Overflowing the stack with ACI

Hello,

I enabled ACI and ldapsearch now puts the server into an infinite loop:

ldapsearch -h rock -p 11389 -x -D "uid=70,dc=home2,dc=mark" -b "dc=home2,dc=mark" -v -W "objectClass=*"

org.apache.directory.server.core.interceptor.InterceptorException: Unexpected exception. [Root exception is java.lang.StackOverflowError]
at org.apache.directory.server.core.interceptor.InterceptorChain.throwInterceptorException(InterceptorChain.java:1510)
at org.apache.directory.server.core.interceptor.InterceptorChain.access$700(InterceptorChain.java:52)
at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.getMatchedName(InterceptorChain.java:1106)
at org.apache.directory.server.core.interceptor.BaseInterceptor.getMatchedName(BaseInterceptor.java:116)
at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.getMatchedName(InterceptorChain.java:1098)
at org.apache.directory.server.core.interceptor.BaseInterceptor.getMatchedName(BaseInterceptor.java:116)
at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.getMatchedName(InterceptorChain.java:1098)

Configured with this:

dn: cn=swAuthorizationRequirementsACISubentry,dc=home2,dc=mark
changetype: add
objectclass: top
objectclass: subentry
objectclass: accessControlSubentry
cn: swAuthorizationRequirementsACISubentry
subtreeSpecification: {}
prescriptiveACI: {
identificationTag "directoryManagerFullAccessACI",
precedence 11,
authenticationLevel simple,
itemOrUserFirst userFirst:
{
userClasses
{
name

{ "uid=44,dc=home2,dc=mark" }

},
userPermissions {
{
protectedItems

{ entry, allUserAttributeTypesAndValues },
grantsAndDenials { grantAdd, grantDiscloseOnError, grantRead, grantRemove, grantBrowse, grantExport, grantImport, grantModify, grantRename, grantReturnDN, grantCompare, grantFilterMatch, grantInvoke }
}
}
}
}
prescriptiveACI: {
identificationTag "allUsersACI",
precedence 10,
authenticationLevel none,
itemOrUserFirst userFirst:
{
userClasses { allUsers },
userPermissions {
{
protectedItems { entry, allUserAttributeTypesAndValues }

,
grantsAndDenials

{ grantRead, grantBrowse, grantReturnDN, grantCompare, grantFilterMatch, grantDiscloseOnError }

},
{
protectedItems { attributeType

{ userPassword }

},
grantsAndDenials

{ denyRead, denyCompare, denyFilterMatch }

}
}
}
}