Bug 1404560 - Client machine is experiencing consistent segfaults of sssd_be process when attempting to start sssd.service
Summary: Client machine is experiencing consistent segfaults of sssd_be process when a...
Keywords:
Status: CLOSED DUPLICATE of bug 1392444
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: sssd
Version: 7.3
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: SSSD Maintainers
QA Contact: Steeve Goveas
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-12-14 06:16 UTC by fjayalat
Modified: 2020-01-17 16:20 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-12-14 08:33:51 UTC
Target Upstream Version:


Attachments (Terms of Use)

Description fjayalat 2016-12-14 06:16:37 UTC
Description of problem:

Client machine is experiencing consistent segfaults of sssd_be process when attempting to start sssd.service

~~~

Backtrace :


Core was generated by `/usr/libexec/sssd/sssd_be --domain astellasrwi.eu --uid 0 --gid 0 --debug-to-fi'.
Program terminated with signal 11, Segmentation fault.


#0  0x00007f1e0f5c32a2 in ad_subdom_reinit (subdoms_ctx=subdoms_ctx@entry=0x7f1e1f7b99a0) at src/providers/ad/ad_subdomains.c:626
626	    canonicalize = dp_opt_get_bool(


(gdb) bt
#0  0x00007f1e0f5c32a2 in ad_subdom_reinit (subdoms_ctx=subdoms_ctx@entry=0x7f1e1f7b99a0) at src/providers/ad/ad_subdomains.c:626
#1  0x00007f1e0f5c4fb3 in ad_subdomains_init (mem_ctx=<optimized out>, be_ctx=0x7f1e1f764040, ad_id_ctx=<optimized out>, dp_methods=0x7f1e1f7b9700) at src/providers/ad/ad_subdomains.c:1528
#2  0x00007f1e1e5262d6 in dp_target_run_constructor (be_ctx=0x7f1e1f764040, target=0x7f1e1f781fd0) at src/providers/data_provider/dp_targets.c:246
#3  dp_target_init (target=0x7f1e1f781fd0, modules=0x7f1e1f781af0, provider=0x7f1e1f7801e0, be_ctx=0x7f1e1f764040) at src/providers/data_provider/dp_targets.c:358
#4  dp_load_targets (modules=0x7f1e1f781af0, targets=0x7f1e1f781bb0, provider=0x7f1e1f7801e0, be_ctx=0x7f1e1f764040) at src/providers/data_provider/dp_targets.c:484
#5  dp_init_targets (mem_ctx=mem_ctx@entry=0x7f1e1f7801e0, be_ctx=be_ctx@entry=0x7f1e1f764040, provider=provider@entry=0x7f1e1f7801e0, modules=0x7f1e1f781af0) at src/providers/data_provider/dp_targets.c:530
#6  0x00007f1e1e52566b in dp_init (ev=0x7f1e1f75c610, be_ctx=be_ctx@entry=0x7f1e1f764040, uid=<optimized out>, gid=0) at src/providers/data_provider/dp.c:120
#7  0x00007f1e1e51dc77 in be_process_init (mem_ctx=<optimized out>, be_domain=0x7f1e1f75b170 "astellasrwi.eu", uid=<optimized out>, gid=0, ev=0x7f1e1f75c610, cdb=0x7f1e1f75db70) at src/providers/data_provider_be.c:450
#8  0x00007f1e1e51ca59 in main (argc=8, argv=<optimized out>) at src/providers/data_provider_be.c:562
(gdb)





-------------------------

Piece of relevant code :

    626     if (subdoms_ctx->ad_id_ctx->ad_options->auth_ctx != NULL
    627             && subdoms_ctx->ad_id_ctx->ad_options->auth_ctx->opts != NULL) {
    628         canonicalize = dp_opt_get_bool(
    629                              subdoms_ctx->ad_id_ctx->ad_options->auth_ctx->opts,
    630                              KRB5_CANONICALIZE);
    631     } else {
    632         DEBUG(SSSDBG_CONF_SETTINGS, "Auth provider data is not available, "
    633                                     "most probably because the auth provider "
    634                                     "is not 'ad'. Kerberos configuration "
    635                                     "snippet to set the 'canonicalize' option "
    636                                     "will not be created.\n");
    637     }



(gdb) p *subdoms_ctx->ad_id_ctx->ad_options
$4 = {basic = 0x7f1e1f7a3270, service = 0x7f1e1f7a6340, id = 0x7f1e1f7a6ac0, id_ctx = 0x7f1e1f7a65e0, auth_ctx = 0x0, be_res = 0x0, dyndns_ctx = 0x7f1e1f7a3d10}

(gdb) p *subdoms_ctx->ad_id_ctx->ad_options
$5 = {basic = 0x7f1e1f7a3270, service = 0x7f1e1f7a6340, id = 0x7f1e1f7a6ac0, id_ctx = 0x7f1e1f7a65e0, auth_ctx = 0x0, be_res = 0x0, dyndns_ctx = 0x7f1e1f7a3d10}


(gdb) p *subdoms_ctx->ad_id_ctx->ad_options->auth_ctx
Cannot access memory at address 0x0

~~~

By doing initial investigation it appears if skipped assuming its always true and passing on a NULL value to dp_opt_get_bool ().

Version-Release number of selected component (if applicable):
sssd-1.14.0-43.el7_3.4.x86_64


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 2 Sumit Bose 2016-12-14 08:33:51 UTC
This is most probably a duplicate of https://bugzilla.redhat.com/show_bug.cgi?id=1392444. Please see the work-around 'auth_provider = ad' and the discussion about ticket validation if login fails after the change.

*** This bug has been marked as a duplicate of bug 1392444 ***


Note You need to log in before you can comment on or make changes to this bug.