[Pkg-openldap-devel] Bug#465915: Bug#465915: segmentation fault in slapd under some load

Quanah Gibson-Mount quanah at zimbra.com
Fri Feb 15 18:57:00 UTC 2008 

This is most likely upstream bug ITS#5336.

It would be helpful to see the output in gdb of:

print *bdb

to see how the caches were configured.

For example, from ITS#5336, at frame 3, a print *bdb

would have been useful there.  If you can do something similarly in your 
bug, that would be great.  Also, all the steps to reproduce this.

Regards,
Quanah

--On February 15, 2008 4:01:22 PM +0100 Arthur de Jong <adejong at debian.org> 
wrote:

> Subject: segmentation fault in slapd under some load
> Package: slapd
> Version: 2.4.7-5
> Severity: important
>
> I have a test directory with 2032 DNs in it to test nss-ldapd. When I
> run my test scripts (which result in a large number of LDAP requests)
> the server occasionally crashes. Lately this seems to happen more often
> so much so that it's become reproducible.
>
> I have installed slapd-dbg and have reproduces the crash below. If you
> need more information (e.g. contents of /var/lib/ldap) or the test
> scripts just let me know. (the test scripts are from nss-ldapd and
> basically do just searches with paging)
>
> The crash is mostly this (full logs attached)
># db4.2_recover -h /var/lib/ldap
># gdb /usr/sbin/slapd
> [...]
> Using host libthread_db library "/lib/libthread_db.so.1".
> (gdb) r -d 273 -h ldap:/// ldaps:/// ldapi:/// -g openldap -u openldap -f
> /etc/ldap/slapd.conf Starting program: /usr/sbin/slapd -d 273 -h ldap:///
> ldaps:/// ldapi:/// -g openldap -u openldap -f /etc/ldap/slapd.conf
> [Thread debugging using libthread_db enabled]
> [...]
> => send_search_entry: conn 8 dn="cn=Nona
> Delmore+uid=ndelmore,ou=lotsofpeople,dc=test,dc=tld" <=
> send_search_entry: conn 7 exit.
> entry_decode: "uid=mherlihy,ou=lotsofpeople,dc=test,dc=tld"
> <= entry_decode(uid=mherlihy,ou=lotsofpeople,dc=test,dc=tld)
>
> Program received signal SIGSEGV, Segmentation fault.
> [Switching to Thread 0xb521ab90 (LWP 28384)]
> slap_send_search_entry (op=0x84263a0, rs=0xb521a168)
>     at /build/buildd/openldap2.3-2.4.7/servers/slapd/result.c:900
> 900 /build/buildd/openldap2.3-2.4.7/servers/slapd/result.c: No such file
> or directory.   in /build/buildd/openldap2.3-2.4.7/servers/slapd/result.c
> (gdb) bt
># 0  slap_send_search_entry (op=0x84263a0, rs=0xb521a168)
>     at /build/buildd/openldap2.3-2.4.7/servers/slapd/result.c:900
># 1  0xb78314ab in bdb_search (op=0x84263a0, rs=0xb521a168)
>     at /build/buildd/openldap2.3-2.4.7/servers/slapd/back-bdb/search.c:869
># 2  0x08077d13 in fe_op_search (op=0x84263a0, rs=0xb521a168)
>     at /build/buildd/openldap2.3-2.4.7/servers/slapd/search.c:368
># 3  0x0807853c in do_search (op=0x84263a0, rs=0xb521a168)
>     at /build/buildd/openldap2.3-2.4.7/servers/slapd/search.c:217
># 4  0x080757c6 in connection_operation (ctx=0xb521a248, arg_v=0x84263a0)
>     at /build/buildd/openldap2.3-2.4.7/servers/slapd/connection.c:1083
># 5  0x08075ed6 in connection_read_thread (ctx=0xb521a248, argv=0xf)
>     at /build/buildd/openldap2.3-2.4.7/servers/slapd/connection.c:1210
># 6  0xb7f56a44 in ?? () from /usr/lib/libldap_r-2.4.so.2
># 7  0xb521a248 in ?? ()
># 8  0x0000000f in ?? ()
># 9  0x00000000 in ?? ()
> (gdb)
>
> The crash does not occur on the same DN every time and sometimes an
> assertion is triggered instead of a Segmentation fault (though I don't
> think I've seen that with slapd-dbg installed). I've checked permissions
> on /var/lib/ldap. Running slapindex seems to fix the situation sometimes
> (for a while) and it seems that if you let slapd settle down a bit the
> problem does not occur immediately.
>
> If I increase the debug much level further (haven't tested all
> combinations) the problem does not seem to appear. Also, I have only
> been able to reproduce the crash under valgrind with -d 1:
>
># db4.2_recover -h /var/lib/ldap
># valgrind --leak-check=full /usr/sbin/slapd -d 1 -h ldap:/// ldaps:///
># ldapi:/// -g openldap -u openldap -f /etc/ldap/slapd.conf
> ==12385== Thread 6:
> ==12385== Invalid read of size 4
> ==12385==    at 0x42A9160: pthread_mutex_lock (pthread_mutex_lock.c:51)
> [...]
> ==12385==  Address 0x2c is not stack'd, malloc'd or (recently) free'd
> ==12385==
> ==12385== Process terminating with default action of signal 11 (SIGSEGV)
> ==12385==  Access not within mapped region at address 0x2C
> ==12385==    at 0x42A9160: pthread_mutex_lock (pthread_mutex_lock.c:51)
> [...]
> ==12385== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 104 from 1)
> ==12385== malloc/free: in use at exit: 78,857,822 bytes in 21,789 blocks.
> ==12385== malloc/free: 41,385 allocs, 19,596 frees, 88,025,431 bytes
> allocated. [...]
> ==12385== LEAK SUMMARY:
> ==12385==    definitely lost: 139 bytes in 4 blocks.
> ==12385==    indirectly lost: 336 bytes in 28 blocks.
> ==12385==      possibly lost: 1,296 bytes in 9 blocks.
> ==12385==    still reachable: 78,856,051 bytes in 21,748 blocks.
> ==12385==         suppressed: 0 bytes in 0 blocks.
> ==12385== Reachable blocks (those to which a pointer was found) are not
> shown. ==12385== To see them, rerun with: --leak-check=full
> --show-reachable=yes Killed
>
> Full logs of all tests as well as slapd.conf are attached.
>
> -- System Information:
> Debian Release: lenny/sid
>   APT prefers unstable
>   APT policy: (500, 'unstable')
> Architecture: i386 (i686)
>
> Kernel: Linux 2.6.24-1-686 (SMP w/2 CPU cores)
> Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
> Shell: /bin/sh linked to /bin/bash
>
> Versions of packages slapd depends on:
> ii  adduser               3.105              add and remove users and
> groups ii  coreutils             6.10-3             The GNU core utilities
> ii  debconf [debconf-2.0] 1.5.19             Debian configuration
> management sy ii  libc6                 2.7-8              GNU C Library:
> Shared libraries ii  libdb4.2              4.2.52+dfsg-4      Berkeley
> v4.2 Database Libraries [ ii  libgnutls26           2.2.1-3
> the GNU TLS library - runtime libr ii  libldap-2.4-2         2.4.7-5
> OpenLDAP libraries
> ii  libltdl3              1.5.26-1           A system independent dlopen
> wrappe ii  libperl5.8            5.8.8-12           Shared Perl library
> ii  libsasl2-2            2.1.22.dfsg1-17+b1 Cyrus SASL - authentication
> abstra ii  libslp1               1.2.1-7.1          OpenSLP libraries
> ii  libwrap0              7.6.dbs-14         Wietse Venema's TCP wrappers
> libra ii  perl [libmime-base64- 5.8.8-12           Larry Wall's Practical
> Extraction  ii  psmisc                22.6-1             Utilities that
> use the proc filesy ii  unixodbc              2.2.11-16          ODBC
> tools libraries
>
> Versions of packages slapd recommends:
> ii  libsasl2-modules      2.1.22.dfsg1-17+b1 Cyrus SASL - pluggable
> authenticat
>
> -- debconf information:
>   slapd/internal/adminpw: (password omitted)
> * slapd/password1: (password omitted)
> * slapd/password2: (password omitted)
> * slapd/allow_ldap_v2: false
>   slapd/password_mismatch:
>   slapd/tlsciphersuite:
>   slapd/suffix_change: false
>   slapd/fix_directory: true
>   slapd/invalid_config: true
> * shared/organization: Test domain for nss-ldapd
>   slapd/slave_databases_require_updateref:
>   slapd/dump_database_destdir: /var/backups/slapd-VERSION
>   slapd/upgrade_slapcat_failure:
>   slapd/slurpd_obsolete:
>   slapd/autoconf_modules: true
> * slapd/purge_database: false
> * slapd/domain: test.tld
> * slapd/backend: BDB
> * slapd/no_configuration: false
>   slapd/migrate_ldbm_to_bdb: false
> * slapd/move_old_database: true
>   slapd/dump_database: when needed
>   slapd/upgrade_slapadd_failure:
>
> --
> -- arthur - adejong at debian.org - http://people.debian.org/~adejong --



--

Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration

More information about the Pkg-openldap-devel mailing list