I'm experiencing a suspiciously similar segfault on 2.4.44+dfsg-1

Here follows the backtrace:

Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7f60dd7e1700 (LWP 32510)] 0x00007f60dd7e0aa0 in ?? () (gdb) bt #0 0x00007f60dd7e0aa0 in ?? () #1 0x00007f61650bca41 in slap=5Fwritewait=5Fplay (op=3D0x7f60c8002550)= at ../../../../servers/slapd/result.c:294 #2 send=5Fldap=5Fber (op=3D0x7f60c8002550, ber=3D0x7f60dd64f250) at ..= /../../../servers/slapd/result.c:367 #3 0x00007f61650bf651 in slap=5Fsend=5Fsearch=5Fentry (op=3D0x7f60c800= 2550, rs=3D0x7f60dd7e0aa0) at ../../../../servers/slapd/result.c:1430 #4 0x00007f616003590b in mdb=5Fsearch (op=3D0x7f60c8002550, rs=3D0x7f6= 0dd7e0aa0) at ../../../../../servers/slapd/back-mdb/search.c:1086 #5 0x00007f615f5f8cd6 in relay=5Fback=5Fop (op=3D0x7f60c8002550, rs=3D= 0x7f60dd7e0aa0, which=3D<optimized out>) at ../../../../../servers/slapd/back-relay/op.c:210 #6 0x00007f616511aeea in overlay=5Fop=5Fwalk (op=3Dop@entry=3D0x7f60c8= 002550, rs=3D0x7f60dd7e0aa0, which=3Dop=5Fsearch, oi=3D0x7f6165d2c020,=

on=3D<optimized out>) at ../../../../servers/slapd/backover.c:677 #7 0x00007f616511b044 in over=5Fop=5Ffunc (op=3D0x7f60c8002550, rs=3D<= optimized out>, which=3D<optimized out>) at ../../../../servers/slapd/backover.c:730 #8 0x00007f61650af071 in fe=5Fop=5Fsearch (op=3D0x7f60c8002550, rs=3D0= x7f60dd7e0aa0) at ../../../../servers/slapd/search.c:402 #9 0x00007f61650ae9ee in do=5Fsearch (op=3D0x7f60c8002550, rs=3D0x7f60= dd7e0aa0) at ../../../../servers/slapd/search.c:247 #10 0x00007f61650ac57c in connection=5Foperation (ctx=3D0x7f60dd7e0c10,= arg=5Fv=3D0x7f60c8002550) at ../../../../servers/slapd/connection.c:1158 #11 0x00007f61650ac867 in connection=5Fread=5Fthread (ctx=3D0x7f60c8002= 550, argv=3D0x7f60dd7df710) at ../../../../servers/slapd/connection.c:1294 #12 0x00007f6164c0df22 in ldap=5Fint=5Fthread=5Fpool=5Fwrapper (xpool=3D= 0x7f6165c8ffa0) at ../../../../libraries/libldap=5Fr/tpool.c:696 #13 0x00007f61631f20a4 in start=5Fthread (arg=3D0x7f60dd7e1700) at pthr= ead=5Fcreate.c:309 #14 0x00007f6162f2762d in clone () at ../sysdeps/unix/sysv/linux/x86=5F= 64/clone.S:111

To reliably trigger the segfault I need to request jpegImage attributes= . A few more (possibly important) facts: the server houses two databases, the first is a sync-repl slave unsing = the mdb backend, the second a relay backend that provides read-only access to the first database rewriting the data= base suffix. So far I could only trigger the segfault in the relay database, not in = the mdb-backend one.

HTH Ralf Mattes