Comments
tbordaz
The crash occurs in cos_cache:2924 on that line
cosTemplates *pTemplate1 = (cosTemplates *)pAttr1->pParent;
The only reason of the crash would be the dereferenced pAttr1. It exists a known heap corruption bug (https://github.com/389ds/389-ds-base/issues/5984) that was not fixed in the Rawhide version of the DS that was tested. This ticket is now fixed. It is highly probable that the crash was due to #5984.
I agree that cos_cache_attr_compare can not return a 0 (equal). It is not a problem for DS to force an arbitrary sorting rather than letting qsort decide. I do not see why not returning 0 would crash in that routine
Linking this build to Issue 4765 (#1947762) that prevented upgrade from release 2.0.3 to 2.0.4-1
A PKI test raises https://pagure.io/389-ds-base/issue/49319.
389-ds-base-1.3.5.17-3.fc25 is missing backport of https://pagure.io/389-ds-base/issue/49209
That is correct, I was running FreeIPA 4.4, that explains existence of 'dirsrv' user
Just for info from a f25 (where freeipa was configured) before 389-ds upgrade, I am seeing 'dirsrv' user
[root@vm1 ~]# rpm -q 389-ds-base
389-ds-base-1.3.5.16-1.fc25.x86_64
[root@vm1 ~]# getent passwd dirsrv
dirsrv:x:389:389:389-ds-base:/usr/share/dirsrv:/sbin/nologin
Tests of freeipa are successful with nss-3.24.0-1.2.fc24.x86_64
Test on F23 - Freeipa 4.3.1 - DS 1.3.5.4.1
Freeipa already installed upgrade nss-3.23->nss-3.24.0-1.2.fc24.x86_64 restart DS instance --> nss is correctly initialize nss, LDAPS working (636)
Freeipa full install with nss-3.24.0-1.2.fc24.x86_64 Installation complete successfully restart DS instance --> nss is correctly initialize nss, LDAPS working (636)
Have done some successfull basics tests (install/uninstall , provision/update/authenticate with entries)
Installation of IPA fails with nss-3-24 because 389-ds fails to initialize nss that no longer support sslV2 (https://fedorahosted.org/389/ticket/48866)
The same installation works with nss-3.23
Breaks F24 but all releases where nss-3.23 is targeted (F23 and F22 ?)
Successful run freeipa tests on F23
Testing this version with freeipa tests. It creates more failures vs 1.3.4.6-1
1.3.4.6-1
======= 30 failed, 2201 passed, 899 skipped, 484 error in 434.95 seconds =======
1.3.4.7
====== 108 failed, 2086 passed, 892 skipped, 531 error in 417.30 seconds =======
These errors in errors log:
[26/Jan/2016:18:35:11 +0100] get_ranges - [file ipa_sidgen_common.c, line 276]: Failed to convert LDAP entry to range struct.
[26/Jan/2016:18:35:11 +0100] ipa_sidgen_add_post_op - [file ipa_sidgen.c, line 140]: Failed to get ID ranges.
[26/Jan/2016:18:35:11 +0100] NSMMReplicationPlugin - process_postop: Failed to apply update () error (1). Aborting replication session(conn=1692 op=5)
Also was enable to connect over ldapi
Tested for weeks for performance. No problem
Okay I agree with your explanations. The loop overrun the buffer and make the cmp function sigsev.
I created https://github.com/389ds/389-ds-base/issues/5992 to track this issue.