5108 – --delete causes: segfault at 00000000fffffff9 rip 00002af8229bb6ab rsp 00007fff88788830 error 4

Bug 5108 - --delete causes: segfault at 00000000fffffff9 rip 00002af8229bb6ab rsp 00007fff88788830 error 4

Summary: --delete causes: segfault at 00000000fffffff9 rip 00002af8229bb6ab rsp 00007f...

Status:	RESOLVED FIXED

Alias:	None

Product:	rsync
Classification:	Unclassified
Component:	core (show other bugs)
Version:	2.6.9
Hardware:	x64 Linux

Importance:	P3 normal (vote)
Target Milestone:	---
Assignee:	Wayne Davison
QA Contact:	Rsync QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2007-11-26 05:11 UTC by Georg Koltermann
Modified:	2007-12-15 10:26 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Georg Koltermann 2007-11-26 05:11:05 UTC

hunter[111]$ rsync -aAH --delete . /tmp/gwk
rsync: connection unexpectedly closed (2430 bytes received so far) [sender]
rsync error: error in rsync protocol data stream (code 12) at io.c(454) [sender=2.6.9]
hunter[112]$ dmesg | tail -1
[ 9674.001620] rsync[9223]: segfault at 00000000fffffff9 rip 00002ad4686596ab rsp 00007fff42aeab90 error 4

hunter[113]$ uname -a
Linux hunter.localhost 2.6.22-14-generic #1 SMP Sun Oct 14 21:45:15 GMT 2007 x86_64 GNU/Linux

Note I was unable to run the rsync deamon in debugging mode as described
on your web page.  Every attempt to start the daemon would immediately exit
with RC=1, no error message.

I was also unable to turn on core dumps.  ulimit -c unlimited had no effect.

If I use --delete-during or --delete-after, the problem does not seem to
occur.

Comment 1 Matt McCutchen 2007-11-26 21:29:06 UTC

Please run rsync under gdb to obtain a backtrace for where the crash occurs.  If your copy of rsync doesn't have debug info, obtain one that does or install the debug info.  The following thread has some tips about how to isolate the rsync process that is causing the problem from among the three:

http://lists.samba.org/archive/rsync/2007-August/018206.html

> Note I was unable to run the rsync deamon in debugging mode as described
> on your web page.  Every attempt to start the daemon would immediately exit
> with RC=1, no error message.

That's because you aren't using an rsync daemon.  Just run your original rsync command under gdb or "strace -f".

Comment 2 Georg Koltermann 2007-11-27 02:06:36 UTC

hunter[15]$ gdb rsync
GNU gdb 6.6-debian
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu"...
(no debugging symbols found)
Using host libthread_db library "/lib/libthread_db.so.1".
(gdb) set follow-fork-mode ask
Undefined item: "ask".
(gdb) set follow-fork-mode ask
Undefined item: "ask".
(gdb) catch fork
Catchpoint 1 (fork)
(gdb) r  -aAH --delete . /tmp/gwk
Starting program: /usr/bin/rsync -aAH --delete . /tmp/gwk
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)

Catchpoint 1 (forked process 8329), 0x00002b808e33b3ab in fork () from /lib/libc.so.6
(gdb) set follow-fork-mode child
(gdb) c
Continuing.
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
[Switching to process 8329]

Catchpoint 1 (forked process 8334), 0x00002b808e33b3ab in fork () from /lib/libc.so.6
(gdb) set follow-fork-mode parent
(gdb) c
Continuing.

Program received signal SIGSEGV, Segmentation fault.
0x00002b808e3166ab in free () from /lib/libc.so.6
(gdb) where
#0  0x00002b808e3166ab in free () from /lib/libc.so.6
#1  0x0000000000424d51 in ?? ()
#2  0x0000000000425225 in ?? ()
#3  0x000000000041fe98 in ?? ()
#4  0x0000000000404da6 in ?? ()
#5  0x000000000041f638 in ?? ()
#6  0x0000000000407ce5 in ?? ()
#7  0x00000000004107fd in ?? ()
#8  0x0000000000410f59 in ?? ()
#9  0x0000000000411fc5 in ?? ()
#10 0x0000000000426f45 in ?? ()
#11 0x00000000004118d3 in ?? ()
#12 0x00002b808e2beb44 in __libc_start_main () from /lib/libc.so.6
#13 0x0000000000403bc9 in ?? ()
#14 0x00007fff1ce323c8 in ?? ()
#15 0x0000000000000000 in ?? ()
(gdb) 

It appears there are no symbols.  Where can I get a version of rsync
that contains symbols?  I'm running Ubuntu 7.10.  All I could find at the
rsync site was RPMs.

Comment 3 Matt McCutchen 2007-11-27 07:45:22 UTC

To get the symbols: https://wiki.ubuntu.com/DebuggingProgramCrash .  I found this by Googling "ubuntu debug info" and following a few links.

The "free" suggests that the crash you are seeing may actually be the same one discussed in the thread I linked, which has been fixed in the development version of rsync.  Please try again with the latest development version of rsync.

Comment 4 Georg Koltermann 2007-11-27 09:18:55 UTC

Trying with rsync 3.0.0pre5 built locally, I get:

hunter[32]$ rsync -aAH --delete . /tmp/gwk
rsync: ACLs are not supported on this client
rsync error: syntax or usage error (code 1) at main.c(1441) [client=3.0.0pre5]

So... I run w/o -A, and then it succeeds.

Now... if I run the Ubuntu version (2.6.9) w/o -A, then it _also_ succeeds. :-)

So in the end the segfault was just a funny way of telling me it did not
have ACL support?  Bah.  (I don't need ACL support.  I had simply copied
the invocation incantation somewhere else.)

Thanks for the help.

Comment 5 Wayne Davison 2007-12-15 10:26:58 UTC

Data suggests that this was a bug that was already fixed.