Re: openldap-server exit on signal 6 on 11.1 (and not in 10.3)
On 9 Feb 2018, at 09:33, joris dedieu wrote: > > Dear porters, > > While moving from 10.3 to 11.1, I get an issue on openldap execution. > slapd dies (pid 29087 (slapd), uid 389: exited on signal 6) on some > complex but reproducible operations. > > We worked around this bug by returning less elements from the request. > While my dear colleges are trying to write a script to reproduce the > issue, I investigate system side. > > > In /var/log/messages, I got slapd[4909]: stack overflow detected; terminated > > The only trace I get > > #0 0x000801f7a71a in kill () from /lib/libc.so.7 > #1 0x000801f7a6d0 in __stack_chk_fail () from /lib/libc.so.7 > #2 0x000801f7a640 in __stack_chk_fail () from /lib/libc.so.7 > #3 0x004466e6 in do_modify () > #4 0x004308d5 in connection_assign_nextid () > #5 0x004300dd in connection_read_activate () > #6 0x000800956ffa in ldap_pvt_thread_pool_submit () from > /usr/local/lib/libldap_r-2.4.so.2 > #7 0x000801c71bc5 in pthread_create () from /lib/libthr.so.3 > #8 0x in ?? () > > I suspect it's relative to -fstack-protector-strong which is the > default since FreeBSD 11.0. Do you think I should rebuild all the > world this opion ? > > I also thought on fdatasync > > .if ${OSVERSION} < 1101000 > CFLAGS+=-DMDB_DSYNC=O_SYNC -Dfdatasync=fsync > .endif > > I'm currently investigating on this changes. > > The issue disappear when slapd is compiled with debugging symbols > (WITH_DEBUG=YES). As far as I understand, this only cause -g flag to > be added to CFLAGS. Does WITH_DEBUG also disable some compiler > optimization ? Yes, WITH_DEBUG unfortunately removes all -O options from the compiler flags, making it sometimes hard to debug, if any crashes disappear. :) Try applying the following patch to your ports tree, and rebuilding the port: Index: Mk/bsd.port.mk === --- Mk/bsd.port.mk (revision 461038) +++ Mk/bsd.port.mk (working copy) @@ -1743,7 +1743,7 @@ MAKE_ENV+=DONTSTRIP=yes STRIP_CMD= ${TRUE} .endif DEBUG_FLAGS?= -g -CFLAGS:= ${CFLAGS:N-O*:N-fno-strict*} ${DEBUG_FLAGS} +CFLAGS:= ${CFLAGS} ${DEBUG_FLAGS} .if defined(INSTALL_TARGET) INSTALL_TARGET:= ${INSTALL_TARGET:S/^install-strip$/install/g} .endif -Dimitry signature.asc Description: Message signed with OpenPGP
Re: openldap-server exit on signal 6 on 11.1 (and not in 10.3)
Hi, On Fri, Feb 9, 2018 at 12:33 AM joris dedieu wrote: > Dear porters, > > While moving from 10.3 to 11.1, I get an issue on openldap execution. > slapd dies (pid 29087 (slapd), uid 389: exited on signal 6) on some > complex but reproducible operations. > > We worked around this bug by returning less elements from the request. > While my dear colleges are trying to write a script to reproduce the > issue, I investigate system side. > > > In /var/log/messages, I got slapd[4909]: stack overflow detected; > terminated > > The only trace I get > > #0 0x000801f7a71a in kill () from /lib/libc.so.7 > #1 0x000801f7a6d0 in __stack_chk_fail () from /lib/libc.so.7 > #2 0x000801f7a640 in __stack_chk_fail () from /lib/libc.so.7 > #3 0x004466e6 in do_modify () > #4 0x004308d5 in connection_assign_nextid () > #5 0x004300dd in connection_read_activate () > #6 0x000800956ffa in ldap_pvt_thread_pool_submit () from > /usr/local/lib/libldap_r-2.4.so.2 > #7 0x000801c71bc5 in pthread_create () from /lib/libthr.so.3 > #8 0x in ?? () > I have never seen this on my own systems. > I suspect it's relative to -fstack-protector-strong which is the > default since FreeBSD 11.0. Do you think I should rebuild all the > world this opion ? > Is the slapd binary from 10.3 (still considered a bug in this case), or have you rebuilt it? If you have coredumps, please try to collect additional information on do_modify() as this might indicate a security issue as well. Reporting this to upstream (openldap.org) would usually be helpful if you believe it's an OpenLDAP bug. Cheers, > > I also thought on fdatasync > > .if ${OSVERSION} < 1101000 > CFLAGS+=-DMDB_DSYNC=O_SYNC -Dfdatasync=fsync > .endif > > I'm currently investigating on this changes. > > The issue disappear when slapd is compiled with debugging symbols > (WITH_DEBUG=YES). As far as I understand, this only cause -g flag to > be added to CFLAGS. Does WITH_DEBUG also disable some compiler > optimization ? > > Any thought on all this is welcomed > > Joris > > > Openldap options : > Name : openldap-sasl-server > Version: 2.4.45_4 > Installed on : Thu Feb 8 16:16:45 2018 CET > Origin : net/openldap24-server > Architecture : FreeBSD:11:amd64 > Prefix : /usr/local > Categories : databases net > Licenses : OPENLDAP > Maintainer : delp...@freebsd.org > WWW: http://www.OpenLDAP.org/ > Comment: Open source LDAP server implementation > Options: > ACCESSLOG : on > ACI: off > AUDITLOG : off > BDB: off > COLLECT: off > CONSTRAINT : off > DDS: off > DEBUG : off > DEREF : off > DNSSRV : off > DYNACL : off > DYNAMIC_BACKENDS: on > DYNGROUP : off > DYNLIST: off > FETCH : off > GSSAPI : on > KQUEUE : off > LASTBIND : off > LMPASSWD : off > MDB: on > MEMBEROF : off > ODBC : off > OUTLOOK: off > PASSWD : off > PERL : off > PPOLICY: on > PROXYCACHE : off > REFINT : off > RELAY : off > RETCODE: off > RLOOKUPS : off > RWM: off > SASL : on > SEQMOD : off > SHA2 : off > SHELL : off > SLAPI : off > SLP: off > SMBPWD : off > SOCK : off > SSSVLV : off > SYNCPROV : on > TCP_WRAPPERS : off > TRANSLUCENT: off > UNIQUE : off > VALSORT: off > ___ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"