Bug 1540624

This bug report has Keywords: Regression or TestBlocker.
Since no regressions or test blockers are allowed between releases, it is also being identified as a blocker for this release. Please resolve ASAP.

I was unable to reproduce this on my local env where I had copied all extensions from the brq-setup.

On inspection of the engine and server logs on brq-setup the core problem seems to be StackOverflowError during org.ovirt.engine.api.extensions.ExtMap.toString. 

Caused by: java.lang.StackOverflowError
	at java.util.regex.Pattern$Curly.match(Pattern.java:4229) [rt.jar:1.8.0_161]
	at java.util.regex.Pattern$GroupHead.match(Pattern.java:4660) [rt.jar:1.8.0_161]
	at java.util.regex.Pattern$Branch.match(Pattern.java:4606) [rt.jar:1.8.0_161]
	at java.util.regex.Pattern$BranchConn.match(Pattern.java:4570) [rt.jar:1.8.0_161]
	at java.util.regex.Pattern$GroupTail.match(Pattern.java:4719) [rt.jar:1.8.0_161]
	at java.util.regex.Pattern$Curly.match0(Pattern.java:4281) [rt.jar:1.8.0_161]
	at java.util.regex.Pattern$Curly.match(Pattern.java:4236) [rt.jar:1.8.0_161]
	at java.util.regex.Pattern$GroupHead.match(Pattern.java:4660) [rt.jar:1.8.0_161]
	at java.util.regex.Pattern$Branch.match(Pattern.java:4606) [rt.jar:1.8.0_161]
	at java.util.regex.Pattern$Branch.match(Pattern.java:4604) [rt.jar:1.8.0_161]
	at java.util.regex.Pattern$BmpCharProperty.match(Pattern.java:3800) [rt.jar:1.8.0_161]
	at java.util.regex.Pattern$Start.match(Pattern.java:3463) [rt.jar:1.8.0_161]
	at java.util.regex.Matcher.search(Matcher.java:1248) [rt.jar:1.8.0_161]
	at java.util.regex.Matcher.find(Matcher.java:664) [rt.jar:1.8.0_161]
	at java.util.Formatter.parse(Formatter.java:2549) [rt.jar:1.8.0_161]
	at java.util.Formatter.format(Formatter.java:2501) [rt.jar:1.8.0_161]
	at java.util.Formatter.format(Formatter.java:2455) [rt.jar:1.8.0_161]
	at java.lang.String.format(String.java:2940) [rt.jar:1.8.0_161]
	at org.ovirt.engine.api.extensions.ExtUUID.toString(ExtUUID.java:72) [ovirt-engine-extensions-api.jar:]
	at java.util.Formatter$FormatSpecifier.printString(Formatter.java:2886) [rt.jar:1.8.0_161]
	at java.util.Formatter$FormatSpecifier.print(Formatter.java:2763) [rt.jar:1.8.0_161]
	at java.util.Formatter.format(Formatter.java:2520) [rt.jar:1.8.0_161]
	at java.util.Formatter.format(Formatter.java:2455) [rt.jar:1.8.0_161]
	at java.lang.String.format(String.java:2940) [rt.jar:1.8.0_161]
	at org.ovirt.engine.api.extensions.ExtKey.toString(ExtKey.java:120) [ovirt-engine-extensions-api.jar:]
	at java.lang.String.valueOf(String.java:2994) [rt.jar:1.8.0_161]
	at java.lang.StringBuilder.append(StringBuilder.java:131) [rt.jar:1.8.0_161]
	at org.ovirt.engine.api.extensions.ExtMap.toString(ExtMap.java:76) [ovirt-engine-extensions-api.jar:]
	at java.lang.String.valueOf(String.java:2994) [rt.jar:1.8.0_161]
	at java.lang.StringBuilder.append(StringBuilder.java:131) [rt.jar:1.8.0_161]
	at java.util.AbstractCollection.toString(AbstractCollection.java:462) [rt.jar:1.8.0_161]
	at java.lang.String.valueOf(String.java:2994) [rt.jar:1.8.0_161]
	at java.lang.StringBuilder.append(StringBuilder.java:131) [rt.jar:1.8.0_161]
	at org.ovirt.engine.api.extensions.ExtMap.toString(ExtMap.java:83) [ovirt-engine-extensions-api.jar:]
	at java.lang.String.valueOf(String.java:2994) [rt.jar:1.8.0_161]
	at java.lang.StringBuilder.append(StringBuilder.java:131) [rt.jar:1.8.0_161]
	at java.util.AbstractCollection.toString(AbstractCollection.java:462) [rt.jar:1.8.0_161]
	at java.lang.String.valueOf(String.java:2994) [rt.jar:1.8.0_161]
	at java.lang.StringBuilder.append(StringBuilder.java:131) [rt.jar:1.8.0_161]
	at org.ovirt.engine.api.extensions.ExtMap.toString(ExtMap.java:83) [ovirt-engine-extensions-api.jar:]

Verified on ovirt-engine-4.2.2-0.1.el7.noarch

User from ipa domain can login without problems to webadmin.

I can still reproduce this using a user from IPA domain that has recursion in it's groups.
For example:
User A is in group B which is part of group C which is part of group D which is part of group B.

(In reply to Petr Matyáš from comment #5)
> I can still reproduce this using a user from IPA domain that has recursion
> in it's groups.
> For example:
> User A is in group B which is part of group C which is part of group D which
> is part of group B.

Sounds like a buggy LDAP configuration - so I'm removing the blocker flag. Since I know the bot will return it because it's a regression, I'm removing the regression keyword...

INFO: Bug status wasn't changed from MODIFIED to ON_QA due to the following reason:

[Tag 'ovirt-engine-4.2.3' doesn't contain patch 'https://gerrit.ovirt.org/87616']
gitweb: https://gerrit.ovirt.org/gitweb?p=ovirt-engine.git;a=shortlog;h=refs/tags/ovirt-engine-4.2.3

For more info please contact: infra

(In reply to RHV Bugzilla Automation and Verification Bot from comment #7)
> INFO: Bug status wasn't changed from MODIFIED to ON_QA due to the following
> reason:
> 
> [Tag 'ovirt-engine-4.2.3' doesn't contain patch
> 'https://gerrit.ovirt.org/87616']
> gitweb:
> https://gerrit.ovirt.org/gitweb?p=ovirt-engine.git;a=shortlog;h=refs/tags/
> ovirt-engine-4.2.3
> 
> For more info please contact: infra

Wrong, https://gerrit.ovirt.org/87616 has been merged to ovirt-engine-4.2 branch on Feb 14th 2018

Verified on ovirt-engine-4.2.3-0.1.el7.noarch

This bugzilla is included in oVirt 4.2.3 release, published on May 4th 2018.

Since the problem described in this bug report should be
resolved in oVirt 4.2.3 release, it has been closed with a resolution of CURRENT RELEASE.

If the solution does not work for you, please open a new bug report.