Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1783169

Summary:	[abrt] [faf] sssd: _dbus_list_unlink(): /usr/libexec/sssd/sssd_be killed by 11
Product:	Red Hat Enterprise Linux 8	Reporter:	Madhuri <mupadhye>
Component:	sssd	Assignee:	Alexey Tikhonov <atikhono>
Status:	CLOSED DUPLICATE	QA Contact:	sssd-qe <sssd-qe>
Severity:	unspecified	Docs Contact:
Priority:	unspecified
Version:	8.1	CC:	aboscatt, atikhono, dking, grajaiya, jhrozek, lslebodn, mzidek, pbrezina, sgoveas, sumenon, tscherf, vkreuk
Target Milestone:	rc	Keywords:	Triaged
Target Release:	---	Flags:	pm-rhel: mirror+
Hardware:	Unspecified
OS:	Unspecified
URL:	http://faf.lab.eng.brq.redhat.com/faf/reports/bthash/f9cd7a3e9c5e365f6af3b6ea751516a60f67b1af/
Whiteboard:	sync-to-jira
Fixed In Version:		Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2021-06-13 07:30:15 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Madhuri 2019-12-13 07:50:20 UTC

This bug has been created based on an anonymous crash report requested by the package maintainer.

Report URL: http://faf.lab.eng.brq.redhat.com/faf/reports/bthash/f9cd7a3e9c5e365f6af3b6ea751516a60f67b1af/


time:           Thu 12 Dec 2019 08:58:22 AM EST
package:        sssd-common-2.2.0-19.el8
reason:         sssd_be killed by SIGSEGV
crash_function: _dbus_list_unlink
cmdline:        /usr/libexec/sssd/sssd_be --domain implicit_files --uid 0 --gid 0 --logger=files
executable:     /usr/libexec/sssd/sssd_be
component:      sssd
uid:            0
username:       root
hostname:       ci-vm-10-0-154-165.hosted.upshift.rdu2.redhat.com
os_release:     Red Hat Enterprise Linux release 8.1 (Ootpa)
architecture:   x86_64
pwd:            /
kernel:         4.18.0-147.0.3.el8_1.x86_64
abrt_version:   2.10.9
exploitable:
:Likely crash reason: Jump to an invalid address
:Exploitable rating (0-9 scale): 6

Reports:
uReport: BTHASH=f9cd7a3e9c5e365f6af3b6ea751516a60f67b1af
ABRT Server: URL=http://faf.lab.eng.brq.redhat.com/faf/reports/bthash/f9cd7a3e9c5e365f6af3b6ea751516a60f67b1af
CI Job: https://idm-jenkins.rhev-ci-vms.eng.rdu2.redhat.com/job/sssd-rhel-pr/job/RHEL8.1/6/
upload: URL=ftp://auto-hv-01.idmqe.lab.eng.bos.redhat.com/sssd_be.7209.1576159102.ci-vm-10-0-154-165.hosted.upshift.rdu2.redhat.com.tar.gz

Full Backtrace:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/libexec/sssd/sssd_be-2.2.0-19.el8.x86_64.debug
[New LWP 7209]
Error while reading shared library symbols for /usr/lib64/sssd/libsss_util.so:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/sssd/libsss_util.so-2.2.0-19.el8.x86_64.debug
Error while reading shared library symbols for /lib64/libbasicobjects.so.0:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/libbasicobjects.so.0.1.0-0.6.1-39.el8.x86_64.debug
Error while reading shared library symbols for /lib64/libref_array.so.1:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/libref_array.so.1.2.1-0.6.1-39.el8.x86_64.debug
Error while reading shared library symbols for /lib64/libcollection.so.4:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/libcollection.so.4.1.1-0.6.1-39.el8.x86_64.debug
Error while reading shared library symbols for /usr/lib64/sssd/libsss_cert.so:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/sssd/libsss_cert.so-2.2.0-19.el8.x86_64.debug
Error while reading shared library symbols for /usr/lib64/sssd/libsss_crypt.so:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/sssd/libsss_crypt.so-2.2.0-19.el8.x86_64.debug
Error while reading shared library symbols for /usr/lib64/sssd/libsss_child.so:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/sssd/libsss_child.so-2.2.0-19.el8.x86_64.debug
Error while reading shared library symbols for /lib64/libsss_certmap.so.0:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/libsss_certmap.so.0.1.0-2.2.0-19.el8.x86_64.debug
Error while reading shared library symbols for /usr/lib64/sssd/libsss_debug.so:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/sssd/libsss_debug.so-2.2.0-19.el8.x86_64.debug
Error while reading shared library symbols for /lib64/libsystemd.so.0:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/libsystemd.so.0.23.0-239-18.el8.x86_64.debug
Error while reading shared library symbols for /usr/lib64/sssd/libsss_iface.so:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/sssd/libsss_iface.so-2.2.0-19.el8.x86_64.debug
Error while reading shared library symbols for /usr/lib64/sssd/libsss_sbus.so:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/sssd/libsss_sbus.so-2.2.0-19.el8.x86_64.debug
Error while reading shared library symbols for /lib64/libdhash.so.1:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/libdhash.so.1.1.0-0.6.1-39.el8.x86_64.debug
warning: Loadable section ".note.gnu.property" outside of ELF segments
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Error while reading shared library symbols for /lib64/libpath_utils.so.1:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/libpath_utils.so.1.0.1-0.6.1-39.el8.x86_64.debug
Error while reading shared library symbols for /lib64/liblz4.so.1:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/liblz4.so.1.8.1-1.8.1.2-4.el8.x86_64.debug
Error while reading shared library symbols for /lib64/libmount.so.1:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/libmount.so.1.1.0-2.32.1-17.el8.x86_64.debug
Error while reading shared library symbols for /lib64/libgcc_s.so.1:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/lib64/libgcc_s-8-20190507.so.1-8.3.1-4.5.el8.x86_64.debug
Error while reading shared library symbols for /lib64/libblkid.so.1:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/libblkid.so.1.1.0-2.32.1-17.el8.x86_64.debug
Error while reading shared library symbols for /lib64/libuuid.so.1:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/libuuid.so.1.3.0-2.32.1-17.el8.x86_64.debug
Error while reading shared library symbols for /lib64/libsasl2.so.3:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/libsasl2.so.3.0.0-2.1.27-1.el8.x86_64.debug
Error while reading shared library symbols for /lib64/libk5crypto.so.3:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/libk5crypto.so.3.1-1.17-9.el8.x86_64.debug
Error while reading shared library symbols for /lib64/libcom_err.so.2:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/libcom_err.so.2.1-1.44.6-3.el8.x86_64.debug
Error while reading shared library symbols for /lib64/libkrb5support.so.0:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/libkrb5support.so.0.1-1.17-9.el8.x86_64.debug
Error while reading shared library symbols for /lib64/libkeyutils.so.1:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/libkeyutils.so.1.6-1.5.10-6.el8.x86_64.debug
Error while reading shared library symbols for /usr/lib64/ldb/modules/ldb/memberof.so:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/ldb/modules/ldb/memberof.so-2.2.0-19.el8.x86_64.debug
Error while reading shared library symbols for /lib64/libnss_sss.so.2:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/libnss_sss.so.2-2.2.0-19.el8.x86_64.debug
Error while reading shared library symbols for /lib64/libnss_systemd.so.2:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/libnss_systemd.so.2-239-18.el8.x86_64.debug
Error while reading shared library symbols for /usr/lib64/sssd/libsss_files.so:
could not find '.gnu_debugaltlink' file for /var/cache/abrt-di/usr/lib/debug/usr/lib64/sssd/libsss_files.so-2.2.0-19.el8.x86_64.debug
Core was generated by `/usr/libexec/sssd/sssd_be --domain implicit_files --uid 0 --gid 0 --logger=file'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  _dbus_list_unlink (list=0x562438401240, link=link@entry=0x0) at ../../dbus/dbus-list.c:502
502     ../../dbus/dbus-list.c: No such file or directory.

Thread 1 (Thread 0x7f2c6db3db40 (LWP 7209)):
#0  _dbus_list_unlink (list=0x562438401240, link=link@entry=0x0) at ../../dbus/dbus-list.c:502
No locals.
#1  0x00007f2c69d0c75d in _dbus_list_remove_link (list=<optimized out>, link=0x0) at ../../dbus/dbus-list.c:530
No locals.
#2  0x00007f2c69cfb0f5 in _dbus_message_remove_counter (message=message@entry=0x5624384011d0, counter=0x56243838a360) at ../../dbus/dbus-message.c:384
        link = <optimized out>
#3  0x00007f2c69cee581 in free_outgoing_message (element=0x5624384011d0, data=<optimized out>) at ../../dbus/dbus-connection.c:2704
        message = 0x5624384011d0
        connection = <optimized out>
#4  0x00007f2c69cf00f5 in _dbus_connection_last_unref (connection=0x5624383fd0c0) at ../../dbus/dbus-connection.c:2764
        link = <optimized out>
#5  0x00007f2c6a56e381 in ?? () from /usr/lib64/sssd/libsss_sbus.so
No symbol table info available.
#6  0x00005624383df010 in ?? ()
No symbol table info available.
#7  0x00007f2c69f3325b in _tc_free_internal (location=0x7f2c6a5862e8 "src/sbus/connection/sbus_connection.c:438", tc=0x5624383defb0) at ../../talloc.c:1137
        d = 0x7f2c6a56e340
        ptr_to_free = <optimized out>
        ptr = 0x5624383df010
        ptr_to_free = <optimized out>
        ptr = <optimized out>
        is_child = <optimized out>
        d = <optimized out>
        pool = <optimized out>
        _flen = <optimized out>
        _fptr = <optimized out>
#8  _talloc_free_internal (location=0x7f2c6a5862e8 "src/sbus/connection/sbus_connection.c:438", ptr=0x5624383df010) at ../../talloc.c:1227
        tc = 0x5624383defb0
        tc = <optimized out>
        fill = <optimized out>
#9  _talloc_free (ptr=0x5624383df010, location=0x7f2c6a5862e8 "src/sbus/connection/sbus_connection.c:438") at ../../talloc.c:1769
        tc = 0x5624383defb0
#10 0x00007f2c6a14e279 in tevent_common_invoke_timer_handler (te=te@entry=0x56243843ed00, current_time=..., removed=removed@entry=0x0) at ../../tevent_timed.c:370
        handler_ev = 0x56243833fce0
#11 0x00007f2c6a14e41e in tevent_common_loop_timer_delay (ev=ev@entry=0x56243833fce0) at ../../tevent_timed.c:442
        current_time = {tv_sec = 1576159102, tv_usec = 683113}
        te = 0x56243843ed00
        ret = <optimized out>
#12 0x00007f2c6a14f66b in epoll_event_loop_once (ev=0x56243833fce0, location=<optimized out>) at ../../tevent_epoll.c:922
        epoll_ev = 0x56243833ff70
        tval = {tv_sec = 0, tv_usec = 0}
        panic_triggered = false
#13 0x00007f2c6a14d85b in std_event_loop_once (ev=0x56243833fce0, location=0x7f2c6d0fe0f9 "src/util/server.c:719") at ../../tevent_standard.c:110
        glue_ptr = <optimized out>
        glue = 0x56243833fe20
        ret = <optimized out>
#14 0x00007f2c6a148a55 in _tevent_loop_once (ev=ev@entry=0x56243833fce0, location=location@entry=0x7f2c6d0fe0f9 "src/util/server.c:719") at ../../tevent.c:772
        ret = <optimized out>
        nesting_stack_ptr = 0x0
#15 0x00007f2c6a148cfb in tevent_common_loop_wait (ev=0x56243833fce0, location=0x7f2c6d0fe0f9 "src/util/server.c:719") at ../../tevent.c:895
        ret = <optimized out>
#16 0x00007f2c6a14d7eb in std_event_loop_wait (ev=0x56243833fce0, location=0x7f2c6d0fe0f9 "src/util/server.c:719") at ../../tevent_standard.c:141
        glue_ptr = <optimized out>
        glue = 0x56243833fe20
        ret = <optimized out>
#17 0x00007f2c6d0dcc17 in ?? () from /usr/lib64/sssd/libsss_util.so
No symbol table info available.
#18 0x000056243833e8a0 in ?? ()
No symbol table info available.
#19 0x0000562436bdb2fb in ?? ()
No symbol table info available.
#20 0x00000000000001b6 in ?? ()
No symbol table info available.
#21 0x0000000000000000 in ?? ()
No symbol table info available.
>From                To                  Syms Read   Shared Object Library
0x00007f2c6d737090  0x00007f2c6d737e89  Yes         /lib64/libdl.so.2
0x00007f2c6d5256b0  0x00007f2c6d5318b9  Yes         /lib64/libcares.so.2
0x00007f2c6d316d30  0x00007f2c6d31e729  Yes         /lib64/libpam.so.0
0x00007f2c6d0a75e0  0x00007f2c6d0ee592  No          /usr/lib64/sssd/libsss_util.so
0x00007f2c6ce8b5e0  0x00007f2c6ce8e940  Yes         /lib64/librt.so.1
0x00007f2c6cc7e980  0x00007f2c6cc85a56  Yes         /lib64/libpopt.so.0
0x00007f2c6ca51bb0  0x00007f2c6ca6c071  Yes         /lib64/libldb.so.1
0x00007f2c6c824aa0  0x00007f2c6c83c8ff  Yes         /lib64/libselinux.so.1
0x00007f2c6c608d20  0x00007f2c6c6156a5  Yes         /lib64/libtdb.so.1
0x00007f2c6c395760  0x00007f2c6c3e5d66  Yes         /lib64/libpcre.so.1
0x00007f2c6c17f970  0x00007f2c6c18e01d  Yes         /lib64/libini_config.so.5
0x00007f2c6bf76a60  0x00007f2c6bf76d78  No          /lib64/libbasicobjects.so.0
0x00007f2c6bd73b10  0x00007f2c6bd744da  No          /lib64/libref_array.so.1
0x00007f2c6bb69750  0x00007f2c6bb6f19d  No          /lib64/libcollection.so.4
0x00007f2c6b961190  0x00007f2c6b9633cf  No          /usr/lib64/sssd/libsss_cert.so
0x00007f2c6b75a070  0x00007f2c6b75c68c  No          /usr/lib64/sssd/libsss_crypt.so
0x00007f2c6b5538d0  0x00007f2c6b55555c  No          /usr/lib64/sssd/libsss_child.so
0x00007f2c6b346030  0x00007f2c6b34d0df  No          /lib64/libsss_certmap.so.0
0x00007f2c6aede000  0x00007f2c6b080f20  Yes         /lib64/libcrypto.so.1.1
0x00007f2c6ac604f0  0x00007f2c6ac617bd  No          /usr/lib64/sssd/libsss_debug.so
0x00007f2c6a9cbc70  0x00007f2c6aa33864  No          /lib64/libsystemd.so.0
0x00007f2c6a7a1f10  0x00007f2c6a7ae976  No          /usr/lib64/sssd/libsss_iface.so
0x00007f2c6a568b70  0x00007f2c6a583bb8  No          /usr/lib64/sssd/libsss_sbus.so
0x00007f2c6a356ba0  0x00007f2c6a357f0b  No          /lib64/libdhash.so.1
0x00007f2c6a147410  0x00007f2c6a14faf0  Yes         /lib64/libtevent.so.0
0x00007f2c69f2fc10  0x00007f2c69f3d982  Yes         /lib64/libtalloc.so.2
0x00007f2c69ce9810  0x00007f2c69d15e85  Yes         /lib64/libdbus-1.so.3
0x00007f2c699dbfe0  0x00007f2c69a57792  Yes         /lib64/libglib-2.0.so.0
0x00007f2c6961ead0  0x00007f2c6976958f  Yes         /lib64/libc.so.6
0x00007f2c6d93b030  0x00007f2c6d95a214  Yes         /lib64/ld-linux-x86-64.so.2
0x00007f2c693d6760  0x00007f2c693dd373  Yes (*)     /lib64/libaudit.so.1
0x00007f2c691b98a0  0x00007f2c691c7db5  Yes         /lib64/libpthread.so.0
0x00007f2c68f8b340  0x00007f2c68f95020  Yes         /lib64/libcrypt.so.1
0x00007f2c68d08350  0x00007f2c68d63803  Yes         /lib64/libpcre2-8.so.0
0x00007f2c68b02e00  0x00007f2c68b040f5  No          /lib64/libpath_utils.so.1
0x00007f2c688ed700  0x00007f2c688fa8c7  Yes         /lib64/libz.so.1
0x00007f2c686c75a0  0x00007f2c686de436  Yes         /lib64/liblzma.so.5
0x00007f2c684af1d0  0x00007f2c684c05bb  No          /lib64/liblz4.so.1
0x00007f2c682a8890  0x00007f2c682aa30a  Yes         /lib64/libcap.so.2
0x00007f2c6805ba10  0x00007f2c68091852  No          /lib64/libmount.so.1
0x00007f2c67d3c580  0x00007f2c67e0ad1c  Yes         /lib64/libgcrypt.so.20
0x00007f2c67b1bdc0  0x00007f2c67b2ca15  No          /lib64/libgcc_s.so.1
0x00007f2c67791140  0x00007f2c6789e940  Yes         /lib64/libgnutls.so.30
0x00007f2c675588a0  0x00007f2c6755a729  Yes         /lib64/libcap-ng.so.0
0x00007f2c67310620  0x00007f2c67341392  No          /lib64/libblkid.so.1
0x00007f2c670fea50  0x00007f2c67102481  No          /lib64/libuuid.so.1
0x00007f2c66ee0850  0x00007f2c66ef1e62  Yes         /lib64/libgpg-error.so.0
0x00007f2c66bd4b10  0x00007f2c66c6cd90  Yes         /lib64/libp11-kit.so.0
0x00007f2c6698c9c0  0x00007f2c66990832  Yes         /lib64/libidn2.so.0
0x00007f2c6661c730  0x00007f2c6665027e  Yes         /lib64/libunistring.so.2
0x00007f2c663fa020  0x00007f2c66404db3  Yes         /lib64/libtasn1.so.6
0x00007f2c661c7c50  0x00007f2c661e4f2c  Yes         /lib64/libnettle.so.6
0x00007f2c65f95df0  0x00007f2c65fa54cf  Yes         /lib64/libhogweed.so.4
0x00007f2c65d07180  0x00007f2c65d74b84  Yes         /lib64/libgmp.so.10
0x00007f2c65aee800  0x00007f2c65af32aa  Yes         /lib64/libffi.so.6
0x00007f2c58935130  0x00007f2c58935a32  Yes         /usr/lib64/ldb/modules/ldb/asq.so
0x00007f2c5872f9e0  0x00007f2c58731518  Yes         /usr/lib64/ldb/modules/ldb/ldap.so
0x00007f2c584eec10  0x00007f2c5851ca30  Yes         /lib64/libldap-2.4.so.2
0x00007f2c582d2ca0  0x00007f2c582d9fea  Yes         /lib64/liblber-2.4.so.2
0x00007f2c580bbc70  0x00007f2c580c7cbe  Yes         /lib64/libresolv.so.2
0x00007f2c57e9f3b0  0x00007f2c57eb07c7  No          /lib64/libsasl2.so.3
0x00007f2c57c25b10  0x00007f2c57c71f4a  Yes         /lib64/libssl.so.1.1
0x00007f2c579c3e70  0x00007f2c579f6f7f  Yes         /lib64/libgssapi_krb5.so.2
0x00007f2c576eeea0  0x00007f2c5775ad61  Yes         /lib64/libkrb5.so.3
0x00007f2c574afdd0  0x00007f2c574be914  No          /lib64/libk5crypto.so.3
0x00007f2c572a7780  0x00007f2c572a83a9  No          /lib64/libcom_err.so.2
0x00007f2c57099510  0x00007f2c570a12fb  No          /lib64/libkrb5support.so.0
0x00007f2c56e92790  0x00007f2c56e93508  No          /lib64/libkeyutils.so.1
0x00007f2c56c8f850  0x00007f2c56c8fa22  Yes         /usr/lib64/ldb/modules/ldb/ldb.so
0x00007f2c56a7e560  0x00007f2c56a87a92  Yes         /usr/lib64/ldb/libldb-key-value.so
0x00007f2c56876340  0x00007f2c5687773b  Yes         /usr/lib64/ldb/libldb-tdb-int.so
0x00007f2c56671f10  0x00007f2c5667253b  Yes         /usr/lib64/ldb/libldb-tdb-err-map.so
0x00007f2c564631c0  0x00007f2c5646be63  No          /usr/lib64/ldb/modules/ldb/memberof.so
0x00007f2c5625d2f0  0x00007f2c5625dae2  Yes         /usr/lib64/ldb/modules/ldb/paged_searches.so
0x00007f2c56059430  0x00007f2c5605a522  Yes         /usr/lib64/ldb/modules/ldb/rdn_name.so
0x00007f2c55e55bc0  0x00007f2c55e55ec2  Yes         /usr/lib64/ldb/modules/ldb/sample.so
0x00007f2c55c52210  0x00007f2c55c52bc2  Yes         /usr/lib64/ldb/modules/ldb/server_sort.so
0x00007f2c55a4ed30  0x00007f2c55a4efb2  Yes         /usr/lib64/ldb/modules/ldb/skel.so
0x00007f2c5584c770  0x00007f2c5584c8a2  Yes         /usr/lib64/ldb/modules/ldb/tdb.so
0x00007f2c55332850  0x00007f2c55337786  No          /lib64/libnss_sss.so.2
0x00007f2c55121720  0x00007f2c55127b3c  Yes         /lib64/libnss_files.so.2
0x00007f2c54ecfb00  0x00007f2c54f057e4  No          /lib64/libnss_systemd.so.2
0x00007f2c54cc0270  0x00007f2c54cc475f  No          /usr/lib64/sssd/libsss_files.so

Comment 3 Alexey Tikhonov 2019-12-18 19:03:14 UTC

(In reply to Alexey Tikhonov from comment #2)
> But it is very similar to bz 1628126 /
> https://github.com/SSSD/sssd/pull/646#issuecomment-419115356

Right, this is the same case as in https://github.com/SSSD/sssd/pull/646#issuecomment-419115356
In regards of BZ 1628126 - I think it was linked to that upstream PR/ticket by a mistake.

Comment 4 Alexey Tikhonov 2019-12-18 19:43:31 UTC

#0  _dbus_list_unlink (list=0x562438401240, link=link@entry=0x0) at ../../dbus/dbus-list.c:502
#1  0x00007f2c69d0c75d in _dbus_list_remove_link (list=<optimized out>, link=0x0) at ../../dbus/dbus-list.c:530
#2  0x00007f2c69cfb0f5 in _dbus_message_remove_counter (message=message@entry=0x5624384011d0, counter=0x56243838a360) at ../../dbus/dbus-message.c:384
#3  0x00007f2c69cee581 in free_outgoing_message (element=0x5624384011d0, data=<optimized out>) at ../../dbus/dbus-connection.c:2704
#4  0x00007f2c69cf00f5 in _dbus_connection_last_unref (connection=0x5624383fd0c0) at ../../dbus/dbus-connection.c:2764
#5  0x00007f2c69cf0781 in dbus_connection_unref (connection=<optimized out>) at ../../dbus/dbus-connection.c:2842
#6  0x00007f2c6a56e381 in sbus_connection_release (conn=0x5624383df010, conn=0x5624383df010) at src/sbus/connection/sbus_connection.c:56
#7  sbus_connection_destructor (conn=conn@entry=0x5624383df010) at src/sbus/connection/sbus_connection.c:73
#8  0x00007f2c69f3325b in _tc_free_internal (location=0x7f2c6a5862e8 "src/sbus/connection/sbus_connection.c:438", tc=0x5624383defb0)
    at ../../talloc.c:1137
#9  _talloc_free_internal (location=0x7f2c6a5862e8 "src/sbus/connection/sbus_connection.c:438", ptr=0x5624383df010) at ../../talloc.c:1227
#10 _talloc_free (ptr=0x5624383df010, location=0x7f2c6a5862e8 "src/sbus/connection/sbus_connection.c:438") at ../../talloc.c:1769
#11 0x00007f2c6a14e279 in tevent_common_invoke_timer_handler (te=te@entry=0x56243843ed00, current_time=..., removed=removed@entry=0x0)
    at ../../tevent_timed.c:370
#12 0x00007f2c6a14e41e in tevent_common_loop_timer_delay (ev=ev@entry=0x56243833fce0) at ../../tevent_timed.c:442
...

(gdb) frame 6
#6  0x00007f2c6a56e381 in sbus_connection_release (conn=0x5624383df010, conn=0x5624383df010) at src/sbus/connection/sbus_connection.c:56
56	    dbus_connection_unref(conn->connection);

(gdb) p conn->connection 
$19 = (DBusConnection *) 0x5624383fd0c0
(gdb) p *conn->connection 
$13 = {refcount = {value = 0}, mutex = 0x56243838ded0, dispatch_mutex = 0x5624383a7a90, dispatch_cond = 0x562438350690, io_path_mutex = 0x56243839deb0, io_path_cond = 0x5624383feee0, outgoing_messages = 0x562438378790, incoming_messages = 0x5624383787c0, expired_messages = 0x0, message_borrowed = 0x0, n_outgoing = 1, n_incoming = 2, outgoing_counter = 0x56243838a360, transport = 0x562438434aa0, watches = 0x0, timeouts = 0x0, filter_list = 0x0, slot_mutex = 0x5624383b1750, slot_list = {slots = 0x0, n_slots = 0}, pending_replies = 0x0, client_serial = 6, disconnect_message_link = 0x5624383787a8, wakeup_main_function = 0x0, wakeup_main_data = 0x0, free_wakeup_main_data = 0x0, dispatch_status_function = 0x0, dispatch_status_data = 0x0, free_dispatch_status_data = 0x0, last_dispatch_status = DBUS_DISPATCH_DATA_REMAINS, objects = 0x562438323e10, server_guid = 0x0, dispatch_acquired = 0, io_path_acquired = 0, shareable = 0, exit_on_disconnect = 0, route_peer_messages = 0, disconnected_message_arrived = 0, disconnected_message_processed = 0, have_connection_lock = 0, generation = 1}


This is the last frame within SSSD code. Everything else happens inside libdbus.

(gdb) frame 5
#5  0x00007f2c69cf0781 in dbus_connection_unref (connection=<optimized out>) at ../../dbus/dbus-connection.c:2842
2842	      _dbus_connection_last_unref (connection);
(gdb) frame 4
#4  0x00007f2c69cf00f5 in _dbus_connection_last_unref (connection=0x5624383fd0c0) at ../../dbus/dbus-connection.c:2764
2764	  _dbus_list_foreach (&connection->outgoing_messages,

(gdb) frame 3
#3  0x00007f2c69cee581 in free_outgoing_message (element=0x5624384011d0, data=<optimized out>) at ../../dbus/dbus-connection.c:2704
2704	  _dbus_message_remove_counter (message, connection->outgoing_counter);

(gdb) p *message
$16 = {refcount = {value = 0}, header = {data = {dummy1 = 0x56243836e990, dummy2 = 48, dummy3 = 168, dummy_bit1 = 0, dummy_bit2 = 0, dummy_bit3 = 0, dummy_bits = 0}, fields = {{value_pos = -1}, {value_pos = -1}, {value_pos = -1}, {value_pos = -1}, {value_pos = -1}, { value_pos = -1}, {value_pos = -1}, {value_pos = -1}, {value_pos = -1}, {value_pos = -1}}, padding = 0, byte_order = 0}, body = {dummy1 = 0x5624383d2b60, dummy2 = 0, dummy3 = 80, dummy_bit1 = 0, dummy_bit2 = 0, dummy_bit3 = 0, dummy_bits = 0}, locked = 1, in_cache = 1, counters = 0x0, size_counter_delta = 48, changed_stamp = 0, slot_list = {slots = 0x562438323ed0, n_slots = 1}, generation = 1, unix_fds = 0x0, n_unix_fds = 0, n_unix_fds_allocated = 0, unix_fd_counter_delta = 0}


(gdb) frame 2
#2  0x00007f2c69cfb0f5 in _dbus_message_remove_counter (message=message@entry=0x5624384011d0, counter=0x56243838a360)
    at ../../dbus/dbus-message.c:384
384	  _dbus_list_remove_link (&message->counters, link);
(gdb) list
379	
380	  link = _dbus_list_find_last (&message->counters,
381	                               counter);
382	  _dbus_assert (link != NULL);
383	
384	  _dbus_list_remove_link (&message->counters, link);
385	
386	  _dbus_counter_adjust_size (counter, - message->size_counter_delta);
387	
388	#ifdef HAVE_UNIX_FD_PASSING

(gdb) frame 1
#1  0x00007f2c69d0c75d in _dbus_list_remove_link (list=<optimized out>, link=0x0) at ../../dbus/dbus-list.c:530
530	  _dbus_list_unlink (list, link);
(gdb) p link
$18 = (DBusList *) 0x0
(gdb) frame 0
#0  _dbus_list_unlink (list=0x562438401240, link=link@entry=0x0) at ../../dbus/dbus-list.c:502
502	  if (link->next == link)


So it looks like in the frame #2 `_dbus_message_remove_counter()::_dbus_list_find_last()` returns 0 and this 0 is dereferenced in frame 0.
(as was explained in https://bugzilla.redhat.com/show_bug.cgi?id=1752730#c7 "Assertions are disabled in the dbus package.")


David, could you please take a look at this backtrace?
Is it possible SSSD uses libdbus in a wrong way?
Please tell me if there is additional information from coredump required.

Comment 5 Alexey Tikhonov 2019-12-18 19:56:18 UTC

(gdb) frame 2
#2  0x00007f2c69cfb0f5 in _dbus_message_remove_counter (message=message@entry=0x5624384011d0, counter=0x56243838a360)
    at ../../dbus/dbus-message.c:384
384	  _dbus_list_remove_link (&message->counters, link);
(gdb) list
379	
380	  link = _dbus_list_find_last (&message->counters,
381	                               counter);
...
(gdb) p message->counters 
$3 = (DBusList *) 0x0

_dbus_list_find_last(&0,...) -> _dbus_list_get_last_link(&0):
```
_dbus_list_get_last_link (DBusList **list)
 {
   if (*list == NULL)
  return NULL;
```

So the problem is message->counters = 0.

Is there anything SSSD can do wrong that leads to this situation or is it libdbus internal bug?

Comment 6 Alexey Tikhonov 2020-06-19 08:43:43 UTC

*** Bug 1846395 has been marked as a duplicate of this bug. ***

Comment 7 Alexey Tikhonov 2020-06-23 17:12:40 UTC

*** Bug 1849890 has been marked as a duplicate of this bug. ***

Comment 8 Alexey Tikhonov 2020-08-06 16:11:43 UTC

*** Bug 1861233 has been marked as a duplicate of this bug. ***

Comment 12 RHEL Program Management 2021-06-13 07:30:15 UTC

After evaluating this issue, there are no plans to address it further or fix it in an upcoming release.  Therefore, it is being closed.  If plans change such that this issue will be fixed in an upcoming release, then the bug can be reopened.

Comment 13 Alexey Tikhonov 2022-01-04 18:56:05 UTC


*** This bug has been marked as a duplicate of bug 1752730 ***