Tyler Gates wrote:
After applying the patches for ITS #6848 and ITS #6898 I still get crashes. Here's the latest:
Looks like a double-free. Can you reproduce this consistently? If so, what are the steps? can you run slapd under valgrind and reproduce this?
Program received signal SIGABRT, Aborted. [Switching to Thread 0xae1edb70 (LWP 6121)] 0xb76e2430 in __kernel_vsyscall () (gdb) (gdb) (gdb) bt #0 0xb76e2430 in __kernel_vsyscall () #1 0xb71b4651 in *__GI_raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 #2 0xb71b7a82 in *__GI_abort () at abort.c:92 #3 0xb71eb49d in __libc_message (do_abort=2, fmt=0xb72bff98 "*** glibc detected *** %s: %s: 0x%s ***\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:189 #4 0xb71f5591 in malloc_printerr (action=<value optimized out>, str=0x6
<Address 0x6 out of bounds>, ptr=0xb9584e80) at malloc.c:6266 #5 0xb71f6de8 in _int_free (av=<value optimized out>, p=<value optimized out>) at malloc.c:4794 #6 0xb71f9ecd in *__GI___libc_free (mem=0xb9584e80) at malloc.c:3738 #7 0xb768ac20 in ber_memfree_x () from /usr/lib/liblber-2.4.so.2 #8 0xb768acaf in ber_bvarray_free_x () from /usr/lib/liblber-2.4.so.2 #9 0xb768acf5 in ber_bvarray_free () from /usr/lib/liblber-2.4.so.2 #10 0xb7743e5d in attr_clean (a=0xb6dcc06c) at /tmp/buildd/openldap-2.4.25/servers/slapd/attr.c:148 #11 0xb7743efb in attrs_free (a=0xb6dcc06c) at /tmp/buildd/openldap-2.4.25/servers/slapd/attr.c:198 #12 0xb6d84b7f in hdb_cache_modify (bdb=0xb9536e10, e=0xb94f1dac, newAttrs=0xb6dd6884, txn=0xb2176970, lock=0xae1ec930) at cache.c:1238 #13 0xb6d7008c in hdb_modify (op=0xae1eccfc, rs=0xae1ecad0) at modify.c:662 #14 0xb6d52e81 in remove_query_data (op=<value optimized out>, query_uuid=<value optimized out>) at /tmp/buildd/openldap-2.4.25/servers/slapd/overlays/pcache.c:1829 #15 0xb6d53d0b in consistency_check (ctx=0xae1ed1dc, arg=0xb955e018) at /tmp/buildd/openldap-2.4.25/servers/slapd/overlays/pcache.c:3520 #16 0xb769d8b4 in ?? () from /usr/lib/libldap_r-2.4.so.2 #17 0xb72e996e in start_thread (arg=0xae1edb70) at pthread_create.c:300 #18 0xb7257a4e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130 (gdb) continue Continuing. [Thread 0xaddecb70 (LWP 6122) exited] [Thread 0xae1edb70 (LWP 6121) exited] [Thread 0xae7f0b70 (LWP 6120) exited] [Thread 0xaedf3b70 (LWP 6119) exited] [Thread 0xaf2f5b70 (LWP 6118) exited] [Thread 0xaf7f7b70 (LWP 6117) exited] [Thread 0xafbf8b70 (LWP 6116) exited] [Thread 0xafff9b70 (LWP 6115) exited] [Thread 0xb04fbb70 (LWP 6114) exited] [Thread 0xb08fcb70 (LWP 6113) exited] [Thread 0xb582ab70 (LWP 5868) exited] [Thread 0xb5320b70 (LWP 5869) exited] [Thread 0xb4e1eb70 (LWP 5870) exited] [Thread 0xb4a1db70 (LWP 5871) exited] [Thread 0xb461cb70 (LWP 5872) exited] [Thread 0xb421bb70 (LWP 5873) exited] [Thread 0xb5c2bb70 (LWP 5867) exited]
Program terminated with signal SIGABRT, Aborted. The program no longer exists. (gdb)