Full_Name: Quanah Gibson-Mount Version: 2.4.31 OS: Linux 2.6 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (75.108.184.39)
Got the following segfault in mdb when renaming entry X to the same name as a previously deleted entry Y.
Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7f076d5c6700 (LWP 15510)] 0x00007f1b6ea5190b in mdb_cursor_del (mc=0x2e09a08, flags=0) at ./../../../libraries/libmdb/mdb.c:4516 4516 ./../../../libraries/libmdb/mdb.c: No such file or directory. in ./../../../libraries/libmdb/mdb.c (gdb) thr apply all bt full
Thread 5 (Thread 0x7f076ddc7700 (LWP 15509)): #0 0x00007f1b7261c2d3 in epoll_wait () from /lib/libc.so.6 No symbol table info available. #1 0x00000000004395d9 in slapd_daemon_task (ptr=0x2715d00) at daemon.c:2540 ns = 1 at = 0 nfds = 8 revents = 0x287e000 tvp = 0x7f076ddc4da0 cat = {tv_sec = 1339538180, tv_usec = 0} i = 1 nwriters = 0 now = 1339537971 tv = {tv_sec = 209, tv_usec = 0} tdelta = 1 rtask = 0x2d81950 l = 3 last_idle_check = 1339537880 ebadf = 0 tid = 0 #2 0x00007f1b728be9ca in start_thread () from /lib/libpthread.so.0 No symbol table info available. #3 0x00007f1b7261bcdd in clone () from /lib/libc.so.6 No symbol table info available. #4 0x0000000000000000 in ?? () No symbol table info available.
Thread 4 (Thread 0x7f076d5c6700 (LWP 15510)): #0 0x00007f1b6ea5190b in mdb_cursor_del (mc=0x2e09a08, flags=0) at ./../../../libraries/libmdb/mdb.c:4516 leaf = 0x130000004c rc = 0 #1 0x00007f1b6ea519b4 in mdb_cursor_del (mc=0x2e09880, flags=0) at ./../../../libraries/libmdb/mdb.c:4523 leaf = 0x50baacc rc = 0 #2 0x00007f1b6ea42088 in mdb_dn2id_delete (op=0x2c0fc00, mc=0x2e09880, id=75) at dn2id.c:235 key = {mv_size = 8, mv_data = 0x7f076d5c5468} rc = 0 #3 0x00007f1b6ea31abc in mdb_delete (op=0x2c0fc00, rs=0x7f076d5c5a10) at delete.c:336 mdb = 0x2e56000 pdn = {bv_len = 16, bv_val = 0x48e82c2 "dc=zimbra,dc=com"} e = 0x48e8e90 p = 0x48e83f0 manageDSAit = 0 children = 0x2722ec0 entry = 0x2722f00 txn = 0x458c000 mc = 0x2e09880 opinfo = {moi_oe = {oe_next = {sle_next = 0x0}, oe_key = 0x2e56000}, moi_txn = 0x458c000, moi_ref = 1, moi_flag = 0 '\000'} moi = 0x7f076d5c5530 preread_ctrl = 0x0 ctrls = {0x0, 0x151f55373c8e5d00, 0x0, 0x48e8308, 0x7f076d5c5570, 0x27fb280} num_ctrls = 0 parent_is_glue = 0 parent_is_leaf = 0 __PRETTY_FUNCTION__ = "mdb_delete" #4 0x00000000004d4b08 in overlay_op_walk (op=0x2c0fc00, rs=0x7f076d5c5a10, which=op_delete, oi=0x2c62d20, on=0x0) at backover.c:671 func = 0x7f1b6ec60cf8 rc = 32768 #5 0x00000000004d4d46 in over_op_func (op=0x2c0fc00, rs=0x7f076d5c5a10, which=op_delete) at backover.c:723 oi = 0x2c62d20 on = 0x2c62780 be = 0x27589c0 db = {bd_info = 0x7f1b6ec60ca0, bd_self = 0x27589c0, be_ctrls = "\000\001\001\001\000\001\000\000\001\000\000\001\001\000\001\000\000\001", '\000' <repeats 14 times>, "\001", be_flags = 2312, be_restrictops = 0, be_requires = 0, be_ssf_set = {sss_ssf = 0, sss_transport = 0, sss_tls = 0, sss_sasl = 0, sss_update_ssf = 0, sss_update_transport = 0, sss_update_tls = 0, sss_update_sasl = 0, sss_simple_bind = 0}, be_suffix = 0x2be7900, be_nsuffix = 0x2be78c0, be_schemadn = {bv_len = 0, bv_val = 0x0}, be_schemandn = { bv_len = 0, bv_val = 0x0}, be_rootdn = {bv_len = 9, bv_val = 0x2d5eda0 "cn=config"}, be_rootndn = {bv_len = 9, bv_val = 0x2d5ed80 "cn=config"}, be_rootpw = {bv_len = 0, bv_val = 0x0}, be_max_deref_depth = 15, be_def_limit = {lms_t_soft = -1, lms_t_hard = 0, lms_s_soft = -1, lms_s_hard = 0, lms_s_unchecked = -1, lms_s_pr = 0, lms_s_pr_hide = 0, lms_s_pr_total = 0}, be_limits = 0x0, be_acl = 0x2c6f6c0, be_dfltaccess = ACL_READ, be_extra_anlist = 0x0, be_update_ndn = {bv_len = 0, bv_val = 0x0}, be_update_refs = 0x0, be_pending_csn_list = 0x456f610, be_pcl_mutex = {__data = {__lock = 0, __count = 0, __owner = 0, __nusers = 0, __kind = 0, __spins = 0, __list = { __prev = 0x0, __next = 0x0}}, __size = '\000' <repeats 39 times>, __align = 0}, be_syncinfo = 0x0, be_pb = 0x0, be_cf_ocs = 0x7f1b6ec60aa0, be_private = 0x2e56000, be_next = {stqe_next = 0x0}} cb = {sc_next = 0x48e82e0, sc_response = 0x4d3840 <over_back_response>, sc_cleanup = 0, sc_private = 0x2c62d20} sc = 0x0 rc = 32768 __PRETTY_FUNCTION__ = "over_op_func" #6 0x00000000004d4f2f in over_op_delete (op=0x2c0fc00, rs=0x7f076d5c5a10) at backover.c:780 No locals. #7 0x000000000046149c in fe_op_delete (op=0x2c0fc00, rs=0x7f076d5c5a10) at delete.c:174 org_req_dn = {bv_len = 0, bv_val = 0x0} org_ndn = {bv_len = 0, bv_val = 0x0} org_managedsait = 41923200 org_req_ndn = {bv_len = 0, bv_val = 0x0} org_dn = {bv_len = 0, bv_val = 0x0} repl_user = 0 pdn = {bv_len = 0, bv_val = 0x0} op_be = 0x27589c0 bd = 0x75fdc0 #8 0x000000000046110f in do_delete (op=0x2c0fc00, rs=0x7f076d5c5a10) at delete.c:95 dn = {bv_len = 26, bv_val = 0x4577da5 "ou=people,dc=zimbra,dc=com"} #9 0x000000000043d8c9 in connection_operation (ctx=0x7f076d5c5b50, arg_v=0x2c0fc00) at connection.c:1150 rc = 80 cancel = 0 op = 0x2c0fc00 rs = {sr_type = REP_RESULT, sr_tag = 0, sr_msgid = 0, sr_err = -30798, sr_matched = 0x0, sr_text = 0x0, sr_ref = 0x0, sr_ctrls = 0x0, sr_un = {sru_search = {r_entry = 0x0, r_attr_flags = 0, r_operational_attrs = 0x0, r_attrs = 0x0, r_nentries = 0, r_v2ref = 0x0}, sru_sasl = {r_sasldata = 0x0}, sru_extended = {r_rspoid = 0x0, r_rspdata = 0x0}}, sr_flags = 0} tag = 74 opidx = SLAP_OP_DELETE conn = 0x2f6b440 memctx = 0x27fb280 memctx_null = 0x0 memsiz = 1048576 __PRETTY_FUNCTION__ = "connection_operation" #10 0x000000000043de67 in connection_read_thread (ctx=0x7f076d5c5b50, argv=0x13) at connection.c:1286 rc = 0 cri = {op = 0x2c0fc00, func = 0, arg = 0x0, ctx = 0x7f076d5c5b50, nullop = 0} s = 19 #11 0x00007f1b73db5cc9 in ldap_int_thread_pool_wrapper (xpool=0x273c1c0) at tpool.c:688 pool = 0x273c1c0 task = 0x4576680 work_list = 0x273c258 ctx = {ltu_id = 139669876270848, ltu_key = {{ltk_key = 0x43d429, ltk_data = 0x2c78200, ltk_free = 0x43d26d <conn_counter_destroy>}, {ltk_key = 0x4b388f, ltk_data = 0x27fb280, ltk_free = 0x4b36b4 <slap_sl_mem_destroy>}, {ltk_key = 0x4591ad, ltk_data = 0x0, ltk_free = 0x459100 <slap_op_q_destroy>}, {ltk_key = 0x45e6000, ltk_data = 0x457e000, ltk_free = 0x7f1b6ea4492b <mdb_reader_free>}, {ltk_key = 0x7f1b6ea384d9, ltk_data = 0x49e8000, ltk_free = 0x7f1b6ea38491 <scope_chunk_free>}, {ltk_key = 0x4daa000, ltk_data = 0x4581400, ltk_free = 0x7f1b6ea4492b <mdb_reader_free>}, {ltk_key = 0x7f1b6ea3aaf4, ltk_data = 0x65f2000, ltk_free = 0x7f1b6ea3aad1 <search_stack_free>}, { ltk_key = 0x0, ltk_data = 0x4579200, ltk_free = 0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 854 hash = 2665057110 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #12 0x00007f1b728be9ca in start_thread () from /lib/libpthread.so.0 No symbol table info available. #13 0x00007f1b7261bcdd in clone () from /lib/libc.so.6 No symbol table info available. #14 0x0000000000000000 in ?? () No symbol table info available.
Thread 3 (Thread 0x7ef36cdc3700 (LWP 15671)): #0 0x00007f1b728c385c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 No symbol table info available. #1 0x00007f1b73db72be in ldap_pvt_thread_cond_wait (cond=0x273c1f0, mutex=0x273c1c8) at thr_posix.c:277 No locals. #2 0x00007f1b73db5c22 in ldap_int_thread_pool_wrapper (xpool=0x273c1c0) at tpool.c:675 pool = 0x273c1c0 task = 0x0 work_list = 0x273c258 ctx = {ltu_id = 139583968524032, ltu_key = {{ltk_key = 0x43d429, ltk_data = 0x2c04400, ltk_free = 0x43d26d <conn_counter_destroy>}, {ltk_key = 0x4b388f, ltk_data = 0x2bc1200, ltk_free = 0x4b36b4 <slap_sl_mem_destroy>}, {ltk_key = 0x4591ad, ltk_data = 0x2c0e000, ltk_free = 0x459100 <slap_op_q_destroy>}, {ltk_key = 0x4daa000, ltk_data = 0x4582e00, ltk_free = 0x7f1b6ea4492b <mdb_reader_free>}, {ltk_key = 0x7f1b6ea384d9, ltk_data = 0x51ee000, ltk_free = 0x7f1b6ea38491 <scope_chunk_free>}, {ltk_key = 0x45e6000, ltk_data = 0x4586200, ltk_free = 0x7f1b6ea4492b <mdb_reader_free>}, {ltk_key = 0x7f1b6ea3aaf4, ltk_data = 0x55ee000, ltk_free = 0x7f1b6ea3aad1 <search_stack_free>}, { ltk_key = 0x0, ltk_data = 0x457a400, ltk_free = 0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0} <repeats 24 times>}} kctx = 0x0 i = 32 keyslot = 464 hash = 81037776 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x00007f1b728be9ca in start_thread () from /lib/libpthread.so.0 No symbol table info available. #4 0x00007f1b7261bcdd in clone () from /lib/libc.so.6 No symbol table info available. #5 0x0000000000000000 in ?? () No symbol table info available.
Thread 2 (Thread 0x7ef36c5c2700 (LWP 15672)): #0 0x00007f1b728c385c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 No symbol table info available. #1 0x00007f1b73db72be in ldap_pvt_thread_cond_wait (cond=0x273c1f0, mutex=0x273c1c8) at thr_posix.c:277 No locals. #2 0x00007f1b73db5c22 in ldap_int_thread_pool_wrapper (xpool=0x273c1c0) at tpool.c:675 pool = 0x273c1c0 task = 0x0 work_list = 0x273c258 ctx = {ltu_id = 139583960131328, ltu_key = {{ltk_key = 0x43d429, ltk_data = 0x2c04500, ltk_free = 0x43d26d <conn_counter_destroy>}, {ltk_key = 0x4b388f, ltk_data = 0x2bc1300, ltk_free = 0x4b36b4 <slap_sl_mem_destroy>}, {ltk_key = 0x4591ad, ltk_data = 0x2c0e800, ltk_free = 0x459100 <slap_op_q_destroy>}, {ltk_key = 0x45e6000, ltk_data = 0x458e000, ltk_free = 0x7f1b6ea4492b <mdb_reader_free>}, {ltk_key = 0x7f1b6ea384d9, ltk_data = 0x75f6000, ltk_free = 0x7f1b6ea38491 <scope_chunk_free>}, {ltk_key = 0x7f1b6ea3aaf4, ltk_data = 0x78f6000, ltk_free = 0x7f1b6ea3aad1 <search_stack_free>}, {ltk_key = 0x0, ltk_data = 0x457b600, ltk_free = 0}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0} <repeats 25 times>}} kctx = 0x0 i = 32 keyslot = 576 hash = 1606749760 __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper" #3 0x00007f1b728be9ca in start_thread () from /lib/libpthread.so.0 No symbol table info available. #4 0x00007f1b7261bcdd in clone () from /lib/libc.so.6 No symbol table info available. #5 0x0000000000000000 in ?? () No symbol table info available.
Thread 1 (Thread 0x7f1b744e4720 (LWP 15508)): #0 0x00007f1b728c003d in pthread_join () from /lib/libpthread.so.0 No symbol table info available. #1 0x00007f1b73db71ff in ldap_pvt_thread_join (thread=139669884663552, thread_return=0x0) at thr_posix.c:197 No locals. #2 0x000000000043a7ff in slapd_daemon () at daemon.c:2930 i = 0 rc = 0 #3 0x0000000000416d7f in main (argc=9, argv=0x7fffc49fe378) at main.c:1012 i = 9 no_detach = 0 rc = 0 urls = 0x271a000 "ldap://zre-ldap003.eng.vmware.com:389 ldapi:///" username = 0x2714020 "root" groupname = 0x0 sandbox = 0x0 syslogUser = 128 pid = 0 waitfds = {10, 11} g_argc = 9 g_argv = 0x7fffc49fe378 configfile = 0x0 configdir = 0x2712040 "/opt/zimbra/data/ldap/config" serverName = 0x7fffc49ffd92 "slapd" serverMode = 1 scp = 0x0 scp_entry = 0x0 debug_unknowns = 0x0 syslog_unknowns = 0x0 serverNamePrefix = 0x4f9928 "" l = 139755887037800 slapd_pid_file_unlink = 1 slapd_args_file_unlink = 1 firstopt = 0 __PRETTY_FUNCTION__ = "main"