[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#4780) ACL set memory leak
dhawes@vt.edu wrote:
> When using ACL sets, OpenLDAP 2.3.30 steadily uses up all the system memory
> before crashing (slapd: ch_malloc.c:57: ch_malloc: Assertion `0' failed).
>
> The system is loaded using SLAMD with 4 clients doing anonymous searches on a
> filter file of approximately 300,000 filters (taken from a typical day on a
> production server). SLAMD reports that 2885650 entries are returned in the 30
> minutes it takes to use up all available memory (4G).
>
> The instance contains approximately 1 million entries in a bdb backend, and uses
> the following simple set of ACLs for this test:
>
> ...
> access to dn.base=""
> by * read
>
> access to dn.base="cn=Subschema"
> by * read
>
> access to dn.base="dc=example,dc=com"
> by * read
>
> access to dn.base="ou=People,dc=example,dc=com"
> by * read
>
> access to *
> by set="[string1] & [string2]" read
> by peername.ip=<slamd client ip 1> read
> by peername.ip=<slamd client ip 2> read
> by peername.ip=<slamd client ip 3> read
> by peername.ip=<slamd client ip 4> read
> by * none
> ...
>
> Removing the "by set=" clause and running the SLAMD job causes OpenLDAP memory
> usage to stabilize.
>
> I notice the same behavior on 2.3.27, but did not notice it with older versions
> such as 2.2.26.
>
I can't confirm this issue neither with HEAD nor with re23; I used
valgrind and the set string you posted verbatim, although I didn't use
slamd. However, right now I don't see how it may be a matter of
concurrency.
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office: +39.02.23998309
Mobile: +39.333.4963172
Email: pierangelo.masarati@sys-net.it
------------------------------------------