[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5311) Custom client searching cn=Monitor crashes SLAPD

daveh@coreng.com.au wrote:
> Full_Name: Dave Horsfall
> Version: 2.4.7 + ITS #5291 patch
> OS: FreeBSD 6.2
> URL: http://www.horsfall.org/slapd-crash/
> Submission from: (NULL) (
> We have a custom client called LGET (which is not much more than a fancy output
> formatter based on the example code kicking around somewhere; I can provide the
> source, but there's no way that it will compile anywhere but here) that reliably
> crashes SLAPD when doing a search on "cn=Monitor".
> Example:
> lget -h localhost -b cn=monitor '(objectClass=*)' '*'
> (May need to do this several times; it will crash eventually)
> lget: Can't contact LDAP server
> slapd.log:
> Jan  8 10:37:33 mippet slapd[59883]: conn=14 fd=66 ACCEPT from
> IP= (IP=
> Jan  8 10:37:33 mippet slapd[59883]: conn=14 op=0 SRCH base="cn=monitor" scope=2
> deref=0 filter="(objectClass=*)"
> Jan  8 10:37:33 mippet slapd[59883]: conn=14 op=0 SRCH attr=* +

Looking at the logs, it appears that it's also requesting '+'.

> This is sometimes followed by e.g.:
> Jan  8 10:39:29 mippet slapd[83101]: ch_malloc of 1195801456 bytes failed
> Although the debug shows traffic on the wire the client only shows a few blank
> lines (but that's not really relevant).
> Debug output in "debug.out.gz", and GDB output in "gdb.out".

I couldn't reproduce with a test (mostly unloaded) slapd.  Since
back-monitor dynamically builds the results based on the activity of
slapd, the root cause could be related to the type of activity your
slapd is doing (e.g. active connections, running operations and so).

I don't have a FreeBSD at hand right now, could you post a "thread apply
all bt" from gdb?  I might need to ask for further core inspection with gdb.


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Email:   pierangelo.masarati@sys-net.it