Full_Name: Timothy Pearson Version: 2.4.35 OS: Debian Wheezy URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (131.156.2.26) slapd sporadically crashes in slapd_free_controls when syncrepl enabled and plugins are in use. The crash is caused by an invalid free in the slapi overlay; it only occurs on the provider in a syncrepl setup. This is the backtrace: Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7fffe1536700 (LWP 24523)] *__GI___libc_free (mem=0x18) at malloc.c:3709 3709 malloc.c: No such file or directory. (gdb) (gdb) bt #0 *__GI___libc_free (mem=0x18) at malloc.c:3709 #1 0x00007ffff7974d01 in ber_memfree_x (p=0x18, ctx=0x0) at ../../../../libraries/liblber/memory.c:152 #2 0x00005555555c3003 in slap_free_ctrls (op=0x555555ef0c60, ctrls=0x555555ef2570) at ../../../../servers/slapd/controls.c:569 #3 0x00005555555a41e5 in slap_send_search_entry (op=0x555555ef0c60, rs=0x7fffe1535a40) at ../../../../servers/slapd/result.c:1476 #4 0x00007ffff1e4c465 in hdb_search (op=0x555555ef0c60, rs=0x7fffe1535a40) at search.c:1014 #5 0x00005555555ff1c6 in overlay_op_walk (op=0x555555ef0c60, rs=0x7fffe1535a40, which=op_search, oi=0x5555559e5e70, on=0x0) at ../../../../servers/slapd/backover.c:671 #6 0x00007ffff63bfe5a in slapi_op_func (op=0x555555ef0c60, rs=0x7fffe1535a40) at ../../../../../servers/slapd/slapi/slapi_overlay.c:650 #7 0x00005555555ff18a in overlay_op_walk (op=op@entry=0x555555ef0c60, rs=0x7fffe1535a40, which=op_search, oi=0x5555559e5e70, on=0x5555559e6a60) at ../../../../servers/slapd/backover.c:661 #8 0x00005555555ff31b in over_op_func (op=0x555555ef0c60, rs=<optimized out>, which=<optimized out>) at ../../../../servers/slapd/backover.c:723 #9 0x0000555555594641 in fe_op_search (op=0x555555ef0c60, rs=0x7fffe1535a40) at ../../../../servers/slapd/search.c:402 #10 0x0000555555593f06 in do_search (op=0x555555ef0c60, rs=0x7fffe1535a40) at ../../../../servers/slapd/search.c:247 #11 0x0000555555591961 in connection_operation (ctx=ctx@entry=0x7fffe1535bd0, arg_v=arg_v@entry=0x555555ef0c60) at ../../../../servers/slapd/connection.c:1150 #12 0x0000555555591c84 in connection_read_thread (ctx=0x7fffe1535bd0, argv=<optimized out>) at ../../../../servers/slapd/connection.c:1286 #13 0x00007ffff7b8dfbb in ldap_int_thread_pool_wrapper (xpool=0x55555590a2e0) at ../../../../libraries/libldap_r/tpool.c:688 #14 0x00007ffff5d79b50 in start_thread (arg=<optimized out>) at pthread_create.c:304 #15 0x00007ffff5ac3a7d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112 #16 0x0000000000000000 in ?? () (gdb) This patch fixes the problem: --- servers/slapd/slapi/slapi_overlay.c +++ servers/slapd/slapi/slapi_overlay.c @@ -454,11 +454,11 @@ n_slapi_ctrls = slapi_int_count_controls( slapi_ctrls ); n_rs_ctrls = slapi_int_count_controls( rs->sr_ctrls ); - slapi_pblock_set( pb, SLAPI_X_OLD_RESCONTROLS, (void *)rs->sr_ctrls ); - if ( n_slapi_ctrls == 0 ) return LDAP_SUCCESS; /* no SLAPI controls */ + slapi_pblock_set( pb, SLAPI_X_OLD_RESCONTROLS, (void *)rs->sr_ctrls ); + ctrls = (LDAPControl **) op->o_tmpalloc( ( n_slapi_ctrls + n_rs_ctrls + 1 ) * sizeof(LDAPControl *), op->o_tmpmemctx );
--On Thursday, July 18, 2013 4:47 PM +0000 kb9vqf@pearsoncomputing.net wrote: > Full_Name: Timothy Pearson > Version: 2.4.35 > OS: Debian Wheezy > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (131.156.2.26) > > > slapd sporadically crashes in slapd_free_controls when syncrepl enabled > and plugins are in use. The crash is caused by an invalid free in the > slapi overlay; it only occurs on the provider in a syncrepl setup. This > is the backtrace: Didn't you already report this in ITS#7636? Why are you opening an new ITS? --Quanah -- Quanah Gibson-Mount Lead Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration
> --On Thursday, July 18, 2013 4:47 PM +0000 kb9vqf@pearsoncomputing.net wrote: > >> Full_Name: Timothy Pearson >> Version: 2.4.35 >> OS: Debian Wheezy >> URL: ftp://ftp.openldap.org/incoming/ >> Submission from: (NULL) (131.156.2.26) >> >> >> slapd sporadically crashes in slapd_free_controls when syncrepl enabled and plugins are in use. The crash is caused by an invalid free in the slapi overlay; it only occurs on the provider in a syncrepl setup. This is the backtrace: > > Didn't you already report this in ITS#7636? Why are you opening an new ITS? > > --Quanah This is a different crash with a different cause and completely different backtrace. As far as I can tell there were two separate crashes related to syncrepl with slapi plugins enabled. The one I reported in ITS#7636 was constant and easily reproducible, therefore it somewhat masked the crash I have reported in this bug report. Should the two reports be merged even though the causes and backtraces are different?
--On Thursday, July 18, 2013 9:15 PM +0000 kb9vqf@pearsoncomputing.net wrote: >> --On Thursday, July 18, 2013 4:47 PM +0000 kb9vqf@pearsoncomputing.net > wrote: >> >>> Full_Name: Timothy Pearson >>> Version: 2.4.35 >>> OS: Debian Wheezy >>> URL: ftp://ftp.openldap.org/incoming/ >>> Submission from: (NULL) (131.156.2.26) >>> >>> >>> slapd sporadically crashes in slapd_free_controls when syncrepl enabled > and plugins are in use. The crash is caused by an invalid free in the > slapi overlay; it only occurs on the provider in a syncrepl setup. > This is the backtrace: >> >> Didn't you already report this in ITS#7636? Why are you opening an new > ITS? >> >> --Quanah > > This is a different crash with a different cause and completely different > backtrace. As far as I can tell there were two separate crashes related > to syncrepl with slapi plugins enabled. The one I reported in ITS#7636 > was constant and easily reproducible, therefore it somewhat masked the > crash I have reported in this bug report. > > Should the two reports be merged even though the causes and backtraces are > different? Nope, I just wanted to confirm it wasn't a duplicate. Thanks! --Quanah -- Quanah Gibson-Mount Lead Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration
kb9vqf@pearsoncomputing.net wrote: > Full_Name: Timothy Pearson > Version: 2.4.35 > OS: Debian Wheezy > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (131.156.2.26) > > > slapd sporadically crashes in slapd_free_controls when syncrepl enabled and > plugins are in use. The crash is caused by an invalid free in the slapi > overlay; it only occurs on the provider in a syncrepl setup. This is the > backtrace: > > This patch fixes the problem: Looks good, thanks. Committed to master. > --- servers/slapd/slapi/slapi_overlay.c > +++ servers/slapd/slapi/slapi_overlay.c > @@ -454,11 +454,11 @@ > n_slapi_ctrls = slapi_int_count_controls( slapi_ctrls ); > n_rs_ctrls = slapi_int_count_controls( rs->sr_ctrls ); > > - slapi_pblock_set( pb, SLAPI_X_OLD_RESCONTROLS, (void *)rs->sr_ctrls ); > - > if ( n_slapi_ctrls == 0 ) > return LDAP_SUCCESS; /* no SLAPI controls */ > > + slapi_pblock_set( pb, SLAPI_X_OLD_RESCONTROLS, (void *)rs->sr_ctrls ); > + > ctrls = (LDAPControl **) op->o_tmpalloc( > ( n_slapi_ctrls + n_rs_ctrls + 1 ) * sizeof(LDAPControl *), > op->o_tmpmemctx ); > > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
changed notes changed state Open to Test moved from Incoming to Software Bugs
changed notes changed state Test to Release
changed notes changed state Release to Closed
fixed in master fixed in RE24