=callee,dc=ir)=0 
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=root,dc=callee,dc=ir)=0 
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=root,dc=callee,dc=ir)=0 
<<< dnPrettyNormal: <cn=root,dc=callee,dc=ir>,
<cn=root,dc=callee,dc=ir>
do_bind: version=3 dn="cn=root,dc=callee,dc=ir" method=128
==> ndb_back_bind: dn: cn=root,dc=callee,dc=ir
do_bind: v3 bind: "cn=root,dc=callee,dc=ir" to "cn=root,dc=callee,dc=ir"
send_ldap_result: conn=0 op=0 p=3
send_ldap_result: err=0 matched="" text=""
send_ldap_response: msgid=1 tag=97 err=0
ber_flush2: 22 bytes to sd 13
connection_get(13)
connection_get(13): got connid=0
connection_read(13): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 56 contents:
op tag 0x63, time 1260363040
ber_get_next
conn=0 op=1 do_search
ber_scanf fmt ({miiiib) ber:
>>> dnPrettyNormal: <>
<<< dnPrettyNormal: <>, <>
SRCH "" 0 3    0 0 0
ber_scanf fmt (m) ber:
    filter: (objectClass=*)
ber_scanf fmt ({M}}) ber:
    attrs: subschemaSubentry
=> send_search_entry: conn 0 dn=""
ber_flush2: 68 bytes to sd 13
<= send_search_entry: conn 0 exit.
send_ldap_result: conn=0 op=1 p=3
send_ldap_result: err=0 matched="" text=""
send_ldap_response: msgid=2 tag=101 err=0
ber_flush2: 22 bytes to sd 13
connection_get(13)
connection_get(13): got connid=0
connection_read(13): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 96 contents:
op tag 0x63, time 1260363040
ber_get_next
conn=0 op=2 do_search
ber_scanf fmt ({miiiib) ber:
>>> dnPrettyNormal: <cn=Subschema>
=> ldap_bv2dn(cn=Subschema,0)
<= ldap_bv2dn(cn=Subschema)=0 
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=Subschema)=0 
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=subschema)=0 
<<< dnPrettyNormal: <cn=Subschema>, <cn=subschema>
SRCH "cn=Subschema" 0 3    0 0 0
ber_scanf fmt ({mm}) ber:
    filter: (objectClass=subschema)
ber_scanf fmt ({M}}) ber:
    attrs: createTimestamp modifyTimestamp
=> send_search_entry: conn 0 dn="cn=Subschema"
ber_flush2: 127 bytes to sd 13
<= send_search_entry: conn 0 exit.
send_ldap_result: conn=0 op=2 p=3
send_ldap_result: err=0 matched="" text=""
send_ldap_response: msgid=3 tag=101 err=0
ber_flush2: 22 bytes to sd 13
connection_get(13)
connection_get(13): got connid=0
connection_read(13): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 174 contents:
op tag 0x63, time 1260363040
ber_get_next
conn=0 op=3 do_search
ber_scanf fmt ({miiiib) ber:
>>> dnPrettyNormal: <cn=Subschema>
=> ldap_bv2dn(cn=Subschema,0)
<= ldap_bv2dn(cn=Subschema)=0 
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=Subschema)=0 
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=subschema)=0 
<<< dnPrettyNormal: <cn=Subschema>, <cn=subschema>
SRCH "cn=Subschema" 0 3    0 0 0
ber_scanf fmt ({mm}) ber:
    filter: (objectClass=subschema)
ber_scanf fmt ({M}}) ber:
    attrs: objectClasses attributeTypes ldapSyntaxes matchingRules
matchingRuleUse createTimestamp modifyTimestamp
=> send_search_entry: conn 0 dn="cn=Subschema"
ber_flush2: 71646 bytes to sd 13
<= send_search_entry: conn 0 exit.
send_ldap_result: conn=0 op=3 p=3
send_ldap_result: err=0 matched="" text=""
send_ldap_response: msgid=4 tag=101 err=0
ber_flush2: 22 bytes to sd 13
connection_get(13)
connection_get(13): got connid=0
connection_read(13): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 221 contents:
op tag 0x63, time 1260363040
ber_get_next
conn=0 op=4 do_search
ber_scanf fmt ({miiiib) ber:
>>> dnPrettyNormal: <>
<<< dnPrettyNormal: <>, <>
SRCH "" 0 0    0 0 0
ber_scanf fmt (m) ber:
    filter: (objectClass=*)
ber_scanf fmt ({M}}) ber:
    attrs: namingContexts subschemaSubentry supportedLDAPVersion
supportedSASLMechanisms supportedExtension supportedControl supportedFeatures
vendorName vendorVersion + objectClass
=> send_search_entry: conn 0 dn=""
ber_flush2: 797 bytes to sd 13
<= send_search_entry: conn 0 exit.
send_ldap_result: conn=0 op=4 p=3
send_ldap_result: err=0 matched="" text=""
send_ldap_

Message of length 13206 truncated

Followup 1

Download message
Date: Wed, 09 Dec 2009 14:54:51 -0800
From: Quanah Gibson-Mount <quanah@zimbra.com>
To: a.afzali2003@gmail.com, openldap-its@openldap.org
Subject: Re: (ITS#6426) slapd crash with 'Bus error'
--On Wednesday, December 09, 2009 12:56 PM +0000 a.afzali2003@gmail.com 
wrote:

> Full_Name: afshin afzali
> Version: 2.4.19
> OS: CentOS 5 - 64Bit
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (94.182.20.153)

> Bus error
> [root@dc1 openldap]#

Please provide a GDB backtrace of the crash with full debugging symbols.

Thanks


--Quanah



--

Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration



Followup 2

Download message
Date: Thu, 10 Dec 2009 08:22:34 -0800
From: Quanah Gibson-Mount <quanah@zimbra.com>
To: afshin afzali <a.afzali2003@gmail.com>
cc: openldap-its@openldap.org
Subject: Re: (ITS#6426) slapd crash with 'Bus error'
--On Thursday, December 10, 2009 1:02 PM +0330 afshin afzali 
<a.afzali2003@gmail.com> wrote:

> Hi Quanah
>
> I did reconfigure with --enable-debug, but just could get this:

To build with debugging symbols, you need to use a CFLAGS value of -g, like:

CFLAGS="-g" ./configure <whatever options you use>
make depend
make

make install DESTDIR=/my/path/to/install STRIP=""


The STRIP="" ensures none of the debugging symbols inserted by gcc get 
stripped out.

--Quanah


--

Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration



Followup 3

Download message
Date: Sat, 12 Dec 2009 09:47:51 -0800
From: Quanah Gibson-Mount <quanah@zimbra.com>
To: afshin afzali <a.afzali2003@gmail.com>
cc: openldap-its@openldap.org
Subject: Re: (ITS#6426) slapd crash with 'Bus error'
--On Saturday, December 12, 2009 1:16 PM +0330 afshin afzali=20
<a.afzali2003@gmail.com> wrote:

> Hi,
> It is makes no difference except that the 'Bus error' replaced with
> 'Segmentation fault'. Also I've used the 'make clean' to cleanup my
> installation. Any suggestion ?
>
> Regards,
> =C2=A0
>
>
> [root@dc1 libexec]# gdb --core=3Dcore.12305
> GNU gdb Fedora (6.8-37.el5)
> Copyright (C) 2008 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later
> <http://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.=C2=A0 Type "show
> copying"
> and "show warranty" for details.
> This GDB was configured as "x86_64-redhat-linux-gnu".
> Core was generated by `./slapd -d5'.
> Program terminated with signal 11, Segmentation fault.
> [New process 12313]
> [New process 12314]
> [New process 12312]
> [New process 12311]
> [New process 12310]
> [New process 12309]
> [New process 12308]
> [New process 12307]
> [New process 12305]
># 0=C2=A0 0x000000000066f891 in ?? ()
> (gdb)

So where's the thr apply all bt command inside gdb?  You've just loaded the =

core, you haven't asked for any information.

Also, keep replies to the bug tracker (i.e., CC it as well) if you want=20
help.

--Quanah


--

Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration



Followup 4

Download message
Date: Mon, 14 Dec 2009 16:31:10 -0800
From: Quanah Gibson-Mount <quanah@zimbra.com>
To: openldap-its@openldap.org, afshin afzali <a.afzali2003@gmail.com>
Subject: Re: (ITS#6426) slapd crash with 'Bus error'
--On Saturday, December 12, 2009 5:48 PM +0000 quanah@zimbra.com wrote:


>># 0=C2=A0 0x000000000066f891 in ?? ()
>> (gdb)
>
> So where's the thr apply all bt command inside gdb?  You've just loaded

Please provide the backtrace as noted if you want this to be further 
investigated.  Thanks!

Again, after you run:

gdb </slapd> <core>

You then need to run:

thr apply all bt

To get a backtrace of all threads, and then submit that to the ITS.

--Quanah


--

Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration



Followup 5

Download message
Date: Tue, 15 Dec 2009 00:28:59 -0800
From: Quanah Gibson-Mount <quanah@zimbra.com>
To: afshin afzali <a.afzali2003@gmail.com>
cc: openldap-its@openldap.org
Subject: Re: (ITS#6426) slapd crash with 'Bus error'
Afshin,

Copy openldap-its@openldap.org on all you replies so they go into the bug=20
tracker, so that others can see them.

--Quanah

--On Tuesday, December 15, 2009 10:39 AM +0330 afshin afzali=20
<a.afzali2003@gmail.com> wrote:

> Hi Quanah,
>
> Appreciate your help. Hope this be helpful.
> -- afshin
>
>
> [root@dc1 libexec]# gdb ./slapd core.12305
> GNU gdb Fedora (6.8-37.el5)
> Copyright (C) 2008 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later
> <http://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.=C2=A0 Type "show
> copying"
> and "show warranty" for details.
> This GDB was configured as "x86_64-redhat-linux-gnu"...
> Reading symbols from /lib64/libuuid.so.1...done.
> Loaded symbols for /lib64/libuuid.so.1
> Reading symbols from /lib64/librt.so.1...done.
> Loaded symbols for /lib64/librt.so.1
> Reading symbols from /lib64/libcrypt.so.1...done.
> Loaded symbols for /lib64/libcrypt.so.1
> Reading symbols from /lib64/libnsl.so.1...done.
> Loaded symbols for /lib64/libnsl.so.1
> Reading symbols from /lib64/libm.so.6...done.
> Loaded symbols for /lib64/libm.so.6
> Reading symbols from /lib64/libpthread.so.0...done.
> Loaded symbols for /lib64/libpthread.so.0
> Reading symbols from /usr/lib64/libstdc++.so.6...done.
> Loaded symbols for /usr/lib64/libstdc++.so.6
> Reading symbols from /usr/lib64/libsasl2.so.2...done.
> Loaded symbols for /usr/lib64/libsasl2.so.2
> Reading symbols from /lib64/libssl.so.6...done.
> Loaded symbols for /lib64/libssl.so.6
> Reading symbols from /lib64/libcrypto.so.6...done.
> Loaded symbols for /lib64/libcrypto.so.6
> Reading symbols from /lib64/libresolv.so.2...done.
> Loaded symbols for /lib64/libresolv.so.2
> Reading symbols from /lib64/libgcc_s.so.1...done.
> Loaded symbols for /lib64/libgcc_s.so.1
> Reading symbols from /lib64/libc.so.6...done.
> Loaded symbols for /lib64/libc.so.6
> Reading symbols from /lib64/ld-linux-x86-64.so.2...done.
> Loaded symbols for /lib64/ld-linux-x86-64.so.2
> Reading symbols from /lib64/libdl.so.2...done.
> Loaded symbols for /lib64/libdl.so.2
> Reading symbols from /usr/lib64/libgssapi_krb5.so.2...done.
> Loaded symbols for /usr/lib64/libgssapi_krb5.so.2
> Reading symbols from /usr/lib64/libkrb5.so.3...done.
> Loaded symbols for /usr/lib64/libkrb5.so.3
> Reading symbols from /lib64/libcom_err.so.2...done.
> Loaded symbols for /lib64/libcom_err.so.2
> Reading symbols from /usr/lib64/libk5crypto.so.3...done.
> Loaded symbols for /usr/lib64/libk5crypto.so.3
> Reading symbols from /usr/lib64/libz.so.1...done.
> Loaded symbols for /usr/lib64/libz.so.1
> Reading symbols from /usr/lib64/libkrb5support.so.0...done.
> Loaded symbols for /usr/lib64/libkrb5support.so.0
> Reading symbols from /lib64/libkeyutils.so.1...done.
> Loaded symbols for /lib64/libkeyutils.so.1
> Reading symbols from /lib64/libselinux.so.1...done.
> Loaded symbols for /lib64/libselinux.so.1
> Reading symbols from /lib64/libsepol.so.1...done.
> Loaded symbols for /lib64/libsepol.so.1
> Reading symbols from /lib64/libnss_files.so.2...done.
> Loaded symbols for /lib64/libnss_files.so.2
> Reading symbols from /usr/lib64/sasl2/libanonymous.so.2...done.
> Loaded symbols for /usr/lib64/sasl2/libanonymous.so.2
> Reading symbols from /usr/lib64/sasl2/libsasldb.so.2...done.
> Loaded symbols for /usr/lib64/sasl2/libsasldb.so.2
> Reading symbols from /usr/lib64/sasl2/liblogin.so.2...done.
> Loaded symbols for /usr/lib64/sasl2/liblogin.so.2
> Reading symbols from /usr/lib64/sasl2/libplain.so.2...done.
> Loaded symbols for /usr/lib64/sasl2/libplain.so.2
> Core was generated by `./slapd -d5'.
> Program terminated with signal 11, Segmentation fault.
> [New process 12313]
> [New process 12314]
> [New process 12312]
> [New process 12311]
> [New process 12310]
> [New process 12309]
> [New process 12308]
> [New process 12307]
> [New process 12305]
># 0=C2=A0 NdbTransaction::execute (this=3D0x15,
># aTypeOfExec=3DNdbTransaction::Rollback,
> =C2=A0=C2=A0=C2=A0 abortOption=3DNdbOperation::DefaultAbortOption, =
forceSend=3D0)
> =C2=A0=C2=A0=C2=A0 at NdbTransaction.cpp:278
> 278=C2=A0=C2=A0=C2=A0=C2=A0 NdbTransaction.cpp: No such file or =
directory.
> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 in NdbTransaction.cpp
> (gdb) thr apply all bt
>
> Thread 9 (process 12305):
># 0=C2=A0 0x000000370e8077e5 in pthread_join () from =
/lib64/libpthread.so.0
># 1=C2=A0 0x000000000059affb in ldap_pvt_thread_join (thread=3D1107417408,
> =C2=A0=C2=A0=C2=A0 thread_return=3D0x0) at thr_posix.c:197
># 2=C2=A0 0x00000000004ba2a8 in slapd_daemon () at daemon.c:2835
># 3=C2=A0 0x000000000049

Message of length 12617 truncated


Followup 6

Download message
Date: Tue, 15 Dec 2009 08:38:19 +0000
Subject: Re: Re: (ITS#6426) slapd crash with 'Bus error'
From: a.afzali2003@gmail.com
To: Quanah Gibson-Mount <quanah@zimbra.com>
Cc: openldap-its@openldap.org
--001485f6da5ee30006047ac04fe7
Content-Type: text/plain; charset=ISO-8859-1; format=flowed; delsp=yes

Regards,
-- afshin

On Dec 15, 2009 11:58am, Quanah Gibson-Mount <quanah@zimbra.com> wrote:
> Afshin,



> Copy openldap-its@openldap.org on all you replies so they go into the bug  
> tracker, so that others can see them.



> --Quanah



> --On Tuesday, December 15, 2009 10:39 AM +0330 afshin afzali  
> a.afzali2003@gmail.com> wrote:




> Hi Quanah,



> Appreciate your help. Hope this be helpful.

> -- afshin





> [root@dc1 libexec]# gdb ./slapd core.12305

> GNU gdb Fedora (6.8-37.el5)

> Copyright (C) 2008 Free Software Foundation, Inc.

> License GPLv3+: GNU GPL version 3 or later

> http://gnu.org/licenses/gpl.html>

> This is free software: you are free to change and redistribute it.

> There is NO WARRANTY, to the extent permitted by law. Type "show

> copying"

> and "show warranty" for details.

> This GDB was configured as "x86_64-redhat-linux-gnu"...

> Reading symbols from /lib64/libuuid.so.1...done.

> Loaded symbols for /lib64/libuuid.so.1

> Reading symbols from /lib64/librt.so.1...done.

> Loaded symbols for /lib64/librt.so.1

> Reading symbols from /lib64/libcrypt.so.1...done.

> Loaded symbols for /lib64/libcrypt.so.1

> Reading symbols from /lib64/libnsl.so.1...done.

> Loaded symbols for /lib64/libnsl.so.1

> Reading symbols from /lib64/libm.so.6...done.

> Loaded symbols for /lib64/libm.so.6

> Reading symbols from /lib64/libpthread.so.0...done.

> Loaded symbols for /lib64/libpthread.so.0

> Reading symbols from /usr/lib64/libstdc++.so.6...done.

> Loaded symbols for /usr/lib64/libstdc++.so.6

> Reading symbols from /usr/lib64/libsasl2.so.2...done.

> Loaded symbols for /usr/lib64/libsasl2.so.2

> Reading symbols from /lib64/libssl.so.6...done.

> Loaded symbols for /lib64/libssl.so.6

> Reading symbols from /lib64/libcrypto.so.6...done.

> Loaded symbols for /lib64/libcrypto.so.6

> Reading symbols from /lib64/libresolv.so.2...done.

> Loaded symbols for /lib64/libresolv.so.2

> Reading symbols from /lib64/libgcc_s.so.1...done.

> Loaded symbols for /lib64/libgcc_s.so.1

> Reading symbols from /lib64/libc.so.6...done.

> Loaded symbols for /lib64/libc.so.6

> Reading symbols from /lib64/ld-linux-x86-64.so.2...done.

> Loaded symbols for /lib64/ld-linux-x86-64.so.2

> Reading symbols from /lib64/libdl.so.2...done.

> Loaded symbols for /lib64/libdl.so.2

> Reading symbols from /usr/lib64/libgssapi_krb5.so.2...done.

> Loaded symbols for /usr/lib64/libgssapi_krb5.so.2

> Reading symbols from /usr/lib64/libkrb5.so.3...done.

> Loaded symbols for /usr/lib64/libkrb5.so.3

> Reading symbols from /lib64/libcom_err.so.2...done.

> Loaded symbols for /lib64/libcom_err.so.2

> Reading symbols from /usr/lib64/libk5crypto.so.3...done.

> Loaded symbols for /usr/lib64/libk5crypto.so.3

> Reading symbols from /usr/lib64/libz.so.1...done.

> Loaded symbols for /usr/lib64/libz.so.1

> Reading symbols from /usr/lib64/libkrb5support.so.0...done.

> Loaded symbols for /usr/lib64/libkrb5support.so.0

> Reading symbols from /lib64/libkeyutils.so.1...done.

> Loaded symbols for /lib64/libkeyutils.so.1

> Reading symbols from /lib64/libselinux.so.1...done.

> Loaded symbols for /lib64/libselinux.so.1

> Reading symbols from /lib64/libsepol.so.1...done.

> Loaded symbols for /lib64/libsepol.so.1

> Reading symbols from /lib64/libnss_files.so.2...done.

> Loaded symbols for /lib64/libnss_files.so.2

> Reading symbols from /usr/lib64/sasl2/libanonymous.so.2...done.

> Loaded symbols for /usr/lib64/sasl2/libanonymous.so.2

> Reading symbols from /usr/lib64/sasl2/libsasldb.so.2...done.

> Loaded symbols for /usr/lib64/sasl2/libsasldb.so.2

> Reading symbols from /usr/lib64/sasl2/liblogin.so.2...done.

> Loaded symbols for /usr/lib64/sasl2/liblogin.so.2

> Reading symbols from /usr/lib64/sasl2/libplain.so.2...done.

> Loaded symbols for /usr/lib64/sasl2/libplain.so.2

> Core was generated by `./slapd -d5'.

> Program terminated with signal 11, Segmentation fault.

> [New process 12313]

> [New process 12314]

> [New process 12312]

> [New process 12311]

> [New process 12310]

> [New process 12309]

> [New process 12308]

> [New process 12307]

> [New process 12305]

> # 0 NdbTransaction::execute (this=0x15,

> # aTypeOfExec=NdbTransaction::Rollback,

> abortOption=NdbOperation::DefaultAbortOption, forceSend=0)

> at NdbTransaction.cpp:278

> 278 NdbTransaction.cpp: No such file or directory.

> in NdbTransaction.cpp

> (gdb) thr apply all bt



> Thread 9 (process 12305):

> # 0 0x000000370e8077e5 in pthread_join () from /lib64/libpthread.so.0

> # 1 0x000000000059affb in ldap_pvt_thread_join (thread=11074

Message of length 34570 truncated

Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest


The OpenLDAP Issue Tracking System uses a hacked version of JitterBug

______________
© Copyright 2013, OpenLDAP Foundation, info@OpenLDAP.org