[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: segfault in slapd (ITS#2196)



> Full_Name: Steve Sullivan
> Version: 2..1.8
> OS: redhat 7.3 linux
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (12.253.120.11)
>
>
> slapd generates a segfault.  Config:
>
> ./configure --prefix=/home/ss/ftp/openldap/tdi.218  --disable-bdb
> --enable-ldbm --enable-debug --enable-syslog --with-threads
>
> Running with gdb and -d 1 shows ...
>
> ....
> ====> cache_return_entry_r( 13 ): returned (0)
> do_bind: v3 bind: "DLESEloginName=ssmith,DLESEou=people,dc=dlese,dc=org"
> to "DLESEloginName=ssmith,DLESEou=people,dc=dlese,dc=org"
> send_ldap_result: conn=57 op=0 p=3
> send_ldap_response: msgid=1 tag=97 err=0
> ber_flush: 14 bytes to sd 22
> connection_get(22): got connid=57
> connection_read(22): checking for input on id=57
> ber_get_next
> ber_get_next: tag 0x30 len 226 contents:
> do_modify
> ber_scanf fmt ({m) ber:
> ber_scanf fmt ({i{m[W]}}) ber:
> => get_ctrls
> ber_scanf fmt ({a) ber:
> => get_ctrls: oid="2.16.840.1.113730.3.4.2" (noncritical)
> <= get_ctrls: n=1 rc=0 err=
>>>> dnPrettyNormal:
>>>> <DLESElistName=geology,DLESEsetName=testb,DLESEsetName=testa,DLESEsetName=open,DLESEou=lists,dc=dlese,dc=org>
> =>
> ldap_bv2dn(DLESElistName=geology,DLESEsetName=testb,DLESEsetName=testa,DLESEsetName=open,DLESEou=lists,dc=dlese,dc=org,0)
> <=
> ldap_bv2dn(DLESElistName=geology,DLESEsetName=testb,DLESEsetName=testa,DLESEsetName=open,DLESEou=lists,dc=dlese,dc=org,0)=0
> => ldap_dn2bv(272)
> <=
> ldap_dn2bv(DLESElistName=geology,DLESEsetName=testb,DLESEsetName=testa,DLESEsetName=open,DLESEou=lists,dc=dlese,dc=org,272)=0
> => ldap_dn2bv(272)
> <=
> ldap_dn2bv(DLESElistName=geology,DLESEsetName=testb,DLESEsetName=testa,DLESEsetName=open,DLESEou=lists,dc=dlese,dc=org,272)=0
> <<< dnPrettyNormal:
> <DLESElistName=geology,DLESEsetName=testb,DLESEsetName=testa,DLESEsetName=open,DLESEou=lists,dc=dlese,dc=org>,
> <DLESElistName=geology,DLESEsetName=testb,DLESEsetName=testa,DLESEsetName=open,DLESEou=lists,dc=dlese,dc=org>>>>
> dnPretty: <DLESEloginName=ssmith,DLESEou=people,dc=dlese,dc=org>
> => ldap_bv2dn(DLESEloginName=ssmith,DLESEou=people,dc=dlese,dc=org,0) <=
> ldap_bv2dn(DLESEloginName=ssmith,DLESEou=people,dc=dlese,dc=org,0)=0 =>
> ldap_dn2bv(272)
> <=
> ldap_dn2bv(DLESEloginName=ssmith,DLESEou=people,dc=dlese,dc=org,272)=0
> <<< dnPretty: <DLESEloginName=ssmith,DLESEou=people,dc=dlese,dc=org>
> ber_get_next
> ber_get_next on fd 22 failed errno=11 (Resource temporarily unavailable)
> dn2entry_w: dn:
> "DLESElistName=geology,DLESEsetName=testb,DLESEsetName=testa,DLESEsetName=open,DLESEou=lists,dc=dlese,dc=org"
> => dn2id(
> "DLESElistName=geology,DLESEsetName=testb,DLESEsetName=testa,DLESEsetName=open,DLESEou=lists,dc=dlese,dc=org"
> )
> ====>
> cache_find_entry_dn2id("DLESElistName=geology,DLESEsetName=testb,DLESEsetName=testa,DLESEsetName=open,DLESEou=lists,dc=dlese,dc=org"):
> 19 (1 tries)
> <= dn2id 19 (in cache)
> => id2entry_w( 19 )
> ====> cache_find_entry_id( 19 )
> "DLESElistName=geology,DLESEsetName=testb,DLESEsetName=testa,DLESEsetName=open,DLESEou=lists,dc=dlese,dc=org"
> (found) (1 tries)
> <= id2entry_w( 19 ) 0x81aad10 (cache)
> ldbm_modify_internal:
> DLESElistName=geology,DLESEsetName=testb,DLESEsetName=testa,DLESEsetName=open,DLESEou=lists,dc=dlese,dc=org
> => string_expand: pattern:
> DLESEloginName=mainAdmin,DLESEou=people,dc=dlese,dc=org
> => string_expand: expanded:
> DLESEloginName=mainAdmin,DLESEou=people,dc=dlese,dc=org
> => regex_matches:
> string:	DLESEloginName=ssmith,DLESEou=people,dc=dlese,dc=org =>
> regex_matches: rc: 1 no matches
> => string_expand: pattern:
> DLESEloginName=readAdmin,DLESEou=people,dc=dlese,dc=org
> => string_expand: expanded:
> DLESEloginName=readAdmin,DLESEou=people,dc=dlese,dc=org
> => regex_matches:
> string:	DLESEloginName=ssmith,DLESEou=people,dc=dlese,dc=org =>
> regex_matches: rc: 1 no matches
>
> Program received signal SIGSEGV, Segmentation fault.
> [Switching to Thread 9226 (LWP 20606)]
> 0x08063d2c in value_match (match=0x414aab54, ad=0x8128df0, mr=0x0,
> flags=0,
>     v1=0x81ab4a0, v2=0x414aab5c, text=0x414aab58) at value.c:287
> 287		if( !mr->smr_match ) {
> (gdb) where
> #0  0x08063d2c in value_match (match=0x414aab54, ad=0x8128df0, mr=0x0,
>     flags=0, v1=0x81ab4a0, v2=0x414aab5c, text=0x414aab58) at
> value.c:287
> #1  0x08067f07 in acl_mask (a=0x8128288, mask=0x414ab018, be=0x812a4c8,
>     conn=0x4025d818, op=0x81ab3d8, e=0x81aad10, desc=0x8128df0,
> val=0x81ab4a0,  matches=0x414ab01c, count=2, state=0x414ab39c) at
> acl.c:911
> #2  0x08066c24 in access_allowed (be=0x812a4c8, conn=0x4025d818,
> op=0x81ab3d8,
>     e=0x81aad10, desc=0x8128df0, val=0x81ab4a0, access=ACL_WRITE,
> state=0x414ab39c) at acl.c:294
> #3  0x0806874e in acl_check_modlist (be=0x812a4c8, conn=0x4025d818,
>     op=0x81ab3d8, e=0x81aad10, mlist=0x81a8b80) at acl.c:1301
> #4  0x08080375 in ldbm_modify_internal (be=0x812a4c8, conn=0x4025d818,
>     op=0x81ab3d8,
>     dn=0x81a8d40
> "DLESElistName=geology,DLESEsetName=testb,DLESEsetName=testa,DLESEsetName=open,DLESEou=lists,dc=dlese,dc=org",
> modlist=0x81a8b80,
>     e=0x81aad10, text=0x414ab774, textbuf=0x414ab77c
> "p\217\032\b\\?JA\017",  textlen=256) at modify.c:50
> #5  0x08080c6c in ldbm_back_modify (be=0x812a4c8, conn=0x4025d818,
>     op=0x81ab3d8, dn=0x414ab8dc, ndn=0x414ab8e4, modlist=0x81a8b80) at
> modify.c:345
> #6  0x08061963 in do_modify (conn=0x4025d818, op=0x81ab3d8) at
> modify.c:354 #7  0x080511f0 in connection_operation (ctx=0x81aa060,
> arg_v=0x81ab590)
>     at connection.c:970
> #8  0x08096b54 in ldap_int_thread_pool_wrapper (xpool=0x80e18b8) at
> tpool.c:431 #9  0x40170fef in pthread_start_thread () from
> /lib/i686/libpthread.so.0 #10 0x401710df in pthread_start_thread_event
> () from /lib/i686/libpthread.so.0 (gdb)
>
>
> This segfault happens every time I test; it is not intermittent.
> Let me know if you need more debug info.

Fixed, in HEAD; however I'm curious: how did you define
the fancy attrs you're using in these DNs?

Pierangelo.

-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it