If you run test020 under valgrind you'll notice something like
conn=20 op=1 EXT oid=1.3.6.1.4.1.4203.1.11.1 conn=20 op=1 PASSMOD id="cn=James A Jones 1,ou=Alumni Association,ou=People,dc=e xample,dc=com" new ==12087== ==12087== Thread 5: ==12087== Syscall param poll(timeout) contains uninitialised byte(s) ==12087== at 0xD391C3: poll (in /lib/libc-2.5.so) ==12087== by 0x8243149: ldap_int_select (os-ip.c:1107) ==12087== by 0x8228B97: wait4msg (result.c:335) ==12087== by 0x82285A6: ldap_result (result.c:120) ==12087== by 0x819F1D9: ldap_back_exop_passwd (extended.c:196) ==12087== by 0x819EBD3: ldap_back_extended_one (extended.c:73) ==12087== by 0x819ECDC: ldap_back_extended (extended.c:96) ==12087== by 0x8106455: overlay_op_walk (backover.c:669) ==12087== by 0x81ED2B2: pcache_op_extended (pcache.c:5188) ==12087== by 0x81063D5: overlay_op_walk (backover.c:659) ==12087== by 0x810660A: over_op_func (backover.c:721) ==12087== by 0x81067C9: over_op_extended (backover.c:796) ==12087== by 0x80C3331: passwd_extop (passwd.c:207) ==12087== by 0x80C2418: fe_extended (extended.c:225) ==12087== by 0x80C21AF: do_extended (extended.c:180) ==12087== by 0x8086471: connection_operation (connection.c:1127) ==12087== by 0x80869B1: connection_read_thread (connection.c:1263) ==12087== by 0x822653C: ldap_int_thread_pool_wrapper (tpool.c:685) ==12087== by 0xDEB46A: start_thread (in /lib/libpthread-2.5.so) ==12087== by 0xD42DBD: clone (in /lib/libc-2.5.so) pc_setpw: CACHING BIND for cn=James A Jones 1,ou=Alumni Association,ou=People,dc =example,dc=com conn=20 op=1 RESULT oid= err=0 text= conn=20 op=2 UNBIND
Also,
daemon: shutdown requested and initiated. slapd shutdown: waiting for 1 operations/tasks to finish ==13212== ==13212== Thread 1: ==13212== Syscall param pwrite64(buf) points to uninitialised byte(s) ==13212== at 0xDF2B66: pwrite64 (in /lib/libpthread-2.5.so) ==13212== by 0x410E3AE: __os_io (in /usr/local/lib/libdb-4.6.so) ==13212== by 0x40FC5F2: __memp_pgwrite (in /usr/local/lib/libdb-4.6.so) ==13212== by 0x40FC821: __memp_bhwrite (in /usr/local/lib/libdb-4.6.so) ==13212== by 0x410A89B: __memp_sync_int (in /usr/local/lib/libdb-4.6.so) ==13212== by 0x410AE5E: __memp_fsync (in /usr/local/lib/libdb-4.6.so) ==13212== by 0x40B2DD7: __db_sync (in /usr/local/lib/libdb-4.6.so) ==13212== by 0x40B1904: __db_refresh (in /usr/local/lib/libdb-4.6.so) ==13212== by 0x40B1C4E: __db_close (in /usr/local/lib/libdb-4.6.so) ==13212== by 0x40C4467: __db_close_pp (in /usr/local/lib/libdb-4.6.so) ==13212== by 0x811D71F: bdb_db_close (init.c:618) ==13212== by 0x81F88B7: pcache_db_close (pcache.c:4734) ==13212== by 0x8109360: over_db_close (backover.c:176) ==13212== by 0x8098644: backend_shutdown (backend.c:376) ==13212== by 0x80C0E1C: slap_shutdown (init.c:229) ==13212== by 0x8067BB2: main (main.c:971) ==13212== Address 0x47C63E3 is not stack'd, malloc'd or (recently) free'd ==13212== Warning: invalid file descriptor -1 in syscall close() ==13212== Warning: invalid file descriptor -1 in syscall close() ==13212== Warning: invalid file descriptor -1 in syscall close() ==13212== Warning: invalid file descriptor -1 in syscall close() ==13212== Warning: invalid file descriptor -1 in syscall close() ==13212== Warning: invalid file descriptor -1 in syscall close() slapd stopped.
Finally,
==13212== 13,407 (7,982 direct, 5,425 indirect) bytes in 298 blocks are definite ly lost in loss record 12 of 12 ==13212== at 0x40053C0: malloc (vg_replace_malloc.c:149) ==13212== by 0x8268377: ber_memalloc_x (memory.c:226) ==13212== by 0x82687EF: ber_dupbv_x (memory.c:501) ==13212== by 0x8268894: ber_dupbv (memory.c:519) ==13212== by 0x80975F0: entry_dup2 (entry.c:978) ==13212== by 0x8097633: entry_dup (entry.c:988) ==13212== by 0x81F0A06: pcache_op_cleanup (pcache.c:2346) ==13212== by 0x809C5F2: slap_cleanup_play (result.c:392) ==13212== by 0x809FA2E: slap_send_search_entry (result.c:1287) ==13212== by 0x813DF09: ldap_back_search (search.c:341) ==13212== by 0x810A0A9: overlay_op_walk (backover.c:669) ==13212== by 0x810A25E: over_op_func (backover.c:721) ==13212== by 0x810A30D: over_op_search (backover.c:748) ==13212== by 0x808C35A: fe_op_search (search.c:366) ==13212== by 0x808BCFA: do_search (search.c:217) ==13212== by 0x80888D9: connection_operation (connection.c:1127) ==13212== by 0x8088E19: connection_read_thread (connection.c:1263) ==13212== by 0x8233D38: ldap_int_thread_pool_wrapper (tpool.c:685) ==13212== by 0xDEB46A: start_thread (in /lib/libpthread-2.5.so) ==13212== by 0xD42DBD: clone (in /lib/libc-2.5.so)
So there seems to be some issue, in general and specifically in extop code, although it might not be related to the SIGSEGV you see. The same problem is present in HEAD. I'm filing an ITS for this.
p.