[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#4855) slapd crash on exit (tpool)

Full_Name: Gaël Roualland
Version: 2.3.34
OS: Linux
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (


Upgrading 2.3.33 to 2.3.34 introduced a bug on slapd stop: the daemon
segfaults while waiting for threads to stop. This is reproducible on
every run, and without any queries processed.

Running under gdb on a test system, the following is reported:

slapd starting
[New Thread 32769 (LWP 22877)]
[New Thread 16386 (LWP 22878)]
daemon: added 7r listener=(nil)
daemon: added 9r listener=0x813df78
[New Thread 32771 (LWP 22879)]
daemon: select: listen=9 active_threads=0 tvp=zero

Program received signal SIGTERM, Terminated.
[Switching to Thread 16384 (LWP 22876)]
0x40070604 in __pthread_sigsuspend () from /lib/libpthread.so.0
(gdb) n
Single stepping until exit from function __pthread_wait_for_restart_signal, 
which has no line number information.
daemon: shutdown requested and initiated.
daemon: closing 9
slapd shutdown: waiting for 0 threads to terminate

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 32771 (LWP 22879)]
0x401e1aa0 in __check_rhosts_file () from /lib/libc.so.6
(gdb) bt
#0  0x401e1aa0 in __check_rhosts_file () from /lib/libc.so.6
#1  0x080c3c36 in ldap_pvt_thread_pool_context_reset (vctx=0xbf5ff94c) at
#2  0x080c38df in ldap_int_thread_pool_wrapper (xpool=0x814aa78) at tpool.c:494
#3  0x4006de51 in pthread_start_thread () from /lib/libpthread.so.0
#4  0x4006decf in pthread_start_thread_event () from /lib/libpthread.so.0
#5  0x401908aa in clone () from /lib/libc.so.6
(gdb) info threads
* 4 Thread 32771 (LWP 22879)  0x401e1aa0 in __check_rhosts_file () from
  3 Thread 16386 (LWP 22878)  0x40070604 in __pthread_sigsuspend () from
  2 Thread 32769 (LWP 22877)  0x40187a5a in poll () from /lib/libc.so.6
  1 Thread 16384 (LWP 22876)  0x40070604 in __pthread_sigsuspend () from

Looking at ldap_pvt_thread_pool_context_reset, it seems that the test "if (
ctx[i].ltk_key )" should be reversed as "if ( ctx[i].ltk_key !=
NULL )". This change fixed the bug.