openldap-bugs July 2016

openldap-bugs@openldap.org

13 participants
30 discussions

(ITS#8464) Documentation for enabling monitoring via cn=config
by dave＠pandora.com 14 Jul '16

14 Jul '16

Full_Name: Dave Rawks Version: 2.4 OS: debian linux URL: https://gist.githubusercontent.com/drawks/dd3fa73604bf0d6ac454e515ff2a33f9/… Submission from: (NULL) (2620:106:e00f:f167::13) http://www.openldap.org/doc/admin24/monitoringslapd.html section 20.1 "Monitor configuration via cn=config(5)" of the documentation simply reads "This section has yet to be written" Seeing as how cn=config is the primary/default configuration method in all current major distributions of openldap and the only method referenced in the main slapd quickstart guide it feels a major oversight to not provide proper documentation on how to enable monitoring via this method. I've attached a patch whichrovivides some minimal instructions to enable monitoring via cn=config

1 0

Re: (ITS#8458) syncrepl ppolicy with LDIF backend fails
by jesse＠braintreepayments.com 13 Jul '16

13 Jul '16

We are also experiencing this issue with 2.4.40 when we try to create a replica from the primary. our current workaround is to exclude the pwdPolicy objectclass: olcSyncrepl: {0}rid=000 provider=ldap://127.0.0.1:389 type=refreshAndPersist retry="5 5 300 +" searchbase="dc=chi,dc=braintreepayments,dc=com" attrs="*,+" filter="(!(objectClass=pwdPolicy))" bindmethod=simple binddn="cn=admin,dc=chi,dc=braintreepayments,dc=com" credentials=openldaptest schemachecking=off

1 0

Re: (ITS#8463) Steps to upgarde 2.4 to 2.44
by ryan＠openldap.org 11 Jul '16

11 Jul '16

Hello, On Mon, Jul 11, 2016 at 11:58:04AM +0000, lokesh.gowdaml(a)hubzu.com wrote: >I am new to this, i need to upgrade the openldap 2.4 tp 2.4.44 can you please >send me the steps to do the same. The ITS is for reporting bugs only. For support, please write to the openldap-technical mailing list.

1 0

(ITS#8463) Steps to upgarde 2.4 to 2.44
by lokesh.gowdaml＠hubzu.com 11 Jul '16

11 Jul '16

Full_Name: Lokesh Gowda Version: 2.4 OS: Lunix URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (14.141.91.41) I am new to this, i need to upgrade the openldap 2.4 tp 2.4.44 can you please send me the steps to do the same.

1 0

(ITS#8462) Assertion in accesslog.c during replication
by quanah＠openldap.org 08 Jul '16

08 Jul '16

Full_Name: Quanah Gibson-Mount Version: 2.4.44+ITS8432 OS: Linux URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (75.111.52.177) See thread 1: GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-80.el7 Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free tohahange and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bs/2F>... Reading symbols from /opt/zimbra/common/libexec/slapd...Reading symbols from /usr/lib/debug/opt/zimbra/common/libexec/slapd.debug...done. done. [New LWP 3176] [New LWP 2371] [New LWP 5883] [New LWP 2366] [New LWP 2369] [New LWP 2372] [New LWP 2370] [New LWP 2367] [New LWP 2368] [New LWP 17833] [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". Core was generated by `/opt/zimbra/common/libexec/slapd -l LOCAL0 -u zimbra -h ldap:/// ldapi:/// -F /'. Program terminated with signal 6, Aborted. #0 0x00007f79c4e045f7 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56 56 return INLINE_SYSCALL (tgkill, 3, pid, selftid,igig); (gdb) thr apply all bt full Thread 10 (Thread 0x7f51bc5ee700 (LWP 17833)): #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185 No locals. #1 0x00007f79c6728a82 in ldap_pvt_thread_cond_wait (cond=0x2f6e038, mutex=0x2f6e010) at thrososix.c:277 No locals. #2 0x00007f79c6727315 in ldap_int_thread_pool_wrapper (xpool=0x2f6e000) at tpool.c:938 pq = 0x2f6e000 pool = 0x3136240 task = 0x0 work_list = 0x2f6e070 ctx = {ltu_pq = 0x2f6e000, ltu_id = 139989029414656, ltu_key = {{ ltk_key = 0x4ac6bb <slap_sl_mem_init>, ltk_data = 0x55b3500, ltk_free = 0x4ac4e0 <slap_sl_mem_destroy>}, {ltk_key = 0x439b53 <conn_counter_init>, ltk_data = 0x379ff00, ltk_free = 0x4399a5 <conn_counter_destroy>}, { ltk_key = 0x4548c9 <slap_op_free>, ltk_data = 0x10e98000, ltk_free = 0x45481c <slap_op_q_destroy>}, {ltk_key = 0x313ed00, ltk_data = 0xbae9a00, A A ltk_free = 0x7f79c167fea5 <mdb_reader_free>}, {ltk_key = 0x7f79c1675109 <search_stack>, ltk_data = 0xef8c000, ltk_free = 0x7f79c16750e6 <search_stack_free>}, { ltk_key = 0x7f79c1671cad <scope_chunk_get>, ltk_data = 0xec8c000, ltk_free = 0x7f79c1671c65 <scope_chunk_free>}, {ltk_key = 0x313f400, ltk_data = 0xbaece00, ltk_free = 0x7f79c167fea5 <mdb_reader_free>}, {ltk_key = 0x0, ltk_data = 0xfff9600, ltk_free = 0x0}, {ltk_key % 0x0x0, ltk_data = 0x0, ltk_free = 0x0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 177 hash = 492122289 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x00007f79c5198dc5 in start_thread (arg=0x7f51bc5ee700) at pthread_create.c:308 __res = <optimized out> pd = 0x7f51bc5ee700 now = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {139989029414656, 6710641345635548778, 0, 139989029415360, 139989029414656, 0, -6664337877643035030, -6641834678305292694}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = <optimized out> pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> #4 0x00007f79c4ec5ced in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113 No locals. Thread 9 (Thread 0x7f51bfffb700 (LWP 2368)): #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185 No locals. #1 0x00007f79c6728a82 in ldap_pvt_thread_cond_wait (cond=0x2f6e038, mutex=0x2f6e010) at thr_posix.c:277 No locals. #2 0x00007f79c6727315 in ldap_int_thread_pool_wrapper (xpool=0x2f6e000) at tpool.c:938 pq = 0x2f6e000 pool = 0x3136240 task = 0x0 work_list = 0x2f6e070 ctx = {ltu_pq = 0x2f6e000, ltu_id = 139989090285312, ltu_key = {{ ltk_key = 0x4ac6bb <slap_sl_mem_init>, ltk_data = 0x55b2500, ltk_free = 0x4ac4e0 <slap_sl_mem_destroy>}, {ltk_key = 0x439b53 <conn_counter_init>, ltk_data = 0x34e1000, ltk_free = 0x4399a5 <conn_counter_destroy>}, { ltk_key = 0x4548c9 <slap_op_free>, ltk_data = 0xd0430c0, ltk_free = 0x45481c <slap_op_q_destroy>}, {ltk_key = 0x313ed00, ltk_data = 0x81aa000, ltk_free = 0x7f79c167fea5 CmCmdb_reader_free>}, {ltk_key = 0x7f79c1675109 <search_stack>, ltk_data = 0x84b8000, ltk_free = 0x7f79c16750e6 <search_stack_free>}, { ltk_key = 0x7f79c1671cad <scope_chunk_get>, ltk_data = 0x81b8000, ltk_free = 0x7f79c1671c65 <scope_chunk_free>}, {ltk_key = 0x313f400, ltk_data = 0x81b0800, ltk_free = 0x7f79c167fea5 <mdb_reader_free>}, {ltk_key = 0x0, ltk_data = 0x1c4c1600, ltk_free = 0x0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0x0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 581 hash = 1078065733 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x00007f79c5198dc5 in start_teaead (arg=0x7f51bfffb700) at pthread_create.c:308 __res = <optimized out> pd = 0x7f51bfffb700 now = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {139989090285312, 6710641345635548778, 0, 139989090286016, 139989090285312, 0, -6664338710329819542, -6641834678305292694}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_rsrst_call =3C3Coptimized out> pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> #4 0x00007f79c4ec5ced in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113 No locals. Thread 8 (Thread 0x7f51c07fc700 (LWP 2367)): #0 0x00007f79c4ec62c3 in epoll_wait () at ../sysdeps/unix/syscall-template.S:81 No locals. #1 0x0000000000435e73 in slapd_daemon_task (ptr=0x2f37f60) at daemon.c:2517 ns = 1 at = 0 nfds = 739 revents = 0x2fd2000 tvp = 0x7f51c07fbe00 cat = {tv_sec = 1467705873, tv_usec = 0} i = 1 nwriters = 0 now = 1467691809 tv = {tv_sec = 14064, tv_usec = 0} tdelta = 1 rtask = 0x2f5fd60 l = 3 last_idle_check = 1467633873 ebadf = 0 tid = 0 #2 0x00007f79c5198dc5 in start_thread (arg=0x7f51c07fc700) at pthread_create.c:308 __res = <optimized out> pd = 0x7f51c07fc700 now = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {139989098678016, 6710641345635548778, 0, 139989098678720, 139989098678016, 0, -6664346406374343062, -6641834678305292694}, mask_was_saved = 0}}, priv = {pad3D3D {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = <optimized out> pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> 3333 0x00007f79c4ec5ced in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113 No locals. Thread 7 (Thread 0x7f51beff9700 (LWP 2370)): #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185 No locals. #1 0x00007f79c6728a82 in ldap_pvt_thread_cond_wait (cond=0x2f6e038, mutex=0x2f6e010) at thr_posix.c:277 No locals. #2 0x00007f79c6727315 in ldap_int_thread_pool_wrapper (xpool=0x2f6e000) at tpool.c:938 pq = 0x2f6e000 pool = 0x3136240 task = 0x0 work_list = 0x2f6e070 ctx = {ltu_pq = 0x2f6e000, ltu_id = 139989073499904, ltu_key = {{ ltk_key = 0x4ac6bb <slap_sl_mem_init>, ltk_data = 0x55b2540, ltk_free = 0x4ac4e0 <slap_sl_mem_destroy>}, {ltk_key = 0x313f400, ltk_data = 0x6de2000, ltk_free = 0x7f79c167fea5 <mdb_reader_free>}, {ltk_key = 0x439b53 <conn_counter_init>, ltk_data = 0x34de300, ltk_free = 0x4399a5 <conn_counter_destroy>}, { ltk_key = 0x7f79c1675109 <search_stack>, ltk_data = 0x718a000, ltk_free = 0x7f79c16750e6 <search_stack_free>}, { ltk_key = 0x7f79c1671cad <scope_chunk_get>, ltk_data = 0x6e8a000, ltk_free = 0x7f79c1671c65 <scope_chunk_free>}, {ltk_key = 0x4548c9 <slap_op_free>, ltk_data = 0xcfb4000, ltk_free = 0x45481c <slap_op_q_destroy>}, {ltk_key = 0x313ed00, ltk_data = 0x6de8800, ltk_free = 0x7f79c167fea5 <mdb_reader_free>}, {ltk_key = 0x0, ltk_data = 0x1c609600, ltk_free = 0x0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0x0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 484 hash = 2699647460 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x00007f79c5198dc5 in start_thread (arg=0x7f51beff9700) at pthread_create.c:308 __res = <optimized out> pd = 0x7f51beff9700 now = <optimized out> uinind_buf = {cancel_jmp_buf = {{jmp_buf = {139989073499904, 6710641345635548778, 0, 139989073500608, 139989073499904, 0, -6664340908279333270, -6641834678305292694}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = <optimized out> pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> #4 0x00007f79c4ec5ced in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113 No locals. Thread 6 (Thread 0x7f51bdff7700 (LWP 2372)): #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185 No locals. #1 0x00007f79c6728a82 in ldap_pvt_thread_cond_wait (cond=0x2f6e038, mutex=0x2f6e010) at thr_posix.c:277 No locals. #2 0x00007f79c6727315 in ldap_int_thread_pool_wrapper (xpool=0x2f6e000) at tpool.c:938 pq = 0x2f6e000 pool = 0x3136240 task = 0x0 workisist = 0x2f6e070 ctx = {ltu_pq = 0x2f6e000, ltu_id = 139989056714496, ltu_key = {{ ltk_key = 0x4ac6bb <slap_sl_mem_init>, ltk_data = 0x55b2600, ltk_free = 0x4ac4e0 <slap_sl_mem_destroy>}, {ltk_key = 0x313ed00, ltk_data = 0x6de3a00, ltk_free = 0x7f79c167fea5 <mdb_reader_free>}, {ltk_key = 0x439b53 <conn_counter_init>, ltk_data = 0x34dec00, ltk_free = 0x4399a5 <conn_counter_destroy>}, { ltk_key = 0x4548c9 <slap_op_free>, ltk_data = 0xcfb7480, ltk_free = 0x45481c <slap_op_q_destroy>}, {ltk_key = 0x7f79c1675109 <search_stack>, ltk_data = 0x97d8000, ltk_free = 0x7f79c16750e6 <search_stack_free>}, { ltk_key = 0x7f79c1671cad <scope_chunk_get>, ltk_data = 0x94d8000, ltk_free = 0x7f79c1671c65 <scope_chunk_free>}, {ltk_key = 0x313f400, ltk_data = 0xbae8000, ltk_free = 0x7f79c167fea5 <mdb_reader_free>}, {ltk_key = 0x0, ltk_data = 0x1b6d9200, ltk_free = 0x0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0x0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 259 hash = 21661955 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x00007f79c5198dc5 in start_thread (arg=0x7f51bdff7700) at pthread_create.c:308 __res = <optimized out> pd = 0x7f51bdff7700 now = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {139989056714496, 6710641345635548778, 0, 139989056715200, 139989056714496, 0, -6664334310135824790, -6641834678305292694}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = <optimized out> pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> #4 0x00007f79c4ec5ced in clone () at ../sysdeps/unix/sysv/linux/x_6_64/clone.S:113 No locals. Thread 5 (Thread 0x7f51bf7fa700 (LWP 2369)): #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185 No locals. #1 0x00007f79c6728a82 in ldap_pvt_thread_cond_wait (cond=0x2f6e038, mutex=0x2f6e010) at thr_posix.c:277 No locals. #2 0x00007f79c6727315 in ldap_int_thread_pool_wrapper (xpool=0x2f6e000) at tpool.c:938 pq = 0x2f6e000 pool = 0x3136240 task = 0x0 work_list = 0x2f6e070 ctx = {ltu_pq = 0x2f6e000, ltu_id = 139989081892608, ltu_key = {{ ltk_key = 0x4ac6bb <slap_sl_mem_init>, ltk_data = 0x55b24c0, ltk_free = 0x4ac4e0 <slap_sl_mem_destroy>}, {ltk_key = 0x313f400, ltk_data = 0x55aa200, ltk_free = 0x7f79c167fea5 <mdb_reader_free>}, {ltk_key = 0x7f79c1675109 <search_stack>, ltk_data = 0x5ac6000, ltk_free = 0x7f79c16750e6 <search_stack_free>}, { ltk_key = 0x7f79c1671cad <scope_chunk_get>, ltk_data = 0x57c6000, ltk_free = 0x7f79c1671c65 <scope_chunk_free>}, {ltk_key = 0x439b53 <conn_counter_init>, ltk_data = 0x34de800, ltk_free = 0x4399a5 <conn_counter_destroy>}, { ltk_key = 0x4548c9 <slap_op_free>, ltk_data = 0xd0421c0,

1 0

(ITS#8461) Unable to import LDIF from back-hdb DB to back-mdb db
by quanah＠openldap.org 08 Jul '16

08 Jul '16

Full_Name: Quanah Gibson-Mount Version: 2.4.39+patches OS: Linux URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (75.111.52.177) In moving off of back-hdb, encountered a scenario where importing the LDIF exported via slapcat failed when loading into back-mdb via slapadd. There is nothing technically wrong with the entry. Will provide the problematic entry elsewhere, as it contains PII.

1 0

(ITS#8460) Invalid pointer free
by quanah＠openldap.org 07 Jul '16

07 Jul '16

Full_Name: Quanah Gibson-Mount Version: 2.4.44+ITS8432 OS: Linux 3.13 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (75.111.52.177) See thread 1: Thread 10 (Thread 0x7fcf1e7d1700 (LWP 28740)): #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185 No locals. #1 0x00007ff726701a82 in ldap_pvt_thread_cond_wait (cond=0x1d32038, mutex=0x1d32010) at thr_posix.c:277 No locals. #2 0x00007ff726700315 in ldap_int_thread_pool_wrapper (xpool=0x1d32000) at tpool.c:938 pq = 0x1d32000 pool = 0x1efa240 task = 0x0 work_list = 0x1d32070 ctx = {ltu_pq = 0x1d32000, ltu_id = 140527546472192, ltu_key = {{ltk_key = 0x4ac6bb <slap_sl_mem_init>, ltk_data = 0x4376480, ltk_free = 0x4ac4e0 <slap_sl_mem_destroy>}, {ltk_key = 0x1f03400, ltk_data = 0x469c000, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x7ff72164e109 <search_stack>, ltk_data = 0x49a6000, ltk_free = 0x7ff72164e0e6 <search_stack_free>}, {ltk_key = 0x7ff72164acad <scope_chunk_get>, ltk_data = 0x46a6000, ltk_free = 0x7ff72164ac65 <scope_chunk_free>}, {ltk_key = 0x1f02d00, ltk_data = 0x4694800, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x439b53 <conn_counter_init>, ltk_data = 0x1f03c00, ltk_free = 0x4399a5 <conn_counter_destroy>}, {ltk_key = 0x4548c9 <slap_op_free>, ltk_data = 0xfdb7480, ltk_free = 0x45481c <slap_op_q_destroy>}, {ltk_key = 0x0, ltk_data = 0xe4b2400, ltk_free = 0x0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0x0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 64 hash = 1350373440 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x00007ff725171dc5 in start_thread (arg=0x7fcf1e7d1700) at pthread_create.c:308 __res = <optimized out> pd = 0x7fcf1e7d1700 now = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140527546472192, 2936369338381151317, 0, 140527546472896, 140527546472192, 0, -2927858035490640811, -2941309649140011947}, mask_was_saved =%7}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = <optimized out> pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> #4 0x00007ff724e9eced in cne % () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113 No locals. Thread 9 (Thread 0x7fcf1f7d3700 (LWP 28738)): #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185 No locals. #1 0x00007ff726701a82 in ldap_pvt_thread_cond_wait (cond=0x1d32038, mutex=0x1d32010) at thr_posix.c:277 No locals. #2 0x00007ff726700315 in ldap_int_thread_pool_wrapper (xpool=0x1d32000) at tpool.c:938 pq = 0x1d32000 pool = 0x1efa240 task = 0x0 work_list = 0x1d32070 ctx = {ltu_pq = 0x1d32000, ltu_id = 140527563257600, ltu_key = {{ltk_key = 0x4ac6bb <slap_sl_mem_init>, ltk_data = 0x4376440, ltk_free = 0x4ac4e0 <slap_sl_mem_destroy>}, {ltk_key = 0x1f03400, ltk_data = 0x436e200, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x1f02d00, ltk_data = 0x468e000, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x439b53 <conn_counter_init>, ltk_data = 0x1f05d00, ltk_free = 0x4399a5 <conn_counter_destroy>}, {ltk_key = 0x4548c9 <slap_op_free>, ltk_data = 0xffe43c0, ltk_free = 0x45481c <slap_op_q_destroy>}, {ltk_key = 0x7ff72164e109 <search_stack>, ltk_data = 0x858c000, ltk_free = 0x7ff72164e0e6 <search_stack_free>}, {ltk_key = 0x7ff72164acad <scope_chunk_get>, ltk_data = 0x828c000, ltk_free = 0x7ff72164ac65 <scope_chunk_free>}, {ltk_key = 0x0, ltk_data = 0x106a8400, ltk_free = 0x0}, { ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0x0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 161 hash = 4023759009 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x00007ff725171dc5 in start_thread (arg=0x7fcf1f7d3700) at pthread_create.c:308 __res = <optimized out> pd = 0x7fcf1f7d3700 now = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140527563257600, 2936369338381151317, 0, 140527563258304, 140527563257600,%0, -2927855835393643435, -2941309649140011947}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = <optimized out> pagesize_m1 = <optimized out> sp = <optimized out> frereesize = <optimized out> #4 0x00007ff724e9eced in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113 No locals. Thread 8 (Thread 0x7fcf207d5700 (LWP 28736)): #0 0x00007ff724e9f2c3 in epoll_wait () at ../sysdeps/unix/syscall-template.S:81 No locals. #1 0x0000000000435e73 in slapd_daemon_task (ptr=0x1cfbf18) at daemon.c:2517 ns = 1 at = 0 nfds = 2560 revents = 0x1d96000 tvp = 0x7fcf207d4e00 cat = {tv_sec = 1467852042, tv_usec3D3D 0} i = 1 nwriters = 0 now = 1467838511 tv = {tv_sec = 13531, tv_usec = 0} tdelta = 1 rtask = 0x1d23d60 l = 3 last_idle_check = 1467808842 ebadf = 0 tid = 0 #2 0x00007ff725171dc5 in start_thread (arg=0x7fcf207d5700) at pthread_create.c:308 __res = <optimized out> pd = 0x7fcf207d5700 now = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140527580043008, 2936369338381151317, 0, 140527580043712, 140527580043008, 0, -2927809654831535019, -2941309649140011947}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = <optimized out> pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> #3 0x00007ff724e9eced in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113 No locals. Thread 7 (Thread 0x7fcf1d5c9700 (LWP 30049)): #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185 No locals. #1 0x00007ff726701a82 in ldap_pvt_thread_cond_wait (cond=0x1d32038, mutex=0x1d32010) at thr_posix.c:277 No locals. #2 0x00007ff726700315 in ldap_int_thread_pool_wrapper (xpool=0x1d32000) at tpool.c:938 pq = 0x1d32000 pool = 0x1efa240 task = 0x0 work_list = 0x1d32070 ctx = {ltu_pq = 0x1d32000, ltu_id = 140527527565056, ltu_key = wB7Bltk_key = 0x439b53 <conn_counter_init>, ltk_data = 0xb344b00, ltk_free = 0x4399a5 <conn_counter_destroy>}, {ltk_key = 0x4ac6bb <slap_sl_mem_init>, ltk_data = 0xb354a40, ltk_free = 0x4ac4e0 <slap_sl_mem_destroy>}, {ltk_key = 0x1f02d00, ltk_data = 0x4696200, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x7ff72164e109 <search_stack>, ltk_data = 0xb75e000, ltk_free = 0x7ff72164e0e6 <search_stack_free>}, {ltk_key = 0x7ff72164acad <scope_chunk_get>, ltk_data = 0xb45e000, ltk_free = 0x7ff72164ac65 <scope_chunk_free>}, {ltk_key = 0x4548c9 <slap_op_free>, ltk_data = 0xfdb5e00, ltk_free = 0x45481c <slap_op_q_destroy>}, {ltk_key = 0x1f03400, ltk_data = 0xe516000, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x0, ltk_data = 0xfb24800, ltk_free = 0x0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0x0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 958 hash = 371020734 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x00007ff725171dc5 in start_thread (arg=0x7fcf1d5c9700) at pthread_create.c:308 __res = <optimized out> pd = 0x7fcf1d5c9700 now = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140527527565056, 2936369338381151317, 0, 140527527565760, 140527527565056, 0, -2927851159247999915, -2941309649140011947}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = <optimized out> pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> #4 0x00007ff724e9eced in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113 No locals. Thread 6 (Thread 0x7fcf1ddca700 (LWP 29664)): #0 0x00007ff724e9469d in poll () at ../sysdeps/unix/syscall-template.S:81 No locals. #1 0x00007ff726720abe in ldap_int_select (ld=0xe479d10, timeout=0x0) at os-ip.c:1139 to = -1 rc = 209519392 sip = 0xaa2a000 __PRETTY_FUNCTION__ = "ldap_int_select" #2 0x00007ff726703569 in wait4msg (ld=0xe479d10, msgid=110, all=0, timeout=0x0, result=0x7fcf1ddc92f8) at result.c:312 err = 500994368 lc_ready = 0 rc = -2 tv = {tv_sec = 0, tv_usec = 0} tv0 = {tv_sec = 0, tv_usec = 0} start_time_tv = {tv_sec = 0, tv_usec = 0} tvp = 0x0 lc = 0x0 __PRETTY_FUNCTION__ = "iait4msg" #3 0x00007ff726702e8b in ldap_result (ld=0xe479d10, msgid=110, all=0, timeout=0x0, result=0x7fcf1ddc92f8) at result.c:117 rc = 32719 __PRETTY_FUNCTION__ = "ldap_result" #4 0x00000000004b6de9 in do_syncrep2 (op=0x7fcf1ddc9480, si=0x1d278c0) at syncrepl.c:841 berbuf = { buffer = "\002\000\001\000\000\000\000\000\377\377\377\377\377\377\377\377", '\000' <repeats 56 times>, "@_\370\006", '\000' <repeats 12 times>, "@_\370\006", '\000' <repeats 29 times>, "@^\t", '\002727 <repeats 28 times>, "\t\033p&\367\177\000\000\000\247\334\035\317\177\000\000@cu\000\000\000\000\000\340\223\334\035\317\177\000\000\t\033p&\367\177\000\000\230\224\334\035\001\000\000\000"..., ialign = 65538, lalign = 65538, falign = 9.18382988e-41, dalign = 3.2380074297143616e-319, palign = 0x10002 <Address 0x10002 out of bounds>} ber = 0x7fcf1ddc9300 msg = 0x0 syncCookie = {ctxcsn = 0x0, sids = 0x0, numcsns = 0, rid = 0, octet_str = {bv_len = 0, bv_val = 0x0}, sid D D 0, sc_next = {stqe_next = 0x0}} syncCookie_req = {ctxcsn = 0x20c6d80, sids = 0xe5138c0, numcsns = 5, rid = 1, octet_str = {bv_len = 224, bv_val = 0xfebe960 "rid=001,sid=004,csn=20160704232006.675752Z#000000#000#000000;20160706084911.646411Z#000000#001#000000;20160704233433.821120Z#000000#002#000000;20160706135712.349342Z#000000#003#000000;20160704233459.2"...}, sid = 4, sc_next = {stqe_next = 0x0}} rc = 4096 err = 0 modlist = 0x0 m =%0 tout_p = 0x0 tout = {tv_sec = 0, tv_usec = 0} refreshDeletes = 0 empty = "empty" __PRETTY_FUNCTION__ = "do_syncrep2" #5 0x00000000004b74f4 in do_syncrepl (ctx=0x7fcf1ddc9bb0, arg=0x1d23e00) at syncrepl.c:1565 rtask = 0x1d23e00 si = 0x1d278c0 conn = {c_struct_state = SLAP_C_UNINITIALIZED, c_conn_state = SLAP_C_INVALID, c_conn_idx = -1, c_sd = 0, c_close_reason = 0x0, c_mutex = {__data = {__lock = 0, __count = 0, __owner = 0, __nusers = 0, __kind = 0, __spins = 0, __list = {__prev = 0x0, __next = 0x0}}, __size = '\000' <repeats 39 times>, __align = 0}, c_sb = 0x0, c_starttime = 0, c_activitytime = 0, c_connid = 18446744073709551615, c_peer_domain = {bv_len = 0, bv_val = 0x4f05b0 ""}, c_peer_name = {bv_len = 0, bv_val = 0x4f05b0 ""}, c_listener = 0x4f8740 <dummy_list>, c_sasl_bind_mech = {bv_len = 0, bv_val = 0x0}, c_sasl_dn = {bv_len = 0, bv_val = 0x0}, c_sasl_authz_dn = { bv_len = 0, bv_val = 0x0}, c_authz_backend = 0x0, c_authz_coieie = 0x0, c_authz = {sai_method = 0, sai_mech = {bv_len = 0, bv_val = 0x0}, sai_dn = {bv_len = 0, bv_val = 0x0}, sai_ndn = {bv_len = 0, bv_val = 0x0}, sai_ssf = 0, sai_transport_ssf = 0, sai_tls_ssf = 0, sai_sasl_ssf = 0}, crorotocol = 0, c_ops = {stqh_first = 0x0, stqh_last = 0x0}, c_pending_ops = {stqh_first = 0x0, stqh_last = 0x0}, c_write1_mutex = {__data = { __lock = 0, __count = 0, __owner = 0, __nusers = 0, __kind = 0, __spins = 0, __list = {prprev = 0x0, __next = 0x0}}, __size = '\000' <repeats 39 times>, __align = 0}, c_write1_cv = {__data = {__lock = 0, __futex = 0, __total_seq = 0, __wakeup_seq = 0, __woken_seq = 0, __mutex = 0x0, __nwaiters = 0, __broadcast_seq = 0}, __size = '\000' <repeats 47 times>, __align = 0}, c_write2_mutex = {__data = {__lock = 0, __count = 0, __owner = 0, __nusers = 0, __kind = 0, __spins = 0, __list = {__prev = 0x0, __next = 0x0}}, __size = '\000' <repeats 39 times>, __align = 0}, c_write2_cv = {__data = {__lock = 0, __futex = 0, __total_seq = 0, __wakeup_seq = 0, __woken_seq = 0, __mutex = 0x0, __nwaiters = 0, __broadcast_seq = 0}, __size = '\000' <repeats 47 times>, __align = 0}, c_currentber = 0x0, c_writers = 0, c_writing = 0 '\000', c_sasl_bind_in_progress = 0 '\000', c_writewaiter = 0 '\000', c_is_tls = 0 '\000', c_needs_tls_accept = 0 '\000', c_sasl_layers = 0 '\000', c_sasl_done = 0 '\000', c_sasl_authctx = 0x0, c_sasl_sockctx = 0x0, c_sasl_extra = 0x0, c_sasl_bindop = 0x0, c_pagedresults_state = {ps_be = 0x0, ps_size = 0, ps_count = 0, ps_cookie = 0, ps_cookieval = {bv_len = 0, bv_val = 0x0}}, c_n_ops_received = 0, c_n_ops_executing = 0, c_n_ops_pending = 0, c_n_ops_completed = 0, c_n_get = 0, c_n_read = 0, c_n_write = 0, c_extensions = 0x0, c_clientfunc = 0x0, c_clientarg = 0x0, c_send_ldap_result = 0x4506fe <slap_send_ldap_result>, c_send_search_entry = 0x451575 <slap_send_search_entry>, c_send_search_reference = 0x453527 <slap_send_search_reference>, c_send_ldap_extended = 0x45105e <slap_send_ldap_extended>, c_send_ldap_intermediate = 0x451360 <slap_send_ldap_intermediate>} opbuf = {ob_op = {o_hdr = 0x7fcf1ddc95f0, o_tag = 108, o_time = 1467813432, o_tincr = 690746, o_bd = 0x1f23400, o_req_dn = {bv_len = 36, bv_val = 0x6f50d80 "20160706084911.796411Z#000000#001#000000"}, o_req_ndn = {bv_len = 36, bv_val = 0xb2778d0 "20160704233433.821120Z#000000#002#000000"}, o_request = {oq_add = {rs_modlist = 0xfb8b580, rs_e = 0x0}, oq_bind = {rb_method = 263763328, rb_cred = {bv_len = 0, bv_val = 0x1 <Address 0x1 out of bounds>}, rb_edn = {bv_len = 10, bv_val = 0xffbd3b0 "\200\300"}, rb_ssf = 10, rb_mech = {bv_len = 234930304, bv_val = 0x0}}, oq_compare = {rs_ava = 0xfb8b580}, oq_modify = {rs_mods = { rs_modlist = 0xfb8b580, rs_no_opattrs = 0 '\000'}, rs_increment = 1}, oq_modrdn = {rs_mods = {rs_modlist = 0xfb8b580, rs_no_opattrs = 0 '\000'}, rs_deleteoldrdn = 1, rs_newrdn = {bv_len = 10, bv_val = 0xffbd3b0 "\200\300"}, rs_nnewrdn = {bv_len = 10, bv_val = 0xe00c080 " S\245\017"}, rs_newSup = 0x0, rs_nnewSup = 0x0}, oq_search = {rs_scope = 263763328, rs_deref = 0, rs_slimit = 0, rs_tlimit = 0, rs_limit = 0x1, rs_attrsonly = 10, rs_attrs = 0xffbd3b0, rs_filter = 0xa, rs_filterstr = {bv_len = 234930304, bv_val = 0x0}}, oq_abandon = {rs_msgid = 263763328}, oq_cancel = {rs_msgid = 263763328}, oq_extended = { rs_reqoid = {bv_len = 263763328, bv_val = 0x0}, rs_flags = 1, rs_reqdata = 0xa}, oq_pwdexop = {rs_extended = {rs_reqoid = {bv_len = 263763328, bv_val = 0x0}, rs_flags = 1, rs_reqdata = 0xa}, rs_old = { bv_len = 268161968, bv_val = 0xa <Address 0xa out of bounds>}, rs_new = {bv_len = 234930304, bv_val = 0x0}, rs_mods = 0x0, rs_modtail = 0x0}}, o_abandon = 0, o_cancel = 0, o_groups = 0x0, o_do_not_cache = 0 '\000', o_is_auth_check = 0 '\000', o_dont_replicate = 0 '\000', o_acl_priv = ACL_NONE, o_nocaching = 0 '\000', o_delete_glue_parent = 0 '\000', o_no_schema_check = 1 '\001', o_no_subordinate_glue = 0 '\000', o_ctrlflag = '\000' <repeats 14 times>, "\002", '\000' <repeats 16 times>, o_controls = 0x7fcf1ddc9738, o_authz = {sai_method = 0, sai_mech = {bv_len = 0, bv_val = 0x0}, sai_dn = {bv_len = 9, bv_val = 0x2220c60 "cn=config"}, sai_ndn = {bv_len = 9, bv_val = 0x2220c80 "cn=config"}, sai_ssf = 0, sai_transport_ssf = 0, sai_tls_ssf = 0, sai_sasl_ssf = 0}, o_ber = 0x0, o_res_ber = 0x0, o_callback = 0x7fcf1ddc9080, o_ctrls = 0x0, o_csn = {bv_len = 0, bv_val = 0x0}, o_private = 0x0, o_extra = {slh_first = 0x0}, o_next = {stqe_next = 0x0}}, ob_hdr = {oh_opid = 0, oh_connid = 1, oh_conn = 0x7fcf1ddc9840, oh_msgid = 0, oh_protocol = 0, oh_tid = 140527535957760, oh_threadctx = 0x7fcf1ddc9bb0, oh_tmpmemctx = 0x6f85f40, oh_tmpmfuncs = 0x7543c0 <slap_sl_mfuncs>, oh_counters = 0x7578c0 <slap_counters>, oh_log_prefix = "conn=-1 op=0", '\000' <repeats 243 times>}, ob_controls = {0x0 <repeats 17 times>, 0x7fcf1ddc92c0, 0x0 <repeats 14 times>}} op = 0x7fcf1ddc9480 rc = 0 dostop = 0 s = 2400 i = 1 defer = 1 fail = 0 freeinfo = 0 be = 0x1f23400 #6 0x000000000043a59d in connection_read_thread (ctx=0x7fcf1ddc9bb0, argv=0x960) at connection.c:1273 rc = 0 cri = {op = 0x0, func = 0x4b6fd7 <do_syncrepl>, arg = 0x1d23e00, ctx = 0x7fcf1ddc9bb0, nullop = 0} s = 2400 #7 0x00007ff7267003ea in ldap_int_thread_pool_wrapper (xpool=0x1d32000) at tpool.c:956 pq = 0x1d32000 pool = 0x1efa240 task = 0x1017a700 work_list = 0x1d32070 ctx = {ltu_pq = 0x1d32000, ltu_id = 140527535757760, ltu_key = {{ltk_key = 0x439b53 <conn_counter_init>, ltk_data = 0x1f05600, ltk_free = 0x4399a5 <conn_counter_destroy>}, {ltk_key = 0x4ac6bb <slap_sl_mem_init>, ltk_data = 0x6f85f40, ltk_free =x4x4ac4e0 <slap_sl_mem_destroy>}, {ltk_key = 0x1f02d00, ltk_data = 0x469f400, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x4548c9 <slap_op_free>, ltk_data = 0x24d70c0, ltk_free = 0x45481c <slap_op_q_destroy>}, {ltk_key = 0x1f03400, ltk_data = 0x46a0e00, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x7ff72164e109 <search_stack>, ltk_data = 0x99e4000, ltk_free = 0x7ff72164e0e6 <search_stack_free>}, {ltk_key = 0x7ff72164acad <scope_chunk_get>, ltk_data = 0x96e4000, l_f_free = 0x7ff72164ac65 <scope_chunk_free>}, {ltk_key = 0x0, ltk_data = 0x1015a800, ltk_free = 0x0}, { ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0x0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 846 hash = 3140276046 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #8 0x00007ff725171dc5 in start_thread (arg=0x7fcf1ddca700) at pthread_create.c:308 __res = <optimized out> pd = 0x7fcf1ddca700 now = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140527535957760, 2936369338381151317, 0, 140527535958464, 140527535957760, 0, -2927850059199501227, -2941309649140011947}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = <optimized out> pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> #9 0x00007ff724e9eced in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113 No locals. Thread 5 (Thread 0x7fcf1cdc8700 (LWP 30136)): #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185 No locals. #1 0x00007ff726701a82 in ldap_pvt_thread_ndnd_wait (cond=0x1d32038, mutex=0x1d32010) at thr_posix.c:277 No locals. #2 0x00007ff726700315 in ldap_int_thread_pool_wrapper (xpool=0x1d32000) at tpool.c:938 pq = 0x1d32000 pool = 0x1efa240 task = 0x0 work_list = 0x1d32070 ctx = {ltu_pq = 0x1d32000, ltu_id = 140527519172352, ltu_key = {{ltk_key = 0x439b53 <conn_counter_init>, ltk_data = 0xc7c6c00, ltk_free = 0x4399a5 <conn_counter_destroy>}, {ltk_key = 0x4ac6bb <slap_sl_mem_init>, ltk_data = 0xaed2200, ltk_free = 0x4ac4e0 <slap_sl_mem_destroy>}, {ltk_key = 0x4548c9 <slap_op_free>, ltk_data = 0xb014f00, ltk_free = 0x45481c <slap_op_q_destroy>}, {ltk_key = 0x1f02d00, ltk_data = 0x46a2800, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x7ff72164e109 <search_stack>, ltk_data = 0xcbf8000, ltk_free = 0x7ff72164e0e6 <search_stack_free>}, {ltk_key = 0x7ff72164acad <scope_chunk_get>, ltk_data = 0xc8f8000, ltk_free = 0x7ff72164ac65 <scope_chunk_free>}, {ltk_key = 0x1f03400, ltk_data = 0x46a4200, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x0, ltk_data = 0x106a8400, ltk_free = 0x0}, { ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0x0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 365 hash = 453090669 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x00007ff725171dc5 in start_thread (arg=0x7fcf1cdc8700) at pthread_create.c:308 __res = <optimized out> pd = 0x7fcf1cdc8700 now = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140527519172352, 2936369338381151317, 0, 140527519173056, 140527519172352, 0, -2927852250706564011, -2941309649140011947}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = <optimized out> pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> #4 0x00007ff724e9eced in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113 No locals. Thread 4 (Thread 0x7fcf1c5c7700 (LWP 30363)): #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185 No locals. #1 0x00007ff726701a82 in ldap_pvt_thread_cond_wait (cond=0x1d32038, mutex=0x1d32010) at thr_posix.c:277 No locals. #2 0x00007ff726700315 in ldap_int_thread_pool_wrapper (xpool=0x1d32000)tat tpool.c:938 pq = 0x1d32000 pool = 0x1efa240 task = 0x0 work_list = 0x1d32070 ctx = {ltu_pq = 0x1d32000, ltu_id = 140527510779648, ltu_key = {{ltk_key = 0x439b53 <conn_counter_init>, ltk_data = 0xe56a000, ltk_free = 0x4399a5 <conn_counter_destroy>}, {ltk_key = 0x4ac6bb <slap_sl_mem_init>, ltk_data = 0x95d0e00, ltk_free = 0x4ac4e0 <slap_sl_mem_destroy>}, {ltk_key = 0x4548c9 <slap_op_free>, ltk_data = 0x24d7840, ltk_free = 0x45481c <slap_op_q_destroy>}, {ltk_key = 0x1f02d00, ltk_data = 0xe519400, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x7ff72164e109 <search_stack>, ltk_data = 0xe976000, ltk_free = 0x7ff72164e0e6 <search_stack_free>}, {ltk_key = 0x7ff72164acad <scope_chunk_get>, ltk_data = 0xe676000, ltk_free = 0x7ff72164ac65 <scope_chunk_free>}, {ltk_key = 0x1f03400, ltk_data = 0xe517a00, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x0, ltk_data = 0x103ad600, ltk_free = 0x0}, { ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0x0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 477 hash = 1978802653 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x00007ff725171dc5 in start_thread (arg=0x7fcf1c5c7700) at pthread_create.c:308 __res = <optimized out> pd = 0x7fcf1c5c7700 now = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140527510779648, 2936369338381151317, 0, 140527510780352, 140527510779648, 0, -2927853350755062699, -2941309649140011947}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = <optimized out> pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> #4 0x00007ff724e9eced in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113 No locals. Thread 3 (Thread 0x7fcf1efd2700 (LWP 28739)): #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185 No locals. #1 0x00007ff726701a82 in ldap_pvt_thread_cond_wait (cond=0x1d32038, mutex=0x1d32010) at thr_posix.c:277 No locals. #2 0x00007ff726700315 in ldap_int_thread_pool_wrapper (xpool=0x1d32000) at tpool.c:938 pq = 0x1d32000 pool = 0x1efa240 task = 0x0 work_list = 0x1d32070 ctx = {ltu_pq = 0x1d32000, ltu_id = 140527554864896, ltu_key = {{ltk_key = 4a4ac6bb <slap_sl_mem_init>, ltk_data = 0x4376640, ltk_free = 0x4ac4e0 <slap_sl_mem_destroy>}, {ltk_key = 0x1f02d00, ltk_data = 0x4692e00, ltk_free = 0x7ff721658ea5 <mdb_reader_free>}, {ltk_key = 0x1f03400, ltk_data = 0x469da00, ltk_free = 0xf7f721658ea5 <mdb_reader_free>}, {ltk_key = 0x7ff72164e109 <search_stack>, ltk_data = 0x5e16000, ltk_free = 0x7ff72164e0e6 <search_stack_free>}, {ltk_key = 0x7ff72164acad <scope_chunk_get>, ltk_data = 0x5b16000, ltk_free = 0x7ff72164ac65 <scope_chunk_free>}, {ltk_key = 0x439b53 <conn_counter_init>, ltk_data = 0x1f05c00, ltk_free = 0x4399a5 <conn_counter_destroy>}, {ltk_key = 0x4548c9 <slap_op_free>, ltk_data = 0x10a86780, ltk_free = 0x45481c <slap_op_q_destroy>}, {ltk_key = 0x0, ltk_da =3D 0x103ad600, ltk_free = 0x0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0x0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 976 hash = 4119628752 pool_lock = 0 freeme = 0 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x00007ff725171dc5 in start_thread (arg=0x7fcf1efd2700) at pthread_create.c:308 __res = <optimized out> pd = 0x7fcf1efd2700 now = <optimized out> unwind_buf = {canl_jmjmp_buf = {{jmp_buf = {140527554864896, 2936369338381151317, 0, 140527554865600, 140527554864896, 0, -2927856935442142123, -2941309649140011947}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0% c canceltype = 0}}} not_first_call = <optimized out> pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> #4 0x00007ff724e9eced in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113 No locals. Thread 2 (Thread 0x7ff726dad740 (LWP 28735)): #0 0x00007ff725172ef7 in pthread_join (threadid=140527580043008, thread_return=0x0) at pthread_join.c:92 _tid = 28736 _buffer = {__routine = 0x7ff725172e30 <cleanup>, __arg = 0x7fcf207d5d28, __canceltype = 545085184, __prev = 0x0} oldtype = 0 pd = 0x7fcf207d5700 self = 0x7ff726dad740 result = 0 #1 0x00007ff7267019c3 in ldap_pvt_thread_join (thread=140527580043008, thread_return=0x0) at thr_posix.c:197 No locals. #2 0x0000000000437032 in slapd_daemon () at daemon.c:2910 i = 0 rc = 0 #3 0x0000000000414bfa in main (argc=9, argv=0x7ffc431d0c18) at main.c:1017 i = 9 no_detach = 0 rc = 0 urls = 0x1d02020 "ldap:/// ldapi:///" username = 0x1cfa010 "root" groupname = 0x0 sandbox = 0x0 syslogUser = 128 pid = 0 waitfds = {10, 11} g_argc = 9 g_argv = 0x7ffc431d0c18 configfile = 0x0 configdir = 0x1d02040 "/opt/zimbra/data/ldap/config" serverName = 0x7ffc431d169f "slapd" serverMode = 1 scp = 0x0 scp_entry = 0x0 debug_unknowns = 0x0 syslog_unknowns = 0x0 serverNamePrefix = 0x4f0048 "" l = 2305843479183585312 slapd_pid_file_unlink = 1 slapd_args_file_unlink = 1 firstopt = 0 __PRETTY_FUNCTION__ = "main" Thread 1 (Thread 0x7fcf1ffd4700 (LWP 28737)): #0 0x00007ff724ddd5f7 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56 resultvar = 0 pid = 28735 selftid = 28737 #1 0x00007ff724ddece8 in __GI_abort () at abort.c:90 save_stage = 2 act = {__sigaction_handler = {sa_handler = 0x7fcf1ffd1f60, sa_sigaction = 0x7fcf1ffd1f60}, sa_mask = {__val = {69, 1, 140699483447904, 0, 140699485592136, 140527571640064, 140527571640048, 2470669171, 140699480966590, 4294967295, 140699481017829, 69, 140699455947213, 69, 140527571640176, 0}}, sa_flags = 55, sa_restorer = 0x7fcf1ffd1f20} sigs = {__val = {32, 0 <repeats 15 times>}} #2 0x00007ff7269610f8 in tcmalloc::Log (mode=mode@entry=tcmalloc::kCrash, filename=lelename@entry=0x7ff72696edc6 "src/tcmalloc.cc", line=line@entry=278, a=..., b=..., c=..., d=...) at src/internal_logging.cc:120 state = {static kBufSize = 200, p_ = 0x7fcf1ffd1fb5 "", end_ = 0x7fcf1ffd2038 "\306\355\226&\367\177", buf_ = "src/tcmalloc.cc:278] Attempt to free invalid pointer 0x7fd0aefadf98 \n\000\000\000\230(\225&\367\177\000\000\230\337\372\256\320\177\000\000\240r^\001", '\000' <repeats 12 times>, "`\"\273&\367\177\000\000\340\022\026%\367\177\000\000\000\000\000\000\0%0\000\000\000\203N\362$\367\177\000\000@ \375\037\317\177\000\000\377\377\377\377\320\177\000\000\066 \375\037\317\177\000\000\006\000\000\000\000\000\000\000@$\026%\367\177\000\000\326w\205\376\003", '\000' <repeats 11 times>, "\026\001\000\000\000\000\000"} msglen = 69 fifirst_crash = true #3 0x00007ff72695d8b4 in (anonymous namespace)::InvalidFree (ptr=ptr@entry=0x7fd0aefadf98) at src/tcmalloc.cc:278 No locals. #4 0x00007ff72695cd2f in free_null_or_invalid (invalid_free_fn=0x7ff72695d860 <(anonymous namespace)::InvalidFree(void*)>, ptr=ptr@entry=0x7fd0aefadf98) at src/tcmalloc.cc:1137 No locals. #5 (anonymous namespace)::do_free_helper (ptr=ptr@entry=0x7fd0aefadf98, heap_must_be_valid=true, heap=0x15e72a0, invalid_free_fn=0x7ff72695d860 <(anonymous namespace)::InvalidFree(void*)>) at src/tcmalloc.cc:1181 No locals. #6 0x00007ff72696b62c in do_free_helper (invalid_free_fn=0x7ff72695d860 <(anonymous namespace)::InvalidFree(void*)>, heap_must_be_valid=true, heap=0x15e72a0, ptr=0x7fd0aefadf98) at src/thread_cache.h:381 No locals. #7 do_free_with_callback (invalid_free_fn=0x7ff72695d860 <(anonymous namespace)::InvalidFree(void*)>, ptr=0x7fd0aefadf98) at src/tcmalloc.cc:1221 heap = 0x15e72a0 #8 do_free (ptr=0x7fd0aefadf98) at src/tcmalloc.cc:1230 No locals. #9 tc_free (ptr=0x7fd0aefadf98) at src/tcmalloc.cc:1581 No locals. #10 0x00007ff7264e66ab in ber_memfree_x (p=0x7fd0aefadf98, ctx=0x0) at memory.c:152 __PRETTY_FUNCTION__ = "ber_memfree_x" #11 0x00000000004ad69f in slap_sl_free (ptr=0x7fd0aefadf98, ctx=0x43764c0) at sl_malloc.c:503 sh = 0x43764c0 size = 140527571640688 p = 0x7fd0aefadf98 nextp = 0x106e1aba8 tmpp = 0x7ff700000000 #12 0x00007ff720ff5d26 in accesslog_entry (op=0x7fcf1ffd3480, rs=0x7fcf1ffd3010, logop=2, op2=0x7fcf1ffd2390) at accesslog.c:1332 on = 0x22dc760 li = 0x20d9de0 rdnbuf = "reqStart=20160706205511.1000000\000x\332\372\256\320\177" nrdnbuf = "reqStart=m\211\214\000\177\000\000\000\360\004\257\320\177", '\000' <repeats 11 times>, "-\360\001\000\000" rdn = {bv_len = 31, bv_val = 0x7fcf1ffd2240 "reqStart=20160706205511.1000000"} nrdn = {bv_len = 17, bv_val = 0x7fcf1ffd2210 "reqStart=m\211\214"} timestamp = {bv_len = 22, bv_val = 0x7fcf1ffd2249 "20160706205511.1000000"} ntimestamp = {bv_len = 8, bv_val = 0x7fd0aefadf98 <Address 0x7fd0aefadf98 out of bounds>} bv = {bv_len = 140527571641664, bv_val = 0x7fcf1ffd2560 ""} lo = 0x7ff7211fd0 %3<logops+144> e = 0x20625d8 #13 0x00007ff720ff6668 in accesslog_response (op=0x7fcf1ffd3480, rs=0x7fcf1ffd3010) at accesslog.c:1528 on = 0x22dc760 li = 0x20d9de0 a = 0x7fcf1ffd3480 last_attr = 0x7fcf1ffd3010 m = 0x7fcf1ffd27c0 b = 0x7fcf1ffd2610 uuid = {bv_len = 36, bv_val = 0x10736c60 "bd4b254a-9cfc-102f-8a73-ad92a9dc2877"} i = 0 logop = 2 do_graduate = 0 lo = 0x7ff7211fd5d0 <logops+144> e = 0x0 old = 0x0 e_uuid = 0x0 timebuf = "\240\003\000\000\000\000\000\000\b\244\337\017\000\000\000\000\b\000\000\000\000\000\000\000\b%\375\037\317\177" bv = {bv_len = 70672576, bv_val = 0x8c896c <Address 0x8c896c out of bounds>} ptr = 0x7fd0aefa7000 <Address 0x7fd0aefa7000 out of bounds> vals = 0x7fcf1ffd2558 op2 = {o_hdr = 0x0, o_tag = 0, o_time = 0, o_tincr = 0, o_bd = 0x0, o_req_dn = {bv_len = 0, bv_val = 0x0}, o_req_ndn = {bv_len = 0, bv_val = 0x0}, o_request = {oq_add = {rs_modlist = 0x0, rs_e = 0x0}, oq_bind = {rb_method = 0, rb_cred = {bv_len = 0, bv_val = 0x0}, rb_edn = {bv_len = 0, bv_val = 0x0}, rb_ssf = 0, rb_mech = {bv_len = 0, bv_val = 0x0}}, oq_compare = {rs_ava = 0x0}, oq_modify = {rs_mods = {rs_modlist = 0x0, rs_no_opattrs = 0 '\000'}, rs_increment = 0}, oq_modrdn = {rs_mods = {rs_modlist = 0x0, rs_no_opattrs = 0 '\000'}, rs_deleteoldrdn = 0, rs_newrdn = {bv_len = 0, bv_val = 0x0}, rs_nnewrdn = {bv_len = 0, bv_val = 0x0}, rs_newSup = 0x0, rs_nnewSup = 0x0}, oq_search = {rs_scope = 0, rs_deref = 0, rs_slimit = 0, rs_tlimit = 0, rs_limit = 0x0, rs_attrsonly = 0, rs_attrs = 0x0, rs_filter = 0x0, rs_filterstr = {bv_len = 0, bv_val = 0x0}}, oq_abandon = {rs_msgid = 0}, oq_cancel = {rs_msgid = 0}, oq_extended = {rs_reqoid = {bv_len = 0, bv_val = 0x0}, rs_flags = 0, rs_reqdata = 0x0}, oq_pwdexop = {rs_extended = {rs_reqoid = {bv_len = 0, bv_val = 0x0}, rs_flags = 0, rs_reqdata = 0x0}, rs_old = {bv_len = 0, bv_val = 0x0}, rs_new = {bv_len = 0, bv_val = 0x0}, rs_mods = 0x0, rs_modtail = 0x0}}, o_abandon = 0, o_cancel = 0, o_groups = 0x0, o_do_not_cache = 0 '\000', o_is_auth_check = 0 '\000', o_dont_replicate = 0 '\000', o_acl_priv = ACL_NONE, o_nocaching = 0 '\000', o_delete_glue_parent = 0 '\000', o_no_schema_check = 0 '\000', o_no_subordinate_glue = 0 '\000', o_ctrlflag = '\000' <repeats 31 times>, o_controls = 0x0, o_authz = {sai_method = 0, sai_mech = {bv_len = 0, bv_val = 0x0}, sai_dn = {bv_len = 0, bv_val = 0x0}, sai_ndn = {bv_len = 0, bv_val = 0x0}, sai_ssf = 0, sai_transport_ssf = 0, sai_tls_ssf = 0, sai_sasl_ssf = 0}, o_ber = 0x0, o_res_ber = 0x0, o_callback = 0x0, o_ctrls = 0x0, o_csn = {bv_len = 0, bv_val = 0x0}, o_private = 0x0, o_extra = {slh_first = 0x0}, o_next = { stqe_next = 0x0}} rs2 = {sr_type = REP_RESULT, sr_tag = 0, sr_msgid = 0, sr_err = 0, sr_matched = 0x0, sr_text = 0x0, sr_ref = 0x0, sr_ctrls = 0x0, sr_un = {sru_search = {r_entry = 0x0, r_attr_flags = 0, r_operational_attrs = 0x0, r_attrs = 0x0, r_nentries = 0, r_v2ref = 0x0}, sru_sasl = {r_sasldata = 0x0}, sru_extended = {r_rspoid = 0x0, r_rspdata = 0x0}}, sr_flags = 0}

1 0

Re: (ITS#8459) security scans causing slapd failure
by michael＠stroeder.com 05 Jul '16

05 Jul '16

duffy.lasker(a)sykes.com wrote: > Full_Name: duffy lasker > Version: slapd version 2.4.40 > OS: CentOS 7 > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (184.96.44.7) > > > security scans for kernel segmentation testing causes the slapd service to enter > failed state, whether the test is successful (causes segmentation fault) or > not. > > the ldap server is apparently flooded with STARTTLS events until test end or > successful fault caused. Note that the RHEL/CentOS packages of OpenLDAP are heavily patched and linked against libnss. Hence it's probably better to report this to them. Also there were some fixes in their packages recently. Did you yum update to latest package version? You can also try to reproduce this failure with recent OpenLDAP release built from source and linked to OpenSSL. That would be more important to the OpenLDAP community. Ciao, Michael.

1 0

(ITS#8459) security scans causing slapd failure
by duffy.lasker＠sykes.com 05 Jul '16

05 Jul '16

Full_Name: duffy lasker Version: slapd version 2.4.40 OS: CentOS 7 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (184.96.44.7) security scans for kernel segmentation testing causes the slapd service to enter failed state, whether the test is successful (causes segmentation fault) or not. the ldap server is apparently flooded with STARTTLS events until test end or successful fault caused. flooded event: ACCEPT from IP=xxx.xxx.xxx.xxx:yyyyyy (IP=0.0.0.0:389) slapd[1251]: conn=15765834 op=0 STARTTLS slapd[1251]: conn=15765834 op=0 RESULT oid= err=0 text= ACCEPT from IP=xxx.xxx.xxx.xxx:zzzzz (IP=0.0.0.0:6%6) slapd[1251]: conn=15765834 fd=35 closed (TLS negotiation failure) result: kernel: slapd[14239]: segfault at 10 ip 00007f5028f81c65 sp 00007f4ffdffa550 error 4 in libnss3.so[7f5028f3b000+11e000] systemd: slapd.service: main process exited, code=killed, status=11/SEGV systemd: Unit slapd.service entered failed state. systemd: slapd.service failed.

1 0

(ITS#8458) syncrepl ppolicy with LDIF backend fails
by mozo＠mozo.jp 30 Jun '16

30 Jun '16

Full_Name: Moriyoshi Koizumi Version: 2.4.40 OS: Linux URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (14.3.144.188) As LDIF backend tries to store the values for the attributes in "prettified" form and the value is transferred verbatim in wire, replication of pwdAttribute (1.3.6.1.4.1.42.2.27.8.1.1) ends up with the following error: > syncrepl_message_to_entry: rid=001 mo cheheck (pwdAttribute: value #0 invalid per syntax) The validation causing the error itself is done in the following part in servers/slapd/modify.c: /* * check that each value is valid per syntax * and pretty if appropriate */ for ( nvals = 0; !BER_BVISNULL( &ml->sml_values[nvals] ); nvals++ ) { struct berval pval; if ( pretty ) { rc = ordered_value_pretty( ad, &ml->sml_values[nvals], &pval, ctx ); } else { rc = ordered_value_validate( ad, &ml->sml_values[nvals], ml->sml_op ); } if( rc != 0 ) { snprintf( textbuf, textlen, "%s: value #%ld invalid per syntax", ml->sml_type.bv_val, (long) nvals ); *text = textbuf; return LDAP_INVALID_SYNTAX; } if( pretty ) { ber_memfree_x( ml->sml_values[nvals].bv_val, ctx ); ml->sml_values[nvals] = pval; } } where pwdAttribute has the corresponding prettifier assigned to its schema (servers/slapd/overlays/ppolicy.c), which eventually is fed with the value in prettified form that will effectively make slap_bv2ad() in attrPretty() fail. { Syntax *syn; MatchingRule *mr; syn = ch_malloc( sizeof( Syntax )); *syn = *ad_pwdAttribute->ad_type->sat_syntax; syn->ssyn_pretty = attrPretty; ad_pwdAttribute->ad_type->sat_syntax = syn; mr = ch_malloc( sizeof( MatchingRule )); *mr = *ad_pwdAttribute->ad_type->sat_equality; mr->smr_normalize = attrNormalize; ad_pwdAttribute->ad_type->sat_equality = mr; } The replication works fine for other such attributes that have the same syntax (OID, 1.3.6.1.4.1.1466.115.121.1.38) like objectClass because those attributes are accompanied by the validators as well as prettifiers which validate the value both in prettified and OID form. For instance, objectClass has the corresponding validator oialalidate() besides the prettifier objectClassPretty().

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs July 2016