segmentation fault in sssd after upgrade to sssd-1.13.3-22.el6.x86_64 when upgrading cache

[sssd-bot]

Cloned from Pagure issue: https://pagure.io/SSSD/sssd/issue/3023

• Created at 2016-05-26 17:53:57 by jhrozek
• Closed as Fixed
• Assigned to pcech
• Associated bugzillas
  • https://bugzilla.redhat.com/show_bug.cgi?id=1338619

---

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 6): Bug 1338619

Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.

Description of problem:
A customer has reported a segmentation fault in the sssd process which occurs
after upgrading to sssd-1.13.3-22.el6.x86_64. Downgrading to 1.12.4-47 works
around the bug.

~~~
Core was generated by `/usr/sbin/sssd -f -D'.
Program terminated with signal 11, Segmentation fault.
#0  0x00007f9927b0ebd1 in sysdb_user_base_dn (mem_ctx=0x2276e20, dom=0x2269390)
at src/db/sysdb.c:178
178         return ldb_dn_new_fmt(mem_ctx, dom->sysdb->ldb,
(gdb) bt
#0  0x00007f9927b0ebd1 in sysdb_user_base_dn (mem_ctx=0x2276e20, dom=0x2269390)
at src/db/sysdb.c:178
#1  0x00007f9927b213f3 in sysdb_upgrade_10 (sysdb=0x226de40, domain=0x2269390,
ver=0x7fff577e2d48) at src/db/sysdb_upgrade.c:1048
#2  0x00007f9927b11fb8 in sysdb_domain_init_internal (mem_ctx=<value optimized
out>, domain=0x2269390, db_path=<value optimized out>,
    allow_upgrade=true, _ctx=0x7fff577e2dc8) at src/db/sysdb.c:1239
#3  0x00007f9927b12185 in sysdb_init_ext (mem_ctx=0x225f700, domains=<value
optimized out>, allow_upgrade=true, chown_dbfile=true, uid=0,
    gid=0) at src/db/sysdb.c:1384
#4  0x0000000000409a3c in monitor_process_init (argc=3, argv=<value optimized
out>) at src/monitor/monitor.c:2401
#5  main (argc=3, argv=<value optimized out>) at src/monitor/monitor.c:3060
(gdb) i thr
* 1 Thread 0x7f9925e51700 (LWP 26468)  0x00007f9927b0ebd1 in sysdb_user_base_dn
(mem_ctx=0x2276e20, dom=0x2269390) at src/db/sysdb.c:178
(gdb)
~~~

From my analysis of the coredump:
~~~
(gdb) p *dom
$2 = {name = 0x2268750 "default", conn_name = 0x2268750 "default", provider =
0x2269790 "ldap", timeout = 0, enumerate = false,
  sd_enumerate = 0x22681f0, fqnames = false, mpg = false, ignore_group_members
= false, id_min = 1, id_max = 0, cache_credentials = false,
  cache_credentials_min_ff_length = 8, legacy_passwords = false, case_sensitive
= true, case_preserve = true, override_gid = 0,
  override_homedir = 0x0, fallback_homedir = 0x0, subdomain_homedir = 0x22695a0
"/home/%d/%u", homedir_substr = 0x0, override_shell = 0x0,
  default_shell = 0x0, user_timeout = 5400, group_timeout = 5400,
netgroup_timeout = 5400, service_timeout = 5400, autofsmap_timeout = 5400,
  sudo_timeout = 5400, ssh_host_timeout = 5400, refresh_expired_interval = 0,
subdomain_refresh_interval = 14400, cached_auth_timeout = 0,
  pwd_expiration_warning = -1, sysdb = 0x0, names = 0x0, parent = 0x0,
subdomains = 0x0, realm = 0x0, flat_name = 0x0, domain_id = 0x0,
  trust_direction = 0, subdomains_last_checked = {tv_sec = 0, tv_usec = 0},
has_views = false, view_name = 0x0, prev = 0x0, next = 0x0,
  state = DOM_ACTIVE, sd_inherit = 0x0, forest = 0x0, forest_root = 0x0}
(gdb) p *dom->sysdb->ldb
Cannot access memory at address 0x0
(gdb) p *dom->sysdb
Cannot access memory at address 0x0
(gdb) list
183                                   struct sss_domain_info *dom, const char
*name)
184     {
185         errno_t ret;
186         char *clean_name;
187         struct ldb_dn *dn;
188
189         ret = sysdb_dn_sanitize(NULL, name, &clean_name);
190         if (ret != EOK) {
191             return NULL;
192         }

(gdb) f 1
#1  0x00007f9927b213f3 in sysdb_upgrade_10 (sysdb=0x226de40, domain=0x2269390,
ver=0x7fff577e2d48) at src/db/sysdb_upgrade.c:1048
1048        basedn = sysdb_user_base_dn(tmp_ctx, domain);
(gdb) p *sysdb
$4 = {ldb = 0x226dc60, ldb_file = 0x2277130
"/var/lib/sss/db/cache_default.ldb"}
~~~

I have asked the customer for a copy of their /var/lib/sss/db directory for
local analysis.

Since it appears to be a problem in upgrading the cache db, I have asked them
to delete /var/lib/sss/db/cache_default.ldb and start sssd to check if it fixes
the issue.


Version-Release number of selected component (if applicable):
sssd-1.13.3-22.el6.x86_64


How reproducible:
Quite frequently in the customer environment (but not all upgrades fail).


Steps to Reproduce:
1. upgrade from sssd-1.12.4-47 to sssd-1.13.3-22.el6
2. service sssd restart
3.

Actual results:
segmentation fault in sssd process


Expected results:
sssd does not segfault.


Additional info:
The abrt coredumps are attached.

Comments

---

Comment from jhrozek at 2016-06-01 18:14:41

Fields changed

blockedby: =>
blocking: =>
changelog: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
mark: no => 0
milestone: NEEDS_TRIAGE => SSSD 1.15 beta
review: True => 0
selected: =>
testsupdated: => 0

---

Comment from pcech at 2016-06-16 06:53:36

Fields changed

owner: somebody => pcech

---

Comment from pcech at 2016-06-16 06:53:47

Fields changed

status: new => assigned

---

Comment from pcech at 2016-06-20 15:22:10

Fields changed

patch: 0 => 1

---

Comment from lslebodn at 2016-07-11 12:00:32

master:

• 3118362

sssd-1-13:

• 0a7784d

milestone: SSSD 1.16 beta => SSSD 1.13.5
resolution: => fixed
status: assigned => closed

---

Comment from jhrozek at 2017-02-24 14:28:20

Metadata Update from @jhrozek:

• Issue assigned to pcech
• Issue set to the milestone: SSSD 1.13.5