openldap-server exit on signal 6 on 11.1 (and not in 10.3)
Xin LI
delphij at gmail.com
Fri Feb 9 18:22:41 UTC 2018
Hi,
On Fri, Feb 9, 2018 at 12:33 AM joris dedieu <joris.dedieu at gmail.com> wrote:
> Dear porters,
>
> While moving from 10.3 to 11.1, I get an issue on openldap execution.
> slapd dies (pid 29087 (slapd), uid 389: exited on signal 6) on some
> complex but reproducible operations.
>
> We worked around this bug by returning less elements from the request.
> While my dear colleges are trying to write a script to reproduce the
> issue, I investigate system side.
>
>
> In /var/log/messages, I got slapd[4909]: stack overflow detected;
> terminated
>
> The only trace I get
>
> #0 0x0000000801f7a71a in kill () from /lib/libc.so.7
> #1 0x0000000801f7a6d0 in __stack_chk_fail () from /lib/libc.so.7
> #2 0x0000000801f7a640 in __stack_chk_fail () from /lib/libc.so.7
> #3 0x00000000004466e6 in do_modify ()
> #4 0x00000000004308d5 in connection_assign_nextid ()
> #5 0x00000000004300dd in connection_read_activate ()
> #6 0x0000000800956ffa in ldap_pvt_thread_pool_submit () from
> /usr/local/lib/libldap_r-2.4.so.2
> #7 0x0000000801c71bc5 in pthread_create () from /lib/libthr.so.3
> #8 0x0000000000000000 in ?? ()
>
I have never seen this on my own systems.
> I suspect it's relative to -fstack-protector-strong which is the
> default since FreeBSD 11.0. Do you think I should rebuild all the
> world this opion ?
>
Is the slapd binary from 10.3 (still considered a bug in this case), or
have you rebuilt it? If you have coredumps, please try to collect
additional information on do_modify() as this might indicate a security
issue as well. Reporting this to upstream (openldap.org) would usually be
helpful if you believe it's an OpenLDAP bug.
Cheers,
>
> I also thought on fdatasync
>
> .if ${OSVERSION} < 1101000
> CFLAGS+= -DMDB_DSYNC=O_SYNC -Dfdatasync=fsync
> .endif
>
> I'm currently investigating on this changes.
>
> The issue disappear when slapd is compiled with debugging symbols
> (WITH_DEBUG=YES). As far as I understand, this only cause -g flag to
> be added to CFLAGS. Does WITH_DEBUG also disable some compiler
> optimization ?
>
> Any thought on all this is welcomed
>
> Joris
>
>
> Openldap options :
> Name : openldap-sasl-server
> Version : 2.4.45_4
> Installed on : Thu Feb 8 16:16:45 2018 CET
> Origin : net/openldap24-server
> Architecture : FreeBSD:11:amd64
> Prefix : /usr/local
> Categories : databases net
> Licenses : OPENLDAP
> Maintainer : delphij at FreeBSD.org
> WWW : http://www.OpenLDAP.org/
> Comment : Open source LDAP server implementation
> Options :
> ACCESSLOG : on
> ACI : off
> AUDITLOG : off
> BDB : off
> COLLECT : off
> CONSTRAINT : off
> DDS : off
> DEBUG : off
> DEREF : off
> DNSSRV : off
> DYNACL : off
> DYNAMIC_BACKENDS: on
> DYNGROUP : off
> DYNLIST : off
> FETCH : off
> GSSAPI : on
> KQUEUE : off
> LASTBIND : off
> LMPASSWD : off
> MDB : on
> MEMBEROF : off
> ODBC : off
> OUTLOOK : off
> PASSWD : off
> PERL : off
> PPOLICY : on
> PROXYCACHE : off
> REFINT : off
> RELAY : off
> RETCODE : off
> RLOOKUPS : off
> RWM : off
> SASL : on
> SEQMOD : off
> SHA2 : off
> SHELL : off
> SLAPI : off
> SLP : off
> SMBPWD : off
> SOCK : off
> SSSVLV : off
> SYNCPROV : on
> TCP_WRAPPERS : off
> TRANSLUCENT : off
> UNIQUE : off
> VALSORT : off
>
More information about the freebsd-ports
mailing list