I think that the segfault happens in the DBus library. It is possible that we use the library wrong, but it is also possible there is a bug in the DBus library itself.
Requested information was not provided and we were not able to fully reproduce this bug, therefore closing. Please feel free to reopen if the issue still occurs and if there is a working reproducer available.
Hello, I'm reopening this BZ due to being able to reproduce using the reproducer below: 1. Create a broken target trying to run after multi-user.target, but still wanting multi-user.target -------- 8< ---------------- 8< ---------------- 8< ---------------- 8< -------- # cat /etc/systemd/system/broken.target [Unit] Description=Broken target killing oscap's /usr/libexec/openscap/probe_systemdunitdependency After=multi-user.target Wants=multi-user.target [Install] WantedBy=multi-user.target -------- 8< ---------------- 8< ---------------- 8< ---------------- 8< -------- 2. Reload systemd and enable the target -------- 8< ---------------- 8< ---------------- 8< ---------------- 8< -------- # systemctl daemon-reload # systemctl enable broken.target -------- 8< ---------------- 8< ---------------- 8< ---------------- 8< -------- 3. Execute oscap -------- 8< ---------------- 8< ---------------- 8< ---------------- 8< -------- # oscap xccdf eval --fetch-remote-resources --profile xccdf_org.ssgproject.content_profile_stig-rhel7-disa --rule xccdf_org.ssgproject.content_rule_service_firewalld_enabled /usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml Downloading: https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL7.xml.bz2 ... ok Title Verify firewalld Enabled Rule xccdf_org.ssgproject.content_rule_service_firewalld_enabled Ident CCE-27361-5 --> sits there -------- 8< ---------------- 8< ---------------- 8< ---------------- 8< -------- Result: dbus is heavily used, systemd also, /usr/libexec/openscap/probe_systemdunitdependency consumes more and more memory and later dies with segfault (due to stack overflow) "top" output: -------- 8< ---------------- 8< ---------------- 8< ---------------- 8< -------- PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 2800 dbus 20 0 68480 2604 1888 S 50.0 0.3 2:27.72 dbus-daemon 1 root 20 0 54408 6720 4204 S 37.0 0.7 1:52.14 systemd 3447 root 20 0 581228 312784 3616 S 12.3 30.8 0:33.44 probe_systemdun -------- 8< ---------------- 8< ---------------- 8< ---------------- 8< --------
A fix has been proposed to upstream in https://github.com/OpenSCAP/openscap/pull/1474
This bug has been fixed in upstream in https://github.com/OpenSCAP/openscap/pull/1474.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (openscap bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:3914