Bugzilla – Bug 138006
ypserv crashes with a segfault
Last modified: 2006-01-11 10:16:22 UTC
I tried to use the ypserv, but i crashes with a segfault at: 0000000000000000 rip 000055555555a784 rsp 00007fffffa29930 error 4. The rsp number changes, the rest stays the same. Installed is version 2.18-3 (according to Yast). The machine is Fujitsu-Siemens Celsius V830 Workstation with a Dual-Core Opteron 1.8 GHz, 4 GB RAM. strace /usr/sbin/ypserv says the following execve("/usr/sbin/ypserv", ["/usr/sbin/ypserv"], [/* 58 vars */]) = 0 uname({sys="Linux", node="wisent", ...}) = 0 brk(0) = 0x555555663000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2aaaaaac0000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=111691, ...}) = 0 mmap(NULL, 111691, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2aaaaaac1000 close(3) = 0 open("/usr/lib64/libgdbm.so.3", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240\26\0"..., 640) = 640 fstat(3, {st_mode=S_IFREG|0755, st_size=23368, ...}) = 0 mmap(NULL, 1068808, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x2aaaaabc2000 madvise(0x2aaaaabc2000, 1068808, MADV_SEQUENTIAL|0x1) = 0 mprotect(0x2aaaaabc7000, 1048328, PROT_NONE) = 0 mmap(0x2aaaaacc6000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4000) = 0x2aaaaacc6000 close(3) = 0 open("/usr/lib64/libslp.so.1", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000Z\0\0"..., 640) = 640 fstat(3, {st_mode=S_IFREG|0755, st_size=96688, ...}) = 0 mmap(NULL, 1141456, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x2aaaaacc7000 madvise(0x2aaaaacc7000, 1141456, MADV_SEQUENTIAL|0x1) = 0 mprotect(0x2aaaaacdd000, 1051344, PROT_NONE) = 0 mmap(0x2aaaaaddd000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16000) = 0x2aaaaaddd000 close(3) = 0 open("/lib64/libnsl.so.1", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20I\0\0"..., 640) = 640 lseek(3, 624, SEEK_SET) = 624 read(3, "\4\0\0\0\20\0\0\0\1\0\0\0GNU\0\0\0\0\0\2\0\0\0\4\0\0\0"..., 32) = 32 fstat(3, {st_mode=S_IFREG|0755, st_size=101459, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2aaaaadde000 mmap(NULL, 1137392, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x2aaaaaddf000 madvise(0x2aaaaaddf000, 1137392, MADV_SEQUENTIAL|0x1) = 0 mprotect(0x2aaaaadf2000, 1059568, PROT_NONE) = 0 mmap(0x2aaaaaef1000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x12000) = 0x2aaaaaef1000 mmap(0x2aaaaaef3000, 6896, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x2aaaaaef3000 close(3) = 0 open("/lib64/tls/libc.so.6", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0`\306\1\0"..., 640) = 640 lseek(3, 64, SEEK_SET) = 64 read(3, "\6\0\0\0\5\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0"..., 616) = 616 lseek(3, 680, SEEK_SET) = 680 read(3, "\4\0\0\0\20\0\0\0\1\0\0\0GNU\0\0\0\0\0\2\0\0\0\6\0\0\0"..., 32) = 32 fstat(3, {st_mode=S_IFREG|0755, st_size=1468180, ...}) = 0 lseek(3, 64, SEEK_SET) = 64 read(3, "\6\0\0\0\5\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0"..., 616) = 616 mmap(NULL, 2272424, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x2aaaaaef5000 madvise(0x2aaaaaef5000, 2272424, MADV_SEQUENTIAL|0x1) = 0 mprotect(0x2aaaab017000, 1084584, PROT_NONE) = 0 mmap(0x2aaaab116000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x121000) = 0x2aaaab116000 mmap(0x2aaaab11c000, 15528, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x2aaaab11c000 close(3) = 0 open("/lib64/tls/libm.so.6", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p=\0\0\0"..., 640) = 640 lseek(3, 624, SEEK_SET) = 624 read(3, "\4\0\0\0\20\0\0\0\1\0\0\0GNU\0\0\0\0\0\2\0\0\0\6\0\0\0"..., 32) = 32 fstat(3, {st_mode=S_IFREG|0755, st_size=424266, ...}) = 0 mmap(NULL, 1402648, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x2aaaab120000 madvise(0x2aaaab120000, 1402648, MADV_SEQUENTIAL|0x1) = 0 mprotect(0x2aaaab176000, 1050392, PROT_NONE) = 0 mmap(0x2aaaab275000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x55000) = 0x2aaaab275000 close(3) = 0 open("/lib64/libresolv.so.2", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\2608\0\0"..., 640) = 640 lseek(3, 624, SEEK_SET) = 624 read(3, "\4\0\0\0\20\0\0\0\1\0\0\0GNU\0\0\0\0\0\2\0\0\0\4\0\0\0"..., 32) = 32 fstat(3, {st_mode=S_IFREG|0755, st_size=85751, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2aaaab277000 mmap(NULL, 1129264, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x2aaaab278000 madvise(0x2aaaab278000, 1129264, MADV_SEQUENTIAL|0x1) = 0 mprotect(0x2aaaab288000, 1063728, PROT_NONE) = 0 mmap(0x2aaaab388000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x10000) = 0x2aaaab388000 mmap(0x2aaaab38a000, 6960, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x2aaaab38a000 close(3) = 0 open("/usr/lib64/libcrypto.so.0.9.7", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200\374"..., 640) = 640 fstat(3, {st_mode=S_IFREG|0555, st_size=1284056, ...}) = 0 mmap(NULL, 2324712, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x2aaaab38c000 madvise(0x2aaaab38c000, 2324712, MADV_SEQUENTIAL|0x1) = 0 mprotect(0x2aaaab4a1000, 1190120, PROT_NONE) = 0 mmap(0x2aaaab5a1000, 126976, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x115000) = 0x2aaaab5a1000 mmap(0x2aaaab5c0000, 14568, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x2aaaab5c0000 close(3) = 0 open("/lib64/libdl.so.2", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P\20\0\0"..., 640) = 640 lseek(3, 624, SEEK_SET) = 624 read(3, "\4\0\0\0\20\0\0\0\1\0\0\0GNU\0\0\0\0\0\2\0\0\0\4\0\0\0"..., 32) = 32 fstat(3, {st_mode=S_IFREG|0755, st_size=15389, ...}) = 0 mmap(NULL, 1057000, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x2aaaab5c4000 madvise(0x2aaaab5c4000, 1057000, MADV_SEQUENTIAL|0x1) = 0 mprotect(0x2aaaab5c6000, 1048808, PROT_NONE) = 0 mmap(0x2aaaab6c5000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1000) = 0x2aaaab6c5000 close(3) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2aaaab6c7000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2aaaab6c8000 mprotect(0x2aaaab116000, 12288, PROT_READ) = 0 arch_prctl(ARCH_SET_FS, 0x2aaaab6c8160) = 0 munmap(0x2aaaaaac1000, 111691) = 0 clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x2aaaab6c81f0) = 10645 --- SIGCHLD (Child exited) @ 0 (0) --- exit_group(0) = ?
Maybe a HW problem due to the fact that the Dual-Core Opteron do not have this problem.
strace is complete useless for seg.faults. Please deliver a backtrace with gdb.
Sorry, I am not a very experienced system programmer.... I tried with gdb /usr/sbin/ypserv and run. gdb says that the programm terminated normally, but I have the segfault message in /var/log/messages. As the programm "terminated normally" I have no stack in the with the "bt" command in gdb. Any further suggestions? By the way, it is a dual core opteron 265.
You have to call ypserv with -d option for debug mode, so that it does not detach from console.
Created attachment 60269 [details] Output from gdb backtrace So finally I made the backtrace, I hope it helps.
(In reply to comment #5) > Created an attachment (id=60269) [edit] > Output from gdb backtrace > > So finally I made the backtrace, I hope it helps. Did you remove some messages from the backtrace?
it is as it came out of the logging from gdb. But as I ran it again, there is some lines missed in the begining of the log: [ypserv (ypserv) 2.18] Find securenet: 255.0.0.0 127.0.0.0 Find securenet: 0.0.0.0 0.0.0.0 ypserv.conf: dns: 0 ypserv.conf: files: 30 ypserv.conf: slp: 2 ypserv.conf: slp_timeout: 3600 ypserv.conf: xfr_check_port: 1 ypserv.conf: 0.0.0.0/0.0.0.0:*:shadow.byname:2 ypserv.conf: 0.0.0.0/0.0.0.0:*:passwd.adjunct.byname:2 Program received signal SIGSEGV, Segmentation fault.
"Dual-Core Opteron": from our own experience a BIOS update fixes a lot of seg.faults nobody else was seeing.
A Bios Update to Version 1.04 didn't help, but I found something else while digging through /var/log/messages, the last ypserv message before segfaulting was ypserv[10720]: Error registering service with slp -20 a few minutes later after the next reboot ypserv started segfaulting.
Created attachment 62644 [details] ypserv-2.18-3.1tk.x86_64.rpm
The RPM from comment #10 is compiled without position independend code and with full debug informations. Please test that, I hope that this package will generate a more usefull backtrace.
I did so, it still sefaults, here are the results: Starting programm: /usr/sbin/ypserv -d [ypserv (ypserv) 2.19] Find securenet 255.0.0.0 127.0.0.0 Find securenet 0.0.0.0 0.0.0.0 ypserv.conf: dns: 0 ypserv.conf: files: 30 ypserv.conf: slp: 2 ypserv.conf: slp_timeout: 3600 ypserv.conf: xfr_check_port: 1 ypserv.conf: 0.0.0.0/0.0.0.0:*:shadow.byname:2 ypserv.conf: 0.0.0.0/0.0.0.0:*:passwd.adjunct.byname:2 Program received signal SIGSEGV, Segmentation fault. 0x0000000000405c14 in register_slp () #0 0x0000000000405c14 in register_slp () #1 0x000000000040353a in main ()
I think I found it: Your hostname is not resolveable and there is one point where this is not checked. You can disable slp in ypserv.conf as workaround or fix your hostname setup.
Created attachment 62730 [details] ypserv-2.19
Please test the version from comment #14.
It now works without any changes in hostname setup or disabeling slp. Fine + Thank you!
Fixed for 10.1