1296694 – 1.2.11.15-68.el6_7 ns-slapd crash in ipa context - c_mutex lock memory corruption and self locks

Bug 1296694 - 1.2.11.15-68.el6_7 ns-slapd crash in ipa context - c_mutex lock memory corruption and self locks

Summary: 1.2.11.15-68.el6_7 ns-slapd crash in ipa context - c_mutex lock memory corrup...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	389-ds-base
Sub Component:
Version:	6.7
Hardware:	x86_64
OS:	Linux
Priority:	urgent
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Noriko Hosoi
QA Contact:	Viktor Ashirov
Docs Contact:	Petr Bokoc
URL:
Whiteboard:
Depends On:
Blocks:	1298095
TreeView+	depends on / blocked

Reported:	2016-01-07 21:38 UTC by Marc Sauton
Modified:	2020-09-13 21:37 UTC (History)
CC List:	7 users (show)
Fixed In Version:	389-ds-base-1.2.11.15-72.el6
Doc Type:	Bug Fix
Doc Text:	Fixed a deadlock in asynchronous simple paged results requests A previous fix to deadlock in the asynchronous simple paged results requests caused another self deadlock due to a regression. To address this problem, a simple `PR_Lock` on a connection object has been replaced with a re-entrant `PR_Monitor`. As a result, the deadlock no longer occurs.
Clone Of:
Clones:	1298095 (view as bug list)
Environment:
Last Closed:	2016-05-10 19:22:41 UTC
Target Upstream Version:

Attachments	(Terms of Use)
full stack trace from 310-ccpp-2016-01-07-11-58-56-5760.2016-01-07-11.58.26-5760 (125.44 KB, text/plain) 2016-01-07 21:38 UTC, Marc Sauton	no flags	Details
full stack trace from 320-ccpp-2016-01-06-13-00-34-28822.2016-01-06-13.00.34-28822 (121.27 KB, text/plain) 2016-01-07 21:39 UTC, Marc Sauton	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	389ds 389-ds-base issues 1737	0	None	None	None	2020-09-13 21:37:41 UTC
Red Hat Product Errata	RHBA-2016:0737	0	normal	SHIPPED_LIVE	389-ds-base bug fix and enhancement update	2016-05-10 22:29:13 UTC

Description Marc Sauton 2016-01-07 21:38:22 UTC

Created attachment 1112618 [details]
full stack trace from 310-ccpp-2016-01-07-11-58-56-5760.2016-01-07-11.58.26-5760

Description of problem:

stack trace review request, will need summary change.

apparent ns-slapd crash in RHEL 6.7 IPA context with
1.2.11.15-68.el6_7 

I attached 2 stack traces, nearly the same, the long file names have some context information:

sf.01534564.rhel67.389-ds-base-1.2.11.15-68.el6_7.ns-slapd.stacktrace.310-ccpp-2016-01-07-11-58-56-5760.2016-01-07-11.58.26-5760.txt 

sf.01534564.rhel67.389-ds-base-1.2.11.15-68.el6_7.ns-slapd.stacktrace.320-ccpp-2016-01-06-13-00-34-28822.txt 

there were some initial reports of ns-slapd "hang" in salesforce case number, but I seem to see crashes:

Core was generated by `/usr/sbin/ns-slapd -D /etc/dirsrv/slapd-BS-BR-BSCH -i /var/run/dirsrv/slapd-BS-'.
Program terminated with signal 11, Segmentation fault.
#0  __lll_lock_wait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:136
136     2:      movl    %edx, %eax



Version-Release number of selected component (if applicable):
RHEL 6.7
389-ds-base-1.2.11.15-68.el6_7


How reproducible:
N/A

Steps to Reproduce:
1. N/A
2.
3.

Actual results:


Expected results:


Additional info:

Comment 1 Marc Sauton 2016-01-07 21:39:17 UTC

Created attachment 1112619 [details]
full stack trace from 320-ccpp-2016-01-06-13-00-34-28822.2016-01-06-13.00.34-28822

Comment 18 Viktor Ashirov 2016-02-22 17:35:07 UTC

Build tested: 389-ds-base-1.2.11.15-73.el6.x86_64

[1] Created 4000 users:
# ldclt -h localhost -p 389 -D "cn=Directory Manager" -w Secret123 -b "ou=people,dc=example,dc=com" -I 68 -e add,commoncounter -e "object=posix_users.ldif,rdn=uid:[A=INCRNNOLOOP(0;3999;5)]"

[2] Anonymous search with paged results:
# ldapsearch -x -h localhost -b "dc=example,dc=com" -E "pr=1000/noprompt" -l 10000 "(&(objectClass=posixAccount)(uid=*)(uidNumber=*)(gidNumber=*))"

<snip>

# search result
search: 5
result: 0 Success
control: 1.2.840.113556.1.4.319 false MAUCAQAEAA==
pagedresults: cookie=

# numResponses: 4004
# numEntries: 4000

Server didn't hang. Marking as VERIFIED.

Comment 20 errata-xmlrpc 2016-05-10 19:22:41 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-0737.html

Note You need to log in before you can comment on or make changes to this bug.