[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#8950) segfault with TXN+accesslog
Full_Name: Ondrej Kuznik
Version: master
OS: Linux
URL:
Submission from: (NULL) (82.10.24.68)
Trying to reproduce a potential lockup between TXN support and accesslog, I have
instead come across a segfault in TXN handling.
With the following config:
database mdb
suffix cn=log
directory ./log
database mdb
suffix cn=test
directory ./db
overlay accesslog
logdb cn=log
logops writes
Make sure cn=test entry exists and issue ldapmodify -E '!txn=commit' with
dn: cn=test
changetype: modify
slapd segfaults with the following picked up by valgrind:
==10599== Invalid read of size 8
==10599== at 0x509ACD: txn_end_extop (txn.c:243)
==10599== by 0x49A7D9: fe_extended (extended.c:222)
==10599== by 0x49A505: do_extended (extended.c:177)
==10599== by 0x44F36D: connection_operation (connection.c:1169)
==10599== by 0x44D52F: connection_read_thread (connection.c:1326)
==10599== by 0x485869E: ldap_int_thread_pool_wrapper (tpool.c:1048)
==10599== by 0x6886FA2: start_thread (pthread_create.c:486)
==10599== by 0x699988E: clone (clone.S:95)
==10599== Address 0xa552330 is on thread 3's stack
==10599== 4112 bytes below stack pointer
==10599==
==10599== Invalid read of size 8
==10599== at 0x509AD0: txn_end_extop (txn.c:243)
==10599== by 0x49A7D9: fe_extended (extended.c:222)
==10599== by 0x49A505: do_extended (extended.c:177)
==10599== by 0x44F36D: connection_operation (connection.c:1169)
==10599== by 0x44D52F: connection_read_thread (connection.c:1326)
==10599== by 0x485869E: ldap_int_thread_pool_wrapper (tpool.c:1048)
==10599== by 0x6886FA2: start_thread (pthread_create.c:486)
==10599== by 0x699988E: clone (clone.S:95)
==10599== Address 0x20333d706f203108 is not stack'd, malloc'd or (recently)
free'd
==10599==
==10599==
==10599== Process terminating with default action of signal 11 (SIGSEGV)
==10599== General Protection Fault
==10599== at 0x509AD0: txn_end_extop (txn.c:243)
==10599== by 0x49A7D9: fe_extended (extended.c:222)
==10599== by 0x49A505: do_extended (extended.c:177)
==10599== by 0x44F36D: connection_operation (connection.c:1169)
==10599== by 0x44D52F: connection_read_thread (connection.c:1326)
==10599== by 0x485869E: ldap_int_thread_pool_wrapper (tpool.c:1048)
==10599== by 0x6886FA2: start_thread (pthread_create.c:486)
==10599== by 0x699988E: clone (clone.S:95)
I doesn't seem to happen without accesslog configured.