[Issue 10404] slapd uses all available memory and starts using swap

Fri, 20 Feb 2026 07:10:07 -0800 

https://bugs.openldap.org/show_bug.cgi?id=10404

--- Comment #20 from Howard Chu <[email protected]> ---
(In reply to tomas.bjorklund from comment #19)
> Created attachment 1116 [details]
> New valgrind log

There are many per-connection leaks shown here, in libkrb5.

==4220== 7,827 bytes in 235 blocks are definitely lost in loss record 1,078 of
1,100
==4220==    at 0x4844818: malloc (vg_replace_malloc.c:446)
==4220==    by 0x4A127A9: strdup (strdup.c:42)
==4220==    by 0x586C6DC: krb5_get_error_message (in
/usr/lib/x86_64-linux-gnu/libkrb5.so.26.0.0)
==4220==    by 0x58701E6: ??? (in /usr/lib/x86_64-linux-gnu/libkrb5.so.26.0.0)
==4220==    by 0x58724E0: krb5_get_credentials_with_flags (in
/usr/lib/x86_64-linux-gnu/libkrb5.so.26.0.0)
==4220==    by 0x5884F31: krb5_mk_req_exact (in
/usr/lib/x86_64-linux-gnu/libkrb5.so.26.0.0)
==4220==    by 0x586A4D6: ??? (in /usr/lib/x86_64-linux-gnu/libkrb5.so.26.0.0)
==4220==    by 0x586C030: krb5_digest_probe (in
/usr/lib/x86_64-linux-gnu/libkrb5.so.26.0.0)
==4220==    by 0x580F1BC: ??? (in /usr/lib/x86_64-linux-gnu/libgssapi.so.3.0.0)
==4220==    by 0x580CE20: ??? (in /usr/lib/x86_64-linux-gnu/libgssapi.so.3.0.0)
==4220==    by 0x5803289: gss_acquire_cred (in
/usr/lib/x86_64-linux-gnu/libgssapi.so.3.0.0)
==4220==    by 0x581252F: ??? (in /usr/lib/x86_64-linux-gnu/libgssapi.so.3.0.0)
==4220==    by 0x5803289: gss_acquire_cred (in
/usr/lib/x86_64-linux-gnu/libgssapi.so.3.0.0)
==4220==    by 0x57D68C6: ??? (in
/usr/lib/x86_64-linux-gnu/sasl2/libgssapiv2.so.2.0.25)
==4220==    by 0x48E69E1: sasl_server_step (in
/usr/lib/x86_64-linux-gnu/libsasl2.so.2.0.25)
==4220==    by 0x48E6E60: sasl_server_start (in
/usr/lib/x86_64-linux-gnu/libsasl2.so.2.0.25)
==4220==    by 0x1A84A8: slap_sasl_bind (in /usr/sbin/slapd)
==4220==    by 0x16E826: fe_op_bind (in /usr/sbin/slapd)
==4220==    by 0x16DC2E: do_bind (in /usr/sbin/slapd)
==4220==    by 0x14F8E6: ??? (in /usr/sbin/slapd)
==4220==    by 0x1502BB: ??? (in /usr/sbin/slapd)
==4220==    by 0x48AA656: ??? (in /usr/lib/x86_64-linux-gnu/libldap.so.2.0.200)
==4220==    by 0x49FBB7A: start_thread (pthread_create.c:448)
==4220==    by 0x4A795EF: clone (clone.S:100)

It looks like you're using Heimdal, so this is their leak. You'll need full
debug symbols to properly trace this. In particular you need to know what the
??? function is here:

==4220==    by 0x586C6DC: krb5_get_error_message (in
/usr/lib/x86_64-linux-gnu/libkrb5.so.26.0.0)
==4220==    by 0x58701E6: ??? (in /usr/lib/x86_64-linux-gnu/libkrb5.so.26.0.0)
==4220==    by 0x58724E0: krb5_get_credentials_with_flags (in
/usr/lib/x86_64-linux-gnu/libkrb5.so.26.0.0)

-- 
You are receiving this mail because:
You are on the CC list for the issue.

Reply via email to