Bug 1121496 - Inadyn-mt 2.24.40-1.fc20 segfaults on start [NEEDINFO]
Summary: Inadyn-mt 2.24.40-1.fc20 segfaults on start
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: inadyn-mt
Version: 20
Hardware: x86_64
OS: Linux
unspecified
urgent
Target Milestone: ---
Assignee: Jochen Schmitt
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-07-21 06:09 UTC by Markus Dobel
Modified: 2015-01-30 04:39 UTC (History)
4 users (show)

Fixed In Version: inadyn-mt-2.24.43-1.fc21
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-01-30 04:30:47 UTC
mike: needinfo? (jochen)


Attachments (Terms of Use)
fix inadyn_ip.cache file log output segfault on startup (3.08 KB, patch)
2014-08-06 06:48 UTC, Bryan Hoover
no flags Details | Diff
decouple cache file writes/reads from cache data structure update (7.92 KB, patch)
2014-08-07 19:22 UTC, Bryan Hoover
no flags Details | Diff
decouple cache file writes/reads from cache data structure update (7.96 KB, patch)
2014-08-08 06:04 UTC, Bryan Hoover
no flags Details | Diff

Description Markus Dobel 2014-07-21 06:09:47 UTC
Description of problem:

since the update of inadyn the service crashes on startup with a segfault. Downgrading to 2.24.36-12.fc20 fixes the issue for me.

Version-Release number of selected component (if applicable):
Fedora 20
inadyn-mt-2.24.40-1.fc20


How reproducible:
for me: always

Steps to Reproduce:
1. update to the said version
2. start inadyn (via systemd or just by typing "inadyn"

# inadyn
Fri Jul 18 14:01:20 2014: S:INADYN: Started 'inadyn-mt version 02.24.40_audible' - dynamic DNS updater.
Fri Jul 18 14:01:20 2014: W:INADYN: Address, alias pairs read from cache file (/var/cache/inadyn-mt/inadyn_ip.cache):
Segmentation fault


3. 

Actual results:
Segmentation fault when starting inadyn

Expected results:
Inadyn starts

Additional info:
Downgrading to inadyn-mt-2.24.36-12.fc20 fixes this issue

Configuration (anonymized)

--username      $USERNAME
--password      $PASSWORD
--alias         $HOSTNAME1,$HASH1 ip4
--alias         $HOSTNAME2,$HASH2 ip6
--alias         $HOSTNAME2,$HASH3 ip4
--update_period_sec     300
--forced_update_period  604800
--syslog
--dyndns_system default@freedns.afraid.org
--ip_server_name ip6.me /
--verbose 5


When starting 2.24.40 with gdb, and then issuing a backtrace, this is the output:


gdb inadyn
GNU gdb (GDB) Fedora 7.7.1-15.fc20
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from inadyn...Reading symbols from /usr/lib/debug/usr/sbin/inadyn.debug...done.
done.
(gdb) run
Starting program: /usr/sbin/inadyn
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Fri Jul 18 14:19:32 2014: S:INADYN: Started 'inadyn-mt version 02.24.40_audible' - dynamic DNS updater.
Fri Jul 18 14:19:32 2014: W:INADYN: Address, alias pairs read from cache file (/var/cache/inadyn-mt/inadyn_ip.cache):

Program received signal SIGSEGV, Segmentation fault.
0x0000003cd7c490cf in _IO_vfprintf_internal (s=s@entry=0x7fffffffc6f0, format=<optimized out>, format@entry=0x7fffffffc860 "W:INADYN: %s %s:%s %s...\n", ap=ap@entry=0x7fffffffd898)
    at vfprintf.c:1635
1635              process_string_arg (((struct printf_spec *) NULL));
(gdb) bt
#0  0x0000003cd7c490cf in _IO_vfprintf_internal (s=s@entry=0x7fffffffc6f0, format=<optimized out>, format@entry=0x7fffffffc860 "W:INADYN: %s %s:%s %s...\n", ap=ap@entry=0x7fffffffd898)
    at vfprintf.c:1635
#1  0x0000003cd7d043f5 in ___vsnprintf_chk (s=s@entry=0x7fffffffd8b0 "W:INADYN: 111.222.333.444 ", maxlen=<optimized out>, maxlen@entry=2047, flags=flags@entry=1,
    slen=slen@entry=18446744073709551615, format=0x7fffffffc860 "W:INADYN: %s %s:%s %s...\n", args=args@entry=0x7fffffffd898) at vsnprintf_chk.c:63
#2  0x0000000000408800 in vsnprintf (__ap=0x7fffffffd898, __fmt=<optimized out>, __n=2047, __s=0x7fffffffd8b0 "W:INADYN: 111.222.333.444 ") at /usr/include/bits/stdio2.h:77
#3  formatted_message (message=message@entry=0x7fffffffd8b0 "W:INADYN: 111.222.333.444 ", fmt=fmt@entry=0x411e32 "W:INADYN: %s %s:%s %s...\n", args=args@entry=0x7fffffffd898,
    is_wide=<optimized out>, buff_size=2048) at os.c:276
#4  0x0000000000408b3f in os_printf (prio=4, fmt=0x411e32 "W:INADYN: %s %s:%s %s...\n") at os.c:526
#5  0x00000000004038b8 in read_ip_cache (p_dyndns=<optimized out>) at dyndns.c:1443
#6  0x000000000040613f in init_update_loop (p_dyndns=<optimized out>, argc=<optimized out>, argv=<optimized out>, p_data=<optimized out>, init_flag=<optimized out>) at dyndns.c:3596
#7  0x00000000004063f1 in dyn_dns_main (p_dyndns=<optimized out>, argc=<optimized out>, argv=<optimized out>) at dyndns.c:3671
#8  0x00000000004086fe in inadyn_main (argc=argc@entry=1, argv=argv@entry=0x7fffffffe518) at main.c:103
#9  0x000000000040225e in main (argc=1, argv=0x7fffffffe518) at os_unix.c:227

Comment 1 Markus Dobel 2014-08-05 09:08:56 UTC
After a short mail from the developer of inadyn-mt I think I found the cause and also a solution.

Main reason for the crash: The cache file format (inadyn_ip.cache) changed between *.36 and *.40 and the service crashes when reading old format files. 

Before:
11.11.11.11 hostname.domain:ipv4
After:
11.11.11.11 hostname.domain:ipv4 freedns.afraid.org

Seems like the reading function does not handle the missing dyndns server name at the end of the line, which simply was not there in *.36. 


Additional hiccups (fedora package specific): 

1. The location of the cache file changed from /tmp to /var/cache/inadyn-mt between *.36 and *.40 and there seems no migration script to move exisiting files on update. So I am not sure how they got there in the first place, I might have copied them there myself.

2. The service runs as UID "nobody" now. The cache folder seems to be created 0755 with owner "root", which makes it impossible for inadyn to create its cache files there. This might be the reason, why I have copied them there. Without write permissions, and the files missing, the service does not crash, but I am not sure what it does without the files.


Workaround:

What fixed the crash for me, and also let inadyn create its cache files again: 

  rm /var/cache/inadyn-mt/*
  chown nobody /var/cache/inadyn-mt

And let the service recreate the cache files on start.



Permanent fixes:

What needs to be fixed in the fedora RPM:

The creation mode or owner for /var/cache/inadyn-mt, so the user "nobody" can write to it. Or maybe also a new user for inadyn instead of using "nobody"?. I think the reason for this change was to make these files more permanent than on a tmpfs. Without write permissions they are actually much less permanent now :-)

What should be fixed upstream:

Fix handling of "corrupt" cache files -- especially if the "corruption" is because of a format change between versions, the service should not crash (but ignore/delete the files instead). 


Regards, 
Markus

Comment 2 Bryan Hoover 2014-08-06 06:48:00 UTC
Created attachment 924363 [details]
fix inadyn_ip.cache file log output segfault on startup

Comment 3 Bryan Hoover 2014-08-06 06:48:58 UTC
Thanks Markus!

It's good to see impact here should be minimal since cache files were moved to /var/cache/inadyn-mt.  

Nevertheless this is much appreciated, especially for users outside present context.

I'm attaching a patch that pivots on cache read, and address/alias pairs output, depending on whether the server name is there as per post v.02.24.38.

Bryan

Comment 4 Bryan Hoover 2014-08-07 19:18:05 UTC
And for our edification - of which one can never have enough, for MY money - I'm attaching another patch - it includes the first.

It addresses Markus' question of what inadyn-mt does if it can't write - it would continue to update ddns at the configured or default update interval.  

So I've decoupled ip cache writes/reads from ip cache data structure updates - the structure is now updated at same time cache file write attempts are done.

I tested both these patches, and found no problems.  Your posting here if any problems, questions, comments, etcetera much appreciated

Regards,
Bryan

Comment 5 Bryan Hoover 2014-08-07 19:22:42 UTC
Created attachment 925011 [details]
decouple cache file writes/reads from cache data structure update

Includes previous patch posted here, inadyn-mt-cache-00-02.24.40.patch.

Comment 6 Bryan Hoover 2014-08-08 06:04:34 UTC
Created attachment 925085 [details]
decouple cache file writes/reads from cache data structure update

Fixes missing curly brace spanning conditional in function update_update_state, which broke updates for dual ip stack alias type 'coupled', in previous patch, inadyn-mt-cache-01-02.24.40.patch.

Comment 7 Michael Cronenworth 2014-12-15 22:38:14 UTC
Jochen, the latest upstream version includes Bryan's fix. Can you push a 2.24.43 update?

Comment 8 Fedora Update System 2015-01-20 02:37:37 UTC
inadyn-mt-2.24.43-1.fc21 has been submitted as an update for Fedora 21.
https://admin.fedoraproject.org/updates/inadyn-mt-2.24.43-1.fc21

Comment 9 Fedora Update System 2015-01-20 02:50:22 UTC
inadyn-mt-2.24.43-1.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/inadyn-mt-2.24.43-1.fc20

Comment 10 Fedora Update System 2015-01-20 21:02:45 UTC
Package inadyn-mt-2.24.43-1.fc20:
* should fix your issue,
* was pushed to the Fedora 20 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing inadyn-mt-2.24.43-1.fc20'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2015-0917/inadyn-mt-2.24.43-1.fc20
then log in and leave karma (feedback).

Comment 11 Fedora Update System 2015-01-30 04:30:47 UTC
inadyn-mt-2.24.43-1.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 12 Fedora Update System 2015-01-30 04:39:05 UTC
inadyn-mt-2.24.43-1.fc21 has been pushed to the Fedora 21 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.