Segmentation fault in slapd (related to GSSAPI?)

Bug #921489 reported by Jan J on 2012-01-25
This bug affects 4 people
Affects Status Importance Assigned to Milestone
openldap (Ubuntu)

Bug Description

In our installation slapd will crash with a Segmentation Fault about once a week. It has been seen on the producer while the consumers connect but also on both producer and consumers at random. It seems to be related to authentication with GSSAPI.

syslog produces the followig message:
kernel: [513493.152760] slapd[1610]: segfault at 7fb242df9000 ip 00007fb242ad7122 sp 00007fb127ffd900 error 4 in[7fb242a61000+168000]

Core was generated by usr/sbin/slapd -d 0 -h ldap:/// ldaps:/// -f /local/sukat/conf/slapd.conf'. Program terminated with signal 11, Segmentation fault.
#0 sha1_block_data_order () at sha1-x86_64.s:133
133 sha1-x86_64.s: No such file or directory.
        in sha1-x86_64.s
(gdb) bt
#0 sha1_block_data_order () at sha1-x86_64.s:133
#1 0x0000005e17000000 in ?? ()
#2 0x0000000017000000 in ?? ()
#3 0x0000000000000000 in ?? ()

The backtrace is incomplete as the debug packages are broken. Trying to reproduce this bug I trigger another segfault. I will file reports on thease issues in
 separate tickets.

ProblemType: Bug
Architecture: amd64
Date: Wed Jan 25 11:13:22 2012
 adduser 3.112ubuntu1
 base-files 5.0.0ubuntu20.10.04.4
 base-passwd 3.5.22
 coreutils 7.4-2ubuntu3
 debconf 1.5.28ubuntu4
 debconf-i18n 1.5.28ubuntu4
 debianutils 3.2.2
 dpkg [modified: sbin/start-stop-daemon]
 findutils 4.4.2-1ubuntu1
 gcc-4.4-base 4.4.3-4ubuntu5
 libacl1 2.2.49-2
 libattr1 1:2.4.44-1
 libbz2-1.0 1.0.5-4ubuntu0.2
 libc-bin 2.11.1-0ubuntu7.8
 libc6 2.11.1-0ubuntu7.8
 libcomerr2 1.41.11-1ubuntu2.1
 libdb4.7 4.7.25-9
 libdb4.8 4.8.24-1ubuntu1
 libgcc1 1:4.4.3-4ubuntu5
 libgcrypt11 1.4.4-5ubuntu2
 libgdbm3 1.8.3-9
 libgnutls26 2.8.5-2
 libgpg-error0 1.6-1ubuntu2
 libgssapi-krb5-2 1.8.1+dfsg-2ubuntu0.10
 libk5crypto3 1.8.1+dfsg-2ubuntu0.10
 libkeyutils1 1.2-12
 libkrb5-3 1.8.1+dfsg-2ubuntu0.10
 libkrb5support0 1.8.1+dfsg-2ubuntu0.10
 libldap-2.4-2 2.4.21-0ubuntu5.6
 liblocale-gettext-perl 1.05-6
 libltdl7 2.2.6b-2ubuntu1
 libncurses5 5.7+20090803-2ubuntu3
 libpam-modules 1.1.1-2ubuntu5.4
 libpam0g 1.1.1-2ubuntu5.4
 libperl5.10 5.10.1-8ubuntu2.1
 libreadline6 6.1-1
 libsasl2-2 2.1.23.dfsg1-5ubuntu1
 libselinux1 2.0.89-4
 libslp1 1.2.1-7.6ubuntu0.1
 libstdc++6 4.4.3-4ubuntu5
 libtasn1-3 2.4-1
 libtext-charwidth-perl 0.04-6
 libtext-iconv-perl 1.7-2
 libtext-wrapi18n-perl 0.06-7
 libwrap0 7.6.q-18
 lzma 4.43-14ubuntu2
 odbcinst 2.2.11-21
 odbcinst1debian1 2.2.11-21
 passwd 1:
 perl 5.10.1-8ubuntu2.1
 perl-base 5.10.1-8ubuntu2.1
 perl-modules 5.10.1-8ubuntu2.1
 psmisc 22.10-1
 readline-common 6.1-1
 sensible-utils 0.0.1ubuntu3
 tzdata 2011n-0ubuntu0.10.04
 unixodbc 2.2.11-21
 zlib1g 1:
DistroRelease: Ubuntu 10.04
NonfreeKernelModules: openafs
Package: slapd 2.4.21-0ubuntu5.6
PackageArchitecture: amd64
 PATH=(custom, no user)
ProcVersionSignature: Ubuntu 2.6.32-37.81-generic
SourcePackage: openldap
Tags: lucid
Uname: Linux 2.6.32-37-generic x86_64

Jan J (jan.j) on 2012-01-25
affects: ubuntu → openldap (Ubuntu)
Changed in openldap (Ubuntu):
importance: Undecided → High
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in openldap (Ubuntu):
status: New → Confirmed
Jan J (jan.j) wrote :

Since switching from libsasl2-modules-gssapi-heimdal to libsasl2-modules-gssapi-mit our servers have been stable.

I have several installation of slave slapd segfaulting.
(gdb) run -h 'ldap://MYIP/ ldapi:///' -g openldap -u openldap -f /etc/ldap/slapd.conf -d 0
Starting program: /usr/sbin/slapd -h 'ldap://MYIP/ ldapi:///' -g openldap -u openldap -f /etc/ldap/slapd.conf -d 0
[Thread debugging using libthread_db enabled]
[New Thread 0x7f2bdb7b5700 (LWP 7623)]
[New Thread 0x7f2bdafb4700 (LWP 7624)]
[New Thread 0x7f2bda7b3700 (LWP 7625)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7f2bdafb4700 (LWP 7624)]
0x00007f2be16a4592 in ?? ()
(gdb) where
#0 0x00007f2be16a4592 in ?? ()
#1 0x00007f2be16a5fd4 in ?? ()
#2 0x00007f2be16a8cd7 in ?? ()
#3 0x00007f2be11a22d8 in ldap_int_thread_pool_wrapper (xpool=<value optimized out>)
    at /build/buildd/openldap-2.4.21/libraries/libldap_r/tpool.c:685
#4 0x00007f2bdf6439ca in start_thread () from /lib/
#5 0x00007f2bdf3a016d in clone () from /lib/
#6 0x0000000000000000 in ?? ()

i don't use gssapi and the error is in a different place but it might be related. Too bad the dbg packages are brocken.

I instaled slapd-dbg and i have more informations:
#0 syncrepl_entry (si=0x7fbe0206c4c0, op=0x7fbdfb537470, entry=0x7fbe020dab78, modlist=<value optimized out>,
    syncstate=<value optimized out>, syncUUID=<value optimized out>, syncCSN=0x0)
    at /build/buildd/openldap-2.4.21/servers/slapd/syncrepl.c:2428
#1 0x00007fbe01c29fd4 in do_syncrep2 (op=0x7fbdfb537470, si=0x7fbe0206c4c0) at /build/buildd/openldap-2.4.21/servers/slapd/syncrepl.c:939
#2 0x00007fbe01c2ccd7 in do_syncrepl (ctx=<value optimized out>, arg=0x7fbe0206b470)
    at /build/buildd/openldap-2.4.21/servers/slapd/syncrepl.c:1432
#3 0x00007fbe017262d8 in ldap_int_thread_pool_wrapper (xpool=<value optimized out>)
    at /build/buildd/openldap-2.4.21/libraries/libldap_r/tpool.c:685
#4 0x00007fbdffbc79ca in start_thread () from /lib/
#5 0x00007fbdff92416d in clone () from /lib/
#6 0x0000000000000000 in ?? ()

Suho Meso (kunalija) wrote :

I have a similar problem on a freshly installed 16.04 machine:

slapd[17107]: segfault at 1a ip 00007f3c12c79f55 sp 00007f3c03c2d080 error 4 in[7f3c12c72000+19000]

I'm using the server as Slave LDAP-Server and sync replication with kerberos authentication.
The service either starts and runs successfully or it fails with segmentation fault and 100% cpu.

slapd 2.4.42+dfsg-2ubuntu3.1
libsasl2-2:amd64 2.1.26.dfsg1-14build1
libsasl2-modules:amd64 2.1.26.dfsg1-14build1
libsasl2-modules-gssapi-mit:amd64 2.1.26.dfsg1-14build1

Any suggestions or ideas?


Hi Suho,

Please could you file a new bug for your issue, ideally using apport
(ubuntu-bug) so that the backtrace can be collected? I have been looking
at a similar issue ( recently and the
additional info would be great.


Suho Meso (kunalija) wrote :

Hi Ryan,

is a new bug really necessary, because the problem from this bug is really similar?
apport is not possible but I can provider other reports if necessary.

Maybe an useful info, I'm replicating two databases. When I deactivate syncrepl for one of them (doesn't matter which one) the problem is not occuring. Strange...

Ryan Tandy (rtandy) wrote :

Hi Suho,

On Thu, Apr 27, 2017 at 09:09:48AM -0000, Suho Meso wrote:
>is a new bug really necessary, because the problem from this bug is really similar?

Yes, I would really prefer to track your issue in a new report. Sorry
for the inconvenience.

When you open the new bug, it would be wonderful if you could include a
backtrace from gdb (

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.