Bug 622755

Summary: *** glibc detected *** clvmd: munmap_chunk(): invalid pointer: 0xbff5ba94 ***
Product: Red Hat Enterprise Linux 5 Reporter: Jaroslav Kortus <jkortus>
Component: lvm2-clusterAssignee: Milan Broz <mbroz>
Status: CLOSED ERRATA QA Contact: Cluster QE <mspqa-list>
Severity: medium Docs Contact:
Priority: low    
Version: 5.5CC: agk, ccaulfie, cmarthal, dwysocha, heinzm, jbrassow, joe.thornber, mbroz, prajnoha, prockai, pvrabec
Target Milestone: rc   
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: lvm2-cluster-2.02.73-1.el5 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-01-13 22:44:15 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jaroslav Kortus 2010-08-10 11:03:59 UTC 
Description of problem:
when clvmd -R is run and clvmd is not running, following backtrace is printed and clvmd is aborted. Interesting is that this happens only on i686 machines (not reproducible on ia64 nor x86_64 with the same procedure).

(05:55:38) [root@z1:~]$ pgrep clvmd
(05:55:54) [root@z1:~]$ clvmd -R
connect() failed on local socket: No such file or directory
*** glibc detected *** clvmd: munmap_chunk(): invalid pointer: 0xbff5ba94 ***
======= Backtrace: =========
/lib/libc.so.6(cfree+0x188)[0x179b18]
clvmd[0x8058a19]
clvmd(refresh_clvmd+0x126)[0x80593b6]
clvmd(main+0x1aa)[0x805632a]
/lib/libc.so.6(__libc_start_main+0xdc)[0x125e9c]
clvmd[0x8052bb1]
======= Memory map: ========
00110000-00262000 r-xp 00000000 fd:00 9113611    /lib/libc-2.5.so
00262000-00264000 r--p 00152000 fd:00 9113611    /lib/libc-2.5.so
00264000-00265000 rw-p 00154000 fd:00 9113611    /lib/libc-2.5.so
00265000-00268000 rw-p 00265000 00:00 0 
00b7b000-00b96000 r-xp 00000000 fd:00 9111999    /lib/ld-2.5.so
00b96000-00b97000 r--p 0001a000 fd:00 9111999    /lib/ld-2.5.so
00b97000-00b98000 rw-p 0001b000 fd:00 9111999    /lib/ld-2.5.so
00c29000-00c2a000 r-xp 00c29000 00:00 0          [vdso]
00cf4000-00cf7000 r-xp 00000000 fd:00 9113615    /lib/libdl-2.5.so
00cf7000-00cf8000 r--p 00002000 fd:00 9113615    /lib/libdl-2.5.so
00cf8000-00cf9000 rw-p 00003000 fd:00 9113615    /lib/libdl-2.5.so
00cfb000-00d10000 r-xp 00000000 fd:00 9113617    /lib/libpthread-2.5.so
00d10000-00d11000 r--p 00015000 fd:00 9113617    /lib/libpthread-2.5.so
00d11000-00d12000 rw-p 00016000 fd:00 9113617    /lib/libpthread-2.5.so
00d12000-00d14000 rw-p 00d12000 00:00 0 
00d16000-00d35000 r-xp 00000000 fd:00 9113639    /lib/libdevmapper.so.1.02
00d35000-00d37000 rw-p 0001e000 fd:00 9113639    /lib/libdevmapper.so.1.02
00d39000-00d3d000 r-xp 00000000 fd:00 9109580    /lib/libdevmapper-event.so.1.02
00d3d000-00d3e000 rw-p 00003000 fd:00 9109580    /lib/libdevmapper-event.so.1.02
00d56000-00d6c000 r-xp 00000000 fd:00 9113622    /lib/libselinux.so.1
00d6c000-00d6e000 rw-p 00015000 fd:00 9113622    /lib/libselinux.so.1
00d70000-00dab000 r-xp 00000000 fd:00 9113621    /lib/libsepol.so.1
00dab000-00dac000 rw-p 0003b000 fd:00 9113621    /lib/libsepol.so.1
00dac000-00db6000 rw-p 00dac000 00:00 0 
00db8000-00dbc000 r-xp 00000000 fd:00 14235775   /usr/lib/libdlm.so.2.0.115
00dbc000-00dbd000 rw-p 00003000 fd:00 14235775   /usr/lib/libdlm.so.2.0.115
00dc3000-00dc7000 r-xp 00000000 fd:00 14232744   /usr/lib/libcman.so.2.0.115
00dc7000-00dc8000 rw-p 00003000 fd:00 14232744   /usr/lib/libcman.so.2.0.115
00de4000-00def000 r-xp 00000000 fd:00 9113616    /lib/libgcc_s-4.1.2-20080825.so.1
00def000-00df0000 rw-p 0000a000 fd:00 9113616    /lib/libgcc_s-4.1.2-20080825.so.1
08047000-080cd000 r-xp 00000000 fd:00 14234114   /usr/sbin/clvmd
080cd000-080ce000 rw-p 00086000 fd:00 14234114   /usr/sbin/clvmd
080ce000-080d6000 rw-p 080ce000 00:00 0 
08708000-08729000 rw-p 08708000 00:00 0          [heap]
b7f2a000-b7f2d000 rw-p b7f2a000 00:00 0 
bff47000-bff5c000 rw-p bffea000 00:00 0          [stack]
Aborted (core dumped)

Version-Release number of selected component (if applicable):
lvm2-cluster-2.02.56-7.el5_5.4

How reproducible:
100%

Steps to Reproduce:
1. run clvmd -R on i686
2.
3.
  
Actual results:
core dumped
Program terminated with signal 6, Aborted.

Expected results:
no coring

Additional info:

Program terminated with signal 6, Aborted.
#0  0x00c29410 in __kernel_vsyscall ()
(gdb) bt full
#0  0x00c29410 in __kernel_vsyscall ()
No symbol table info available.
#1  0x00138df0 in raise () from /lib/libc.so.6
No symbol table info available.
#2  0x0013a701 in abort () from /lib/libc.so.6
No symbol table info available.
#3  0x0017128b in __libc_message () from /lib/libc.so.6
No symbol table info available.
#4  0x00179b18 in free () from /lib/libc.so.6
No symbol table info available.
#5  0x08058a19 in _cluster_free_request (response=0xbff5ba94, num=0) at refresh_clvmd.c:285
        i = 0
#6  0x080593b6 in refresh_clvmd () at refresh_clvmd.c:320
        num_responses = 0
        args = "\b"
        response = 0xbff5ba94
        saved_errno = 2
        status = 0
        i = -1074416008
#7  0x0805632a in main (argc=2, argv=0xbff5ba94) at clvmd.c:316
        local_sock = <value optimized out>
        nodeinfo = {
          sysname = "\001\000\000\000\224\270\365\277\260\270\365\277p\315\362\267K\207\325\000\340\204p\b(\270\365\277D\271\365\277\317MvӴ\270\365\277и\365\277p\315\362\267S\207\325\000\000\000\000\000\000\000\000\000a\233\027\000", <incomplete sequence \326>, 
          nodename = "+\301\213\000\000\000\000\360\270\365\277p\315\362\267[\207\325\000\224\307\021\000\304g\325\000\001\000\000\000\200Q&\000 \000\000\000\343\270\365\277pQ&\000\247J\270\000pQ&\000\030\310\317\000@Q&\000\001", 
          release = "\000\000\265E\270\000\320\034\022\000v\a\005\b\200\271\362\267\002\000\000\000)\232\270\000\037\334\004\b\034\265\362\267\300o\271\000T\271\362\267\350\270\365\277\034\271\365\277\215I\270\000\324\223\021\000H\265\362\267\000\276", <incomplete sequence \362>, 
          version = "\267\377\377\377\377H\265\362\267\244\001\021\000p\315\362\267\000\271\365\277\350\270\365\277\004\272\365\277.N=\366\v\000\000\000$<\021\000$:\021\000.N=\366", '\000' <repeats 12 times>, "\001\000\000", 
          machine = "7\b\000\000\200\271\362\267H\265\362\267)\340\004\b\224\307\021\000,\212\004\b\001\000\000\000\300o\271\000\020x\271\000\370\271\365\277\024\272\365\277\247J\270\000,\212\004\b\370\271\365\277\264w\271\000\t\000\000\000\200", 
          domainname = "\271\362\267\001\000\000\000\000\000\000\000\001\000\000\000\351\231\027\000\004\000\000\000d\271\365\277\004\000\000\000\230\271\365\277\004\000\000\000\000\204p\b\001\000\000\000\004\272\365\277\001\000\000\000\250\271\365\277\364\317\326\000@Q"}
        opt = <value optimized out>
        cmd_timeout = 60
        start_timeout = 0
        cluster_iface = IF_AUTO
        ss = {__val = {11, 3086136648, 1114532, 2344692694, 13619624, 3220551576, 3220551860, 273085911, 11, 1129508, 1126196, 273085910, 13619624, 
            0, 0, 1, 1403, 3086138880, 3086136648, 13993819, 1165204, 13986900, 1, 12152768, 3086143272, 3220551848, 3220551876, 12077735, 13986900, 
            3220551848, 12154804, 9}}
        debug_opt = 0
        clusterwide_opt = 0
Comment 1 Milan Broz 2010-08-10 11:26:27 UTC 
RHEL5 dup of bug #574595 ?
Comment 2 Jaroslav Kortus 2010-08-10 12:28:38 UTC 
Yes, looks exactly like the symptoms in bug 574595 except it's for RHEL5 and only on i686.
Comment 3 Milan Broz 2010-08-20 13:48:19 UTC 
This is fixed upstream for some time -> POST for now.
Comment 4 Milan Broz 2010-08-30 10:41:25 UTC 
Fix in lvm2-cluster-2.02.73-1.el5.
Comment 6 Corey Marthaler 2010-11-10 18:04:05 UTC 
Fix verified in the latest rpm (lvm2-cluster-2.02.74-3.el5).

(12:03:18) [root@z1:~]$ clvmd -R
connect() failed on local socket: No such file or directory
Comment 8 errata-xmlrpc 2011-01-13 22:44:15 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0053.html