[Pkg-sssd-devel] Bug#929473: sssd-kcm: talloc_abort call via schedule_fd_processing
Bernhard Übelacker
bernhardu at mailbox.org
Fri May 31 13:38:24 BST 2019
Dear Maintainer,
I just tried to reproduce this crash and may have
found some more information.
It looks like this memory got freed already at
this location [1].
Then on the second free attempt the talloc
recognises this and aborts [2].
Could not find a related upstream bug report in [3].
It does not always crash so it looks timing related.
Attached file shows some details on my attempt to
reproduce this issue.
Kind regards,
Bernhard
[1]
(rr) bt
#0 _talloc_free (ptr=0x5622b5453df0, location=0x7f8594c8e15d "../tevent_timed.c:391") at ../talloc.c:1743
#1 0x00007f8594c8ace1 in tevent_common_invoke_timer_handler (te=te at entry=0x5622b5453df0, current_time=..., removed=removed at entry=0x0) at ../tevent_timed.c:391
#2 0x00007f8594c8adea in tevent_common_loop_timer_delay (ev=ev at entry=0x5622b5431920) at ../tevent_timed.c:441
#3 0x00007f8594c8be67 in epoll_event_loop_once (ev=0x5622b5431920, location=<optimized out>) at ../tevent_epoll.c:922
#4 0x00007f8594c8a2d7 in std_event_loop_once (ev=0x5622b5431920, location=0x7f85948c9178 "../src/util/server.c:725") at ../tevent_standard.c:110
#5 0x00007f8594c857e4 in _tevent_loop_once (ev=ev at entry=0x5622b5431920, location=location at entry=0x7f85948c9178 "../src/util/server.c:725") at ../tevent.c:772
#6 0x00007f8594c85a2b in tevent_common_loop_wait (ev=0x5622b5431920, location=0x7f85948c9178 "../src/util/server.c:725") at ../tevent.c:895
#7 0x00007f8594c8a277 in std_event_loop_wait (ev=0x5622b5431920, location=0x7f85948c9178 "../src/util/server.c:725") at ../tevent_standard.c:141
#8 0x00007f85948a48e3 in server_loop (main_ctx=0x5622b5432df0) at ../src/util/server.c:725
#9 0x00005622b38e4c70 in main (argc=<optimized out>, argv=<optimized out>) at ../src/responder/kcm/kcm.c:318
(rr) when
Current event: 12824
[2]
(rr) bt
#0 _talloc_free (ptr=0x5622b5453df0, location=0x5622b391d27a "../src/util/tev_curl.c:449") at ../talloc.c:1743
#1 0x00005622b38f98fb in schedule_fd_processing (multi=<optimized out>, timeout_ms=0, userp=<optimized out>) at ../src/util/tev_curl.c:449
#2 0x00007f8594cd88cc in update_timer (multi=multi at entry=0x5622b5440a50) at multi.c:2941
#3 0x00007f8594cd9f76 in curl_multi_add_handle (data=0x5622b6871250, multi=0x5622b5440a50) at multi.c:500
#4 curl_multi_add_handle (multi=0x5622b5440a50, data=0x5622b6871250) at multi.c:376
#5 0x00005622b38f9fa9 in tcurl_request_send (mem_ctx=mem_ctx at entry=0x5622b544e740, ev=ev at entry=0x5622b5431920, tcurl_ctx=tcurl_ctx at entry=0x5622b543c0f0, tcurl_req=tcurl_req at entry=0x5622b686b890, timeout=timeout at entry=5) at ../src/util/tev_curl.c:700
#6 0x00005622b38faa98 in tcurl_http_send (mem_ctx=0x5622b544e740, ev=ev at entry=0x5622b5431920, tcurl_ctx=0x5622b543c0f0, method=method at entry=TCURL_HTTP_GET, socket_path=socket_path at entry=0x5622b39154a3 "/var/run/secrets.socket", url=<optimized out>, headers=0x5622b39379b0 <sec_headers>, body=0x0, timeout=5) at ../src/util/tev_curl.c:1017
#7 0x00005622b38ef659 in sec_list_send (mem_ctx=<optimized out>, ev=ev at entry=0x5622b5431920, client=client at entry=0x5622b686a4e0, secdb=<optimized out>) at ../src/responder/kcm/kcmsrv_ccache_secrets.c:163
#8 0x00005622b38efc4e in sec_get_ccache_send (mem_ctx=<optimized out>, ev=ev at entry=0x5622b5431920, secdb=secdb at entry=0x5622b54409d0, client=client at entry=0x5622b686a4e0, name=name at entry=0x5622b543cea0 "0", uuid=uuid at entry=0x7ffdbedbd470 "") at ../src/responder/kcm/kcmsrv_ccache_secrets.c:482
#9 0x00005622b38f016d in ccdb_sec_getbyname_send (mem_ctx=<optimized out>, ev=0x5622b5431920, db=<optimized out>, client=0x5622b686a4e0, name=0x5622b543cea0 "0") at ../src/responder/kcm/kcmsrv_ccache_secrets.c:1275
#10 0x00005622b38e7e39 in kcm_ccdb_getbyname_send (mem_ctx=<optimized out>, ev=ev at entry=0x5622b5431920, db=0x5622b543d630, client=0x5622b686a4e0, name=0x5622b543cea0 "0") at ../src/responder/kcm/kcmsrv_ccache.c:692
#11 0x00005622b38f18d7 in kcm_op_get_kdc_offset_send (mem_ctx=<optimized out>, ev=0x5622b5431920, op_ctx=0x5622b544de60) at ../src/responder/kcm/kcmsrv_ops.c:1731
#12 0x00005622b38f09f3 in kcm_cmd_queue_done (subreq=0x0) at ../src/responder/kcm/kcmsrv_ops.c:196
#13 0x00007f8594c86479 in tevent_common_invoke_immediate_handler (im=0x5622b5430520, removed=removed at entry=0x0) at ../tevent_immediate.c:165
#14 0x00007f8594c864a3 in tevent_common_loop_immediate (ev=ev at entry=0x5622b5431920) at ../tevent_immediate.c:202
#15 0x00007f8594c8be5b in epoll_event_loop_once (ev=0x5622b5431920, location=<optimized out>) at ../tevent_epoll.c:917
#16 0x00007f8594c8a2d7 in std_event_loop_once (ev=0x5622b5431920, location=0x7f85948c9178 "../src/util/server.c:725") at ../tevent_standard.c:110
#17 0x00007f8594c857e4 in _tevent_loop_once (ev=ev at entry=0x5622b5431920, location=location at entry=0x7f85948c9178 "../src/util/server.c:725") at ../tevent.c:772
#18 0x00007f8594c85a2b in tevent_common_loop_wait (ev=0x5622b5431920, location=0x7f85948c9178 "../src/util/server.c:725") at ../tevent.c:895
#19 0x00007f8594c8a277 in std_event_loop_wait (ev=0x5622b5431920, location=0x7f85948c9178 "../src/util/server.c:725") at ../tevent_standard.c:141
#20 0x00007f85948a48e3 in server_loop (main_ctx=0x5622b5432df0) at ../src/util/server.c:725
#21 0x00005622b38e4c70 in main (argc=<optimized out>, argv=<optimized out>) at ../src/responder/kcm/kcm.c:318
(rr) when
Current event: 12850
[3]
https://pagure.io/SSSD/sssd/issues
-------------- next part --------------
# Buster amd64 qemu VM 2019-05-31
apt upate
apt dist-upgrade
apt install systemd-coredump rr gdb mc krb5-user krb5-kdc krb5-admin-server sssd-kcm sssd-kcm-dbgsym sssd-common-dbgsym libtevent0-dbgsym libcurl3-gnutls-dbgsym libtalloc2-dbgsym
apt build-dep sssd-kcm
mkdir /home/benutzer/source/sssd-kcm/orig -p
cd /home/benutzer/source/sssd-kcm/orig
apt source sssd-kcm
cd
mkdir /home/benutzer/source/libtalloc2/orig -p
cd /home/benutzer/source/libtalloc2/orig
apt source libtalloc2
cd
mkdir /home/benutzer/source/libtevent0/orig -p
cd /home/benutzer/source/libtevent0/orig
apt source libtevent0
cd
krb5_newrealm
dpkg-reconfigure krb5-kdc
dpkg-reconfigure krb5-config
- FRITZ.BOX
- 10.0.2.15
- 10.0.2.15
/etc/krb5.conf
default_ccache_name = KCM:
kadmin.local
addprinc simple_user
q
kinit simple_user
systemctl stop sssd
systemctl start sssd
while true; do klist; done
journalctl -f
coredumpctl list
coredumpctl gdb 3978
#############
journalctl -f
Mai 31 13:35:28 debian systemd-coredump[3986]: Process 3978 (sssd_kcm) of user 0 dumped core.
Stack trace of thread 3978:
#0 0x00007fde049287bb __GI_raise (libc.so.6)
#1 0x00007fde04913535 __GI_abort (libc.so.6)
#2 0x00007fde04f0b621 n/a (libtalloc.so.2)
#3 0x00007fde04f0b591 n/a (libtalloc.so.2)
#4 0x00005630000418fb n/a (sssd_kcm)
#5 0x00007fde04f778cc n/a (libcurl-gnutls.so.4)
#6 0x00007fde04f78f76 curl_multi_add_handle (libcurl-gnutls.so.4)
#7 0x0000563000041fa9 n/a (sssd_kcm)
#8 0x0000563000042a98 n/a (sssd_kcm)
#9 0x0000563000036e2f n/a (sssd_kcm)
#10 0x000056300002fabe n/a (sssd_kcm)
#11 0x000056300003a3f2 n/a (sssd_kcm)
#12 0x00005630000389f3 n/a (sssd_kcm)
#13 0x00007fde04f27479 tevent_common_invoke_immediate_handler (libtevent.so.0)
#14 0x00007fde04f274a3 tevent_common_loop_immediate (libtevent.so.0)
#15 0x00007fde04f2ce5b n/a (libtevent.so.0)
#16 0x00007fde04f2b2d7 n/a (libtevent.so.0)
#17 0x00007fde04f267e4 _tevent_loop_once (libtevent.so.0)
#18 0x00007fde04f26a2b tevent_common_loop_wait (libtevent.so.0)
#19 0x00007fde04f2b277 n/a (libtevent.so.0)
#20 0x00007fde04b438e3 server_loop (libsss_util.so)
#21 0x000056300002cc70 n/a (sssd_kcm)
#22 0x00007fde0491509b __libc_start_main (libc.so.6)
#23 0x000056300002cefa n/a (sssd_kcm)
Mai 31 13:35:28 debian systemd[1]: systemd-coredump at 4-3985-0.service: Succeeded.
root at debian:~# coredumpctl list
TIME PID UID GID SIG COREFILE EXE
Fri 2019-05-31 13:35:28 CEST 3978 0 0 6 present /usr/lib/x86_64-linux-gnu/sssd/sssd_kcm
root at debian:~# coredumpctl gdb 3978
PID: 3978 (sssd_kcm)
UID: 0 (root)
GID: 0 (root)
Signal: 6 (ABRT)
Timestamp: Fri 2019-05-31 13:35:28 CEST (1min 17s ago)
Command Line: /usr/lib/x86_64-linux-gnu/sssd/sssd_kcm --uid 0 --gid 0 --logger=files
Executable: /usr/lib/x86_64-linux-gnu/sssd/sssd_kcm
Control Group: /system.slice/sssd-kcm.service
Unit: sssd-kcm.service
Slice: system.slice
Boot ID: fdcc165c94154e12b51475ab267675fa
Machine ID: 32f43b50ac8c4b21941bc0b02f8e7811
Hostname: debian
Storage: /var/lib/systemd/coredump/core.sssd_kcm.0.fdcc165c94154e12b51475ab267675fa.3978.1559302528000000.lz4
Message: Process 3978 (sssd_kcm) of user 0 dumped core.
Stack trace of thread 3978:
#0 0x00007fde049287bb __GI_raise (libc.so.6)
#1 0x00007fde04913535 __GI_abort (libc.so.6)
#2 0x00007fde04f0b621 n/a (libtalloc.so.2)
#3 0x00007fde04f0b591 n/a (libtalloc.so.2)
#4 0x00005630000418fb n/a (sssd_kcm)
#5 0x00007fde04f778cc n/a (libcurl-gnutls.so.4)
#6 0x00007fde04f78f76 curl_multi_add_handle (libcurl-gnutls.so.4)
#7 0x0000563000041fa9 n/a (sssd_kcm)
#8 0x0000563000042a98 n/a (sssd_kcm)
#9 0x0000563000036e2f n/a (sssd_kcm)
#10 0x000056300002fabe n/a (sssd_kcm)
#11 0x000056300003a3f2 n/a (sssd_kcm)
#12 0x00005630000389f3 n/a (sssd_kcm)
#13 0x00007fde04f27479 tevent_common_invoke_immediate_handler (libtevent.so.0)
#14 0x00007fde04f274a3 tevent_common_loop_immediate (libtevent.so.0)
#15 0x00007fde04f2ce5b n/a (libtevent.so.0)
#16 0x00007fde04f2b2d7 n/a (libtevent.so.0)
#17 0x00007fde04f267e4 _tevent_loop_once (libtevent.so.0)
#18 0x00007fde04f26a2b tevent_common_loop_wait (libtevent.so.0)
#19 0x00007fde04f2b277 n/a (libtevent.so.0)
#20 0x00007fde04b438e3 server_loop (libsss_util.so)
#21 0x000056300002cc70 n/a (sssd_kcm)
#22 0x00007fde0491509b __libc_start_main (libc.so.6)
#23 0x000056300002cefa n/a (sssd_kcm)
GNU gdb (Debian 8.2.1-2) 8.2.1
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/lib/x86_64-linux-gnu/sssd/sssd_kcm...(no debugging symbols found)...done.
[New LWP 3978]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `/usr/lib/x86_64-linux-gnu/sssd/sssd_kcm --uid 0 --gid 0 --logger=files'.
Program terminated with signal SIGABRT, Aborted.
#0 __GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50 ../sysdeps/unix/sysv/linux/raise.c: Datei oder Verzeichnis nicht gefunden.
(gdb) set width 0
(gdb) set pagination off
(gdb) bt
#0 __GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1 0x00007fde04913535 in __GI_abort () at abort.c:79
#2 0x00007fde04f0b621 in ?? () from /usr/lib/x86_64-linux-gnu/libtalloc.so.2
#3 0x00007fde04f0b591 in ?? () from /usr/lib/x86_64-linux-gnu/libtalloc.so.2
#4 0x00005630000418fb in ?? ()
#5 0x00007fde04f778cc in ?? () from /usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4
#6 0x00007fde04f78f76 in curl_multi_add_handle () from /usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4
#7 0x0000563000041fa9 in ?? ()
#8 0x0000563000042a98 in ?? ()
#9 0x0000563000036e2f in ?? ()
#10 0x000056300002fabe in ?? ()
#11 0x000056300003a3f2 in ?? ()
#12 0x00005630000389f3 in ?? ()
#13 0x00007fde04f27479 in tevent_common_invoke_immediate_handler () from /usr/lib/x86_64-linux-gnu/libtevent.so.0
#14 0x00007fde04f274a3 in tevent_common_loop_immediate () from /usr/lib/x86_64-linux-gnu/libtevent.so.0
#15 0x00007fde04f2ce5b in ?? () from /usr/lib/x86_64-linux-gnu/libtevent.so.0
#16 0x00007fde04f2b2d7 in ?? () from /usr/lib/x86_64-linux-gnu/libtevent.so.0
#17 0x00007fde04f267e4 in _tevent_loop_once () from /usr/lib/x86_64-linux-gnu/libtevent.so.0
#18 0x00007fde04f26a2b in tevent_common_loop_wait () from /usr/lib/x86_64-linux-gnu/libtevent.so.0
#19 0x00007fde04f2b277 in ?? () from /usr/lib/x86_64-linux-gnu/libtevent.so.0
#20 0x00007fde04b438e3 in server_loop () from /usr/lib/x86_64-linux-gnu/sssd/libsss_util.so
#21 0x000056300002cc70 in ?? ()
#22 0x00007fde0491509b in __libc_start_main (main=0x56300002c330, argc=6, argv=0x7fffe5f81808, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffe5f817f8) at ../csu/libc-start.c:308
#23 0x000056300002cefa in ?? ()
Core was generated by `/usr/lib/x86_64-linux-gnu/sssd/sssd_kcm --uid 0 --gid 0 --logger=files'.
Program terminated with signal SIGABRT, Aborted.
#0 __GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50 ../sysdeps/unix/sysv/linux/raise.c: Datei oder Verzeichnis nicht gefunden.
(gdb) set width 0
(gdb) set pagination off
(gdb) bt
#0 __GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1 0x00007fde04913535 in __GI_abort () at abort.c:79
#2 0x00007fde04f0b621 in talloc_abort (reason=0x7fde04f19070 "Bad talloc magic value - unknown value") at ../talloc.c:500
#3 0x00007fde04f0b591 in talloc_abort_unknown_value () at ../talloc.c:529
#4 talloc_chunk_from_ptr (ptr=0x563000bb3020) at ../talloc.c:529
#5 _talloc_free (ptr=0x563000bb3020, location=0x56300006527a "../src/util/tev_curl.c:449") at ../talloc.c:1747
#6 0x00005630000418fb in schedule_fd_processing (multi=<optimized out>, timeout_ms=0, userp=<optimized out>) at ../src/util/tev_curl.c:449
#7 0x00007fde04f778cc in update_timer (multi=multi at entry=0x563000ba4aa0) at multi.c:2941
#8 0x00007fde04f78f76 in curl_multi_add_handle (data=0x563001fd2d50, multi=0x563000ba4aa0) at multi.c:500
#9 curl_multi_add_handle (multi=0x563000ba4aa0, data=0x563001fd2d50) at multi.c:376
#10 0x0000563000041fa9 in tcurl_request_send (mem_ctx=mem_ctx at entry=0x563000b945e0, ev=ev at entry=0x563000b958f0, tcurl_ctx=tcurl_ctx at entry=0x563000ba00c0, tcurl_req=tcurl_req at entry=0x563001fbcc60, timeout=timeout at entry=5) at ../src/util/tev_curl.c:700
#11 0x0000563000042a98 in tcurl_http_send (mem_ctx=0x563000b945e0, ev=ev at entry=0x563000b958f0, tcurl_ctx=0x563000ba00c0, method=method at entry=TCURL_HTTP_GET, socket_path=socket_path at entry=0x56300005d4a3 "/var/run/secrets.socket", url=<optimized out>, headers=0x56300007f9b0 <sec_headers>, body=0x0, timeout=5) at ../src/util/tev_curl.c:1017
#12 0x0000563000036e2f in ccdb_sec_get_default_send (mem_ctx=<optimized out>, ev=0x563000b958f0, db=<optimized out>, client=0x563001fce490) at ../src/responder/kcm/kcmsrv_ccache_secrets.c:995
#13 0x000056300002fabe in kcm_ccdb_get_default_send (mem_ctx=<optimized out>, ev=ev at entry=0x563000b958f0, db=0x563000ba1600, client=0x563001fce490) at ../src/responder/kcm/kcmsrv_ccache.c:470
#14 0x000056300003a3f2 in kcm_op_get_default_ccache_send (mem_ctx=<optimized out>, ev=0x563000b958f0, op_ctx=<optimized out>) at ../src/responder/kcm/kcmsrv_ops.c:1436
#15 0x00005630000389f3 in kcm_cmd_queue_done (subreq=0x0) at ../src/responder/kcm/kcmsrv_ops.c:196
#16 0x00007fde04f27479 in tevent_common_invoke_immediate_handler (im=0x563000bb2650, removed=removed at entry=0x0) at ../tevent_immediate.c:165
#17 0x00007fde04f274a3 in tevent_common_loop_immediate (ev=ev at entry=0x563000b958f0) at ../tevent_immediate.c:202
#18 0x00007fde04f2ce5b in epoll_event_loop_once (ev=0x563000b958f0, location=<optimized out>) at ../tevent_epoll.c:917
#19 0x00007fde04f2b2d7 in std_event_loop_once (ev=0x563000b958f0, location=0x7fde04b68178 "../src/util/server.c:725") at ../tevent_standard.c:110
#20 0x00007fde04f267e4 in _tevent_loop_once (ev=ev at entry=0x563000b958f0, location=location at entry=0x7fde04b68178 "../src/util/server.c:725") at ../tevent.c:772
#21 0x00007fde04f26a2b in tevent_common_loop_wait (ev=0x563000b958f0, location=0x7fde04b68178 "../src/util/server.c:725") at ../tevent.c:895
#22 0x00007fde04f2b277 in std_event_loop_wait (ev=0x563000b958f0, location=0x7fde04b68178 "../src/util/server.c:725") at ../tevent_standard.c:141
#23 0x00007fde04b438e3 in server_loop (main_ctx=0x563000b96dc0) at ../src/util/server.c:725
#24 0x000056300002cc70 in main (argc=<optimized out>, argv=<optimized out>) at ../src/responder/kcm/kcm.c:318
set width 0
set pagination off
bt
###############
echo 1 > /proc/sys/kernel/perf_event_paranoid
mc -e /lib/systemd/system/sssd-kcm.service
-ExecStart=/usr/lib/x86_64-linux-gnu/sssd/sssd_kcm --uid 0 --gid 0 ${DEBUG_LOGGER}
+ExecStart=/usr/bin/rr /usr/lib/x86_64-linux-gnu/sssd/sssd_kcm --uid 0 --gid 0 ${DEBUG_LOGGER}
systemctl daemon-reload
systemctl stop sssd
systemctl start sssd
systemctl stop sssd-kcm
systemctl start sssd-kcm
while true; do klist; done
Mai 31 13:46:39 debian systemd-coredump[4330]: Process 4273 (sssd_kcm) of user 0 dumped core.
Stack trace of thread 4273:
#0 0x00007f85946897bb __GI_raise (libc.so.6)
#1 0x00007f8594674535 __GI_abort (libc.so.6)
#2 0x00007f8594c6c621 talloc_abort (libtalloc.so.2)
#3 0x00007f8594c6c591 talloc_abort_unknown_value (libtalloc.so.2)
#4 0x00005622b38f98fb schedule_fd_processing (sssd_kcm)
#5 0x00007f8594cd88cc update_timer (libcurl-gnutls.so.4)
#6 0x00007f8594cd9f76 curl_multi_add_handle (libcurl-gnutls.so.4)
#7 0x00005622b38f9fa9 tcurl_request_send (sssd_kcm)
#8 0x00005622b38faa98 tcurl_http_send (sssd_kcm)
#9 0x00005622b38ef659 sec_list_send (sssd_kcm)
#10 0x00005622b38efc4e sec_get_ccache_send (sssd_kcm)
#11 0x00005622b38f016d ccdb_sec_getbyname_send (sssd_kcm)
#12 0x00005622b38e7e39 kcm_ccdb_getbyname_send (sssd_kcm)
#13 0x00005622b38f18d7 kcm_op_get_kdc_offset_send (sssd_kcm)
#14 0x00005622b38f09f3 kcm_cmd_queue_done (sssd_kcm)
#15 0x00007f8594c86479 tevent_common_invoke_immediate_handler (libtevent.so.0)
#16 0x00007f8594c864a3 tevent_common_loop_immediate (libtevent.so.0)
#17 0x00007f8594c8be5b epoll_event_loop_once (libtevent.so.0)
#18 0x00007f8594c8a2d7 std_event_loop_once (libtevent.so.0)
#19 0x00007f8594c857e4 _tevent_loop_once (libtevent.so.0)
#20 0x00007f8594c85a2b tevent_common_loop_wait (libtevent.so.0)
#21 0x00007f8594c8a277 std_event_loop_wait (libtevent.so.0)
#22 0x00007f85948a48e3 server_loop (libsss_util.so)
#23 0x00005622b38e4c70 main (sssd_kcm)
#24 0x00007f859467609b __libc_start_main (libc.so.6)
#25 0x00005622b38e4efa _start (sssd_kcm)
Mai 31 13:46:39 debian systemd[1]: systemd-coredump at 5-4329-0.service: Succeeded.
rr replay /tmp/rr/sssd_kcm-1
(rr) bt
#0 __GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1 0x00007f8594674535 in __GI_abort () at abort.c:79
#2 0x00007f8594c6c621 in talloc_abort (reason=0x7f8594c7a070 "Bad talloc magic value - unknown value") at ../talloc.c:500
#3 0x00007f8594c6c591 in talloc_abort_unknown_value () at ../talloc.c:529
#4 talloc_chunk_from_ptr (ptr=0x5622b5453df0) at ../talloc.c:529
#5 _talloc_free (ptr=0x5622b5453df0, location=0x5622b391d27a "../src/util/tev_curl.c:449") at ../talloc.c:1747
#6 0x00005622b38f98fb in schedule_fd_processing (multi=<optimized out>, timeout_ms=0, userp=<optimized out>) at ../src/util/tev_curl.c:449
#7 0x00007f8594cd88cc in update_timer (multi=multi at entry=0x5622b5440a50) at multi.c:2941
#8 0x00007f8594cd9f76 in curl_multi_add_handle (data=0x5622b6871250, multi=0x5622b5440a50) at multi.c:500
#9 curl_multi_add_handle (multi=0x5622b5440a50, data=0x5622b6871250) at multi.c:376
#10 0x00005622b38f9fa9 in tcurl_request_send (mem_ctx=mem_ctx at entry=0x5622b544e740, ev=ev at entry=0x5622b5431920, tcurl_ctx=tcurl_ctx at entry=0x5622b543c0f0, tcurl_req=tcurl_req at entry=0x5622b686b890, timeout=timeout at entry=5) at ../src/util/tev_curl.c:700
#11 0x00005622b38faa98 in tcurl_http_send (mem_ctx=0x5622b544e740, ev=ev at entry=0x5622b5431920, tcurl_ctx=0x5622b543c0f0, method=method at entry=TCURL_HTTP_GET, socket_path=socket_path at entry=0x5622b39154a3 "/var/run/secrets.socket", url=<optimized out>, headers=0x5622b39379b0 <sec_headers>, body=0x0, timeout=5) at ../src/util/tev_curl.c:1017
#12 0x00005622b38ef659 in sec_list_send (mem_ctx=<optimized out>, ev=ev at entry=0x5622b5431920, client=client at entry=0x5622b686a4e0, secdb=<optimized out>) at ../src/responder/kcm/kcmsrv_ccache_secrets.c:163
#13 0x00005622b38efc4e in sec_get_ccache_send (mem_ctx=<optimized out>, ev=ev at entry=0x5622b5431920, secdb=secdb at entry=0x5622b54409d0, client=client at entry=0x5622b686a4e0, name=name at entry=0x5622b543cea0 "0", uuid=uuid at entry=0x7ffdbedbd470 "") at ../src/responder/kcm/kcmsrv_ccache_secrets.c:482
#14 0x00005622b38f016d in ccdb_sec_getbyname_send (mem_ctx=<optimized out>, ev=0x5622b5431920, db=<optimized out>, client=0x5622b686a4e0, name=0x5622b543cea0 "0") at ../src/responder/kcm/kcmsrv_ccache_secrets.c:1275
#15 0x00005622b38e7e39 in kcm_ccdb_getbyname_send (mem_ctx=<optimized out>, ev=ev at entry=0x5622b5431920, db=0x5622b543d630, client=0x5622b686a4e0, name=0x5622b543cea0 "0") at ../src/responder/kcm/kcmsrv_ccache.c:692
#16 0x00005622b38f18d7 in kcm_op_get_kdc_offset_send (mem_ctx=<optimized out>, ev=0x5622b5431920, op_ctx=0x5622b544de60) at ../src/responder/kcm/kcmsrv_ops.c:1731
#17 0x00005622b38f09f3 in kcm_cmd_queue_done (subreq=0x0) at ../src/responder/kcm/kcmsrv_ops.c:196
#18 0x00007f8594c86479 in tevent_common_invoke_immediate_handler (im=0x5622b5430520, removed=removed at entry=0x0) at ../tevent_immediate.c:165
#19 0x00007f8594c864a3 in tevent_common_loop_immediate (ev=ev at entry=0x5622b5431920) at ../tevent_immediate.c:202
#20 0x00007f8594c8be5b in epoll_event_loop_once (ev=0x5622b5431920, location=<optimized out>) at ../tevent_epoll.c:917
#21 0x00007f8594c8a2d7 in std_event_loop_once (ev=0x5622b5431920, location=0x7f85948c9178 "../src/util/server.c:725") at ../tevent_standard.c:110
#22 0x00007f8594c857e4 in _tevent_loop_once (ev=ev at entry=0x5622b5431920, location=location at entry=0x7f85948c9178 "../src/util/server.c:725") at ../tevent.c:772
#23 0x00007f8594c85a2b in tevent_common_loop_wait (ev=0x5622b5431920, location=0x7f85948c9178 "../src/util/server.c:725") at ../tevent.c:895
#24 0x00007f8594c8a277 in std_event_loop_wait (ev=0x5622b5431920, location=0x7f85948c9178 "../src/util/server.c:725") at ../tevent_standard.c:141
#25 0x00007f85948a48e3 in server_loop (main_ctx=0x5622b5432df0) at ../src/util/server.c:725
#26 0x00005622b38e4c70 in main (argc=<optimized out>, argv=<optimized out>) at ../src/responder/kcm/kcm.c:318
(rr) list talloc.c:520
515
516 /* panic if we get a bad magic value */
517 static inline struct talloc_chunk *talloc_chunk_from_ptr(const void *ptr)
518 {
519 const char *pp = (const char *)ptr;
520 struct talloc_chunk *tc = discard_const_p(struct talloc_chunk, pp - TC_HDR_SIZE);
521 if (unlikely((tc->flags & (TALLOC_FLAG_FREE | ~TALLOC_FLAG_MASK)) != talloc_magic)) {
522 if ((tc->flags & (TALLOC_FLAG_FREE | ~TALLOC_FLAG_MASK))
523 == (TALLOC_MAGIC_NON_RANDOM | TALLOC_FLAG_FREE)) {
524 talloc_log("talloc: access after free error - first free may be at %s\n", tc->name);
525 talloc_abort_access_after_free();
526 return NULL;
527 }
528
529 talloc_abort_unknown_value();
530 return NULL;
531 }
532 return tc;
533 }
534
(rr) print &tc->flags
$6 = (unsigned int *) 0x5622b5453d90
(rr) watch *0x5622b5453d90
Hardware watchpoint 2: *0x5622b5453d90
(rr) reverse-cont
Continuing.
Hardware watchpoint 2: *0x5622b5453d90
Old value = -1232674576
New value = -367658381
0x00007f85946d340c in tcache_put (tc_idx=11, chunk=0x5622b5453d80) at malloc.c:2921
2921 malloc.c: Datei oder Verzeichnis nicht gefunden.
1: x/i $pc
=> 0x7f85946d340c <_int_free+860>: mov %rdx,0x10(%rbx)
(rr) bt
#0 0x00007f85946d340c in tcache_put (tc_idx=11, chunk=0x5622b5453d80) at malloc.c:2921
#1 _int_free (av=0x7f859480dc40 <main_arena>, p=0x5622b5453d80, have_lock=<optimized out>) at malloc.c:4200
#2 0x00007f8594c6f4d3 in _tc_free_internal (location=0x7f8594c8e15d "../tevent_timed.c:391", tc=<optimized out>) at ../talloc.c:1201
#3 _talloc_free_internal (location=0x7f8594c8e15d "../tevent_timed.c:391", ptr=<optimized out>) at ../talloc.c:1227
#4 _talloc_free (ptr=<optimized out>, location=0x7f8594c8e15d "../tevent_timed.c:391") at ../talloc.c:1769
#5 0x00007f8594c8ace1 in tevent_common_invoke_timer_handler (te=te at entry=0x5622b5453df0, current_time=..., removed=removed at entry=0x0) at ../tevent_timed.c:391
#6 0x00007f8594c8adea in tevent_common_loop_timer_delay (ev=ev at entry=0x5622b5431920) at ../tevent_timed.c:441
#7 0x00007f8594c8be67 in epoll_event_loop_once (ev=0x5622b5431920, location=<optimized out>) at ../tevent_epoll.c:922
#8 0x00007f8594c8a2d7 in std_event_loop_once (ev=0x5622b5431920, location=0x7f85948c9178 "../src/util/server.c:725") at ../tevent_standard.c:110
#9 0x00007f8594c857e4 in _tevent_loop_once (ev=ev at entry=0x5622b5431920, location=location at entry=0x7f85948c9178 "../src/util/server.c:725") at ../tevent.c:772
#10 0x00007f8594c85a2b in tevent_common_loop_wait (ev=0x5622b5431920, location=0x7f85948c9178 "../src/util/server.c:725") at ../tevent.c:895
#11 0x00007f8594c8a277 in std_event_loop_wait (ev=0x5622b5431920, location=0x7f85948c9178 "../src/util/server.c:725") at ../tevent_standard.c:141
#12 0x00007f85948a48e3 in server_loop (main_ctx=0x5622b5432df0) at ../src/util/server.c:725
#13 0x00005622b38e4c70 in main (argc=<optimized out>, argv=<optimized out>) at ../src/responder/kcm/kcm.c:318
set width 0
set pagination off
directory /home/benutzer/source/sssd-kcm/orig/sssd-1.16.3/src
directory /home/benutzer/source/libtalloc2/orig/talloc-2.1.14/debian
directory /home/benutzer/source/libtevent0/orig/tevent-0.9.37/debian
display/i $pc
cont
cont
cont
cont
cont
cont
bt
More information about the Pkg-sssd-devel
mailing list