Bug 189978

Summary: nscd crashes when receiving SIGHUP
Product: Red Hat Enterprise Linux 3 Reporter: Bastien Nocera <bnocera>
Component: glibcAssignee: Jakub Jelinek <jakub>
Status: CLOSED ERRATA QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: 3.0CC: aryeh.selekman, ezannoni
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: RHBA-2006-0453 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-07-20 14:29:03 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 181405    
Attachments:
Description Flags
glibc-nscd-SIGHUP-disabled-cache.patch none

Description Bastien Nocera 2006-04-26 12:37:47 UTC 
glibc 2.3.2-95.39

When nscd is running with "group" caching disabled, and one runs "service nscd
reload" (which just sends SIGHUP to the running daemon), nscd will crash.

I wasn't able to gather a useful backtrace on RHEL3, but here's the RHEL4
version of it (which doesn't need to have "group" caching disabled, defaults
will show the problem as well).

RHEL4 backtrace:
# gdb /usr/sbin/nscd
GNU gdb Red Hat Linux (6.3.0.0-1.120rh)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu"...Using host libthread_db
library "/lib/tls/libthread_db.so.1".

(gdb) handle SIGHUP pass
Signal        Stop      Print   Pass to program Description
SIGHUP        Yes       Yes     Yes             Hangup
(gdb) handle SIGHUP nostop
Signal        Stop      Print   Pass to program Description
SIGHUP        No        Yes     Yes             Hangup
(gdb) run -d
Starting program: /usr/sbin/nscd -d
[Thread debugging using libthread_db enabled]
[New Thread -1208215872 (LWP 2518)]
[New Thread -1210750032 (LWP 2521)]
[New Thread -1211802704 (LWP 2522)]
[New Thread -1212855376 (LWP 2523)]
[New Thread -1213908048 (LWP 2524)]
[New Thread -1214960720 (LWP 2525)]
[New Thread -1216013392 (LWP 2526)]
2518: handle_request: request received (Version = 2) from PID 2529
2518:   GETFDPW
2518: provide access to FD 7, for passwd
2518: handle_request: request received (Version = 2) from PID 2529
2518:   GETPWBYUID (500)
2518: Haven't found "500" in password cache!
2518: handle_request: request received (Version = 2) from PID 2529
2518:   GETPWBYNAME (root)
2518: Haven't found "root" in password cache!
2518: Reloading "weather.noaa.gov" in hosts cache!
2518: Reloading "ldap.devel.redhat.com" in hosts cache!
2518: Reloading "www.google.com" in hosts cache!
2518: Reloading "127.0.0.1" in hosts cache!
2518: handle_request: request received (Version = 2) from PID 2529
2518:   GETFDGR
2518: handle_request: request received (Version = 2) from PID 2529
2518:   INITGROUPS (root)

Program received signal SIGHUP, Hangup.
2518: remove GETPWBYUID entry "0"
2518: remove GETPWBYNAME entry "root"
2518: remove GETPWBYUID entry "500"

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1208215872 (LWP 2518)]
0x007fc2f6 in prune_cache (table=0x8050c0, now=2147483647) at cache.c:197
197       size_t cnt = table->head->module;
(gdb) bt
#0  0x007fc2f6 in prune_cache (table=0x8050c0, now=2147483647) at cache.c:197
#1  0x007f82d3 in sighup_handler (signum=1) at connections.c:1870
#2  <signal handler called>
#3  0x00be97a2 in _dl_sysinfo_int80 () at rtld.c:577
#4  0x001e703e in epoll_wait () from /lib/tls/libc.so.6
#5  0x007f69ad in start_threads () at connections.c:1611
#6  0x007f5512 in main (argc=2, argv=0xbff13744) at nscd.c:289
(gdb) thread apply all bt

Thread 7 (Thread -1216013392 (LWP 2526)):
#0  0x00be97a2 in _dl_sysinfo_int80 () at rtld.c:577
#1  0x00dc4b16 in pthread_cond_wait@@GLIBC_2.3.2 ()
  from /lib/tls/libpthread.so.0
#2  0x007f5b50 in nscd_run (p=0x5) at connections.c:1268
#3  0x00dc2371 in start_thread (arg=0xb7851bb0) at pthread_create.c:261
#4  0x001e69be in clone () from /lib/tls/libc.so.6

Thread 6 (Thread -1214960720 (LWP 2525)):
#0  0x00be97a2 in _dl_sysinfo_int80 () at rtld.c:577
#1  0x00dc4b16 in pthread_cond_wait@@GLIBC_2.3.2 ()
  from /lib/tls/libpthread.so.0
#2  0x007f5b50 in nscd_run (p=0x4) at connections.c:1268
#3  0x00dc2371 in start_thread (arg=0xb7952bb0) at pthread_create.c:261
#4  0x001e69be in clone () from /lib/tls/libc.so.6

Thread 5 (Thread -1213908048 (LWP 2524)):
#0  0x00be97a2 in _dl_sysinfo_int80 () at rtld.c:577
#1  0x00dc4b16 in pthread_cond_wait@@GLIBC_2.3.2 ()
  from /lib/tls/libpthread.so.0
#2  0x007f5b50 in nscd_run (p=0x3) at connections.c:1268
#3  0x00dc2371 in start_thread (arg=0xb7a53bb0) at pthread_create.c:261
#4  0x001e69be in clone () from /lib/tls/libc.so.6

Thread 4 (Thread -1212855376 (LWP 2523)):
#0  0x00be97a2 in _dl_sysinfo_int80 () at rtld.c:577
#1  0x00dc4d8c in pthread_cond_timedwait@@GLIBC_2.3.2 ()
   at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_timedwait.S:175
#2  0x007f5c73 in nscd_run (p=0x2) at connections.c:1254
#3  0x00dc2371 in start_thread (arg=0xb7b54bb0) at pthread_create.c:261
#4  0x001e69be in clone () from /lib/tls/libc.so.6

Thread 3 (Thread -1211802704 (LWP 2522)):
#0  0x00be97a2 in _dl_sysinfo_int80 () at rtld.c:577
#1  0x00dc4b16 in pthread_cond_wait@@GLIBC_2.3.2 ()
  from /lib/tls/libpthread.so.0
#2  0x007f5b50 in nscd_run (p=0x1) at connections.c:1268
#3  0x00dc2371 in start_thread (arg=0xb7c55bb0) at pthread_create.c:261
#4  0x001e69be in clone () from /lib/tls/libc.so.6

Thread 2 (Thread -1210750032 (LWP 2521)):
#0  0x00be97a2 in _dl_sysinfo_int80 () at rtld.c:577
#1  0x00dc4d8c in pthread_cond_timedwait@@GLIBC_2.3.2 ()
   at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_timedwait.S:175
#2  0x007f5c73 in nscd_run (p=0x0) at connections.c:1254
#3  0x00dc2371 in start_thread (arg=0xb7d56bb0) at pthread_create.c:261
#4  0x001e69be in clone () from /lib/tls/libc.so.6

Thread 1 (Thread -1208215872 (LWP 2518)):
#0  0x007fc2f6 in prune_cache (table=0x8050c0, now=2147483647) at cache.c:197
#1  0x007f82d3 in sighup_handler (signum=1) at connections.c:1870
#2  <signal handler called>
#3  0x00be97a2 in _dl_sysinfo_int80 () at rtld.c:577
#4  0x001e703e in epoll_wait () from /lib/tls/libc.so.6
#5  0x007f69ad in start_threads () at connections.c:1611
#6  0x007f5512 in main (argc=2, argv=0xbff13744) at nscd.c:289
(gdb) frame 0
#0  0x007fc2f6 in prune_cache (table=0x8050c0, now=2147483647) at cache.c:197
197       size_t cnt = table->head->module;
(gdb) list
192        free the data structures since some hash table entries share the
same193        data.  */
194     void
195     prune_cache (struct database_dyn *table, time_t now)
196     {
197       size_t cnt = table->head->module;
198
199       /* If this table is not actually used don't do anything.  */
200       if (cnt == 0)
201         return;
Comment 2 Jakub Jelinek 2006-04-26 13:01:48 UTC 
Created attachment 128251 [details]
glibc-nscd-SIGHUP-disabled-cache.patch

Guess this patch ought to cure it.
Comment 3 Jakub Jelinek 2006-04-26 13:05:03 UTC 
*** Bug 189750 has been marked as a duplicate of this bug. ***
Comment 10 Jakub Jelinek 2006-05-01 12:21:24 UTC 
Should be fixed in glibc-2.3.2-95.40 in dist-3.0E-qu-candidate.
Comment 16 Red Hat Bugzilla 2006-07-20 14:29:04 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2006-0453.html