Bug 56157 - realmd memory corruption on exit
Summary: realmd memory corruption on exit
Status: RESOLVED FIXED
Alias: None
Product: realmd
Classification: Unclassified
Component: General (show other bugs)
Version: unspecified
Hardware: Other All
: medium normal
Assignee: Stef Walter
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-10-18 19:26 UTC by Stef Walter
Modified: 2016-04-14 08:02 UTC (History)
0 users

See Also:
i915 platform:
i915 features:

Attachments

Description Stef Walter 2012-10-18 19:26:03 UTC 
Got this memory corruption on exit of realmd:

[New LWP 3073]
[New LWP 3086]
[New LWP 3075]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Core was generated by `/usr/lib64/realmd/realmd'.
Program terminated with signal 6, Aborted.
#0  0x00007fd6aee37ba5 in raise () from /lib64/libc.so.6

Thread 3 (Thread 0x7fd6a9f33700 (LWP 3075)):
#0  0x00007fd6aeeeb7ed in poll () from /lib64/libc.so.6
No symbol table info available.
#1  0x00007fd6b04fed64 in g_main_context_iterate.isra.24 () from /lib64/libglib-2.0.so.0
No symbol table info available.
#2  0x00007fd6b04ff1c2 in g_main_loop_run () from /lib64/libglib-2.0.so.0
No symbol table info available.
#3  0x00007fd6b0014526 in gdbus_shared_thread_func () from /lib64/libgio-2.0.so.0
No symbol table info available.
#4  0x00007fd6b0522615 in g_thread_proxy () from /lib64/libglib-2.0.so.0
No symbol table info available.
#5  0x00007fd6af1c1d15 in start_thread () from /lib64/libpthread.so.0
No symbol table info available.
#6  0x00007fd6aeef42cd in clone () from /lib64/libc.so.6
No symbol table info available.

Thread 2 (Thread 0x7fd6a8f31700 (LWP 3086)):
#0  0x00007fd6aeeeb7ed in poll () from /lib64/libc.so.6
No symbol table info available.
#1  0x00007fd6b04fed64 in g_main_context_iterate.isra.24 () from /lib64/libglib-2.0.so.0
No symbol table info available.
#2  0x00007fd6b04fee84 in g_main_context_iteration () from /lib64/libglib-2.0.so.0
No symbol table info available.
#3  0x00007fd6b04feed1 in glib_worker_main () from /lib64/libglib-2.0.so.0
No symbol table info available.
#4  0x00007fd6b0522615 in g_thread_proxy () from /lib64/libglib-2.0.so.0
No symbol table info available.
#5  0x00007fd6af1c1d15 in start_thread () from /lib64/libpthread.so.0
No symbol table info available.
#6  0x00007fd6aeef42cd in clone () from /lib64/libc.so.6
No symbol table info available.

Thread 1 (Thread 0x7fd6aa735800 (LWP 3073)):
#0  0x00007fd6aee37ba5 in raise () from /lib64/libc.so.6
No symbol table info available.
#1  0x00007fd6aee39358 in abort () from /lib64/libc.so.6
No symbol table info available.
#2  0x00007fd6b04d1440 in mem_error () from /lib64/libglib-2.0.so.0
No symbol table info available.
#3  0x00007fd6b0518d9b in slab_allocator_free_chunk () from /lib64/libglib-2.0.so.0
No symbol table info available.
#4  0x00007fd6b05190de in magazine_cache_push_magazine () from /lib64/libglib-2.0.so.0
No symbol table info available.
#5  0x00007fd6b04d1906 in thread_memory_magazine2_unload.isra.12 () from /lib64/libglib-2.0.so.0
No symbol table info available.
#6  0x00007fd6b0519f50 in g_slice_free1 () from /lib64/libglib-2.0.so.0
No symbol table info available.
#7  0x00007fd6b1160209 in reset_config_data ()
No symbol table info available.
#8  0x00007fd6b11611de in realm_ini_config_finalize ()
No symbol table info available.
#9  0x00007fd6b0a9886b in g_object_unref () from /lib64/libgobject-2.0.so.0
No symbol table info available.
#10 0x00007fd6b116d3dd in realm_samba_provider_finalize ()
No symbol table info available.
#11 0x00007fd6b0a9886b in g_object_unref () from /lib64/libgobject-2.0.so.0
No symbol table info available.
#12 0x00007fd6b0022566 in registration_data_free () from /lib64/libgio-2.0.so.0
No symbol table info available.
#13 0x00007fd6b04ee273 in g_hash_table_remove_all_nodes () from /lib64/libglib-2.0.so.0
No symbol table info available.
#14 0x00007fd6b04eec2d in g_hash_table_unref () from /lib64/libglib-2.0.so.0
No symbol table info available.
#15 0x00007fd6b0022673 in g_dbus_object_manager_server_finalize () from /lib64/libgio-2.0.so.0
No symbol table info available.
#16 0x00007fd6b0a9886b in g_object_unref () from /lib64/libgobject-2.0.so.0
No symbol table info available.
#17 0x00007fd6b115c672 in main ()
No symbol table info available.
From                To                  Syms Read   Shared Object Library
0x00007fd6b0ce73c0  0x00007fd6b0d14da8  Yes (*)     /lib64/libpackagekit-glib2.so.16
0x00007fd6b0a8eba0  0x00007fd6b0abc31c  Yes (*)     /lib64/libgobject-2.0.so.0
0x00007fd6b07e44e0  0x00007fd6b0864560  Yes (*)     /lib64/libsqlite3.so.0
0x00007fd6b04d1070  0x00007fd6b056623c  Yes (*)     /lib64/libglib-2.0.so.0
0x00007fd6b02a2890  0x00007fd6b02ae5c0  Yes (*)     /lib64/libpolkit-gobject-1.so.0
0x00007fd6aff78100  0x00007fd6b0036e34  Yes (*)     /lib64/libgio-2.0.so.0
0x00007fd6afc7e690  0x00007fd6afcf6410  Yes (*)     /lib64/libkrb5.so.3
0x00007fd6afa3c4d0  0x00007fd6afa54938  Yes (*)     /lib64/libk5crypto.so.3
0x00007fd6af835560  0x00007fd6af836144  Yes (*)     /lib64/libcom_err.so.2
0x00007fd6af5f4090  0x00007fd6af622918  Yes (*)     /lib64/libldap-2.4.so.2
0x00007fd6af3d96d0  0x00007fd6af3e0b24  Yes (*)     /lib64/liblber-2.4.so.2
0x00007fd6af1bf790  0x00007fd6af1ca4b4  Yes (*)     /lib64/libpthread.so.0
0x00007fd6aee211a0  0x00007fd6aef627a0  Yes (*)     /lib64/libc.so.6
0x00007fd6aeb77600  0x00007fd6aebdd560  Yes (*)     /lib64/libarchive.so.12
0x00007fd6ae9656b0  0x00007fd6ae96580c  Yes (*)     /lib64/libgthread-2.0.so.0
0x00007fd6ae75f2a0  0x00007fd6ae76257c  Yes (*)     /lib64/librt.so.1
0x00007fd6ae556990  0x00007fd6ae55b134  Yes (*)     /lib64/libffi.so.5
0x00007fd6ae351ed0  0x00007fd6ae3529f0  Yes (*)     /lib64/libdl.so.2
0x00007fd6ae148ef0  0x00007fd6ae14d1b8  Yes (*)     /lib64/libsystemd-login.so.0
0x00007fd6adf44130  0x00007fd6adf44ff8  Yes (*)     /lib64/libgmodule-2.0.so.0
0x00007fd6add2f190  0x00007fd6add3b640  Yes (*)     /lib64/libz.so.1
0x00007fd6adb11130  0x00007fd6adb224d4  Yes (*)     /lib64/libselinux.so.1
0x00007fd6ad8f5a30  0x00007fd6ad90401c  Yes (*)     /lib64/libresolv.so.2
0x00007fd6ad6e9b50  0x00007fd6ad6ef0cc  Yes (*)     /lib64/libkrb5support.so.0
0x00007fd6ad4e4190  0x00007fd6ad4e4b44  Yes (*)     /lib64/libkeyutils.so.1
0x00007fd6ad2cfa40  0x00007fd6ad2df188  Yes (*)     /lib64/libgcc_s.so.1
0x00007fd6b0f2eb20  0x00007fd6b0f483f9  Yes (*)     /lib64/ld-linux-x86-64.so.2
0x00007fd6ad0b6870  0x00007fd6ad0c6514  Yes (*)     /lib64/libsasl2.so.2
0x00007fd6ace7c2d0  0x00007fd6acea1b70  Yes (*)     /lib64/libssl3.so
0x00007fd6acc4fce0  0x00007fd6acc68230  Yes (*)     /lib64/libsmime3.so
0x00007fd6ac924af0  0x00007fd6aca07a14  Yes (*)     /lib64/libnss3.so
0x00007fd6ac6f0a60  0x00007fd6ac6fbb04  Yes (*)     /lib64/libnssutil3.so
0x00007fd6ac4e2ff0  0x00007fd6ac4e3f18  Yes (*)     /lib64/libplds4.so
0x00007fd6ac2de510  0x00007fd6ac2dfbf4  Yes (*)     /lib64/libplc4.so
0x00007fd6ac0ad280  0x00007fd6ac0ccc10  Yes (*)     /lib64/libnspr4.so
0x00007fd6abe98f80  0x00007fd6abe9cddc  Yes (*)     /lib64/libacl.so.1
0x00007fd6abc933d0  0x00007fd6abc9549c  Yes (*)     /lib64/libattr.so.1
0x00007fd6aba700f0  0x00007fd6aba86340  Yes (*)     /lib64/liblzma.so.5
0x00007fd6ab85e760  0x00007fd6ab86a3c0  Yes (*)     /lib64/libbz2.so.1
0x00007fd6ab527870  0x00007fd6ab6104b0  Yes (*)     /lib64/libxml2.so.2
0x00007fd6ab1fd5b0  0x00007fd6ab267d68  Yes (*)     /lib64/libm.so.6
0x00007fd6aae95fc0  0x00007fd6aaf78af8  Yes (*)     /lib64/libcrypto.so.10
0x00007fd6aabd7db0  0x00007fd6aac1bb28  Yes (*)     /lib64/libpcre.so.1
0x00007fd6aa99fe00  0x00007fd6aa9a4ccc  Yes (*)     /lib64/libcrypt.so.1
0x00007fd6aa73e550  0x00007fd6aa77d508  Yes (*)     /lib64/libfreebl3.so
(*): Shared library is missing debugging information.
$1 = 0x0
No symbol table is loaded.  Use the "file" command.
rax            0x0	0
rbx            0x7fd6af1b4848	140560037529672
rcx            0xffffffffffffffff	-1
rdx            0x6	6
rsi            0xc01	3073
rdi            0xc01	3073
rbp            0x7fd6b27db190	0x7fd6b27db190
rsp            0x7fffbc217578	0x7fffbc217578
r8             0xa	10
r9             0x7fd6aa735800	140559959414784
r10            0x8	8
r11            0x202	514
r12            0x7fd6b0572d15	140560058232085
r13            0x7fd6b27dc1a0	140560094314912
r14            0x20	32
r15            0x33	51
rip            0x7fd6aee37ba5	0x7fd6aee37ba5 <raise+53>
eflags         0x202	[ IF ]
cs             0x33	51
ss             0x2b	43
ds             0x0	0
es             0x0	0
fs             0x0	0
gs             0x0	0
Dump of assembler code for function raise:
   0x00007fd6aee37b70 <+0>:	mov    %fs:0x2d4,%eax
   0x00007fd6aee37b78 <+8>:	mov    %fs:0x2d0,%esi
   0x00007fd6aee37b80 <+16>:	test   %esi,%esi
   0x00007fd6aee37b82 <+18>:	jne    0x7fd6aee37bb0 <raise+64>
   0x00007fd6aee37b84 <+20>:	mov    $0xba,%eax
   0x00007fd6aee37b89 <+25>:	syscall 
   0x00007fd6aee37b8b <+27>:	mov    %eax,%esi
   0x00007fd6aee37b8d <+29>:	mov    %eax,%fs:0x2d0
   0x00007fd6aee37b95 <+37>:	movslq %edi,%rdx
   0x00007fd6aee37b98 <+40>:	movslq %esi,%rsi
   0x00007fd6aee37b9b <+43>:	movslq %eax,%rdi
   0x00007fd6aee37b9e <+46>:	mov    $0xea,%eax
   0x00007fd6aee37ba3 <+51>:	syscall 
=> 0x00007fd6aee37ba5 <+53>:	cmp    $0xfffffffffffff000,%rax
   0x00007fd6aee37bab <+59>:	ja     0x7fd6aee37bbf <raise+79>
   0x00007fd6aee37bad <+61>:	repz retq 
   0x00007fd6aee37baf <+63>:	nop
   0x00007fd6aee37bb0 <+64>:	test   %eax,%eax
   0x00007fd6aee37bb2 <+66>:	jg     0x7fd6aee37b95 <raise+37>
   0x00007fd6aee37bb4 <+68>:	test   $0x7fffffff,%eax
   0x00007fd6aee37bb9 <+73>:	je     0x7fd6aee37bd0 <raise+96>
   0x00007fd6aee37bbb <+75>:	neg    %eax
   0x00007fd6aee37bbd <+77>:	jmp    0x7fd6aee37b95 <raise+37>
   0x00007fd6aee37bbf <+79>:	mov    0x37b272(%rip),%rdx        # 0x7fd6af1b2e38
   0x00007fd6aee37bc6 <+86>:	neg    %eax
   0x00007fd6aee37bc8 <+88>:	mov    %eax,%fs:(%rdx)
   0x00007fd6aee37bcb <+91>:	or     $0xffffffffffffffff,%rax
   0x00007fd6aee37bcf <+95>:	retq   
   0x00007fd6aee37bd0 <+96>:	mov    %esi,%eax
   0x00007fd6aee37bd2 <+98>:	jmp    0x7fd6aee37b95 <raise+37>
End of assembler dump.
Comment 1 Stef Walter 2013-04-12 06:41:16 UTC 
Can no longer reproduce.
Comment 2 Stef Walter 2013-05-13 16:50:31 UTC 
Pushed this to git master, which I hope will help us track down the problem:

commit c0ed48be0034296d19f9847845e93dec4b33efc8
Author: Stef Walter <stefw@redhat.com>
Date:   Mon May 13 18:34:38 2013 +0200

    Don't use the slice allocator for small memory allocations
    
    It's too hard to debug, and we need to have early failures
    on poor memory allocations. We also need valgrind to work
    well catching memory problems.
    
    https://bugs.freedesktop.org/show_bug.cgi?id=56157
Comment 3 Stef Walter 2016-04-14 08:02:15 UTC 
The issue seems to have been fixed.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.