Actions
Bug #6620
closedmon: MDSMonitor/MDSMap: 'ceph report' leads to segfault on MDSMap::dump_info
% Done:
0%
Source:
Q/A
Tags:
Backport:
Regression:
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
Triggered at least on 0.67.4 and beyond. Happens for a store from burnupi02, not for other stores. Currently assessing whether this is due to store issues or if this is really a thing.
(gdb) bt
#0 0x00007ffff5e9e425 in __GI_raise (sig=<optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1 0x00007ffff5ea1b8b in __GI_abort () at abort.c:91
#2 0x00007ffff5edc39e in __libc_message (do_abort=2, fmt=0x7ffff5fe3e3f "*** %s ***: %s terminated\n")
at ../sysdeps/unix/sysv/linux/libc_fatal.c:201
#3 0x00007ffff5f72807 in __GI___fortify_fail (msg=0x7ffff5fe3dd6 "buffer overflow detected") at fortify_fail.c:32
#4 0x00007ffff5f71700 in __GI___chk_fail () at chk_fail.c:29
#5 0x00007ffff5f70b69 in _IO_str_chk_overflow (fp=<optimized out>, c=<optimized out>) at vsprintf_chk.c:35
#6 0x00007ffff5ee413d in _IO_default_xsputn (f=0x7ffff3c48750, data=<optimized out>, n=6) at genops.c:485
#7 0x00007ffff5eb2702 in _IO_vfprintf_internal (s=<optimized out>, format=<optimized out>, ap=<optimized out>) at vfprintf.c:1629
#8 0x00007ffff5f70c04 in ___vsprintf_chk (s=0x7ffff3c48980 "gid_69380", flags=1, slen=10, format=0x8606bf "gid_%llu",
args=0x7ffff3c48878) at vsprintf_chk.c:86
#9 0x00007ffff5f70b4d in ___sprintf_chk (s=<optimized out>, flags=<optimized out>, slen=<optimized out>, format=<optimized out>)
at sprintf_chk.c:33
#10 0x000000000069fd80 in sprintf (__fmt=0x8606bf "gid_%llu", __s=0x7ffff3c48980 "gid_69380")
at /usr/include/x86_64-linux-gnu/bits/stdio2.h:35
#11 MDSMap::dump (this=0x13c4c88, f=0x1e3a340) at mds/MDSMap.cc:118
#12 0x00000000005dff13 in MDSMonitor::dump_info (this=0x13c4c00, f=0x1e3a340) at mon/MDSMonitor.cc:530
#13 0x000000000056f31c in Monitor::handle_command (this=0x13c6000, m=0x1e50a00) at mon/Monitor.cc:2158
#14 0x000000000057779a in Monitor::dispatch (this=0x13c6000, s=0x139cc40, m=0x1e50a00, src_is_mon=<optimized out>)
at mon/Monitor.cc:2676
#15 0x00000000005759a4 in Monitor::_ms_dispatch (this=0x13c6000, m=0x1e50a00) at mon/Monitor.cc:2645
#16 0x000000000058f0f2 in Monitor::ms_dispatch (this=0x13c6000, m=0x1e50a00) at mon/Monitor.h:704
#17 0x00000000007ed569 in ms_deliver_dispatch (m=0x1e50a00, this=0x13c4000) at msg/Messenger.h:587
#18 DispatchQueue::entry (this=0x13c40e8) at msg/DispatchQueue.cc:123
#19 0x000000000071e5bd in DispatchQueue::DispatchThread::entry (this=<optimized out>) at msg/DispatchQueue.h:104
#20 0x00007ffff7957e9a in start_thread (arg=0x7ffff3c4a700) at pthread_create.c:308
#21 0x00007ffff5f5bcbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#22 0x0000000000000000 in ?? ()
Updated by Joao Eduardo Luis over 10 years ago
char s[10]; sprintf(s, "gid_%llu", (long long unsigned)p->first);
with p->first with 6 chars. That's all.
Updated by Joao Eduardo Luis over 10 years ago
- Status changed from In Progress to Pending Backport
0e8182edd850f061421777988974efbaa3575b9f
We should probably backport this to dumpling.
Updated by Joao Eduardo Luis over 10 years ago
wip-dumpling-backport-6620 , pr 1129
wip-cuttlefish-backport-6620, pr 1130
Updated by Joao Eduardo Luis over 10 years ago
- Status changed from Pending Backport to Resolved
This has been backported to both cuttlefish and dumpling.
Actions