#9138 [Tracker] named-pkcs11 can crash on restart
Opened 2 years ago by brianjmurrell. Modified 2 years ago

Description of problem:
During the weekly log processing, named-pkcs11 failed to [re-]start:

Apr 10 03:18:40 server named-pkcs11[4055230]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.b.9.f.f.4.6.0.0.ip6.arpa/IN: (master) removed
Apr 10 03:18:40 server named-pkcs11[4055230]: reloading configuration succeeded
Apr 10 03:18:40 server named-pkcs11[4055230]: reloading zones succeeded
Apr 10 03:18:40 server sh[1898975]: server reload successful
Apr 10 03:18:40 server systemd[1]: Reloaded Berkeley Internet Name Domain (DNS) with native PKCS#11.
Apr 10 03:18:41 server named-pkcs11[4055230]: ldap_helper.c:3767: INSIST(task == inst->task) failed, back trace
Apr 10 03:18:41 server named-pkcs11[4055230]: #0 0x55681471fa54 in ??
Apr 10 03:18:41 server named-pkcs11[4055230]: #1 0x7f48d4ee6fd0 in ??
Apr 10 03:18:41 server named-pkcs11[4055230]: #2 0x7f48c3d21fa8 in ??
Apr 10 03:18:41 server named-pkcs11[4055230]: #3 0x7f48d4f0e0ef in ??
Apr 10 03:18:41 server named-pkcs11[4055230]: #4 0x7f48d230417a in ??
Apr 10 03:18:41 server named-pkcs11[4055230]: #5 0x7f48d1ccbdc3 in ??
Apr 10 03:18:41 server named-pkcs11[4055230]: exiting (due to assertion failure)
Apr 10 03:22:10 server systemd[1]: named-pkcs11.service: Main process exited, code=killed, status=6/ABRT
Apr 10 03:22:10 server systemd[1]: named-pkcs11.service: Failed with result 'signal'.

Version-Release number of selected component (if applicable):
bind-pkcs11-9.11.26-6.el8.x86_64

How reproducible:
Unknown

Steps to Reproduce:
N/A

Actual results:
named-pkcs11 crashes on restart

Expected results:
named-pkcs11 should be able to restart reliably

Additional info:
Simply restarting it a few hours later, after it has been noticed as having failed to restart and it started successfully.

Sadly, this is the SECOND major release of EL in which one could not rely on named-pkcs11 being able to start reliably. For almost the entire release cycle of EL7, named-pkcs11 was unable to restart reliably.

This track record makes it very difficult to use this package with any confidence and without hacks like:

[Service]
Restart=on-failure

in it's unit file. I had hoped to put the above to bed with the upgrade to EL8 but I guess I will have to re-instate it until this can be fixed.


I'm adding the Tracker label because the issue has also been reported in BZ #2073771 against RHEL 8 / bind-dyndb-ldap component.

Metadata Update from @frenaud:
- Issue tagged with: tracker

2 years ago

Metadata Update from @frenaud:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=2073771

2 years ago

Login to comment on this ticket.

Metadata