-
-
Notifications
You must be signed in to change notification settings - Fork 44
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to use debuginfod server to fetch executable/debuginfo/sources for C++ binary crash #1415
Comments
Just reading through, this does not seem like a specific issue that pertains towards self-hosted Sentry. I will transfer this over to symbolicator |
I believe your DNS resolves to any one of these ranges, which is then resulting in such errors: symbolicator/crates/symbolicator-service/src/utils/http.rs Lines 13 to 28 in 63555b8
You should be able to set the I think enabling this setting should be reasonable in self-hosted, as you control the whole infra and events, so there shouldn’t be any possibility of leaking internal requests via things like source context, etc. |
Hello, |
I added the configuration in the symbolicator/config.yml file in the Sentry self-hosted source bundle:
After restarting the docker-compose stack the "download failed: destination is restricted" error was gone. Side questions if I may:
|
I assume you are using the Sentry-provided Symbolicator Docker image? Otherwise, we have recently added a per-source configuration that skips certificate validation, like so: Similarly, the Glad to hear things are working out otherwise, I will close this issue then. |
@Swatinem Correct, I'm not sure we want to expose this setting to users. |
Self-Hosted Version
24.2.0
CPU Architecture
x86_64
Docker Version
20.10.23
Docker Compose Version
2.15.1
Steps to Reproduce
I have a demo C++ program
sentry_crash
that I am using to try the Sentry native crash reporting feature.It uses the Sentry Native SDK 0.7.0, and is compiled from the source file sentry_crash.cpp:
I have a processing script that creates a debuginfo archive that I upload on our internal debuginfod server at https://debuginfod.company.com:
Once this archive is uploaded and processed on the debuginfod server, I can query it successfully using
debuginfod-find
:I have configured this debuginfod instance as SymbolServer Repository on my Sentry project:
Expected Result
After the
sentry_crash
binary is executed, I expect the native crash issue reported in Sentry to be symbolicated and the source context to be available.Actual Result
It seems that Sentry is not able to pull data from the debuginfod server:
I manually uploaded the sentry_crash binary using the Sentry CLI:
It was still not able to report a symbolicated issue with source context.
In the Debug Files Candidates view I found that Sentry seemed to contact the debuginfod server with the correct build ID but failed with an error: "download failed: destination is restricted":
I disabled SSL on the debuginfod server with the same result.
I tried to serve the files with a plain HTTP server after reading in the doc that "The files need to reside under buildid/ on the server." but it did not change anything:
Manually downloading the file was possible from the server hosting the Sentry stack:
I only managed to get a symbolicated stack with source context after manually uploading the files with the Sentry CLI:
Is there anything obvious I missed regarding the debuginfod support by Sentry ?
I followed this documentation: Symbol Servers (debuginfod)
I found later that Symbolicator does not support fetching sources from debuginfod: symbolicator: symbol-server-compatibility
Related issue for Symbolicator: #445
Thank you.
Event ID
No response
The text was updated successfully, but these errors were encountered: