[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4355) slapd crash

On Thu, 2006-01-19 at 19:42 +0000, kevins@bmrb.co.uk wrote:

> I've come to suspect something to do with ppolicy as when this has failed to
> take down all slapd servers the only difference between the entry attempting to
> bind has been in the ppolicy attributes.

Yous suspects seem to be correct, as it appears an modification
performed by ppolicy is doing something incorrect.  However, from the
bare backtrace it's hard to say what's wrong and why.  You should follow
some steps:

1) do a "bt full"

2) print "desc":
	p ((AttributeDescription *)0x390800)[0]

3) print "mod":
	p ((struct berval *)0x2522770)[0]@2

>From the values you get for the temporaries in attr_merge(), print
(you'll need to cast them first; replace the name with the pointer):

p ((Attribute **)a)[0][0]
p ((Attribute **)a)[0]->a_vals[0]@2
p ((Attribute **)a)[0]->a_nvals[0]@2

(replace 2 with a number sufficiently large to get to the end of the


> Heres a backtrace on the core file...
> #0  0xff01f7bc in _lwp_kill () from /usr/lib/libc.so.1
> #1  0xfefd09c4 in raise () from /usr/lib/libc.so.1
> #2  0xfefb6ce0 in abort () from /usr/lib/libc.so.1
> #3  0xfefb6f80 in _assert () from /usr/lib/libc.so.1
> #4  0x0005b48c in attr_merge (e=0xf7ffeeb0, desc=0x390800, vals=0x2967558,
>     nvals=0x0) at attr.c:210
> #5  0x000c18ec in modify_add_values (e=0xf7ffeeb0, mod=0x2522770,
>     permissive=0, text=0xf7fff3c4, textbuf=0xf7ffef00 "þ-Y\210", textlen=256)
>     at mods.c:155
> #6  0x000e6b5c in bdb_modify_internal (op=0xf7fff3f0, tid=0x29a01b8,
>     modlist=0x2522770, e=0xf7ffeeb0, text=0xf7fff3c4,
>     textbuf=0xf7ffef00 "þ-Y\210", textlen=256) at modify.c:97
> #7  0x000e88c0 in bdb_modify (op=0xf7fff3f0, rs=0xf7fff3b0) at modify.c:481
> #8  0x000d79e0 in glue_op_func (op=0xf7fff3f0, rs=0xf7fff3b0) at backglue.c:168
> #9  0x000da6ec in overlay_op_walk (op=0xf7fff3f0, rs=0xf7fff3b0,
>     which=op_modify, oi=0x3c6728, on=0x3c6820) at backover.c:491
> #10 0x000da9b0 in over_op_func (op=0xf7fff3f0, rs=0xf7fff3b0, which=op_modify)
>     at backover.c:551
> #11 0x000daac0 in over_op_modify (op=0xf7fff3f0, rs=0xf7fff3b0)
>     at backover.c:585
> #12 0xfeeb42b0 in ppolicy_bind_resp (op=0x441f58, rs=0xf7fffd30)
>     at ppolicy.c:941
> #13 0x00065084 in send_ldap_response (op=0x441f58, rs=0xf7fffd30)
>     at result.c:312
> #14 0x00066358 in slap_send_ldap_result (op=0x441f58, rs=0xf7fffd30)
>     at result.c:583
> #15 0x0011a188 in bdb_bind (op=0x441f58, rs=0xf7fffd30) at bind.c:205
> #16 0x000da7a0 in overlay_op_walk (op=0x441f58, rs=0xf7fffd30, which=op_bind,
>     oi=0x3c6728, on=0x0) at backover.c:499
> #17 0x000da9b0 in over_op_func (op=0x441f58, rs=0xf7fffd30, which=op_bind)
>     at backover.c:551
> #18 0x000daa00 in over_op_bind (op=0x441f58, rs=0xf7fffd30) at backover.c:561
> #19 0x0007a894 in fe_op_bind (op=0x441f58, rs=0xf7fffd30) at bind.c:405
> #20 0x00079d50 in do_bind (op=0x441f58, rs=0xf7fffd30) at bind.c:200
> #21 0x0004df30 in connection_operation (ctx=0xf7fffe08, arg_v=0x441f58)
>     at connection.c:1307
> #22 0x0016d9f0 in ldap_int_thread_pool_wrapper (xpool=0x379520) at tpool.c:481
> #23 0xfef157bc in _lwp_start () from /usr/lib/libthread.so.1
> #24 0xfef157bc in _lwp_start () from /usr/lib/libthread.so.1
> Previous frame identical to this frame (corrupt stack?)

Ing. Pierangelo Masarati
Responsabile Open Solution
OpenLDAP Core Team

SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
Office:   +39.02.23998309          
Mobile:   +39.333.4963172
Email:    pierangelo.masarati@sys-net.it