(gdb) up
#1 0xb6926b40 in cvt_s (flags=0, prec=<optimized out>, width=0, str=0x4
<error: Cannot access memory at address 0x4>, ss=<optimized out>)
at ../../.././nspr/pr/src/io/prprf.c:374
374 slen = strlen(str);
(gdb) up
#2 dosprintf (ss=ss@entry=0x9e06e4bc, fmt=0xb34b0df2 "", fmt@entry=0xb34da770
<agmt_set> "\360\317p\002", ap=...) at
../../.././nspr/pr/src/io/prprf.c:1018
1018 rv = cvt_s(ss, u.s, width, prec, flags);
(gdb) up
#3 0xb6926c8c in PR_vsmprintf (fmt=fmt@entry=0xb34da770 <agmt_set>
"\360\317p\002", ap=..., ap@entry=...) at
../../.././nspr/pr/src/io/prprf.c:1184
1184 rv = dosprintf(&ss, fmt, ap);
(gdb) up
#4 0xb6de9d18 in slapi_ch_smprintf (fmt=0xb34b0de0 "%s;%s;%s;%ld;%d;%s")
at ldap/servers/slapd/ch_malloc.c:331
331 p = PR_vsmprintf(fmt, ap);
(gdb) up
#5 0xb34625a4 in agmt_update_maxcsn (r=r@entry=0x2737810, sdn=0x38d9a40,
sdn@entry=0x10, op=<optimized out>, mods=0x10, mods@entry=0x27d0100,
csn=csn@entry=0x38de350)
at ldap/servers/plugins/replication/repl5_agmt.c:3036
3036 agmt->maxcsn =
slapi_ch_smprintf("%s;%s;%s;%ld;%d;%s", slapi_sdn_get_dn(agmt->replarea),
(gdb) p *agmt
$1 = {hostname = 0x2757be0 "ipa-12.company.internal", port = 389,
transport_flags = 0, binddn = 0x26ed650 "", creds = 0x26ed7a0, bindmethod =
3, replarea = 0x2757480,
frac_attrs = 0x27579c0, frac_attrs_total = 0x2757a40,
frac_attr_total_defined = 1, schedule = 0x22dd0c0, auto_initialize = 502,
dn = 0x2756d00, rdn = 0x2756c20,
long_name = 0x22dd100 "agmt=\"cn=meToipa-12.company.internal\"
(ipa-12:5)", protocol = 0x2220930, changecounters = 0x20cb180,
num_changecounters = 0,
max_changecounters = 256, last_update_start_time = 1526499214,
last_update_end_time = 1526499214,
last_update_status = "Error (0) Replica acquired successfully:
Incremental update succeeded", '\000' <repeats 954 times>,
update_in_progress = 0, is_enabled = 1,
last_init_start_time = 0, last_init_end_time = 0, last_init_status =
'\000' <repeats 1023 times>, lock = 0x2741740, consumerRUV = 0x2772e50,
consumerSchemaCSN = 0x39da520, consumerRID = 4, tmpConsumerRID = 0,
timeout = 120, stop_in_progress = 0, busywaittime = 0, pausetime = 0, priv
= 0x0,
attrs_to_strip = 0x2757ba0, agreement_type = 0, protocol_timeout =
0x26ed5f0, maxcsn = 0x0, flowControlWindow = 1000, flowControlPause = 2000,
ignoreMissingChange = 0,
attr_lock = 0x2757c20, WaitForAsyncResults = 100}
On Tue, May 15, 2018 at 5:36 PM, Mark Reynolds <mreyno...@redhat.com> wrote:
> This looks really familiar and I thought it was fixed. It should have
> been fixed in 1.3.7.10-1 (https://pagure.io/389-ds-base/issue/49618).
> In your debug session go "up" into agmt_maxcsn_update() and do:
>
> (gdb) p *agmt
>
> Then send us that output please.
>
> Thanks,
> Mark
>
>
> On 05/15/2018 05:29 PM, Jonathan Vaughn via FreeIPA-users wrote:
>
> Here is a backtrace from live gdb after the segfault. Looks like things
> went wrong somewhere during in the replication code ?
>
> Thread 36 "ns-slapd" received signal SIGSEGV, Segmentation fault.
> [Switching to Thread 0x9e0bc280 (LWP 4662)]
> strlen () at ../sysdeps/arm/armv6t2/strlen.S:142
> 142 ldrd data1a, data1b, [src]
> (gdb) bt
> #0 0xb6728f2e in strlen () at ../sysdeps/arm/armv6t2/strlen.S:142
> #1 0xb6973b40 in cvt_s (flags=0, prec=<optimized out>, width=0, str=0x4
> <error: Cannot access memory at address 0x4>, ss=<optimized out>)
> at ../../.././nspr/pr/src/io/prprf.c:374
> #2 0xb6973b40 in dosprintf (ss=ss@entry=0x9e0bb4bc, fmt=0xb34fddf2 "",
> fmt@entry=0xb3527770 <agmt_set> "\360\357\305\002", ap=...)
> at ../../.././nspr/pr/src/io/prprf.c:1018
> #3 0xb6973c8c in PR_vsmprintf (fmt=fmt@entry=0xb3527770 <agmt_set>
> "\360\357\305\002", ap=..., ap@entry=...) at ../../.././nspr/pr/src/io/
> prprf.c:1184
> #4 0xb6e36d18 in slapi_ch_smprintf (fmt=0xb34fdde0 "%s;%s;%s;%ld;%d;%s")
> at ldap/servers/slapd/ch_malloc.c:331
> #5 0xb34af5a4 in agmt_update_maxcsn (r=r@entry=0x2c89810, sdn=0x3e2bac0,
> sdn@entry=0x10, op=<optimized out>, mods=0x10, mods@entry=0x3eec100,
> csn=csn@entry=0x3e30220)
> at ldap/servers/plugins/replication/repl5_agmt.c:3036
> #6 0xb34bd424 in write_changelog_and_ruv (pb=pb@entry=0x2cb54a0) at
> ldap/servers/plugins/replication/repl5_plugins.c:1124
> #7 0xb34be7ec in multimaster_be_betxnpostop_add (pb=0x2cb54a0) at
> ldap/servers/plugins/replication/repl5_plugins.c:855
> #8 0xb34be880 in multimaster_mmr_postop (pb=<optimized out>, flags=560)
> at ldap/servers/plugins/replication/repl5_plugins.c:616
> #9 0xb6e8fcf0 in plugin_call_mmr_plugin_postop (pb=pb@entry=0x2cb54a0,
> e=e@entry=0x0, flags=flags@entry=560) at ldap/servers/slapd/plugin_mmr.
> c:65
> #10 0xb35ba870 in ldbm_back_add (pb=0x2cb54a0) at
> ldap/servers/slapd/back-ldbm/ldbm_add.c:1218
> #11 0xb6e2ce4c in op_shared_add (pb=pb@entry=0x2cb54a0) at
> ldap/servers/slapd/add.c:679
> #12 0xb6e2d35c in add_internal_pb (pb=pb@entry=0x2cb54a0) at
> ldap/servers/slapd/add.c:407
> #13 0xb6e2e0f8 in slapi_add_internal_pb (pb=pb@entry=0x2cb54a0) at
> ldap/servers/slapd/add.c:332
> #14 0xb368db50 in ipa_topo_util_segment_write (tconf=tconf@entry=0x2cb5860,
> tsegm=tsegm@entry=0x3f2d9a0) at topology_util.c:1251
> #15 0xb368e01c in ipa_topo_util_update_agmt_list (conf=0x2cb5860,
> repl_segments=<optimized out>) at topology_util.c:696
> #16 0xb368891c in ipa_topo_apply_shared_config () at topology_init.c:165
> #17 0xb6e4e65c in eq_call_all () at ldap/servers/slapd/eventq.c:278
> #18 0xb6e4e65c in eq_loop (arg=<optimized out>) at
> ldap/servers/slapd/eventq.c:323
> #19 0xb6982d68 in _pt_root (arg=0x2c8da40) at ../../.././nspr/pr/src/
> pthreads/ptthread.c:201
> #20 0xb6906ee8 in start_thread (arg=0x9e0bc280) at pthread_create.c:465
> #21 0xb6785da8 in None () at ../sysdeps/unix/sysv/linux/arm/clone.S:73
>
>
> On Tue, May 15, 2018 at 3:01 AM, thierry bordaz <tbor...@redhat.com>
> wrote:
>
>> Hi Jonathan,
>>
>> This problem looks new to me and has something specific to your
>> environment.
>> I think the best approach is to continue to debug on your system if you
>> have the possibility to do so.
>>
>> From strace we can see that DS started smoothly (created its pid file
>> then notified systemd it was running fine). According to the pstack
>> nunc-stans was running and was able to accept network events even if it
>> appears it detected no incoming connection.
>> So the server should be ready to serve for some seconds (more than a
>> minute), then it crashed with one thread dereferencing likely a wrong
>> pointer.
>>
>> Could you attach a debugger when the server is started and wait for the
>> sigsegv to occur. Then confirm the crashing thread backstack.
>> If it is confirmed, I am afraid this is a stack corruption and valgrind
>> could help (http://www.port389.org/docs/389ds/FAQ/faq.html#debugging-me
>> mory-growthinvalid-access-with-valgrind).
>>
>> best regards
>> thierry
>>
>>
>> On 05/14/2018 10:20 PM, Jonathan Vaughn wrote:
>>
>> Here's a strace from before it dies. Most of the elapsed time is it
>> waiting on some futex call it looks like near the end, when it finally
>> "returns" (from lack of strace output for duration of call I assume it
>> didn't actually return but SIGSEGV in that call) and strace prints ' = ?'
>> on the futex it then immediately reports SIGSEGV after. So maybe the
>> problem is that futex call, which may mean the problem is not directly in
>> 389DS / FreeIPA itself?
>>
>>
>>
>> 15:13:31.626587 (+ 0.000630) listen(8, 128) = 0 <0.000068>
>> 15:13:31.626857 (+ 0.000235) listen(9, 128) = 0 <0.000048>
>> 15:13:31.627111 (+ 0.000251) clock_gettime(CLOCK_MONOTONIC,
>> {tv_sec=1464932, tv_nsec=41120614}) = 0 <0.000085>
>> 15:13:31.627457 (+ 0.000356) clock_gettime(CLOCK_REALTIME,
>> {tv_sec=1526328811, tv_nsec=627560772}) = 0 <0.000043>
>> 15:13:31.631233 (+ 0.003839) clock_gettime(CLOCK_MONOTONIC,
>> {tv_sec=1464932, tv_nsec=45286796}) = 0 <0.000077>
>> 15:13:31.631720 (+ 0.000427) clock_gettime(CLOCK_MONOTONIC,
>> {tv_sec=1464932, tv_nsec=45661430}) = 0 <0.000042>
>> 15:13:31.631955 (+ 0.000220) clock_gettime(CLOCK_REALTIME,
>> {tv_sec=1526328811, tv_nsec=632049036}) = 0 <0.000047>
>> 15:13:31.635669 (+ 0.003785) clock_gettime(CLOCK_MONOTONIC,
>> {tv_sec=1464932, tv_nsec=49725840}) = 0 <0.000146>
>> 15:13:31.636484 (+ 0.000784) write(16, "a", 1) = 1 <0.000118>
>> 15:13:31.636855 (+ 0.000341) sched_yield() = 0 <0.000252>
>> 15:13:31.637322 (+ 0.000470) futex(0x1cb57a0, FUTEX_WAKE_PRIVATE, 1)
>> = 1 <0.000088>
>> 15:13:31.637897 (+ 0.000610) write(16, "a", 1) = 1 <0.000221>
>> 15:13:31.638394 (+ 0.000467) sched_yield() = 0 <0.000047>
>> 15:13:31.638619 (+ 0.000202) futex(0x1cb5710, FUTEX_WAKE_PRIVATE, 1)
>> = 1 <0.000065>
>> 15:13:31.638908 (+ 0.000298) openat(AT_FDCWD,
>> "/var/run/dirsrv/slapd-COMPANY-INTERNAL.pid", O_WRONLY|O_CREAT|O_TRUNC,
>> 0666) = 33 <0.000831>
>> 15:13:31.640260 (+ 0.001387) getpid() = 32353 <0.000077>
>> 15:13:31.640558 (+ 0.000256) fstat64(33, {st_mode=S_IFREG|0644,
>> st_size=0, ...}) = 0 <0.000119>
>> 15:13:31.641106 (+ 0.000556) write(33, "32353\n", 6) = 6 <0.000127>
>> 15:13:31.641472 (+ 0.000362) close(33) = 0 <0.000519>
>> 15:13:31.642216 (+ 0.000758)
>> chmod("/var/run/dirsrv/slapd-COMPANY-INTERNAL.pid",
>> 0644) = 0 <0.000152>
>> 15:13:31.642900 (+ 0.000679) clock_gettime(CLOCK_REALTIME,
>> {tv_sec=1526328811, tv_nsec=643020294}) = 0 <0.000056>
>> 15:13:31.643495 (+ 0.000590) write(2, "[14/May/2018:15:13:31.643020294
>> "..., 134) = 134 <0.002697>
>> 15:13:31.646515 (+ 0.003052) clock_gettime(CLOCK_REALTIME,
>> {tv_sec=1526328811, tv_nsec=646694394}) = 0 <0.000075>
>> 15:13:31.646892 (+ 0.000337) write(4, "[14/May/2018:15:13:31.646694394
>> "..., 134) = 134 <0.000522>
>> 15:13:31.647841 (+ 0.000973) fsync(4) = 0 <0.005967>
>> 15:13:31.654425 (+ 0.006617) clock_gettime(CLOCK_REALTIME,
>> {tv_sec=1526328811, tv_nsec=654598946}) = 0 <0.000253>
>> 15:13:31.655137 (+ 0.000717) write(2, "[14/May/2018:15:13:31.654598946
>> "..., 136) = 136 <0.002427>
>> 15:13:31.658312 (+ 0.003165) clock_gettime(CLOCK_REALTIME,
>> {tv_sec=1526328811, tv_nsec=658486117}) = 0 <0.000251>
>> 15:13:31.659032 (+ 0.000682) write(4, "[14/May/2018:15:13:31.658486117
>> "..., 136) = 136 <0.000346>
>> 15:13:31.659623 (+ 0.000595) fsync(4) = 0 <0.003311>
>> 15:13:31.663230 (+ 0.003642) getpid() = 32353 <0.000045>
>> 15:13:31.663732 (+ 0.000454) socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC,
>> 0) = 33 <0.000296>
>> 15:13:31.664760 (+ 0.001048) getsockopt(33, SOL_SOCKET, SO_SNDBUF,
>> [163840], [4]) = 0 <0.000108>
>> 15:13:31.665141 (+ 0.000386) setsockopt(33, SOL_SOCKET,
>> SO_SNDBUFFORCE, [8388608], 4) = -1 EPERM (Operation not permitted)
>> <0.000051>
>> 15:13:31.665500 (+ 0.000334) setsockopt(33, SOL_SOCKET, SO_SNDBUF,
>> [8388608], 4) = 0 <0.000229>
>> 15:13:31.665973 (+ 0.000468) sendmsg(33,
>> {msg_name={sa_family=AF_UNIX, sun_path="/run/systemd/notify"},
>> msg_namelen=21, msg_iov=[{iov_base="READY=1\nSTATUS=slapd started:
>> Re"..., iov_len=69}], msg_iovlen=1, msg_controllen=0, msg_flags=0},
>> MSG_NOSIGNAL) = 69 <0.000600>
>> 15:13:31.667270 (+ 0.001334) close(33) = 0 <0.003140>
>> 15:13:31.677320 (+ 0.010146) futex(0xb31122e8, FUTEX_WAIT, 32357,
>> NULL) = ?
>> 15:14:27.661809 (+ 55.984448) +++ killed by SIGSEGV (core dumped) +++
>>
>> On Mon, May 14, 2018 at 10:27 AM, thierry bordaz <tbor...@redhat.com>
>> wrote:
>>
>>> Hi Jonathan,
>>>
>>> This is weird as the crashing thread stack looks truncated (did you
>>> copy/paste all of it ?)
>>>
>>> Thread 1 (Thread 0x9e13c280 (LWP 17245)):
>>> #0 0xb67bbf2e in strlen () at /lib/libc.so.6
>>> #1 0xb6a06b40 in dosprintf () at /lib/libnspr4.so
>>> #2 0x00000000 in None ()
>>>
>>> Did you install 389-ds-base-debuginfo ?
>>> How did you get that backtrace ? from a core dumped, pstack ? Can you
>>> attach a debugger before the crash occurs ?
>>>
>>> It looks it crashed soon at startup, could it be related to a broken
>>> dse.ldif. It should exists a dse.ldif.OK, is it possibly to try to start
>>> with it ?
>>>
>>> best regards
>>> thierry
>>>
>>> On 05/12/2018 01:22 AM, Jonathan Vaughn via FreeIPA-users wrote:
>>>
>>> Not sure if it makes a difference... I was looking into this again and
>>> realized I had a bunch of messages from gdb telling me to install more
>>> debuginfo. I've done that now, here it is again freshly run through gdb
>>>
>>> GNU gdb (GDB) Fedora 8.0.1-36.fc27
>>> Copyright (C) 2017 Free Software Foundation, Inc.
>>> License GPLv3+: GNU GPL version 3 or later <
>>> http://gnu.org/licenses/gpl.html>
>>> This is free software: you are free to change and redistribute it.
>>> There is NO WARRANTY, to the extent permitted by law. Type "show
>>> copying"
>>> and "show warranty" for details.
>>> This GDB was configured as "armv7hl-redhat-linux-gnueabi".
>>> Type "show configuration" for configuration details.
>>> For bug reporting instructions, please see:
>>> <http://www.gnu.org/software/gdb/bugs/>.
>>> Find the GDB manual and other documentation resources online at:
>>> <http://www.gnu.org/software/gdb/documentation/>.
>>> For help, type "help".
>>> Type "apropos word" to search for commands related to "word"...
>>> Reading symbols from /usr/sbin/ns-slapd...Reading symbols from
>>> /usr/lib/debug/usr/sbin/ns-slapd-1.3.7.10-1.fc27.arm.debug...done.
>>> done.
>>> ...
>>>
>>> Thread 1 (Thread 0x9e13c280 (LWP 17245)):
>>> #0 0xb67bbf2e in strlen () at /lib/libc.so.6
>>> #1 0xb6a06b40 in dosprintf () at /lib/libnspr4.so
>>> #2 0x00000000 in None ()
>>>
>>>
>>>
>>> On Tue, May 8, 2018 at 7:52 AM, Rob Crittenden <rcrit...@redhat.com>
>>>> wrote:
>>>>
>>>>> Jonathan Vaughn via FreeIPA-users wrote:
>>>>>
>>>>>> Still trying to figure this out. It looks like slapd is dying, I
>>>>>> thought it was still running for some reason.
>>>>>>
>>>>>> slapd is dying to segfault. strace of it happening doesn't seem to
>>>>>> reveal much:
>>>>>>
>>>>>
>>>>> A stack trace would very much help trying to track down the cause.
>>>>>
>>>>> http://directory.fedoraproject.org/docs/389ds/FAQ/faq.html#d
>>>>> ebugging-crashes
>>>>>
>>>>> rob
>>>>>
>>>>>
>>>>>> 18:32:41.543717 (+ 0.000801) openat(AT_FDCWD,
>>>>>> "/var/run/dirsrv/slapd-COMPANY-INTERNAL.pid",
>>>>>> O_WRONLY|O_CREAT|O_TRUNC, 0666) = 32
>>>>>> 18:32:41.544907 (+ 0.001195) getpid() = 16014
>>>>>> 18:32:41.545269 (+ 0.000329) fstat64(32, {st_mode=S_IFREG|0644,
>>>>>> st_size=0, ...}) = 0
>>>>>> 18:32:41.545799 (+ 0.000536) write(32, "16014\n", 6) = 6
>>>>>> 18:32:41.546603 (+ 0.000818) close(32) = 0
>>>>>> 18:32:41.547061 (+ 0.000448)
>>>>>> chmod("/var/run/dirsrv/slapd-COMPANY-INTERNAL.pid",
>>>>>> 0644) = 0
>>>>>> 18:32:41.547741 (+ 0.000676) clock_gettime(CLOCK_REALTIME,
>>>>>> {tv_sec=1525735961, tv_nsec=548030641}) = 0
>>>>>> 18:32:41.548324 (+ 0.000587) write(2,
>>>>>> "[07/May/2018:18:32:41.548030641 "..., 134) = 134
>>>>>> 18:32:41.551096 (+ 0.002840) clock_gettime(CLOCK_REALTIME,
>>>>>> {tv_sec=1525735961, tv_nsec=551287555}) = 0
>>>>>> 18:32:41.551568 (+ 0.000406) write(4,
>>>>>> "[07/May/2018:18:32:41.551287555 "..., 134) = 134
>>>>>> 18:32:41.552360 (+ 0.000811) fsync(4) = 0
>>>>>> 18:32:41.558499 (+ 0.006170) clock_gettime(CLOCK_REALTIME,
>>>>>> {tv_sec=1525735961, tv_nsec=558678099}) = 0
>>>>>> 18:32:41.558901 (+ 0.000350) write(2,
>>>>>> "[07/May/2018:18:32:41.558678099 "..., 136) = 136
>>>>>> 18:32:41.561537 (+ 0.002680) clock_gettime(CLOCK_REALTIME,
>>>>>> {tv_sec=1525735961, tv_nsec=561718659}) = 0
>>>>>> 18:32:41.562357 (+ 0.000793) write(4,
>>>>>> "[07/May/2018:18:32:41.561718659 "..., 136) = 136
>>>>>> 18:32:41.563293 (+ 0.001148) fsync(4) = 0
>>>>>> 18:32:41.566928 (+ 0.003452) getpid() = 16014
>>>>>> 18:32:41.567712 (+ 0.000752) socket(AF_UNIX,
>>>>>> SOCK_DGRAM|SOCK_CLOEXEC, 0) = 32
>>>>>> 18:32:41.568628 (+ 0.000912) getsockopt(32, SOL_SOCKET,
>>>>>> SO_SNDBUF, [163840], [4]) = 0
>>>>>> 18:32:41.568972 (+ 0.000319) setsockopt(32, SOL_SOCKET,
>>>>>> SO_SNDBUFFORCE, [8388608], 4) = -1 EPERM (Operation not permitted)
>>>>>> 18:32:41.569548 (+ 0.000589) setsockopt(32, SOL_SOCKET,
>>>>>> SO_SNDBUF, [8388608], 4) = 0
>>>>>> 18:32:41.570064 (+ 0.000513) sendmsg(32,
>>>>>> {msg_name={sa_family=AF_UNIX, sun_path="/run/systemd/notify"},
>>>>>> msg_namelen=21, msg_iov=[{iov_base="READY=1\nSTATUS=slapd started:
>>>>>> Re"..., iov_len=69}], msg_iovlen=1, msg_controllen=0, msg_flags=0},
>>>>>> MSG_NOSIGNAL) = 69
>>>>>> 18:32:41.570845 (+ 0.000789) close(32) = 0
>>>>>> 18:32:41.576358 (+ 0.005575) futex(0xb30ed2e8, FUTEX_WAIT, 16016,
>>>>>> NULL) = ?
>>>>>> 18:33:01.730774 (+ 20.154428) +++ killed by SIGSEGV +++
>>>>>>
>>>>>>
>>>
>>
>>
>
>
> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
> To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
>
>
>
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
