libreport version: 2.0.7 abrt_version: 2.0.6 backtrace_rating: 4 cmdline: /usr/bin/zarafa-server -c /etc/zarafa/server.cfg crash_function: sigandset executable: /usr/bin/zarafa-server kernel: 3.1.4-1.fc16.x86_64 pid: 3355 pwd: / reason: Process /usr/bin/zarafa-server was killed by signal 6 (SIGABRT) time: Wed 07 Dec 2011 10:31:46 AM CET uid: 0 username: root backtrace: Text file, 28562 bytes dso_list: Text file, 2529 bytes maps: Text file, 13135 bytes smolt_data: Text file, 5939 bytes var_log_messages: Text file, 2892 bytes bugreport: :abrt_version: 2.0.6 :backtrace_rating: 4 :bugreport: :cmdline: /usr/bin/zarafa-server -c /etc/zarafa/server.cfg :crash_function: sigandset :executable: /usr/bin/zarafa-server :kernel: 3.1.4-1.fc16.x86_64 :pid: 3355 :pwd: / :reason: Process /usr/bin/zarafa-server was killed by signal 6 (SIGABRT) :time: Wed 07 Dec 2011 10:31:46 AM CET :uid: 0 :username: root : :backtrace: Text file, 28562 bytes :dso_list: Text file, 2529 bytes :maps: Text file, 13135 bytes :smolt_data: Text file, 5939 bytes :var_log_messages: Text file, 2892 bytes : :comment: ::Any interactions with the zarafa-server will crash the program. In this case :: ::zarafa-admin -s : :environ: ::TERM=linux ::SYSFONT=latarcyrheb-sun16 ::LC_ALL=C ::PATH=/sbin:/usr/sbin:/bin:/usr/bin ::PWD=/ ::LANG=C ::ZARAFA_USERSCRIPT_LOCALE=C ::KEYTABLE=us ::SHLVL=2 ::BOOT_IMAGE=/vmlinuz-3.1.4-1.fc16.x86_64 ::_=/usr/bin/zarafa-server : :END: : comment: :Any interactions with the zarafa-server will crash the program. In this case : :zarafa-admin -s environ: :TERM=linux :SYSFONT=latarcyrheb-sun16 :LC_ALL=C :PATH=/sbin:/usr/sbin:/bin:/usr/bin :PWD=/ :LANG=C :ZARAFA_USERSCRIPT_LOCALE=C :KEYTABLE=us :SHLVL=2 :BOOT_IMAGE=/vmlinuz-3.1.4-1.fc16.x86_64 :_=/usr/bin/zarafa-server
Created attachment 541786 [details] File: dso_list
Created attachment 541787 [details] File: backtrace
Created attachment 541788 [details] File: smolt_data
Created attachment 541789 [details] File: var_log_messages
Created attachment 541790 [details] File: maps
Are you really sure that all Zarafa components have been updated? And can I get the backtrace with the debuginfo installed?
I did yum install zarafa* zarafa-* by now it has been removed, tell me what to do and what to post.
Dec 07 18:52:53 Installed: zarafa-common-7.0.3-1.fc16.noarch Dec 07 18:52:55 Installed: zarafa-server-7.0.3-1.fc16.x86_64 Dec 07 18:52:56 Installed: zarafa-client-7.0.3-1.fc16.x86_64 Dec 07 18:52:56 Installed: libmapi-7.0.3-1.fc16.x86_64 Dec 07 18:52:56 Installed: php-mapi-7.0.3-1.fc16.x86_64 Dec 07 18:52:56 Installed: zarafa-dagent-7.0.3-1.fc16.x86_64 Dec 07 18:52:56 Installed: zarafa-monitor-7.0.3-1.fc16.x86_64 Dec 07 18:52:56 Installed: zarafa-utils-7.0.3-1.fc16.x86_64 Dec 07 18:52:56 Installed: zarafa-ical-7.0.3-1.fc16.x86_64 Dec 07 18:52:57 Installed: zarafa-gateway-7.0.3-1.fc16.x86_64 Dec 07 18:52:57 Installed: zarafa-spooler-7.0.3-1.fc16.x86_64 Dec 07 18:52:57 Installed: zarafa-7.0.3-1.fc16.x86_64 Dec 07 18:52:58 Installed: zarafa-webaccess-7.0.3-1.fc16.noarch Dec 07 18:52:58 Installed: zarafa-z-push-1.5.5-1.fc16.noarch Dec 07 18:52:58 Installed: zarafa-indexer-7.0.3-1.fc16.x86_64 Dec 07 18:52:58 Installed: zarafa-devel-7.0.3-1.fc16.x86_64 Dec 07 18:52:58 Installed: zarafa-archiver-7.0.3-1.fc16.x86_64
Created attachment 542094 [details] File: core dump Actually don't have to give in any comment. It crashes just fine all by itself.
(In reply to comment #6) > Are you really sure that all Zarafa components have been updated? And can I get > the backtrace with the debuginfo installed? Anyone?
Same issue here. zarafa-server crashes as soon as a client connects. Tue Dec 13 09:10:43 2011: Loading searchfolders Tue Dec 13 09:10:43 2011: Listening for pipe connections on /var/run/zarafa Tue Dec 13 09:10:43 2011: Listening for TCP connections on port 236 Tue Dec 13 09:10:43 2011: Startup succeeded on pid 12337 Tue Dec 13 09:11:52 2011: Caught SIGABRT (6), out of memory or unhandled exception, traceback: Tue Dec 13 09:11:52 2011: 0x000000004b5091 /usr/bin/zarafa-server(_Z7sigsegvi+0x81) [0x4b5091] Tue Dec 13 09:11:52 2011: 0x0000373660f4f0 /lib64/libpthread.so.0() [0x373660f4f0] Tue Dec 13 09:11:52 2011: 0x00003736236285 /lib64/libc.so.6(gsignal+0x35) [0x3736236285] Tue Dec 13 09:11:52 2011: 0x00003736237b9b /lib64/libc.so.6(abort+0x17b) [0x3736237b9b] Tue Dec 13 09:11:52 2011: 0x00003736275fae /lib64/libc.so.6() [0x3736275fae] Tue Dec 13 09:11:52 2011: 0x00003736306f77 /lib64/libc.so.6(__fortify_fail+0x37) [0x3736306f77] Tue Dec 13 09:11:52 2011: 0x00003736304ef0 /lib64/libc.so.6() [0x3736304ef0] Tue Dec 13 09:11:52 2011: 0x00003736306f2e /lib64/libc.so.6() [0x3736306f2e] Tue Dec 13 09:11:52 2011: 0x000000004c050f /usr/bin/zarafa-server(_ZN18ECDispatcherSelect8MainLoopEv+0x18f) [0x4c050f] Tue Dec 13 09:11:52 2011: 0x000000004b91b2 /usr/bin/zarafa-server(_Z14running_serverPcPKc+0x1f52) [0x4b91b2] Tue Dec 13 09:11:52 2011: 0x000000004b416f /usr/bin/zarafa-server(main+0x21f) [0x4b416f] Tue Dec 13 09:11:52 2011: 0x0000373622169d /lib64/libc.so.6(__libc_start_main+0xed) [0x373622169d] Tue Dec 13 09:11:52 2011: 0x000000004b4f49 /usr/bin/zarafa-server() [0x4b4f49] Tue Dec 13 09:11:52 2011: When reporting this traceback, please include Linux distribution name, system architecture and Zarafa version. zarafa-7.0.3-1.fc16.x86_64 zarafa-dagent-7.0.3-1.fc16.x86_64 zarafa-gateway-7.0.3-1.fc16.x86_64 zarafa-client-7.0.3-1.fc16.x86_64 zarafa-common-7.0.3-1.fc16.noarch zarafa-ical-7.0.3-1.fc16.x86_64 zarafa-spooler-7.0.3-1.fc16.x86_64 zarafa-monitor-7.0.3-1.fc16.x86_64 zarafa-utils-7.0.3-1.fc16.x86_64 zarafa-server-7.0.3-1.fc16.x86_64 zarafa-z-push-1.5.5-1.fc16.noarch zarafa-webaccess-7.0.3-1.fc16.noarch
This issue has been reported upstream as Ticket#2011121310000075. It seems to me, that it's a fortify source issue that was introduced after 7.0.2 somehow.
You have a link to that upstream ticket? Any workarounds possible? The issue is quite critical as Zarafa is currently not usable at all here...
I gave Robert a chance to look inside my server and is working on the bug. Temporary solution is the downgrade to 7.0.2. yum remove zarafa-indexer zarafa-debuginfo -y yum downgrade "zarafa*" "libmapi*" "php-mapi*" -y
I'm sorry, the ticket is not public as it's a support ticket, not something that went to the issue tracker. Similar like Red Hat Network vs. Bugzilla. However the only workaround at the moment is a downgrade. If you installed the zarafa-indexer or zarafa-debuginfo, remove both packages before calling the yum downgrade command. If needed, start the zarafa-server with "--ignore-database-version-conflict" parameter; add SERVERCONFIG_OPT="-c /etc/zarafa/server.cfg --ignore-database-version-conflict" to the end of /etc/sysconfig/zarafa and restart the zarafa-server process. You can see in /var/log/zarafa/server.log if it complains about a database version conflict/mismatch. That happens, if your database was upgraded for 7.0.3 already, but if you need to run 7.0.2.
Great. Thanks! Just need to make sure I don't update again until this is fixed.
zarafa-7.0.3-2.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/zarafa-7.0.3-2.fc16
zarafa-7.0.3-2.fc15 has been submitted as an update for Fedora 15. https://admin.fedoraproject.org/updates/zarafa-7.0.3-2.fc15
zarafa-7.0.3-2.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/zarafa-7.0.3-2.el6
zarafa-7.0.3-2.el5,php53-mapi-7.0.3-2.el5 has been submitted as an update for Fedora EPEL 5. https://admin.fedoraproject.org/updates/zarafa-7.0.3-2.el5,php53-mapi-7.0.3-2.el5
yum update results in 7.0.3.1
Package zarafa-7.0.3-2.el5, php53-mapi-7.0.3-2.el5: * should fix your issue, * was pushed to the Fedora EPEL 5 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=epel-testing zarafa-7.0.3-2.el5 php53-mapi-7.0.3-2.el5' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-5261/zarafa-7.0.3-2.el5,php53-mapi-7.0.3-2.el5 then log in and leave karma (feedback).
Jacco, you need to wait until they are pushed to the mirrors or download the RPM packages by hand from http://admin.fedoraproject.org/updates and install them also by hand using "yum localinstall". Please don't forget to add positive or negative karma depending on your results.
I enabled the update testing. Unfortunatly same result. Downgraded again. Updating: zarafa x86_64 7.0.3-2.fc16 updates-testing 6.2 k zarafa-archiver x86_64 7.0.3-2.fc16 updates-testing 20 k zarafa-client x86_64 7.0.3-2.fc16 updates-testing 899 k zarafa-common noarch 7.0.3-2.fc16 updates-testing 21 k zarafa-dagent x86_64 7.0.3-2.fc16 updates-testing 87 k zarafa-devel x86_64 7.0.3-2.fc16 updates-testing 568 k zarafa-gateway x86_64 7.0.3-2.fc16 updates-testing 139 k zarafa-ical x86_64 7.0.3-2.fc16 updates-testing 149 k zarafa-monitor x86_64 7.0.3-2.fc16 updates-testing 41 k zarafa-server x86_64 7.0.3-2.fc16 updates-testing 1.2 M zarafa-spooler x86_64 7.0.3-2.fc16 updates-testing 61 k zarafa-utils x86_64 7.0.3-2.fc16 updates-testing 149 k zarafa-webaccess noarch 7.0.3-2.fc16 updates-testing 1.6 M Updating for dependencies: libmapi x86_64 7.0.3-2.fc16 updates-testing 632 k php-mapi x86_64 7.0.3-2.fc16 updates-testing 165 k Mon Dec 19 19:29:47 2011: Starting zarafa-server version 7,0,3,30515, pid 1533 Mon Dec 19 19:29:47 2011: Connection to database 'zarafa' succeeded Mon Dec 19 19:29:47 2011: WARNING: zarafa-licensed not running, commercial features will not be available until it's started. Mon Dec 19 19:29:47 2011: Listening for pipe connections on /var/run/zarafa Mon Dec 19 19:29:47 2011: Listening for TCP connections on port 236 Mon Dec 19 19:29:47 2011: Startup succeeded on pid 1544 Mon Dec 19 19:29:48 2011: Caught SIGABRT (6), out of memory or unhandled exception, traceback: Mon Dec 19 19:29:48 2011: 0x000000004b5401 /usr/bin/zarafa-server(_Z7sigsegvi+0x81) [0x4b5401] Mon Dec 19 19:29:48 2011: 0x00003db7e0f4f0 /lib64/libpthread.so.0() [0x3db7e0f4f0] Mon Dec 19 19:29:48 2011: 0x00003db7a36285 /lib64/libc.so.6(gsignal+0x35) [0x3db7a36285] Mon Dec 19 19:29:48 2011: 0x00003db7a37b9b /lib64/libc.so.6(abort+0x17b) [0x3db7a37b9b] Mon Dec 19 19:29:48 2011: 0x00003db7a75fae /lib64/libc.so.6() [0x3db7a75fae] Mon Dec 19 19:29:48 2011: 0x00003db7b06f77 /lib64/libc.so.6(__fortify_fail+0x37) [0x3db7b06f77] Mon Dec 19 19:29:48 2011: 0x00003db7b04ef0 /lib64/libc.so.6() [0x3db7b04ef0] Mon Dec 19 19:29:48 2011: 0x00003db7b06f2e /lib64/libc.so.6() [0x3db7b06f2e] Mon Dec 19 19:29:48 2011: 0x000000005fa6a1 /usr/bin/zarafa-server() [0x5fa6a1] Mon Dec 19 19:29:48 2011: 0x000000005fa9c8 /usr/bin/zarafa-server(soap_recv_raw+0xc8) [0x5fa9c8] Mon Dec 19 19:29:48 2011: 0x000000005fb33d /usr/bin/zarafa-server(soap_getchar+0x4d) [0x5fb33d] Mon Dec 19 19:29:48 2011: 0x0000000060d56a /usr/bin/zarafa-server(soap_begin_recv+0x1fa) [0x60d56a] Mon Dec 19 19:29:48 2011: 0x000000004c0245 /usr/bin/zarafa-server(_ZN14ECWorkerThread4WorkEPv+0x95) [0x4c0245] Mon Dec 19 19:29:48 2011: 0x00003db7e07d90 /lib64/libpthread.so.0() [0x3db7e07d90] Mon Dec 19 19:29:48 2011: 0x00003db7aef3dd /lib64/libc.so.6(clone+0x6d) [0x3db7aef3dd] Mon Dec 19 19:29:48 2011: When reporting this traceback, please include Linux distribution name, system architecture and Zarafa version.
Thank you for the feedback. I already sent Zarafa a notice, but 7.0.3 works for me personally on a non-Fedora 16 system perfectly. Looks like the cause of the issue is a software component in Fedora 16.
The issue seems to be x86_64 specific, can't be reproduced with 7.0.3-2 on an i686 system (start zarafa-server; zarafa-admin -l; no crash).
[root@localhost ~]# gdb zarafa-server GNU gdb (GDB) Fedora (7.3.50.20110722-10.fc16) Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /usr/bin/zarafa-server...Reading symbols from /usr/lib/debug/usr/bin/zarafa-server.debug...done. done. (gdb) run -F Starting program: /usr/bin/zarafa-server -F warning: "/usr/lib/debug/usr/lib64/libicudata.so.46.0.debug": separate debug info file has no debug info [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". Detaching after fork from child process 2135. [New Thread 0x7fffec5ea700 (LWP 2136)] [Thread 0x7fffec5ea700 (LWP 2136) exited] [New Thread 0x7fffec5ea700 (LWP 2138)] [New Thread 0x7fffebde9700 (LWP 2140)] [New Thread 0x7fffeb5e8700 (LWP 2141)] [New Thread 0x7fffeade7700 (LWP 2142)] [New Thread 0x7fffea5e6700 (LWP 2144)] [New Thread 0x7fffe9de5700 (LWP 2146)] [New Thread 0x7fffe95e4700 (LWP 2147)] [New Thread 0x7fffe8de3700 (LWP 2148)] [New Thread 0x7fffe3fff700 (LWP 2149)] [New Thread 0x7fffe37fe700 (LWP 2150)] [New Thread 0x7fffe2ffd700 (LWP 2151)] [New Thread 0x7fffe27fc700 (LWP 2152)] [New Thread 0x7fffe1ffb700 (LWP 2153)] [New Thread 0x7fffe17fa700 (LWP 2154)] [New Thread 0x7fffe0ff9700 (LWP 2155)] *** buffer overflow detected ***: /usr/bin/zarafa-server terminated ======= Backtrace: ========= /lib64/libc.so.6(__fortify_fail+0x37)[0x7ffff3783f77] /lib64/libc.so.6(+0x104ef0)[0x7ffff3781ef0] /lib64/libc.so.6(+0x106f2e)[0x7ffff3783f2e] /usr/bin/zarafa-server[0x5fa6a1] /usr/bin/zarafa-server(soap_recv_raw+0xc8)[0x5fa9c8] /usr/bin/zarafa-server(soap_getchar+0x4d)[0x5fb33d] /usr/bin/zarafa-server(soap_begin_recv+0x1fa)[0x60d56a] /usr/bin/zarafa-server(_ZN14ECWorkerThread4WorkEPv+0x95)[0x4c0245] /lib64/libpthread.so.0(+0x7d90)[0x7ffff594cd90] /lib64/libc.so.6(clone+0x6d)[0x7ffff376c3dd] ======= Memory map: ======== 00400000-007ad000 r-xp 00000000 fd:01 18197 /usr/bin/zarafa-server 009ac000-009b7000 rw-p 003ac000 fd:01 18197 /usr/bin/zarafa-server 009b7000-00ab1000 rw-p 00000000 00:00 0 [heap] 7fffdc000000-7fffdc021000 rw-p 00000000 00:00 0 7fffdc021000-7fffe0000000 ---p 00000000 00:00 0 7fffe07f9000-7fffe07fa000 ---p 00000000 00:00 0 7fffe07fa000-7fffe0ffa000 rw-p 00000000 00:00 0 7fffe0ffa000-7fffe0ffb000 ---p 00000000 00:00 0 7fffe0ffb000-7fffe17fb000 rw-p 00000000 00:00 0 7fffe17fb000-7fffe17fc000 ---p 00000000 00:00 0 7fffe17fc000-7fffe1ffc000 rw-p 00000000 00:00 0 7fffe1ffc000-7fffe1ffd000 ---p 00000000 00:00 0 7fffe1ffd000-7fffe27fd000 rw-p 00000000 00:00 0 7fffe27fd000-7fffe27fe000 ---p 00000000 00:00 0 7fffe27fe000-7fffe2ffe000 rw-p 00000000 00:00 0 7fffe2ffe000-7fffe2fff000 ---p 00000000 00:00 0 7fffe2fff000-7fffe37ff000 rw-p 00000000 00:00 0 7fffe37ff000-7fffe3800000 ---p 00000000 00:00 0 7fffe3800000-7fffe4000000 rw-p 00000000 00:00 0 7fffe4000000-7fffe4021000 rw-p 00000000 00:00 0 7fffe4021000-7fffe8000000 ---p 00000000 00:00 0 7fffe85e3000-7fffe85e4000 ---p 00000000 00:00 0 7fffe85e4000-7fffe8de4000 rw-p 00000000 00:00 0 7fffe8de4000-7fffe8de5000 ---p 00000000 00:00 0 7fffe8de5000-7fffe95e5000 rw-p 00000000 00:00 0 7fffe95e5000-7fffe95e6000 ---p 00000000 00:00 0 7fffe95e6000-7fffe9de6000 rw-p 00000000 00:00 0 7fffe9de6000-7fffe9de7000 ---p 00000000 00:00 0 7fffe9de7000-7fffea5e7000 rw-p 00000000 00:00 0 7fffea5e7000-7fffea5e8000 ---p 00000000 00:00 0 7fffea5e8000-7fffeade8000 rw-p 00000000 00:00 0 7fffeade8000-7fffeade9000 ---p 00000000 00:00 0 7fffeade9000-7fffeb5e9000 rw-p 00000000 00:00 0 7fffeb5e9000-7fffeb5ea000 ---p 00000000 00:00 0 7fffeb5ea000-7fffebdea000 rw-p 00000000 00:00 0 7fffebdea000-7fffebdeb000 ---p 00000000 00:00 0 7fffebdeb000-7fffec5eb000 rw-p 00000000 00:00 0 7fffec5eb000-7fffec5f7000 r-xp 00000000 fd:01 3944 /lib64/libnss_files-2.14.90.so 7fffec5f7000-7fffec7f6000 ---p 0000c000 fd:01 3944 /lib64/libnss_files-2.14.90.so 7fffec7f6000-7fffec7f7000 r--p 0000b000 fd:01 3944 /lib64/libnss_files-2.14.90.so 7fffec7f7000-7fffec7f8000 rw-p 0000c000 fd:01 3944 /lib64/libnss_files-2.14.90.so 7fffec7f8000-7ffff2c1b000 r--p 00000000 fd:01 4243 /usr/lib/locale/locale-archive 7ffff2c1b000-7ffff2c38000 r-xp 00000000 fd:01 4359 /lib64/libselinux.so.1 7ffff2c38000-7ffff2e38000 ---p 0001d000 fd:01 4359 /lib64/libselinux.so.1 7ffff2e38000-7ffff2e39000 r--p 0001d000 fd:01 4359 /lib64/libselinux.so.1 7ffff2e39000-7ffff2e3a000 rw-p 0001e000 fd:01 4359 /lib64/libselinux.so.1 7ffff2e3a000-7ffff2e3b000 rw-p 00000000 00:00 0 7ffff2e3b000-7ffff2e53000 r-xp 00000000 fd:01 3954 /lib64/libresolv-2.14.90.so 7ffff2e53000-7ffff3053000 ---p 00018000 fd:01 3954 /lib64/libresolv-2.14.90.so 7ffff3053000-7ffff3054000 r--p 00018000 fd:01 3954 /lib64/libresolv-2.14.90.so 7ffff3054000-7ffff3055000 rw-p 00019000 fd:01 3954 /lib64/libresolv-2.14.90.so 7ffff3055000-7ffff3057000 rw-p 00000000 00:00 0 7ffff3057000-7ffff3059000 r-xp 00000000 fd:01 4986 /lib64/libkeyutils.so.1.4 7ffff3059000-7ffff3259000 ---p 00002000 fd:01 4986 /lib64/libkeyutils.so.1.4 7ffff3259000-7ffff325a000 rw-p 00002000 fd:01 4986 /lib64/libkeyutils.so.1.4 7ffff325a000-7ffff3264000 r-xp 00000000 fd:01 4998 /lib64/libkrb5support.so.0.1 7ffff3264000-7ffff3463000 ---p 0000a000 fd:01 4998 /lib64/libkrb5support.so.0.1 7ffff3463000-7ffff3464000 r--p 00009000 fd:01 4998 /lib64/libkrb5support.so.0.1 7ffff3464000-7ffff3465000 rw-p 0000a000 fd:01 4998 /lib64/libkrb5support.so.0.1 7ffff3465000-7ffff347c000 r-xp 00000000 fd:01 4424 /lib64/libaudit.so.1.0.0 7ffff347c000-7ffff367b000 ---p 00017000 fd:01 4424 /lib64/libaudit.so.1.0.0 7ffff367b000-7ffff367c000 r--p 00016000 fd:01 4424 /lib64/libaudit.so.1.0.0 7ffff367c000-7ffff367d000 rw-p 00017000 fd:01 4424 /lib64/libaudit.so.1.0.0 7ffff367d000-7ffff3828000 r-xp 00000000 fd:01 3926 /lib64/libc-2.14.90.so 7ffff3828000-7ffff3a28000 ---p 001ab000 fd:01 3926 /lib64/libc-2.14.90.so 7ffff3a28000-7ffff3a2c000 r--p 001ab000 fd:01 3926 /lib64/libc-2.14.90.so 7ffff3a2c000-7ffff3a2e000 rw-p 001af000 fd:01 3926 /lib64/libc-2.14.90.so 7ffff3a2e000-7ffff3a33000 rw-p 00000000 00:00 0 7ffff3a33000-7ffff3a48000 r-xp 00000000 fd:01 308 /lib64/libgcc_s-4.6.2-20111027.so.1 7ffff3a48000-7ffff3c47000 ---p 00015000 fd:01 308 /lib64/libgcc_s-4.6.2-20111027.so.1 7ffff3c47000-7ffff3c48000 rw-p 00014000 fd:01 308 /lib64/libgcc_s-4.6.2-20111027.so.1 7ffff3c48000-7ffff3ccb000 r-xp 00000000 fd:01 3934 /lib64/libm-2.14.90.so 7ffff3ccb000-7ffff3eca000 ---p 00083000 fd:01 3934 /lib64/libm-2.14.90.so 7ffff3eca000-7ffff3ecb000 r--p 00082000 fd:01 3934 /lib64/libm-2.14.90.so 7ffff3ecb000-7ffff3ecc000 rw-p 00083000 fd:01 3934 /lib64/libm-2.14.90.so 7ffff3ecc000-7ffff3fb5000 r-xp 00000000 fd:01 4864 /usr/lib64/libstdc++.so.6.0.16 7ffff3fb5000-7ffff41b4000 ---p 000e9000 fd:01 4864 /usr/lib64/libstdc++.so.6.0.16 7ffff41b4000-7ffff41bc000 r--p 000e8000 fd:01 4864 /usr/lib64/libstdc++.so.6.0.16 7ffff41bc000-7ffff41be000 rw-p 000f0000 fd:01 4864 /usr/lib64/libstdc++.so.6.0.16 7ffff41be000-7ffff41d3000 rw-p 00000000 00:00 0 Program received signal SIGABRT, Aborted. [Switching to Thread 0x7fffe2ffd700 (LWP 2151)] 0x00007ffff36b3285 in __GI_raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 64 return INLINE_SYSCALL (tgkill, 3, pid, selftid, sig); (gdb) bt full #0 0x00007ffff36b3285 in __GI_raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 resultvar = 0 pid = <optimized out> selftid = 2151 #1 0x00007ffff36b4b9b in __GI_abort () at abort.c:91 save_stage = 2 act = {__sigaction_handler = {sa_handler = 0x4, sa_sigaction = 0x4}, sa_mask = {__val = {5, 140737354065072, 16, 140737278565759, 1, 140737277128913, 5, 140737278569985, 3, 140737001799422, 2, 140737278565706, 1, 140737278574539, 3, 140737001799396}}, sa_flags = 12, sa_restorer = 0x7ffff37effcf} sigs = {__val = {32, 0 <repeats 15 times>}} #2 0x00007ffff36f2fae in __libc_message (do_abort=2, fmt=0x7ffff37f003b "*** %s ***: %s terminated\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:198 ap = {{gp_offset = 32, fp_offset = 48, overflow_arg_area = 0x7fffe2ffc7e0, reg_save_area = 0x7fffe2ffc6f0}} ap_copy = {{gp_offset = 16, fp_offset = 48, overflow_arg_area = 0x7fffe2ffc7e0, reg_save_area = 0x7fffe2ffc6f0}} fd = 14 on_2 = <optimized out> list = <optimized out> nlist = <optimized out> cp = <optimized out> written = <optimized out> #3 0x00007ffff3783f77 in __GI___fortify_fail (msg=0x7ffff37effd2 "buffer overflow detected") at fortify_fail.c:32 No locals. #4 0x00007ffff3781ef0 in __GI___chk_fail () at chk_fail.c:29 No locals. #5 0x00007ffff3783f2e in __fdelt_chk (d=<optimized out>) at fdelt_chk.c:26 No locals. #6 0x00000000005fa6a1 in frecv (soap=0xa74f30, s=0xa7b060 "", n=65536) at stdsoap2.cpp:887 __d = <optimized out> timeout = {tv_sec = 60, tv_usec = 0} fd = {fds_bits = {0 <repeats 128 times>}} err = 0 r = <optimized out> #7 0x00000000005fa9c8 in soap_recv_raw (soap=0xa74f30) at stdsoap2.cpp:1167 ret = <optimized out> #8 0x00000000005fb33d in soap_getchar (soap=0xa74f30) at stdsoap2.cpp:1303 No locals. #9 soap_getchar (soap=0xa74f30) at stdsoap2.cpp:1295 No locals. #10 0x000000000060d56a in soap_begin_recv (soap=0xa74f30) at stdsoap2.cpp:12929 c = <optimized out> #11 0x00000000004c0245 in ECWorkerThread::Work (lpParam=0xa74670) at ECThreadManager.cpp:189 dblStart = 1324415053.9046531 lpThis = 0xa74670 lpWorkItem = 0xa90800 err = 0 er = <optimized out> fStop = false #12 0x00007ffff594cd90 in start_thread (arg=0x7fffe2ffd700) at pthread_create.c:309 __res = <optimized out> pd = 0x7fffe2ffd700 now = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {1, 1677272379085254327, 140737313595424, 140737001806272, 0, 3, -1677278977823904073, -1677250570931179849}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = 0 pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> __PRETTY_FUNCTION__ = "start_thread" #13 0x00007ffff376c3dd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115 No locals. (gdb)
[root@localhost ~]# valgrind zarafa-server -F ==2187== Memcheck, a memory error detector ==2187== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al. ==2187== Using Valgrind-3.6.1 and LibVEX; rerun with -h for copyright info ==2187== Command: zarafa-server -F ==2187== ==2188== ==2188== HEAP SUMMARY: ==2188== in use at exit: 2,660 bytes in 12 blocks ==2188== total heap usage: 1,343 allocs, 1,331 frees, 212,244 bytes allocated ==2188== ==2188== LEAK SUMMARY: ==2188== definitely lost: 0 bytes in 0 blocks ==2188== indirectly lost: 0 bytes in 0 blocks ==2188== possibly lost: 532 bytes in 9 blocks ==2188== still reachable: 2,128 bytes in 3 blocks ==2188== suppressed: 0 bytes in 0 blocks ==2188== Rerun with --leak-check=full to see details of leaked memory ==2188== ==2188== For counts of detected and suppressed errors, rerun with: -v ==2188== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 2 from 2) ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x9263C1B: __GI___strcasecmp_l (strcmp.S:243) ==2187== by 0x91FB532: __gconv_open (gconv_open.c:70) ==2187== by 0x92094F9: _nl_find_msg (dcigettext.c:974) ==2187== by 0x9209C94: __dcigettext (dcigettext.c:640) ==2187== by 0x925FC4D: strerror_r (_strerror.c:73) ==2187== by 0x925FB4D: strerror (strerror.c:33) ==2187== by 0x79F6C4C: ERR_load_ERR_strings (err.c:603) ==2187== by 0x79F7AD8: ERR_load_crypto_strings (err_all.c:113) ==2187== by 0x771BC08: SSL_load_error_strings (ssl_err2.c:66) ==2187== by 0x5FE01F: soap_ssl_init (stdsoap2.cpp:2992) ==2187== by 0x4B887D: running_server(char*, char const*) (ECServer.cpp:914) ==2187== by 0x4B44DE: main (ECServer.cpp:633) ==2187== ==2187== Use of uninitialised value of size 8 ==2187== at 0x9265D54: __GI___strcasecmp_l (strcmp.S:2257) ==2187== by 0x91FB532: __gconv_open (gconv_open.c:70) ==2187== by 0x92094F9: _nl_find_msg (dcigettext.c:974) ==2187== by 0x9209C94: __dcigettext (dcigettext.c:640) ==2187== by 0x925FC4D: strerror_r (_strerror.c:73) ==2187== by 0x925FB4D: strerror (strerror.c:33) ==2187== by 0x79F6C4C: ERR_load_ERR_strings (err.c:603) ==2187== by 0x79F7AD8: ERR_load_crypto_strings (err_all.c:113) ==2187== by 0x771BC08: SSL_load_error_strings (ssl_err2.c:66) ==2187== by 0x5FE01F: soap_ssl_init (stdsoap2.cpp:2992) ==2187== by 0x4B887D: running_server(char*, char const*) (ECServer.cpp:914) ==2187== by 0x4B44DE: main (ECServer.cpp:633) ==2187== ==2187== Use of uninitialised value of size 8 ==2187== at 0x9265D58: __GI___strcasecmp_l (strcmp.S:2258) ==2187== by 0x91FB532: __gconv_open (gconv_open.c:70) ==2187== by 0x92094F9: _nl_find_msg (dcigettext.c:974) ==2187== by 0x9209C94: __dcigettext (dcigettext.c:640) ==2187== by 0x925FC4D: strerror_r (_strerror.c:73) ==2187== by 0x925FB4D: strerror (strerror.c:33) ==2187== by 0x79F6C4C: ERR_load_ERR_strings (err.c:603) ==2187== by 0x79F7AD8: ERR_load_crypto_strings (err_all.c:113) ==2187== by 0x771BC08: SSL_load_error_strings (ssl_err2.c:66) ==2187== by 0x5FE01F: soap_ssl_init (stdsoap2.cpp:2992) ==2187== by 0x4B887D: running_server(char*, char const*) (ECServer.cpp:914) ==2187== by 0x4B44DE: main (ECServer.cpp:633) ==2187== ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x79C8DAA: BN_bin2bn (bn_lib.c:636) ==2187== by 0x79CC863: bnrand (bn_rand.c:199) ==2187== by 0x714ED2: ssl_random(bool, unsigned long long*) (SSLUtil.cpp:144) ==2187== by 0x577826: ECSessionManager::CreateSessionInternal(ECSession**, unsigned int) (ECSessionManager.cpp:715) ==2187== by 0x578228: ECSessionManager::CheckUserLicense() (ECSessionManager.cpp:288) ==2187== by 0x4B8DA0: running_server(char*, char const*) (ECServer.cpp:1106) ==2187== by 0x4B44DE: main (ECServer.cpp:633) ==2187== ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x79C868D: BN_num_bits_word (bn_lib.c:183) ==2187== by 0x79C87D4: BN_num_bits (bn_lib.c:254) ==2187== by 0x79C8E50: BN_bn2bin (bn_lib.c:647) ==2187== by 0x714EE3: ssl_random(bool, unsigned long long*) (SSLUtil.cpp:147) ==2187== by 0x577826: ECSessionManager::CreateSessionInternal(ECSession**, unsigned int) (ECSessionManager.cpp:715) ==2187== by 0x578228: ECSessionManager::CheckUserLicense() (ECSessionManager.cpp:288) ==2187== by 0x4B8DA0: running_server(char*, char const*) (ECServer.cpp:1106) ==2187== by 0x4B44DE: main (ECServer.cpp:633) ==2187== ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x79C869C: BN_num_bits_word (bn_lib.c:185) ==2187== by 0x79C87D4: BN_num_bits (bn_lib.c:254) ==2187== by 0x79C8E50: BN_bn2bin (bn_lib.c:647) ==2187== by 0x714EE3: ssl_random(bool, unsigned long long*) (SSLUtil.cpp:147) ==2187== by 0x577826: ECSessionManager::CreateSessionInternal(ECSession**, unsigned int) (ECSessionManager.cpp:715) ==2187== by 0x578228: ECSessionManager::CheckUserLicense() (ECSessionManager.cpp:288) ==2187== by 0x4B8DA0: running_server(char*, char const*) (ECServer.cpp:1106) ==2187== by 0x4B44DE: main (ECServer.cpp:633) ==2187== ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x79C86AB: BN_num_bits_word (bn_lib.c:187) ==2187== by 0x79C87D4: BN_num_bits (bn_lib.c:254) ==2187== by 0x79C8E50: BN_bn2bin (bn_lib.c:647) ==2187== by 0x714EE3: ssl_random(bool, unsigned long long*) (SSLUtil.cpp:147) ==2187== by 0x577826: ECSessionManager::CreateSessionInternal(ECSession**, unsigned int) (ECSessionManager.cpp:715) ==2187== by 0x578228: ECSessionManager::CheckUserLicense() (ECSessionManager.cpp:288) ==2187== by 0x4B8DA0: running_server(char*, char const*) (ECServer.cpp:1106) ==2187== by 0x4B44DE: main (ECServer.cpp:633) ==2187== ==2187== Use of uninitialised value of size 8 ==2187== at 0x79C86BC: BN_num_bits_word (bn_lib.c:189) ==2187== by 0x79C87D4: BN_num_bits (bn_lib.c:254) ==2187== by 0x79C8E50: BN_bn2bin (bn_lib.c:647) ==2187== by 0x714EE3: ssl_random(bool, unsigned long long*) (SSLUtil.cpp:147) ==2187== by 0x577826: ECSessionManager::CreateSessionInternal(ECSession**, unsigned int) (ECSessionManager.cpp:715) ==2187== by 0x578228: ECSessionManager::CheckUserLicense() (ECSessionManager.cpp:288) ==2187== by 0x4B8DA0: running_server(char*, char const*) (ECServer.cpp:1106) ==2187== by 0x4B44DE: main (ECServer.cpp:633) ==2187== ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x576094: ECSessionGroup::ShutdownSession(ECSession*) (ECSessionGroup.cpp:200) ==2187== by 0x56FB77: ECSession::Shutdown(unsigned int) (ECSession.cpp:361) ==2187== by 0x57392D: ECSession::~ECSession() (ECSession.cpp:318) ==2187== by 0x573B28: ECSession::~ECSession() (ECSession.cpp:341) ==2187== by 0x57824E: ECSessionManager::CheckUserLicense() (ECSessionManager.cpp:308) ==2187== by 0x4B8DA0: running_server(char*, char const*) (ECServer.cpp:1106) ==2187== by 0x4B44DE: main (ECServer.cpp:633) ==2187== ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x576EED: std::_Rb_tree<unsigned long long, std::pair<unsigned long long const, sessionInfo>, std::_Select1st<std::pair<unsigned long long const, sessionInfo> >, std::less<unsigned long long>, std::allocator<std::pair<unsigned long long const, sessionInfo> > >::erase(unsigned long long const&) (stl_tree.h:1148) ==2187== by 0x57672A: ECSessionGroup::ReleaseSession(ECSession*) (stl_map.h:644) ==2187== by 0x573942: ECSession::~ECSession() (ECSession.cpp:326) ==2187== by 0x573B28: ECSession::~ECSession() (ECSession.cpp:341) ==2187== by 0x57824E: ECSessionManager::CheckUserLicense() (ECSessionManager.cpp:308) ==2187== by 0x4B8DA0: running_server(char*, char const*) (ECServer.cpp:1106) ==2187== by 0x4B44DE: main (ECServer.cpp:633) ==2187== ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x576EEF: std::_Rb_tree<unsigned long long, std::pair<unsigned long long const, sessionInfo>, std::_Select1st<std::pair<unsigned long long const, sessionInfo> >, std::less<unsigned long long>, std::allocator<std::pair<unsigned long long const, sessionInfo> > >::erase(unsigned long long const&) (stl_tree.h:1150) ==2187== by 0x57672A: ECSessionGroup::ReleaseSession(ECSession*) (stl_map.h:644) ==2187== by 0x573942: ECSession::~ECSession() (ECSession.cpp:326) ==2187== by 0x573B28: ECSession::~ECSession() (ECSession.cpp:341) ==2187== by 0x57824E: ECSessionManager::CheckUserLicense() (ECSessionManager.cpp:308) ==2187== by 0x4B8DA0: running_server(char*, char const*) (ECServer.cpp:1106) ==2187== by 0x4B44DE: main (ECServer.cpp:633) ==2187== ==2187== Syscall param epoll_ctl(event) points to uninitialised byte(s) ==2187== at 0x92C896A: epoll_ctl (syscall-template.S:82) ==2187== by 0x4BEC43: ECDispatcherEPoll::NotifyRestart(int) (ECThreadManager.cpp:1034) ==2187== by 0x4C0B18: ECDispatcherEPoll::MainLoop() (ECThreadManager.cpp:965) ==2187== by 0x4B9521: running_server(char*, char const*) (ECServer.cpp:1178) ==2187== by 0x4B44DE: main (ECServer.cpp:633) ==2187== Address 0x7fefff398 is on thread 1's stack ==2187== ==2187== Thread 9: ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x79C8DAA: BN_bin2bn (bn_lib.c:636) ==2187== by 0x79CC863: bnrand (bn_rand.c:199) ==2187== by 0x714ED2: ssl_random(bool, unsigned long long*) (SSLUtil.cpp:144) ==2187== by 0x57D22E: ECSessionManager::CreateAuthSession(soap*, unsigned int, unsigned long long*, ECAuthSession**, bool, bool) (ECSessionManager.cpp:578) ==2187== by 0x577B2F: ECSessionManager::CreateSession(soap*, char*, char*, char*, char*, unsigned int, unsigned long long, unsigned long long*, ECSession**, bool) (ECSessionManager.cpp:616) ==2187== by 0x4EEECA: ns__logon(soap*, char*, char*, char*, unsigned int, xsd__base64Binary, unsigned long, char*, logonResponse*) (ZarafaCmd.cpp:458) ==2187== by 0x6BE827: soap_serve_ns__logon(soap*) (soapServer.cpp:359) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187== ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x79C8DAA: BN_bin2bn (bn_lib.c:636) ==2187== by 0x79CC863: bnrand (bn_rand.c:199) ==2187== by 0x714ED2: ssl_random(bool, unsigned long long*) (SSLUtil.cpp:144) ==2187== by 0x574213: ECAuthSession::CreateECSession(unsigned long long, std::string, std::string, unsigned long long*, ECSession**) (ECSession.cpp:747) ==2187== by 0x57D038: ECSessionManager::RegisterSession(ECAuthSession*, unsigned long long, char*, char*, unsigned long long*, ECSession**, bool) (ECSessionManager.cpp:685) ==2187== by 0x577C51: ECSessionManager::CreateSession(soap*, char*, char*, char*, char*, unsigned int, unsigned long long, unsigned long long*, ECSession**, bool) (ECSessionManager.cpp:662) ==2187== by 0x4EEECA: ns__logon(soap*, char*, char*, char*, unsigned int, xsd__base64Binary, unsigned long, char*, logonResponse*) (ZarafaCmd.cpp:458) ==2187== by 0x6BE827: soap_serve_ns__logon(soap*) (soapServer.cpp:359) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187== ==2187== Use of uninitialised value of size 8 ==2187== at 0x57FB7B: __gnu_cxx::hashtable<std::pair<unsigned long long const, BTSession*>, unsigned long long, __gnu_cxx::hash<unsigned long long>, std::_Select1st<std::pair<unsigned long long const, BTSession*> >, std::equal_to<unsigned long long>, std::allocator<BTSession*> >::insert_unique_noresize(std::pair<unsigned long long const, BTSession*> const&) (hashtable.h:748) ==2187== by 0x57D0BC: ECSessionManager::RegisterSession(ECAuthSession*, unsigned long long, char*, char*, unsigned long long*, ECSession**, bool) (hashtable.h:435) ==2187== by 0x577C51: ECSessionManager::CreateSession(soap*, char*, char*, char*, char*, unsigned int, unsigned long long, unsigned long long*, ECSession**, bool) (ECSessionManager.cpp:662) ==2187== by 0x4EEECA: ns__logon(soap*, char*, char*, char*, unsigned int, xsd__base64Binary, unsigned long, char*, logonResponse*) (ZarafaCmd.cpp:458) ==2187== by 0x6BE827: soap_serve_ns__logon(soap*) (soapServer.cpp:359) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187== ==2187== Use of uninitialised value of size 8 ==2187== at 0x57FBDA: __gnu_cxx::hashtable<std::pair<unsigned long long const, BTSession*>, unsigned long long, __gnu_cxx::hash<unsigned long long>, std::_Select1st<std::pair<unsigned long long const, BTSession*> >, std::equal_to<unsigned long long>, std::allocator<BTSession*> >::insert_unique_noresize(std::pair<unsigned long long const, BTSession*> const&) (hashtable.h:756) ==2187== by 0x57D0BC: ECSessionManager::RegisterSession(ECAuthSession*, unsigned long long, char*, char*, unsigned long long*, ECSession**, bool) (hashtable.h:435) ==2187== by 0x577C51: ECSessionManager::CreateSession(soap*, char*, char*, char*, char*, unsigned int, unsigned long long, unsigned long long*, ECSession**, bool) (ECSessionManager.cpp:662) ==2187== by 0x4EEECA: ns__logon(soap*, char*, char*, char*, unsigned int, xsd__base64Binary, unsigned long, char*, logonResponse*) (ZarafaCmd.cpp:458) ==2187== by 0x6BE827: soap_serve_ns__logon(soap*) (soapServer.cpp:359) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187== ==2187== Use of uninitialised value of size 8 ==2187== at 0x922026B: _itoa_word (_itoa.c:195) ==2187== by 0x92225D0: vfprintf (vfprintf.c:1567) ==2187== by 0x92DD3F6: __vsprintf_chk (vsprintf_chk.c:87) ==2187== by 0x92DD33C: __sprintf_chk (sprintf_chk.c:33) ==2187== by 0x606F05: soap_ULONG642s (stdio2.h:35) ==2187== by 0x606F83: soap_outULONG64 (stdsoap2.cpp:10241) ==2187== by 0x651400: soap_out_logonResponse(soap*, char const*, int, logonResponse const*, char const*) (soapC.cpp:48469) ==2187== by 0x662D08: soap_put_logonResponse(soap*, logonResponse const*, char const*, char const*) (soapC.cpp:48458) ==2187== by 0x6BE93C: soap_serve_ns__logon(soap*) (soapServer.cpp:380) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187== ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x9220275: _itoa_word (_itoa.c:195) ==2187== by 0x92225D0: vfprintf (vfprintf.c:1567) ==2187== by 0x92DD3F6: __vsprintf_chk (vsprintf_chk.c:87) ==2187== by 0x92DD33C: __sprintf_chk (sprintf_chk.c:33) ==2187== by 0x606F05: soap_ULONG642s (stdio2.h:35) ==2187== by 0x606F83: soap_outULONG64 (stdsoap2.cpp:10241) ==2187== by 0x651400: soap_out_logonResponse(soap*, char const*, int, logonResponse const*, char const*) (soapC.cpp:48469) ==2187== by 0x662D08: soap_put_logonResponse(soap*, logonResponse const*, char const*, char const*) (soapC.cpp:48458) ==2187== by 0x6BE93C: soap_serve_ns__logon(soap*) (soapServer.cpp:380) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187== ==2187== Thread 12: ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x5772D8: std::_Rb_tree<unsigned long long, std::pair<unsigned long long const, sessionInfo>, std::_Select1st<std::pair<unsigned long long const, sessionInfo> >, std::less<unsigned long long>, std::allocator<std::pair<unsigned long long const, sessionInfo> > >::_M_insert_unique(std::pair<unsigned long long const, sessionInfo> const&) (stl_tree.h:1268) ==2187== by 0x5768D9: ECSessionGroup::AddSession(ECSession*) (stl_map.h:518) ==2187== by 0x57CE82: ECSessionManager::GetSessionGroup(unsigned long long, ECSession*, ECSessionGroup**) (ECSessionManager.cpp:347) ==2187== by 0x573DFD: ECSession::ECSession(unsigned long, unsigned long long, unsigned long long, ECDatabaseFactory*, ECSessionManager*, unsigned int, bool, BTSession::AUTHMETHOD, int, std::string, std::string) (ECSession.cpp:309) ==2187== by 0x57428F: ECAuthSession::CreateECSession(unsigned long long, std::string, std::string, unsigned long long*, ECSession**) (ECSession.cpp:750) ==2187== by 0x57D038: ECSessionManager::RegisterSession(ECAuthSession*, unsigned long long, char*, char*, unsigned long long*, ECSession**, bool) (ECSessionManager.cpp:685) ==2187== by 0x577C51: ECSessionManager::CreateSession(soap*, char*, char*, char*, char*, unsigned int, unsigned long long, unsigned long long*, ECSession**, bool) (ECSessionManager.cpp:662) ==2187== by 0x4EEECA: ns__logon(soap*, char*, char*, char*, unsigned int, xsd__base64Binary, unsigned long, char*, logonResponse*) (ZarafaCmd.cpp:458) ==2187== by 0x6BE827: soap_serve_ns__logon(soap*) (soapServer.cpp:359) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187== ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x8AA797F: std::_Rb_tree_insert_and_rebalance(bool, std::_Rb_tree_node_base*, std::_Rb_tree_node_base*, std::_Rb_tree_node_base&) (tree.cc:200) ==2187== by 0x57724C: std::_Rb_tree<unsigned long long, std::pair<unsigned long long const, sessionInfo>, std::_Select1st<std::pair<unsigned long long const, sessionInfo> >, std::less<unsigned long long>, std::allocator<std::pair<unsigned long long const, sessionInfo> > >::_M_insert_(std::_Rb_tree_node_base const*, std::_Rb_tree_node_base const*, std::pair<unsigned long long const, sessionInfo> const&) (stl_tree.h:963) ==2187== by 0x577342: std::_Rb_tree<unsigned long long, std::pair<unsigned long long const, sessionInfo>, std::_Select1st<std::pair<unsigned long long const, sessionInfo> >, std::less<unsigned long long>, std::allocator<std::pair<unsigned long long const, sessionInfo> > >::_M_insert_unique(std::pair<unsigned long long const, sessionInfo> const&) (stl_tree.h:1281) ==2187== by 0x5768D9: ECSessionGroup::AddSession(ECSession*) (stl_map.h:518) ==2187== by 0x57CE82: ECSessionManager::GetSessionGroup(unsigned long long, ECSession*, ECSessionGroup**) (ECSessionManager.cpp:347) ==2187== by 0x573DFD: ECSession::ECSession(unsigned long, unsigned long long, unsigned long long, ECDatabaseFactory*, ECSessionManager*, unsigned int, bool, BTSession::AUTHMETHOD, int, std::string, std::string) (ECSession.cpp:309) ==2187== by 0x57428F: ECAuthSession::CreateECSession(unsigned long long, std::string, std::string, unsigned long long*, ECSession**) (ECSession.cpp:750) ==2187== by 0x57D038: ECSessionManager::RegisterSession(ECAuthSession*, unsigned long long, char*, char*, unsigned long long*, ECSession**, bool) (ECSessionManager.cpp:685) ==2187== by 0x577C51: ECSessionManager::CreateSession(soap*, char*, char*, char*, char*, unsigned int, unsigned long long, unsigned long long*, ECSession**, bool) (ECSessionManager.cpp:662) ==2187== by 0x4EEECA: ns__logon(soap*, char*, char*, char*, unsigned int, xsd__base64Binary, unsigned long, char*, logonResponse*) (ZarafaCmd.cpp:458) ==2187== by 0x6BE827: soap_serve_ns__logon(soap*) (soapServer.cpp:359) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== ==2187== Thread 9: ==2187== Syscall param epoll_ctl(event) points to uninitialised byte(s) ==2187== at 0x92C896A: epoll_ctl (syscall-template.S:82) ==2187== by 0x4BEC43: ECDispatcherEPoll::NotifyRestart(int) (ECThreadManager.cpp:1034) ==2187== by 0x4C017A: ECDispatcher::NotifyDone(soap*) (ECThreadManager.cpp:600) ==2187== by 0x4C037F: ECWorkerThread::Work(void*) (ECThreadManager.cpp:242) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187== Address 0x14a27c88 is on thread 9's stack ==2187== ==2187== Thread 11: ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x578304: ECSessionManager::GetSession(unsigned long long, bool) (hashtable.h:509) ==2187== by 0x5784BB: ECSessionManager::ValidateBTSession(soap*, unsigned long long, BTSession**, bool) (ECSessionManager.cpp:536) ==2187== by 0x57859F: ECSessionManager::ValidateSession(soap*, unsigned long long, ECSession**, bool) (ECSessionManager.cpp:518) ==2187== by 0x511CB3: ns__getStore(soap*, unsigned long, xsd__base64Binary*, getStoreResponse*) (ZarafaCmd.cpp:1160) ==2187== by 0x6BEC6C: soap_serve_ns__getStore(soap*) (soapServer.cpp:441) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187== ==2187== Thread 10: ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x578304: ECSessionManager::GetSession(unsigned long long, bool) (hashtable.h:509) ==2187== by 0x5784BB: ECSessionManager::ValidateBTSession(soap*, unsigned long long, BTSession**, bool) (ECSessionManager.cpp:536) ==2187== by 0x57859F: ECSessionManager::ValidateSession(soap*, unsigned long long, ECSession**, bool) (ECSessionManager.cpp:518) ==2187== by 0x4ED9D4: ns__getStoreName(soap*, unsigned long, xsd__base64Binary, getStoreNameResponse*) (ZarafaCmd.cpp:1258) ==2187== by 0x6BEE51: soap_serve_ns__getStoreName(soap*) (soapServer.cpp:482) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187== ==2187== Thread 8: ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x578304: ECSessionManager::GetSession(unsigned long long, bool) (hashtable.h:509) ==2187== by 0x5784BB: ECSessionManager::ValidateBTSession(soap*, unsigned long long, BTSession**, bool) (ECSessionManager.cpp:536) ==2187== by 0x57859F: ECSessionManager::ValidateSession(soap*, unsigned long long, ECSession**, bool) (ECSessionManager.cpp:518) ==2187== by 0x4EE63F: ns__logoff(soap*, unsigned long, unsigned int*) (ZarafaCmd.cpp:715) ==2187== by 0x6BF236: soap_serve_ns__logoff(soap*) (soapServer.cpp:567) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187== ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x578304: ECSessionManager::GetSession(unsigned long long, bool) (hashtable.h:509) ==2187== by 0x57CB73: ECSessionManager::RemoveSession(unsigned long long) (ECSessionManager.cpp:759) ==2187== by 0x4EE68A: ns__logoff(soap*, unsigned long, unsigned int*) (ZarafaCmd.cpp:727) ==2187== by 0x6BF236: soap_serve_ns__logoff(soap*) (soapServer.cpp:567) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187== ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x57F410: __gnu_cxx::hashtable<std::pair<unsigned long long const, BTSession*>, unsigned long long, __gnu_cxx::hash<unsigned long long>, std::_Select1st<std::pair<unsigned long long const, BTSession*> >, std::equal_to<unsigned long long>, std::allocator<BTSession*> >::erase(unsigned long long const&) (hashtable.h:901) ==2187== by 0x57CB84: ECSessionManager::RemoveSession(unsigned long long) (hash_map:238) ==2187== by 0x4EE68A: ns__logoff(soap*, unsigned long, unsigned int*) (ZarafaCmd.cpp:727) ==2187== by 0x6BF236: soap_serve_ns__logoff(soap*) (soapServer.cpp:567) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187== ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x576094: ECSessionGroup::ShutdownSession(ECSession*) (ECSessionGroup.cpp:200) ==2187== by 0x56FB77: ECSession::Shutdown(unsigned int) (ECSession.cpp:361) ==2187== by 0x57CBA0: ECSessionManager::RemoveSession(unsigned long long) (ECSessionManager.cpp:774) ==2187== by 0x4EE68A: ns__logoff(soap*, unsigned long, unsigned int*) (ZarafaCmd.cpp:727) ==2187== by 0x6BF236: soap_serve_ns__logoff(soap*) (soapServer.cpp:567) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187== ==2187== Thread 13: ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x5772F0: std::_Rb_tree<unsigned long long, std::pair<unsigned long long const, sessionInfo>, std::_Select1st<std::pair<unsigned long long const, sessionInfo> >, std::less<unsigned long long>, std::allocator<std::pair<unsigned long long const, sessionInfo> > >::_M_insert_unique(std::pair<unsigned long long const, sessionInfo> const&) (stl_tree.h:1279) ==2187== by 0x5768D9: ECSessionGroup::AddSession(ECSession*) (stl_map.h:518) ==2187== by 0x57CE82: ECSessionManager::GetSessionGroup(unsigned long long, ECSession*, ECSessionGroup**) (ECSessionManager.cpp:347) ==2187== by 0x573DFD: ECSession::ECSession(unsigned long, unsigned long long, unsigned long long, ECDatabaseFactory*, ECSessionManager*, unsigned int, bool, BTSession::AUTHMETHOD, int, std::string, std::string) (ECSession.cpp:309) ==2187== by 0x57428F: ECAuthSession::CreateECSession(unsigned long long, std::string, std::string, unsigned long long*, ECSession**) (ECSession.cpp:750) ==2187== by 0x57D038: ECSessionManager::RegisterSession(ECAuthSession*, unsigned long long, char*, char*, unsigned long long*, ECSession**, bool) (ECSessionManager.cpp:685) ==2187== by 0x577C51: ECSessionManager::CreateSession(soap*, char*, char*, char*, char*, unsigned int, unsigned long long, unsigned long long*, ECSession**, bool) (ECSessionManager.cpp:662) ==2187== by 0x4EEECA: ns__logon(soap*, char*, char*, char*, unsigned int, xsd__base64Binary, unsigned long, char*, logonResponse*) (ZarafaCmd.cpp:458) ==2187== by 0x6BE827: soap_serve_ns__logon(soap*) (soapServer.cpp:359) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187== ==2187== Thread 14: ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x578304: ECSessionManager::GetSession(unsigned long long, bool) (hashtable.h:509) ==2187== by 0x5784BB: ECSessionManager::ValidateBTSession(soap*, unsigned long long, BTSession**, bool) (ECSessionManager.cpp:536) ==2187== by 0x57859F: ECSessionManager::ValidateSession(soap*, unsigned long long, ECSession**, bool) (ECSessionManager.cpp:518) ==2187== by 0x50DD53: ns__getPublicStore(soap*, unsigned long, unsigned int, getStoreResponse*) (ZarafaCmd.cpp:1028) ==2187== by 0x6BF04B: soap_serve_ns__getPublicStore(soap*) (soapServer.cpp:523) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187== ==2187== Thread 8: ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x578304: ECSessionManager::GetSession(unsigned long long, bool) (hashtable.h:509) ==2187== by 0x5784BB: ECSessionManager::ValidateBTSession(soap*, unsigned long long, BTSession**, bool) (ECSessionManager.cpp:536) ==2187== by 0x57859F: ECSessionManager::ValidateSession(soap*, unsigned long long, ECSession**, bool) (ECSessionManager.cpp:518) ==2187== by 0x4EF4B7: ns__resolvePseudoUrl(soap*, unsigned long, char*, resolvePseudoUrlResponse*) (ZarafaCmd.cpp:10301) ==2187== by 0x6CDD7D: soap_serve_ns__resolvePseudoUrl(soap*) (soapServer.cpp:5488) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187== ==2187== Thread 13: ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x578304: ECSessionManager::GetSession(unsigned long long, bool) (hashtable.h:509) ==2187== by 0x5784BB: ECSessionManager::ValidateBTSession(soap*, unsigned long long, BTSession**, bool) (ECSessionManager.cpp:536) ==2187== by 0x57859F: ECSessionManager::ValidateSession(soap*, unsigned long long, ECSession**, bool) (ECSessionManager.cpp:518) ==2187== by 0x509F5A: ns__getUser(soap*, unsigned long, unsigned int, xsd__base64Binary, getUserResponse*) (ZarafaCmd.cpp:5520) ==2187== by 0x6C63C6: soap_serve_ns__getUser(soap*) (soapServer.cpp:2944) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187== ==2187== Thread 14: ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x578304: ECSessionManager::GetSession(unsigned long long, bool) (hashtable.h:509) ==2187== by 0x5784BB: ECSessionManager::ValidateBTSession(soap*, unsigned long long, BTSession**, bool) (ECSessionManager.cpp:536) ==2187== by 0x57859F: ECSessionManager::ValidateSession(soap*, unsigned long long, ECSession**, bool) (ECSessionManager.cpp:518) ==2187== by 0x51C8FC: ns__loadObject(soap*, unsigned long, xsd__base64Binary, notifySubscribe*, unsigned int, loadObjectResponse*) (ZarafaCmd.cpp:3268) ==2187== by 0x6BFE7B: soap_serve_ns__loadObject(soap*) (soapServer.cpp:816) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187== ==2187== Use of uninitialised value of size 8 ==2187== at 0x5FBECD: soap_putbase64 (stdsoap2.cpp:1860) ==2187== by 0x63DB46: soap_out_xsd__base64Binary(soap*, char const*, int, xsd__base64Binary const*, char const*) (soapC.cpp:51182) ==2187== by 0x652980: soap_out_propVal(soap*, char const*, int, propVal const*, char const*) (soapC.cpp:49368) ==2187== by 0x6531A7: soap_out_propValArray(soap*, char const*, int, propValArray const*, char const*) (soapC.cpp:49230) ==2187== by 0x65348B: soap_out_saveObject(soap*, char const*, int, saveObject const*, char const*) (soapC.cpp:48761) ==2187== by 0x653830: soap_out_loadObjectResponse(soap*, char const*, int, loadObjectResponse const*, char const*) (soapC.cpp:48618) ==2187== by 0x662C78: soap_put_loadObjectResponse(soap*, loadObjectResponse const*, char const*, char const*) (soapC.cpp:48607) ==2187== by 0x6BFF94: soap_serve_ns__loadObject(soap*) (soapServer.cpp:837) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187== ==2187== Thread 9: ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x578304: ECSessionManager::GetSession(unsigned long long, bool) (hashtable.h:509) ==2187== by 0x5784BB: ECSessionManager::ValidateBTSession(soap*, unsigned long long, BTSession**, bool) (ECSessionManager.cpp:536) ==2187== by 0x57859F: ECSessionManager::ValidateSession(soap*, unsigned long long, ECSession**, bool) (ECSessionManager.cpp:518) ==2187== by 0x51601F: ns__getCompanyList(soap*, unsigned long, companyListResponse*) (ZarafaCmd.cpp:6660) ==2187== by 0x6CA427: soap_serve_ns__getCompanyList(soap*) (soapServer.cpp:4304) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187== ==2187== Thread 12: ==2187== Conditional jump or move depends on uninitialised value(s) ==2187== at 0x578304: ECSessionManager::GetSession(unsigned long long, bool) (hashtable.h:509) ==2187== by 0x5784BB: ECSessionManager::ValidateBTSession(soap*, unsigned long long, BTSession**, bool) (ECSessionManager.cpp:536) ==2187== by 0x57859F: ECSessionManager::ValidateSession(soap*, unsigned long long, ECSession**, bool) (ECSessionManager.cpp:518) ==2187== by 0x51693D: ns__getUserList(soap*, unsigned long, unsigned int, xsd__base64Binary, userListResponse*) (ZarafaCmd.cpp:5569) ==2187== by 0x6C67C6: soap_serve_ns__getUserList(soap*) (soapServer.cpp:3029) ==2187== by 0x4C04BE: ECWorkerThread::Work(void*) (ECThreadManager.cpp:214) ==2187== by 0x70B2D8F: start_thread (pthread_create.c:309) ==2187== by 0x92C83DC: clone (clone.S:115) ==2187==
After a nice chat with Jan (thanks again!), my result for now is: if (d >= FD_SETSIZE) __chk_fail (); glibc/debug/fdelt_chk.c There is some problem with fd_set like for select, it had limit 1024 fds while modern Linux kernels have the limit much higher. Sure one should replace any select anywhere with poll, select is depreated for ages.
Further stuff trimmed down to the important/useful things for developers: [root@localhost ~]# cat /proc/2270/limits Limit Soft Limit Hard Limit Units Max cpu time unlimited unlimited seconds Max file size unlimited unlimited bytes Max data size unlimited unlimited bytes Max stack size 8388608 unlimited bytes Max core file size unlimited unlimited bytes Max resident set unlimited unlimited bytes Max processes 1024 7836 processes Max open files 8192 8192 files Max locked memory 65536 65536 bytes Max address space unlimited unlimited bytes Max file locks unlimited unlimited locks Max pending signals 7836 7836 signals Max msgqueue size 819200 819200 bytes Max nice priority 0 0 Max realtime priority 0 0 Max realtime timeout unlimited unlimited us [root@localhost ~]# > So check if that Zarafa has it 1024 or higher. If it is higher my > hypothesis is probably right, with 1024 the problem should not happen. > And fd there should also be higher than 1024 to confirm that hypothesis. > How many entries are in /proc/PID/fd/ 14 > oops. [...] Try in frame #6: (gdb) print soap->socket (gdb) frame 6 #6 0x00000000005fa6a1 in frecv (soap=0xa74f30, s=0xa7b060 "", n=65536) at stdsoap2.cpp:887 887 FD_SET(soap->socket, &fd); (gdb) print soap->socket $9 = 1024 (gdb) > OK, when you look now at /proc/PID/fd/ there may be only 14 entries > but what is the highest descriptor number there? [root@localhost ~]# ls -l /proc/2270/fd/1024 lrwx------ 1 root root 64 20. Dez 22:57 /proc/2270/fd/1024 -> socket:[16348] [root@localhost ~]# > OK, great. > So this chat just proves [...] they should get rid of select() ASAP. As I don't have any knowledge about that stuff: > You could probably Google out the whole topic of 1024 fd_set. > In general it is not limiting anything but it is such a pain world has > rather get rid of it. > Formerly there was limit of 1024 fds and everything "worked" and nothing > crashed. But you could have at most 1024 files open per process. > If you increase this limit then you need to increase the fd_set size. > Which also works but then it is no longer ABI compatible. > AFAIK Fedora is built with the fd_set size 1024, that is its glibc and > all the Fedora libraries are built with sizeof (fd_set) == 1024 / 8. > So on Fedora you must not set `ulimit -n' above 1024 for regular > processes using select. aha? It crashes with Fedora 16, but works with RHEL 5/6 for example. > `ulimit -n' is a system setup, I guess on that RHEL 5/6 hosts you may > have ulimit -n 1024 for that Zarafa. > Also even if the limit is higher as long as the process does not _use_ > so many fds the problem does not happen. > After all just drop select, move to poll and everything works with no > limits. Thanks again to Jan for his time, efforts and especially for his patience! I will now update the Zarafa ticket accordingly, because it seems that my experience with that has been more than reached now.
The following was returned by the Zarafa product manager a few minutes ago: > i just checked the vm and discuss with john and steve > and the check for filedescriptors in glibc is wrong > if (d >= FD_SETSIZE) > __chk_fail (); > glibc/debug/fdelt_chk.c > this check is wrong according to john and steve > zarafa is compiling always with 8k of file descriptors > 0-1024 are reserved for libraries and so on > and the server itself is using the higher filedescriptors, as libldap has a > hard limit on the number 1024 > we saw in the past an issue where zarafa and mysql were using > filedescriptors from 0 and then when server was crashing as more FD were > required, but libldap couldn't use them because of the 1024
Unfortunately, that test is correct. FD_SETSIZE is used to set the size of various structures within glibc which are publicly visible, such as fd_set. Using fdsets with > FD_SETSIZE elements is ultimately doomed to failure in on manner or another. You really need to be using poll.
*** Bug 770132 has been marked as a duplicate of this bug. ***
Jeff, do you have any pointer that could be especially helpful to upstream for debugging this? So is it somehow possible to debug what the cause of the __fortify_fail catch is? What I don't get, is how fortify fail is related to the poll/select thing, that was brought up by Jan.
zarafa-7.0.3-2.el5, php53-mapi-7.0.3-2.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.
zarafa-7.0.3-2.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.
This is of course not solved, only the updated builds have been pushed to the EPEL branches. I'm still open for suggestions and ideas how to track the issue down...
zarafa-7.0.3-2.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.
zarafa-7.0.3-2.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report.
See comment #37 ;-)
There really isn't any debugging necessary. Prior comments already indicate the developers know they're creating fdsets with > 1024 elements. That's simply isn't going to work. Modern versions of glibc check for this error condition and that's the error that's being reported. Jeff
So, still no fix? my last update attempt resulted in the same error ..... Downgraded again to have it working. Jan 06 12:57:25 Updated: zarafa-common-7.0.3-2.fc16.noarch Jan 06 12:57:26 Updated: cyrus-sasl-lib-2.1.23-27.fc16.x86_64 Jan 06 12:57:26 Updated: libical-0.48-1.fc16.x86_64 Jan 06 12:57:26 Updated: zarafa-client-7.0.3-2.fc16.x86_64 Jan 06 12:57:26 Updated: libmapi-7.0.3-2.fc16.x86_64 Jan 06 12:57:26 Updated: php-mapi-7.0.3-2.fc16.x86_64 Jan 06 12:57:26 Updated: zarafa-dagent-7.0.3-2.fc16.x86_64 Jan 06 12:57:26 Updated: zarafa-gateway-7.0.3-2.fc16.x86_64 Jan 06 12:57:26 Updated: zarafa-monitor-7.0.3-2.fc16.x86_64 Jan 06 12:57:26 Updated: zarafa-utils-7.0.3-2.fc16.x86_64 Jan 06 12:57:27 Updated: zarafa-ical-7.0.3-2.fc16.x86_64 Jan 06 12:57:27 Updated: zarafa-spooler-7.0.3-2.fc16.x86_64 Jan 06 12:57:27 Updated: cyrus-sasl-md5-2.1.23-27.fc16.x86_64 Jan 06 12:57:27 Updated: cyrus-sasl-gssapi-2.1.23-27.fc16.x86_64 Jan 06 12:57:27 Updated: cyrus-sasl-plain-2.1.23-27.fc16.x86_64 Jan 06 12:57:27 Updated: cyrus-sasl-2.1.23-27.fc16.x86_64 Jan 06 12:57:27 Updated: zarafa-server-7.0.3-2.fc16.x86_64 Jan 06 12:57:28 Updated: git-1.7.7.5-1.fc16.x86_64 Jan 06 12:57:29 Updated: perl-Git-1.7.7.5-1.fc16.noarch Jan 06 12:57:29 Updated: libipa_hbac-1.6.4-1.fc16.x86_64 Jan 06 12:57:30 Updated: 1:qt-4.8.0-5.fc16.x86_64 Jan 06 12:57:30 Updated: sssd-client-1.6.4-1.fc16.x86_64 Jan 06 12:57:30 Updated: sssd-1.6.4-1.fc16.x86_64 Jan 06 12:57:32 Updated: 1:qt-x11-4.8.0-5.fc16.x86_64 Jan 06 12:57:32 Updated: zarafa-7.0.3-2.fc16.x86_64 Jan 06 12:57:32 Updated: cyrus-sasl-devel-2.1.23-27.fc16.x86_64 Jan 06 12:57:33 Updated: libpurple-2.10.1-1.fc16.x86_64 Jan 06 12:57:33 Updated: zarafa-z-push-1.5.6-1.fc16.noarch Jan 06 12:57:33 Updated: zarafa-webaccess-7.0.3-2.fc16.noarch Jan 06 12:57:33 Updated: zarafa-archiver-7.0.3-2.fc16.x86_64 Jan 06 12:57:34 Updated: zarafa-devel-7.0.3-2.fc16.x86_64 Jan 06 12:57:34 Updated: evolution-data-server-3.2.2-2.fc16.x86_64 Jan 06 12:57:35 Updated: xorg-x11-drv-wacom-0.12.0-1.fc16.x86_64 Jan 06 12:57:36 Updated: 1:gnome-games-3.2.1-3.fc16.x86_64 Jan 06 12:57:36 Updated: 2:mtr-0.82-1.fc16.x86_64 Jan 06 12:57:38 Updated: grubby-8.8-2.fc16.x86_64 Jan 06 12:57:39 Updated: zsh-4.3.15-1.fc16.x86_64 Jan 06 12:57:39 Updated: telepathy-glib-0.16.4-1.fc16.x86_64 Jan 06 12:57:39 Updated: 2:ethtool-3.1-1.fc16.x86_64 Jan 06 12:58:31 Installed: zarafa-common-7.0.2-1.fc16.noarch Jan 06 12:58:32 Installed: libmapi-7.0.2-1.fc16.x86_64 Jan 06 12:58:32 Installed: zarafa-client-7.0.2-1.fc16.x86_64 Jan 06 12:58:32 Installed: php-mapi-7.0.2-1.fc16.x86_64 Jan 06 12:58:32 Installed: zarafa-utils-7.0.2-1.fc16.x86_64 Jan 06 12:58:32 Installed: zarafa-gateway-7.0.2-1.fc16.x86_64 Jan 06 12:58:32 Installed: zarafa-spooler-7.0.2-1.fc16.x86_64 Jan 06 12:58:32 Installed: zarafa-monitor-7.0.2-1.fc16.x86_64 Jan 06 12:58:32 Installed: zarafa-ical-7.0.2-1.fc16.x86_64 Jan 06 12:58:32 Installed: zarafa-dagent-7.0.2-1.fc16.x86_64 Jan 06 12:58:32 Installed: zarafa-server-7.0.2-1.fc16.x86_64 Jan 06 12:58:32 Installed: zarafa-7.0.2-1.fc16.x86_64 Jan 06 12:58:32 Installed: zarafa-z-push-1.5.5-1.fc16.noarch Jan 06 12:58:33 Installed: zarafa-webaccess-7.0.2-1.fc16.noarch Jan 06 12:58:33 Installed: zarafa-archiver-7.0.2-1.fc16.x86_64 Jan 06 12:58:33 Installed: zarafa-devel-7.0.2-1.fc16.x86_64 Fri Jan 6 12:57:41 2012: Shutting down. Fri Jan 6 12:57:41 2012: Still waiting for 8 threads to exit Fri Jan 6 12:57:48 2012: Server shutdown complete. Fri Jan 6 12:57:49 2012: Starting zarafa-server version 7,0,3,30515, pid 29765 Fri Jan 6 12:57:49 2012: Connection to database 'zarafa' succeeded Fri Jan 6 12:57:49 2012: WARNING: zarafa-licensed not running, commercial features will not be available until it's started. Fri Jan 6 12:57:49 2012: Listening for pipe connections on /var/run/zarafa Fri Jan 6 12:57:49 2012: Listening for TCP connections on port 236 Fri Jan 6 12:57:49 2012: Startup succeeded on pid 29770 Fri Jan 6 12:57:50 2012: Caught SIGABRT (6), out of memory or unhandled exception, traceback: Fri Jan 6 12:57:50 2012: 0x000000004b5401 /usr/bin/zarafa-server(_Z7sigsegvi+0x81) [0x4b5401] Fri Jan 6 12:57:50 2012: 0x00003234a0f500 /lib64/libpthread.so.0() [0x3234a0f500] Fri Jan 6 12:57:50 2012: 0x00003234636285 /lib64/libc.so.6(gsignal+0x35) [0x3234636285] Fri Jan 6 12:57:50 2012: 0x00003234637b9b /lib64/libc.so.6(abort+0x17b) [0x3234637b9b] Fri Jan 6 12:57:50 2012: 0x00003234675fae /lib64/libc.so.6() [0x3234675fae] Fri Jan 6 12:57:50 2012: 0x00003234707027 /lib64/libc.so.6(__fortify_fail+0x37) [0x3234707027] Fri Jan 6 12:57:50 2012: 0x00003234704fa0 /lib64/libc.so.6() [0x3234704fa0] Fri Jan 6 12:57:50 2012: 0x00003234706fde /lib64/libc.so.6() [0x3234706fde] Fri Jan 6 12:57:50 2012: 0x000000005fa6a1 /usr/bin/zarafa-server() [0x5fa6a1] Fri Jan 6 12:57:50 2012: 0x000000005fa9c8 /usr/bin/zarafa-server(soap_recv_raw+0xc8) [0x5fa9c8] Fri Jan 6 12:57:50 2012: 0x000000005fb33d /usr/bin/zarafa-server(soap_getchar+0x4d) [0x5fb33d] Fri Jan 6 12:57:50 2012: 0x0000000060d56a /usr/bin/zarafa-server(soap_begin_recv+0x1fa) [0x60d56a] Fri Jan 6 12:57:50 2012: 0x000000004c0245 /usr/bin/zarafa-server(_ZN14ECWorkerThread4WorkEPv+0x95) [0x4c0245] Fri Jan 6 12:57:50 2012: 0x00003234a07d90 /lib64/libpthread.so.0() [0x3234a07d90] Fri Jan 6 12:57:50 2012: 0x000032346ef48d /lib64/libc.so.6(clone+0x6d) [0x32346ef48d] Fri Jan 6 12:57:50 2012: When reporting this traceback, please include Linux distribution name, system architecture and Zarafa version. Fri Jan 6 13:02:33 2012: Starting zarafa-server version 7,0,2,29470, pid 1485 Fri Jan 6 13:02:33 2012: Connection to database 'zarafa' succeeded Fri Jan 6 13:02:33 2012: WARNING: zarafa-licensed not running, commercial features will not be available until it's started. Fri Jan 6 13:02:33 2012: Listening for pipe connections on /var/run/zarafa Fri Jan 6 13:02:33 2012: Listening for TCP connections on port 236 Fri Jan 6 13:02:33 2012: Startup succeeded on pid 1500
Our glibc-2.14.90-8 contains http://sourceware.org/ml/glibc-cvs/2011-q3/msg00235.html and thus causes segfault of every Zarafa build. The version of Zarafa doesn't matter, as long as it is built against that glibc version (or any newer). This turns currently all Zarafa builds on Fedora 16+ into unusable. <rsc> ajax: well...the package segfaults if I use glibc > 2.14.90-8 + FORTIFY_SOURCE. At least I have to assume that, firing local test builds for verification. <rsc> s/package/application/ <ajax> that usualy means it has a bug though <rsc> ajax: well. GLIBC folks say Zarafa has the bug, Zarafa folks says GLIBC has the bug. Haha. And I'm the packager. <ajax> citation? <rsc> ajax: https://bugzilla.redhat.com/show_bug.cgi?id=760888 <ajax> zarafa is wrong and for god's sake port to using poll already <rsc> ajax: could you put in a more technical comment into the bug report for Zarafa (upstream), please? <ajax> rsc: i really don't need to. jeff law already said exactly what needs to be said. fd_sets only have 1024 bits in them. you can not use a file descriptor > 1024 with select(). period. <ajax> this is ABI. there's no fixing it without calling it libc.so.7. <ajax> and there's no reason _to_ fix it because select is a bad and slow API. if you need more than 1024 fds you're doing enough work that performance will matter. <notting> ajax: ... some prior behavior just blithely ignored fds > 1024? <ajax> notting: something like "FD_SET() didn't bother to bounds-check its arguments and just let you set bits off the end of the array" i think
zarafa-7.0.4-1.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/zarafa-7.0.4-1.fc16
zarafa-7.0.4-1.fc15 has been submitted as an update for Fedora 15. https://admin.fedoraproject.org/updates/zarafa-7.0.4-1.fc15
zarafa-7.0.4-1.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/zarafa-7.0.4-1.el6
zarafa-7.0.4-1.el5,php53-mapi-7.0.4-1.el5 has been submitted as an update for Fedora EPEL 5. https://admin.fedoraproject.org/updates/zarafa-7.0.4-1.el5,php53-mapi-7.0.4-1.el5
Package zarafa-7.0.4-1.fc15: * should fix your issue, * was pushed to the Fedora 15 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing zarafa-7.0.4-1.fc15' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-0424/zarafa-7.0.4-1.fc15 then log in and leave karma (feedback).
Jacco? Ola? Any feedback? Have you been able to test the new packages? For me they are working. How about you?
sorry, in the process of moving to my new house. Completed the update and so far it seems to be running. Mon Jan 23 19:06:42 2012: Starting zarafa-server version 7,0,4,31235, pid 1441 Mon Jan 23 19:06:42 2012: Connection to database 'zarafa' succeeded Mon Jan 23 19:06:42 2012: WARNING: zarafa-licensed not running, commercial features will not be available until it's started. Mon Jan 23 19:06:42 2012: Start: Creating client update status table Mon Jan 23 19:06:42 2012: Done: Creating client update status table Mon Jan 23 19:06:42 2012: Start: Converting stores table Mon Jan 23 19:06:42 2012: Done: Converting stores table Mon Jan 23 19:06:42 2012: Start: Updating stores table Mon Jan 23 19:06:42 2012: Done: Updating stores table Mon Jan 23 19:06:43 2012: Listening for pipe connections on /var/run/zarafa Mon Jan 23 19:06:43 2012: Listening for TCP connections on port 236 Mon Jan 23 19:06:43 2012: Startup succeeded on pid 1448
Not sure it's the same problem, but at least, the latest Zarafa is still not working here: Tue Jan 24 09:10:25 2012: Caught SIGABRT (6), out of memory or unhandled exception, traceback: Tue Jan 24 09:10:25 2012: 0x000000004b5401 /usr/bin/zarafa-server(_Z7sigsegvi+0x81) [0x4b5401] Tue Jan 24 09:10:25 2012: 0x0000393cc0f500 /lib64/libpthread.so.0() [0x393cc0f500] Tue Jan 24 09:10:25 2012: 0x0000393c836285 /lib64/libc.so.6(gsignal+0x35) [0x393c836285] Tue Jan 24 09:10:25 2012: 0x0000393c837b9b /lib64/libc.so.6(abort+0x17b) [0x393c837b9b] Tue Jan 24 09:10:25 2012: 0x0000393c875fae /lib64/libc.so.6() [0x393c875fae] Tue Jan 24 09:10:25 2012: 0x0000393c907027 /lib64/libc.so.6(__fortify_fail+0x37) [0x393c907027] Tue Jan 24 09:10:25 2012: 0x0000393c904fa0 /lib64/libc.so.6() [0x393c904fa0] Tue Jan 24 09:10:25 2012: 0x0000393c906fde /lib64/libc.so.6() [0x393c906fde] Tue Jan 24 09:10:25 2012: 0x000000005fa6a1 /usr/bin/zarafa-server() [0x5fa6a1] Tue Jan 24 09:10:25 2012: 0x000000005fa9c8 /usr/bin/zarafa-server(soap_recv_raw+0xc8) [0x5fa9c8] Tue Jan 24 09:10:25 2012: 0x000000005fb33d /usr/bin/zarafa-server(soap_getchar+0x4d) [0x5fb33d] Tue Jan 24 09:10:25 2012: 0x0000000060d56a /usr/bin/zarafa-server(soap_begin_recv+0x1fa) [0x60d56a] Tue Jan 24 09:10:25 2012: 0x000000004c0245 /usr/bin/zarafa-server(_ZN14ECWorkerThread4WorkEPv+0x95) [0x4c0245] Tue Jan 24 09:10:25 2012: 0x0000393cc07d90 /lib64/libpthread.so.0() [0x393cc07d90] Tue Jan 24 09:10:25 2012: 0x0000393c8ef48d /lib64/libc.so.6(clone+0x6d) [0x393c8ef48d] Tue Jan 24 09:10:25 2012: When reporting this traceback, please include Linux distribution name, system architecture and Zarafa version. A simple yum downgrade zarafa\* libmapi php-mapi fixed the issue.
Hi ola, How did you upgrade? The latest, for me, working update is not in the regular yum repository. Did you do: # su -c 'yum update --enablerepo=updates-testing zarafa-7.0.4-1.fcXX
Ah, sorry. Didn't see the updates-testing part. With the packages from updates-testing zarafa seems to work fine also after the upgrade. Great!
zarafa-7.0.4-1.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report.
zarafa-7.0.4-1.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.
zarafa-7.0.4-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.
zarafa-7.0.4-1.el5, php53-mapi-7.0.4-1.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.