[Date Prev][Date Next] [Chronological] [Thread] [Top]
Re: (ITS#6632) Core dump in test030 when using back-ldap

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#6632) Core dump in test030 when using back-ldap
From: masarati@aero.polimi.it
Date: Sun, 29 Aug 2010 06:06:31 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)
It is clearly slapo-rwm(5), whose cleanup function is not executed early
enough when dealing with extended operations, since the latter delegate
successful return to the frontend: modified logging...

conn=1000 op=1 EXT oid=1.3.6.1.4.1.4203.1.11.1
conn=1000 op=1 PASSMOD id="cn=Added User,ou=Alumni
Association,ou=People,o=Example,c=US" new
### conn=1000 op=1: passwd_extop: setting dn="cn=Added User,ou=Alumni
Association,ou=People,o=Example,c=US" (0x4972608)
### conn=1000 op=1: rwm_extended: setting dn="cn=Added User,ou=Alumni
Association,ou=People,dc=example,dc=com" (0x4972ed0)
conn=1001 op=1 EXT oid=1.3.6.1.4.1.4203.1.11.1
conn=1001 op=1 PASSMOD id="cn=Added User,ou=Alumni
Association,ou=People,dc=example,dc=com" new
### conn=1001 op=1: passwd_extop: setting dn="cn=Added User,ou=Alumni
Association,ou=People,dc=example,dc=com" (0x4975ba8)
### conn=1001 op=1: passwd_extop: freeing dn="cn=Added User,ou=Alumni
Association,ou=People,dc=example,dc=com" (0x4975ba8)
### conn=1000 op=1: passwd_extop: freeing dn="cn=Added User,ou=Alumni
Association,ou=People,dc=example,dc=com" (0x4972ed0)
### conn=1000 op=1: rwm_op_rollback: freeing dn="cn=Added User,ou=Alumni
Association,ou=People,dc=example,dc=com" (0x4972ed0)
conn=1000 op=1 RESULT oid= err=0 text=
==23914== Thread 3:
==23914== Invalid read of size 1
==23914==    at 0x4006238: strlen (mc_replace_strmem.c:246)
==23914==    by 0xCB184D: vfprintf (in /lib/libc-2.5.so)
==23914==    by 0xCD1FD3: vsnprintf (in /lib/libc-2.5.so)
==23914==    by 0x826B0C6: lutil_debug (debug.c:66)
==23914==    by 0x80C8C85: do_extended (extended.c:185)
==23914==    by 0x808ACB9: connection_operation (connection.c:1109)
==23914==    by 0x8234F88: ldap_int_thread_pool_wrapper (tpool.c:685)
==23914==    by 0xDEB46A: start_thread (in /lib/libpthread-2.5.so)
==23914==    by 0xD42DBD: clone (in /lib/libc-2.5.so)
==23914==  Address 0x4972608 is 0 bytes inside a block of size 62 free'd
==23914==    at 0x4004FDA: free (vg_replace_malloc.c:233)
==23914==    by 0x826B139: ber_memfree_x (memory.c:152)
==23914==    by 0x80F551F: slap_sl_free (sl_malloc.c:481)
==23914==    by 0x80CA4C7: passwd_extop (passwd.c:326)
==23914==    by 0x80C8F01: fe_extended (extended.c:225)
==23914==    by 0x80C8C06: do_extended (extended.c:177)
==23914==    by 0x808ACB9: connection_operation (connection.c:1109)
==23914==    by 0x8234F88: ldap_int_thread_pool_wrapper (tpool.c:685)
==23914==    by 0xDEB46A: start_thread (in /lib/libpthread-2.5.so)
==23914==    by 0xD42DBD: clone (in /lib/libc-2.5.so)
==23914==
==23914== Invalid read of size 1
==23914==    at 0x4006243: strlen (mc_replace_strmem.c:246)
==23914==    by 0xCB184D: vfprintf (in /lib/libc-2.5.so)
==23914==    by 0xCD1FD3: vsnprintf (in /lib/libc-2.5.so)
==23914==    by 0x826B0C6: lutil_debug (debug.c:66)
==23914==    by 0x80C8C85: do_extended (extended.c:185)
==23914==    by 0x808ACB9: connection_operation (connection.c:1109)
==23914==    by 0x8234F88: ldap_int_thread_pool_wrapper (tpool.c:685)
==23914==    by 0xDEB46A: start_thread (in /lib/libpthread-2.5.so)
==23914==    by 0xD42DBD: clone (in /lib/libc-2.5.so)
==23914==  Address 0x4972609 is 1 bytes inside a block of size 62 free'd
==23914==    at 0x4004FDA: free (vg_replace_malloc.c:233)
==23914==    by 0x826B139: ber_memfree_x (memory.c:152)
==23914==    by 0x80F551F: slap_sl_free (sl_malloc.c:481)
==23914==    by 0x80CA4C7: passwd_extop (passwd.c:326)
==23914==    by 0x80C8F01: fe_extended (extended.c:225)
==23914==    by 0x80C8C06: do_extended (extended.c:177)
==23914==    by 0x808ACB9: connection_operation (connection.c:1109)
==23914==    by 0x8234F88: ldap_int_thread_pool_wrapper (tpool.c:685)
==23914==    by 0xDEB46A: start_thread (in /lib/libpthread-2.5.so)
==23914==    by 0xD42DBD: clone (in /lib/libc-2.5.so)
==23914==
==23914== Invalid read of size 4
==23914==    at 0xCE232C: mempcpy (in /lib/libc-2.5.so)
==23914==    by 0xCB1375: vfprintf (in /lib/libc-2.5.so)
==23914==    by 0xCD1FD3: vsnprintf (in /lib/libc-2.5.so)
==23914==    by 0x826B0C6: lutil_debug (debug.c:66)
==23914==    by 0x80C8C85: do_extended (extended.c:185)
==23914==    by 0x808ACB9: connection_operation (connection.c:1109)
==23914==    by 0x8234F88: ldap_int_thread_pool_wrapper (tpool.c:685)
==23914==    by 0xDEB46A: start_thread (in /lib/libpthread-2.5.so)
==23914==    by 0xD42DBD: clone (in /lib/libc-2.5.so)
==23914==  Address 0x4972608 is 0 bytes inside a block of size 62 free'd
==23914==    at 0x4004FDA: free (vg_replace_malloc.c:233)
==23914==    by 0x826B139: ber_memfree_x (memory.c:152)
==23914==    by 0x80F551F: slap_sl_free (sl_malloc.c:481)
==23914==    by 0x80CA4C7: passwd_extop (passwd.c:326)
==23914==    by 0x80C8F01: fe_extended (extended.c:225)
==23914==    by 0x80C8C06: do_extended (extended.c:177)
==23914==    by 0x808ACB9: connection_operation (connection.c:1109)
==23914==    by 0x8234F88: ldap_int_thread_pool_wrapper (tpool.c:685)
==23914==    by 0xDEB46A: start_thread (in /lib/libpthread-2.5.so)
==23914==    by 0xD42DBD: clone (in /lib/libc-2.5.so)
### conn=1000 op=1: do_extended: freeing dn="cn=Added User,ou=Alumni
Association,ou=People,o=Example,c=US" (0x4972608)
==23914==
==23914== Invalid free() / delete / delete[]
==23914==    at 0x4004FDA: free (vg_replace_malloc.c:233)
==23914==    by 0x826B139: ber_memfree_x (memory.c:152)
==23914==    by 0x80F551F: slap_sl_free (sl_malloc.c:481)
==23914==    by 0x80C8CE6: do_extended (extended.c:187)
==23914==    by 0x808ACB9: connection_operation (connection.c:1109)
==23914==    by 0x8234F88: ldap_int_thread_pool_wrapper (tpool.c:685)
==23914==    by 0xDEB46A: start_thread (in /lib/libpthread-2.5.so)
==23914==    by 0xD42DBD: clone (in /lib/libc-2.5.so)
==23914==  Address 0x4972608 is 0 bytes inside a block of size 62 free'd
==23914==    at 0x4004FDA: free (vg_replace_malloc.c:233)
==23914==    by 0x826B139: ber_memfree_x (memory.c:152)
==23914==    by 0x80F551F: slap_sl_free (sl_malloc.c:481)
==23914==    by 0x80CA4C7: passwd_extop (passwd.c:326)
==23914==    by 0x80C8F01: fe_extended (extended.c:225)
==23914==    by 0x80C8C06: do_extended (extended.c:177)
==23914==    by 0x808ACB9: connection_operation (connection.c:1109)
==23914==    by 0x8234F88: ldap_int_thread_pool_wrapper (tpool.c:685)
==23914==    by 0xDEB46A: start_thread (in /lib/libpthread-2.5.so)
==23914==    by 0xD42DBD: clone (in /lib/libc-2.5.so)
==23914==

A fix (a hack, at least) is coming.  p.
Prev by Date: (ITS#6632) Core dump in test030 when using back-ldap
Next by Date: (ITS#6633) test030-relay: Passwd ExOp failed (1)!
Index(es):
- Chronological
- Thread