Full_Name: Emmanuel Lecharny Version: 2.4.42 OS: Linux CentOS 6 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (2a01:cb04:49:8d00:e9fd:e874:85a8:1553) On an architecture with 2 servers replicated using delta-syncrepl (MMR), doing some modififications on one server might lead to a core dump, where the stack trace shows that the mod->sm_numvals value is not what is expcted in the modify_add_values value : ... if ( !BER_BVISNULL( &mod->sm_values[mod->sm_numvals] )) { unsigned i; for ( i = 0; !BER_BVISNULL( &mod->sm_values[i] ); i++ ); assert( mod->sm_numvals == i ); } ... Here, the assert fails. Here is the stacktrace : (gdb) bt #0 0x0000003a9b632625 in raise () from /lib64/libc.so.6 #1 0x0000003a9b633e05 in abort () from /lib64/libc.so.6 #2 0x0000003a9b62b74e in __assert_fail_base () from /lib64/libc.so.6 #3 0x0000003a9b62b810 in __assert_fail () from /lib64/libc.so.6
The full stack trace that didn't get copied in the original ITS : #0 0x0000003a9b632625 in raise () from /lib64/libc.so.6 #1 0x0000003a9b633e05 in abort () from /lib64/libc.so.6 #2 0x0000003a9b62b74e in __assert_fail_base () from /lib64/libc.so.6 #3 0x0000003a9b62b810 in __assert_fail () from /lib64/libc.so.6 #4 0x000000000047efc8 in modify_add_values (e=0x7f7027ffdc90, mod=0x7f7018105560, permissive=0, text=0x7f7027ffe170, textbuf=0x7f7027ffdd00 "", textlen=256) at /home/build/sold-2.4.42.2/openldap/servers/slapd/mods.c:64 #5 0x00007f706e1909b9 in mdb_modify_internal (op=0x7f7027ffe1c0, tid=0x2685180, modlist=0x7f7018105560, e=0x7f7027ffdc90, text=0x7f7027ffe170, textbuf=0x7f7027ffdd00 "", textlen=256) at /home/build/sold-2.4.42.2/openldap/servers/slapd/back-mdb/modify.c:168 #6 0x00007f706e191a1c in mdb_modify (op=0x7f7027ffe1c0, rs=0x7f7027ffe150) at /home/build/sold-2.4.42.2/openldap/servers/slapd/back-mdb/modify.c:623 #7 0x00000000004945f0 in overlay_op_walk (op=0x7f7027ffe1c0, rs=0x7f7027ffe150, which=op_modify, oi=0x24fcef0, on=0xfefefefefefefeff) at /home/build/sold-2.4.42.2/openldap/servers/slapd/backover.c:677 #8 0x00000000004946a3 in over_op_func (op=0x7f7027ffe1c0, rs=0x7f7027ffe150, which=op_modify) at /home/build/sold-2.4.42.2/openldap/servers/slapd/backover.c:730 #9 0x00007f706df53a74 in ppolicy_bind_response (op=0x7f7018106040, rs=0x7f7027ffe9f0) at /home/build/sold-2.4.42.2/openldap/servers/slapd/overlays/ppolicy.c:1277 #10 0x000000000043d40c in slap_response_play (op=0x7f7018106040, rs=0x7f7027ffe9f0) at /home/build/sold-2.4.42.2/openldap/servers/slapd/result.c:521 #11 0x000000000043d83b in send_ldap_response (op=0x7f7018106040, rs=0x1da6) at /home/build/sold-2.4.42.2/openldap/servers/slapd/result.c:596 #12 0x000000000043ddd2 in slap_send_ldap_result (op=0x7f7018106040, rs=0x7f7027ffe9f0) at /home/build/sold-2.4.42.2/openldap/servers/slapd/result.c:891 #13 0x00007f706e18e9f1 in mdb_bind (op=0x7f7018106040, rs=0x7f7027ffe9f0) at /home/build/sold-2.4.42.2/openldap/servers/slapd/back-mdb/bind.c:150 #14 0x00000000004945f0 in overlay_op_walk (op=0x7f7018106040, rs=0x7f7027ffe9f0, which=op_bind, oi=0x24fcef0, on=0xfefefefefefefeff) at /home/build/sold-2.4.42.2/openldap/servers/slapd/backover.c:677 #15 0x00000000004946a3 in over_op_func (op=0x7f7018106040, rs=0x7f7027ffe9f0, which=op_bind) at /home/build/sold-2.4.42.2/openldap/servers/slapd/backover.c:730 #16 0x000000000044a769 in fe_op_bind (op=0x7f7018106040, rs=0x7f7027ffe9f0) at /home/build/sold-2.4.42.2/openldap/servers/slapd/bind.c:383 #17 0x0000000000449f51 in do_bind (op=0x7f7018106040, rs=0x7f7027ffe9f0) at /home/build/sold-2.4.42.2/openldap/servers/slapd/bind.c:205 #18 0x000000000042ecb6 in connection_operation (ctx=0x7f7027ffeb70, arg_v=0x7f7018106040) at /home/build/sold-2.4.42.2/openldap/servers/slapd/connection.c:1158 #19 0x000000000042f4b3 in connection_read_thread (ctx=0x7f7027ffeb70, argv=<value optimized out>) at /home/build/sold-2.4.42.2/openldap/servers/slapd/connection.c:1294 #20 0x00007f707002a7bc in ldap_int_thread_pool_wrapper (xpool=<value optimized out>) at /home/build/sold-2.4.42.2/openldap/libraries/libldap_r/tpool.c:956 #21 0x0000003a9ba07a51 in start_thread () from /lib64/libpthread.so.0 #22 0x0000003a9b6e896d in clone () from /lib64/libc.so.6
changed notes changed state Open to Test moved from Incoming to Software Bugs
I would like to mention that I just faced this problem in OpenLDAP 2.4.43 with the ppolicy overlay. The bug only occurs if a default ppolicy is defined in overlay configuration, but no corresponding entry in LDAP server is found. There is no bug if the configuration entry is found, so this is not a big deal. <= ldap_dn2bv(uid=coudot,ou=users,dc=example,dc=com)=0 56682739 <<< dnPrettyNormal: <uid=coudot,ou=users,dc=example,dc=com>, <uid=coudot,ou=users,dc=example,dc=com> 56682739 conn=1000 op=0 BIND dn="uid=coudot,ou=users,dc=example,dc=com" method=128 56682739 do_bind: version=3 dn="uid=coudot,ou=users,dc=example,dc=com" method=128 56682739 => mdb_entry_get: ndn: "uid=coudot,ou=users,dc=example,dc=com" 56682739 => mdb_entry_get: oc: "(null)", at: "(null)" 56682739 mdb_dn2entry("uid=coudot,ou=users,dc=example,dc=com") 56682739 => mdb_dn2id("uid=coudot,ou=users,dc=example,dc=com") 56682739 <= mdb_dn2id: got id=0x7 56682739 => mdb_entry_decode: 56682739 <= mdb_entry_decode 56682739 => mdb_entry_get: found entry: "uid=coudot,ou=users,dc=example,dc=com" 56682739 mdb_entry_get: rc=0 56682739 => mdb_entry_get: ndn: "ou=bug,ou=ppolicy,dc=example,dc=com" 56682739 => mdb_entry_get: oc: "(null)", at: "(null)" 56682739 mdb_dn2entry("ou=bug,ou=ppolicy,dc=example,dc=com") 56682739 => mdb_dn2id("ou=bug,ou=ppolicy,dc=example,dc=com") 56682739 <= mdb_dn2id: get failed: MDB_NOTFOUND: No matching key/data pair found (-30798) 56682739 => mdb_entry_get: cannot find entry: "ou=bug,ou=ppolicy,dc=example,dc=com" 56682739 mdb_entry_get: rc=32 56682739 ppolicy_get: using default policy 56682739 ==> mdb_bind: dn: uid=coudot,ou=users,dc=example,dc=com 56682739 mdb_dn2entry("uid=coudot,ou=users,dc=example,dc=com") 56682739 => mdb_dn2id("uid=coudot,ou=users,dc=example,dc=com") 56682739 <= mdb_dn2id: got id=0x7 56682739 => mdb_entry_decode: 56682739 <= mdb_entry_decode 56682739 => access_allowed: result not in cache (userPassword) 56682739 => access_allowed: auth access to "uid=coudot,ou=users,dc=example,dc=com" "userPassword" requested 56682739 => dn: [1] ou=users,dc=example,dc=com 56682739 => acl_get: [1] matched 56682739 => acl_get: [1] attr userPassword 56682739 => acl_mask: access to entry "uid=coudot,ou=users,dc=example,dc=com", attr "userPassword" requested 56682739 => acl_mask: to value by "", (=0) 56682739 <= check a_dn_pat: uid=websso,ou=applications,dc=example,dc=com 56682739 <= check a_dn_pat: uid=syncrepl,ou=applications,dc=example,dc=com 56682739 <= check a_dn_pat: self 56682739 <= check a_dn_pat: * 56682739 <= acl_mask: [4] applying auth(=xd) (stop) 56682739 <= acl_mask: [4] mask: auth(=xd) 56682739 => slap_access_allowed: auth access granted by auth(=xd) 56682739 => access_allowed: auth access granted by auth(=xd) 56682739 send_ldap_result: conn=1000 op=0 p=3 56682739 send_ldap_result: err=49 matched="" text="" 56682739 => mdb_entry_get: ndn: "uid=coudot,ou=users,dc=example,dc=com" 56682739 => mdb_entry_get: oc: "(null)", at: "(null)" 56682739 mdb_dn2entry("uid=coudot,ou=users,dc=example,dc=com") 56682739 => mdb_dn2id("uid=coudot,ou=users,dc=example,dc=com") 56682739 <= mdb_dn2id: got id=0x7 56682739 => mdb_entry_decode: 56682739 <= mdb_entry_decode 56682739 => mdb_entry_get: found entry: "uid=coudot,ou=users,dc=example,dc=com" 56682739 mdb_entry_get: rc=0 56682739 => mdb_entry_get: ndn: "uid=coudot,ou=users,dc=example,dc=com" 56682739 => mdb_entry_get: oc: "(null)", at: "(null)" 56682739 mdb_dn2entry("uid=coudot,ou=users,dc=example,dc=com") 56682739 => mdb_dn2id("uid=coudot,ou=users,dc=example,dc=com") 56682739 <= mdb_dn2id: got id=0x7 56682739 => mdb_entry_decode: 56682739 <= mdb_entry_decode 56682739 => mdb_entry_get: found entry: "uid=coudot,ou=users,dc=example,dc=com" 56682739 mdb_entry_get: rc=0 56682739 => mdb_search 56682739 mdb_dn2entry("uid=coudot,ou=users,dc=example,dc=com") 56682739 => mdb_dn2id("uid=coudot,ou=users,dc=example,dc=com") 56682739 <= mdb_dn2id: got id=0x7 56682739 => mdb_entry_decode: 56682739 <= mdb_entry_decode 56682739 => access_allowed: search access to "uid=coudot,ou=users,dc=example,dc=com" "entry" requested 56682739 <= root access granted 56682739 => access_allowed: search access granted by manage(=mwrscxd) 56682739 base_candidates: base: "uid=coudot,ou=users,dc=example,dc=com" (0x00000007) 56682739 => test_filter 56682739 EQUALITY 56682739 => access_allowed: search access to "uid=coudot,ou=users,dc=example,dc=com" "objectClass" requested 56682739 <= root access granted 56682739 => access_allowed: search access granted by manage(=mwrscxd) 56682739 <= test_filter 5 56682739 mdb_search: 7 does not match filter 56682739 send_ldap_result: conn=1000 op=0 p=3 56682739 send_ldap_result: err=0 matched="" text="" 56682739 constraint_update() 56682739 => mdb_entry_get: ndn: "uid=coudot,ou=users,dc=example,dc=com" 56682739 => mdb_entry_get: oc: "(null)", at: "(null)" 56682739 mdb_dn2entry("uid=coudot,ou=users,dc=example,dc=com") 56682739 => mdb_dn2id("uid=coudot,ou=users,dc=example,dc=com") 56682739 <= mdb_dn2id: got id=0x7 56682739 => mdb_entry_decode: 56682739 <= mdb_entry_decode 56682739 => mdb_entry_get: found entry: "uid=coudot,ou=users,dc=example,dc=com" 56682739 mdb_entry_get: rc=0 56682739 => mdb_entry_get: ndn: "uid=coudot,ou=users,dc=example,dc=com" 56682739 => mdb_entry_get: oc: "(null)", at: "(null)" 56682739 mdb_dn2entry("uid=coudot,ou=users,dc=example,dc=com") 56682739 => mdb_dn2id("uid=coudot,ou=users,dc=example,dc=com") 56682739 <= mdb_dn2id: got id=0x7 56682739 => mdb_entry_decode: 56682739 <= mdb_entry_decode 56682739 => mdb_entry_get: found entry: "uid=coudot,ou=users,dc=example,dc=com" 56682739 mdb_entry_get: rc=0 56682739 => mdb_entry_get: ndn: "ou=bug,ou=ppolicy,dc=example,dc=com" 56682739 => mdb_entry_get: oc: "(null)", at: "(null)" 56682739 mdb_dn2entry("ou=bug,ou=ppolicy,dc=example,dc=com") 56682739 => mdb_dn2id("ou=bug,ou=ppolicy,dc=example,dc=com") 56682739 <= mdb_dn2id: get failed: MDB_NOTFOUND: No matching key/data pair found (-30798) 56682739 => mdb_entry_get: cannot find entry: "ou=bug,ou=ppolicy,dc=example,dc=com" 56682739 mdb_entry_get: rc=32 56682739 ppolicy_get: using default policy 56682739 mdb_modify: uid=coudot,ou=users,dc=example,dc=com 56682739 slap_queue_csn: queueing 0x7fb05c104370 20151209130601.318371Z#000000#001#000000 56682739 mdb_dn2entry("uid=coudot,ou=users,dc=example,dc=com") 56682739 => mdb_dn2id("uid=coudot,ou=users,dc=example,dc=com") 56682739 <= mdb_dn2id: got id=0x7 56682739 => mdb_entry_decode: 56682739 <= mdb_entry_decode 56682739 mdb_modify_internal: 0x00000007: uid=coudot,ou=users,dc=example,dc=com 56682739 <= acl_access_allowed: granted to database root 56682739 mdb_modify_internal: replace pwdFailureTime slapd: mods.c:64: modify_add_values: Assertion `mod->sm_numvals == i' failed. Aborted (core dumped) Should be fixed by the patch done for this ITS, but I have not yet tested it. -- Clément OUDOT Consultant en logiciels libres, Expert infrastructure et sécurité Savoir-faire Linux
changed notes changed state Test to Release
fixed in master fixed in RE25 fixed in RE24 (2.4.44)
changed notes changed state Release to Closed