(gdb) up #1 0xb6926b40 in cvt_s (flags=0, prec=<optimized out>, width=0, str=0x4 <error: Cannot access memory at address 0x4>, ss=<optimized out>) at ../../.././nspr/pr/src/io/prprf.c:374 374 slen = strlen(str); (gdb) up #2 dosprintf (ss=ss@entry=0x9e06e4bc, fmt=0xb34b0df2 "", fmt@entry=0xb34da770 <agmt_set> "\360\317p\002", ap=...) at ../../.././nspr/pr/src/io/prprf.c:1018 1018 rv = cvt_s(ss, u.s, width, prec, flags); (gdb) up #3 0xb6926c8c in PR_vsmprintf (fmt=fmt@entry=0xb34da770 <agmt_set> "\360\317p\002", ap=..., ap@entry=...) at ../../.././nspr/pr/src/io/prprf.c:1184 1184 rv = dosprintf(&ss, fmt, ap); (gdb) up #4 0xb6de9d18 in slapi_ch_smprintf (fmt=0xb34b0de0 "%s;%s;%s;%ld;%d;%s") at ldap/servers/slapd/ch_malloc.c:331 331 p = PR_vsmprintf(fmt, ap); (gdb) up #5 0xb34625a4 in agmt_update_maxcsn (r=r@entry=0x2737810, sdn=0x38d9a40, sdn@entry=0x10, op=<optimized out>, mods=0x10, mods@entry=0x27d0100, csn=csn@entry=0x38de350) at ldap/servers/plugins/replication/repl5_agmt.c:3036 3036 agmt->maxcsn = slapi_ch_smprintf("%s;%s;%s;%ld;%d;%s", slapi_sdn_get_dn(agmt->replarea), (gdb) p *agmt $1 = {hostname = 0x2757be0 "ipa-12.company.internal", port = 389, transport_flags = 0, binddn = 0x26ed650 "", creds = 0x26ed7a0, bindmethod = 3, replarea = 0x2757480, frac_attrs = 0x27579c0, frac_attrs_total = 0x2757a40, frac_attr_total_defined = 1, schedule = 0x22dd0c0, auto_initialize = 502, dn = 0x2756d00, rdn = 0x2756c20, long_name = 0x22dd100 "agmt=\"cn=meToipa-12.company.internal\" (ipa-12:5)", protocol = 0x2220930, changecounters = 0x20cb180, num_changecounters = 0, max_changecounters = 256, last_update_start_time = 1526499214, last_update_end_time = 1526499214, last_update_status = "Error (0) Replica acquired successfully: Incremental update succeeded", '\000' <repeats 954 times>, update_in_progress = 0, is_enabled = 1, last_init_start_time = 0, last_init_end_time = 0, last_init_status = '\000' <repeats 1023 times>, lock = 0x2741740, consumerRUV = 0x2772e50, consumerSchemaCSN = 0x39da520, consumerRID = 4, tmpConsumerRID = 0, timeout = 120, stop_in_progress = 0, busywaittime = 0, pausetime = 0, priv = 0x0, attrs_to_strip = 0x2757ba0, agreement_type = 0, protocol_timeout = 0x26ed5f0, maxcsn = 0x0, flowControlWindow = 1000, flowControlPause = 2000, ignoreMissingChange = 0, attr_lock = 0x2757c20, WaitForAsyncResults = 100}
On Tue, May 15, 2018 at 5:36 PM, Mark Reynolds <mreyno...@redhat.com> wrote: > This looks really familiar and I thought it was fixed. It should have > been fixed in 1.3.7.10-1 (https://pagure.io/389-ds-base/issue/49618). > In your debug session go "up" into agmt_maxcsn_update() and do: > > (gdb) p *agmt > > Then send us that output please. > > Thanks, > Mark > > > On 05/15/2018 05:29 PM, Jonathan Vaughn via FreeIPA-users wrote: > > Here is a backtrace from live gdb after the segfault. Looks like things > went wrong somewhere during in the replication code ? > > Thread 36 "ns-slapd" received signal SIGSEGV, Segmentation fault. > [Switching to Thread 0x9e0bc280 (LWP 4662)] > strlen () at ../sysdeps/arm/armv6t2/strlen.S:142 > 142 ldrd data1a, data1b, [src] > (gdb) bt > #0 0xb6728f2e in strlen () at ../sysdeps/arm/armv6t2/strlen.S:142 > #1 0xb6973b40 in cvt_s (flags=0, prec=<optimized out>, width=0, str=0x4 > <error: Cannot access memory at address 0x4>, ss=<optimized out>) > at ../../.././nspr/pr/src/io/prprf.c:374 > #2 0xb6973b40 in dosprintf (ss=ss@entry=0x9e0bb4bc, fmt=0xb34fddf2 "", > fmt@entry=0xb3527770 <agmt_set> "\360\357\305\002", ap=...) > at ../../.././nspr/pr/src/io/prprf.c:1018 > #3 0xb6973c8c in PR_vsmprintf (fmt=fmt@entry=0xb3527770 <agmt_set> > "\360\357\305\002", ap=..., ap@entry=...) at ../../.././nspr/pr/src/io/ > prprf.c:1184 > #4 0xb6e36d18 in slapi_ch_smprintf (fmt=0xb34fdde0 "%s;%s;%s;%ld;%d;%s") > at ldap/servers/slapd/ch_malloc.c:331 > #5 0xb34af5a4 in agmt_update_maxcsn (r=r@entry=0x2c89810, sdn=0x3e2bac0, > sdn@entry=0x10, op=<optimized out>, mods=0x10, mods@entry=0x3eec100, > csn=csn@entry=0x3e30220) > at ldap/servers/plugins/replication/repl5_agmt.c:3036 > #6 0xb34bd424 in write_changelog_and_ruv (pb=pb@entry=0x2cb54a0) at > ldap/servers/plugins/replication/repl5_plugins.c:1124 > #7 0xb34be7ec in multimaster_be_betxnpostop_add (pb=0x2cb54a0) at > ldap/servers/plugins/replication/repl5_plugins.c:855 > #8 0xb34be880 in multimaster_mmr_postop (pb=<optimized out>, flags=560) > at ldap/servers/plugins/replication/repl5_plugins.c:616 > #9 0xb6e8fcf0 in plugin_call_mmr_plugin_postop (pb=pb@entry=0x2cb54a0, > e=e@entry=0x0, flags=flags@entry=560) at ldap/servers/slapd/plugin_mmr. > c:65 > #10 0xb35ba870 in ldbm_back_add (pb=0x2cb54a0) at > ldap/servers/slapd/back-ldbm/ldbm_add.c:1218 > #11 0xb6e2ce4c in op_shared_add (pb=pb@entry=0x2cb54a0) at > ldap/servers/slapd/add.c:679 > #12 0xb6e2d35c in add_internal_pb (pb=pb@entry=0x2cb54a0) at > ldap/servers/slapd/add.c:407 > #13 0xb6e2e0f8 in slapi_add_internal_pb (pb=pb@entry=0x2cb54a0) at > ldap/servers/slapd/add.c:332 > #14 0xb368db50 in ipa_topo_util_segment_write (tconf=tconf@entry=0x2cb5860, > tsegm=tsegm@entry=0x3f2d9a0) at topology_util.c:1251 > #15 0xb368e01c in ipa_topo_util_update_agmt_list (conf=0x2cb5860, > repl_segments=<optimized out>) at topology_util.c:696 > #16 0xb368891c in ipa_topo_apply_shared_config () at topology_init.c:165 > #17 0xb6e4e65c in eq_call_all () at ldap/servers/slapd/eventq.c:278 > #18 0xb6e4e65c in eq_loop (arg=<optimized out>) at > ldap/servers/slapd/eventq.c:323 > #19 0xb6982d68 in _pt_root (arg=0x2c8da40) at ../../.././nspr/pr/src/ > pthreads/ptthread.c:201 > #20 0xb6906ee8 in start_thread (arg=0x9e0bc280) at pthread_create.c:465 > #21 0xb6785da8 in None () at ../sysdeps/unix/sysv/linux/arm/clone.S:73 > > > On Tue, May 15, 2018 at 3:01 AM, thierry bordaz <tbor...@redhat.com> > wrote: > >> Hi Jonathan, >> >> This problem looks new to me and has something specific to your >> environment. >> I think the best approach is to continue to debug on your system if you >> have the possibility to do so. >> >> From strace we can see that DS started smoothly (created its pid file >> then notified systemd it was running fine). According to the pstack >> nunc-stans was running and was able to accept network events even if it >> appears it detected no incoming connection. >> So the server should be ready to serve for some seconds (more than a >> minute), then it crashed with one thread dereferencing likely a wrong >> pointer. >> >> Could you attach a debugger when the server is started and wait for the >> sigsegv to occur. Then confirm the crashing thread backstack. >> If it is confirmed, I am afraid this is a stack corruption and valgrind >> could help (http://www.port389.org/docs/389ds/FAQ/faq.html#debugging-me >> mory-growthinvalid-access-with-valgrind). >> >> best regards >> thierry >> >> >> On 05/14/2018 10:20 PM, Jonathan Vaughn wrote: >> >> Here's a strace from before it dies. Most of the elapsed time is it >> waiting on some futex call it looks like near the end, when it finally >> "returns" (from lack of strace output for duration of call I assume it >> didn't actually return but SIGSEGV in that call) and strace prints ' = ?' >> on the futex it then immediately reports SIGSEGV after. So maybe the >> problem is that futex call, which may mean the problem is not directly in >> 389DS / FreeIPA itself? >> >> >> >> 15:13:31.626587 (+ 0.000630) listen(8, 128) = 0 <0.000068> >> 15:13:31.626857 (+ 0.000235) listen(9, 128) = 0 <0.000048> >> 15:13:31.627111 (+ 0.000251) clock_gettime(CLOCK_MONOTONIC, >> {tv_sec=1464932, tv_nsec=41120614}) = 0 <0.000085> >> 15:13:31.627457 (+ 0.000356) clock_gettime(CLOCK_REALTIME, >> {tv_sec=1526328811, tv_nsec=627560772}) = 0 <0.000043> >> 15:13:31.631233 (+ 0.003839) clock_gettime(CLOCK_MONOTONIC, >> {tv_sec=1464932, tv_nsec=45286796}) = 0 <0.000077> >> 15:13:31.631720 (+ 0.000427) clock_gettime(CLOCK_MONOTONIC, >> {tv_sec=1464932, tv_nsec=45661430}) = 0 <0.000042> >> 15:13:31.631955 (+ 0.000220) clock_gettime(CLOCK_REALTIME, >> {tv_sec=1526328811, tv_nsec=632049036}) = 0 <0.000047> >> 15:13:31.635669 (+ 0.003785) clock_gettime(CLOCK_MONOTONIC, >> {tv_sec=1464932, tv_nsec=49725840}) = 0 <0.000146> >> 15:13:31.636484 (+ 0.000784) write(16, "a", 1) = 1 <0.000118> >> 15:13:31.636855 (+ 0.000341) sched_yield() = 0 <0.000252> >> 15:13:31.637322 (+ 0.000470) futex(0x1cb57a0, FUTEX_WAKE_PRIVATE, 1) >> = 1 <0.000088> >> 15:13:31.637897 (+ 0.000610) write(16, "a", 1) = 1 <0.000221> >> 15:13:31.638394 (+ 0.000467) sched_yield() = 0 <0.000047> >> 15:13:31.638619 (+ 0.000202) futex(0x1cb5710, FUTEX_WAKE_PRIVATE, 1) >> = 1 <0.000065> >> 15:13:31.638908 (+ 0.000298) openat(AT_FDCWD, >> "/var/run/dirsrv/slapd-COMPANY-INTERNAL.pid", O_WRONLY|O_CREAT|O_TRUNC, >> 0666) = 33 <0.000831> >> 15:13:31.640260 (+ 0.001387) getpid() = 32353 <0.000077> >> 15:13:31.640558 (+ 0.000256) fstat64(33, {st_mode=S_IFREG|0644, >> st_size=0, ...}) = 0 <0.000119> >> 15:13:31.641106 (+ 0.000556) write(33, "32353\n", 6) = 6 <0.000127> >> 15:13:31.641472 (+ 0.000362) close(33) = 0 <0.000519> >> 15:13:31.642216 (+ 0.000758) >> chmod("/var/run/dirsrv/slapd-COMPANY-INTERNAL.pid", >> 0644) = 0 <0.000152> >> 15:13:31.642900 (+ 0.000679) clock_gettime(CLOCK_REALTIME, >> {tv_sec=1526328811, tv_nsec=643020294}) = 0 <0.000056> >> 15:13:31.643495 (+ 0.000590) write(2, "[14/May/2018:15:13:31.643020294 >> "..., 134) = 134 <0.002697> >> 15:13:31.646515 (+ 0.003052) clock_gettime(CLOCK_REALTIME, >> {tv_sec=1526328811, tv_nsec=646694394}) = 0 <0.000075> >> 15:13:31.646892 (+ 0.000337) write(4, "[14/May/2018:15:13:31.646694394 >> "..., 134) = 134 <0.000522> >> 15:13:31.647841 (+ 0.000973) fsync(4) = 0 <0.005967> >> 15:13:31.654425 (+ 0.006617) clock_gettime(CLOCK_REALTIME, >> {tv_sec=1526328811, tv_nsec=654598946}) = 0 <0.000253> >> 15:13:31.655137 (+ 0.000717) write(2, "[14/May/2018:15:13:31.654598946 >> "..., 136) = 136 <0.002427> >> 15:13:31.658312 (+ 0.003165) clock_gettime(CLOCK_REALTIME, >> {tv_sec=1526328811, tv_nsec=658486117}) = 0 <0.000251> >> 15:13:31.659032 (+ 0.000682) write(4, "[14/May/2018:15:13:31.658486117 >> "..., 136) = 136 <0.000346> >> 15:13:31.659623 (+ 0.000595) fsync(4) = 0 <0.003311> >> 15:13:31.663230 (+ 0.003642) getpid() = 32353 <0.000045> >> 15:13:31.663732 (+ 0.000454) socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, >> 0) = 33 <0.000296> >> 15:13:31.664760 (+ 0.001048) getsockopt(33, SOL_SOCKET, SO_SNDBUF, >> [163840], [4]) = 0 <0.000108> >> 15:13:31.665141 (+ 0.000386) setsockopt(33, SOL_SOCKET, >> SO_SNDBUFFORCE, [8388608], 4) = -1 EPERM (Operation not permitted) >> <0.000051> >> 15:13:31.665500 (+ 0.000334) setsockopt(33, SOL_SOCKET, SO_SNDBUF, >> [8388608], 4) = 0 <0.000229> >> 15:13:31.665973 (+ 0.000468) sendmsg(33, >> {msg_name={sa_family=AF_UNIX, sun_path="/run/systemd/notify"}, >> msg_namelen=21, msg_iov=[{iov_base="READY=1\nSTATUS=slapd started: >> Re"..., iov_len=69}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, >> MSG_NOSIGNAL) = 69 <0.000600> >> 15:13:31.667270 (+ 0.001334) close(33) = 0 <0.003140> >> 15:13:31.677320 (+ 0.010146) futex(0xb31122e8, FUTEX_WAIT, 32357, >> NULL) = ? >> 15:14:27.661809 (+ 55.984448) +++ killed by SIGSEGV (core dumped) +++ >> >> On Mon, May 14, 2018 at 10:27 AM, thierry bordaz <tbor...@redhat.com> >> wrote: >> >>> Hi Jonathan, >>> >>> This is weird as the crashing thread stack looks truncated (did you >>> copy/paste all of it ?) >>> >>> Thread 1 (Thread 0x9e13c280 (LWP 17245)): >>> #0 0xb67bbf2e in strlen () at /lib/libc.so.6 >>> #1 0xb6a06b40 in dosprintf () at /lib/libnspr4.so >>> #2 0x00000000 in None () >>> >>> Did you install 389-ds-base-debuginfo ? >>> How did you get that backtrace ? from a core dumped, pstack ? Can you >>> attach a debugger before the crash occurs ? >>> >>> It looks it crashed soon at startup, could it be related to a broken >>> dse.ldif. It should exists a dse.ldif.OK, is it possibly to try to start >>> with it ? >>> >>> best regards >>> thierry >>> >>> On 05/12/2018 01:22 AM, Jonathan Vaughn via FreeIPA-users wrote: >>> >>> Not sure if it makes a difference... I was looking into this again and >>> realized I had a bunch of messages from gdb telling me to install more >>> debuginfo. I've done that now, here it is again freshly run through gdb >>> >>> GNU gdb (GDB) Fedora 8.0.1-36.fc27 >>> Copyright (C) 2017 Free Software Foundation, Inc. >>> License GPLv3+: GNU GPL version 3 or later < >>> http://gnu.org/licenses/gpl.html> >>> This is free software: you are free to change and redistribute it. >>> There is NO WARRANTY, to the extent permitted by law. Type "show >>> copying" >>> and "show warranty" for details. >>> This GDB was configured as "armv7hl-redhat-linux-gnueabi". >>> Type "show configuration" for configuration details. >>> For bug reporting instructions, please see: >>> <http://www.gnu.org/software/gdb/bugs/>. >>> Find the GDB manual and other documentation resources online at: >>> <http://www.gnu.org/software/gdb/documentation/>. >>> For help, type "help". >>> Type "apropos word" to search for commands related to "word"... >>> Reading symbols from /usr/sbin/ns-slapd...Reading symbols from >>> /usr/lib/debug/usr/sbin/ns-slapd-1.3.7.10-1.fc27.arm.debug...done. >>> done. >>> ... >>> >>> Thread 1 (Thread 0x9e13c280 (LWP 17245)): >>> #0 0xb67bbf2e in strlen () at /lib/libc.so.6 >>> #1 0xb6a06b40 in dosprintf () at /lib/libnspr4.so >>> #2 0x00000000 in None () >>> >>> >>> >>> On Tue, May 8, 2018 at 7:52 AM, Rob Crittenden <rcrit...@redhat.com> >>>> wrote: >>>> >>>>> Jonathan Vaughn via FreeIPA-users wrote: >>>>> >>>>>> Still trying to figure this out. It looks like slapd is dying, I >>>>>> thought it was still running for some reason. >>>>>> >>>>>> slapd is dying to segfault. strace of it happening doesn't seem to >>>>>> reveal much: >>>>>> >>>>> >>>>> A stack trace would very much help trying to track down the cause. >>>>> >>>>> http://directory.fedoraproject.org/docs/389ds/FAQ/faq.html#d >>>>> ebugging-crashes >>>>> >>>>> rob >>>>> >>>>> >>>>>> 18:32:41.543717 (+ 0.000801) openat(AT_FDCWD, >>>>>> "/var/run/dirsrv/slapd-COMPANY-INTERNAL.pid", >>>>>> O_WRONLY|O_CREAT|O_TRUNC, 0666) = 32 >>>>>> 18:32:41.544907 (+ 0.001195) getpid() = 16014 >>>>>> 18:32:41.545269 (+ 0.000329) fstat64(32, {st_mode=S_IFREG|0644, >>>>>> st_size=0, ...}) = 0 >>>>>> 18:32:41.545799 (+ 0.000536) write(32, "16014\n", 6) = 6 >>>>>> 18:32:41.546603 (+ 0.000818) close(32) = 0 >>>>>> 18:32:41.547061 (+ 0.000448) >>>>>> chmod("/var/run/dirsrv/slapd-COMPANY-INTERNAL.pid", >>>>>> 0644) = 0 >>>>>> 18:32:41.547741 (+ 0.000676) clock_gettime(CLOCK_REALTIME, >>>>>> {tv_sec=1525735961, tv_nsec=548030641}) = 0 >>>>>> 18:32:41.548324 (+ 0.000587) write(2, >>>>>> "[07/May/2018:18:32:41.548030641 "..., 134) = 134 >>>>>> 18:32:41.551096 (+ 0.002840) clock_gettime(CLOCK_REALTIME, >>>>>> {tv_sec=1525735961, tv_nsec=551287555}) = 0 >>>>>> 18:32:41.551568 (+ 0.000406) write(4, >>>>>> "[07/May/2018:18:32:41.551287555 "..., 134) = 134 >>>>>> 18:32:41.552360 (+ 0.000811) fsync(4) = 0 >>>>>> 18:32:41.558499 (+ 0.006170) clock_gettime(CLOCK_REALTIME, >>>>>> {tv_sec=1525735961, tv_nsec=558678099}) = 0 >>>>>> 18:32:41.558901 (+ 0.000350) write(2, >>>>>> "[07/May/2018:18:32:41.558678099 "..., 136) = 136 >>>>>> 18:32:41.561537 (+ 0.002680) clock_gettime(CLOCK_REALTIME, >>>>>> {tv_sec=1525735961, tv_nsec=561718659}) = 0 >>>>>> 18:32:41.562357 (+ 0.000793) write(4, >>>>>> "[07/May/2018:18:32:41.561718659 "..., 136) = 136 >>>>>> 18:32:41.563293 (+ 0.001148) fsync(4) = 0 >>>>>> 18:32:41.566928 (+ 0.003452) getpid() = 16014 >>>>>> 18:32:41.567712 (+ 0.000752) socket(AF_UNIX, >>>>>> SOCK_DGRAM|SOCK_CLOEXEC, 0) = 32 >>>>>> 18:32:41.568628 (+ 0.000912) getsockopt(32, SOL_SOCKET, >>>>>> SO_SNDBUF, [163840], [4]) = 0 >>>>>> 18:32:41.568972 (+ 0.000319) setsockopt(32, SOL_SOCKET, >>>>>> SO_SNDBUFFORCE, [8388608], 4) = -1 EPERM (Operation not permitted) >>>>>> 18:32:41.569548 (+ 0.000589) setsockopt(32, SOL_SOCKET, >>>>>> SO_SNDBUF, [8388608], 4) = 0 >>>>>> 18:32:41.570064 (+ 0.000513) sendmsg(32, >>>>>> {msg_name={sa_family=AF_UNIX, sun_path="/run/systemd/notify"}, >>>>>> msg_namelen=21, msg_iov=[{iov_base="READY=1\nSTATUS=slapd started: >>>>>> Re"..., iov_len=69}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, >>>>>> MSG_NOSIGNAL) = 69 >>>>>> 18:32:41.570845 (+ 0.000789) close(32) = 0 >>>>>> 18:32:41.576358 (+ 0.005575) futex(0xb30ed2e8, FUTEX_WAIT, 16016, >>>>>> NULL) = ? >>>>>> 18:33:01.730774 (+ 20.154428) +++ killed by SIGSEGV +++ >>>>>> >>>>>> >>> >> >> > > > _______________________________________________ > FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org > To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org > > >
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org