638157 – python-augeas module segfault on saving /etc/samba/smb.conf

Bug 638157 - python-augeas module segfault on saving /etc/samba/smb.conf

Summary: python-augeas module segfault on saving /etc/samba/smb.conf

Keywords:
Status:	CLOSED DUPLICATE of bug 651992
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	augeas
Sub Component:
Version:	14
Hardware:	All
OS:	Linux
Priority:	low
Severity:	high
Target Milestone:	---
Assignee:	David Lutterkort
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2010-09-28 12:03 UTC by Sandro Bonazzola
Modified:	2013-04-30 23:42 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2010-11-22 09:07:38 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Sandro Bonazzola 2010-09-28 12:03:49 UTC

Description of problem:
python-augeas module segfault on saving /etc/samba/smb.conf

Version-Release number of selected component (if applicable):
python-augeas-0.3.0-5.fc14.noarch


How reproducible:
import augeas
global_target = None
augeas_instance = augeas.augeas()
for target in augeas_instance.match("/files/etc/samba/smb.conf/target[*]"):
  if augeas_instance.get(target) == "global":
    global_target = target
    break
augeas_instance.set(global_target+"/deadtime", "1")
augeas_instance.save()
augeas_instance.close()

Steps to Reproduce:
1. run the above python test code
2.
3.
  
Actual results:
Program terminated with signal 11, Segmentation fault.
#0  dict_pos (key=0x8924b50 "#comment", dict=<value optimized out>) at ast.c:132
132	        int cmp = strcmp(dict->nodes[m]->key, key);
(gdb) bt
#0  dict_pos (key=0x8924b50 "#comment", dict=<value optimized out>) at ast.c:132
#1  0x00ba4bcc in dict_lookup (key=0x8924b50 "#comment", dict=0x9429800, skel=0xbfa6d990, subdict=0xbfa6d98c) at ast.c:204
#2  0x00ba86cf in put_subtree (state=0xbfa6d97c, lens=<value optimized out>) at put.c:449
#3  0x00ba8238 in put_lens (lens=<value optimized out>, state=<value optimized out>) at put.c:624
#4  0x00ba82a0 in put_quant_star (lens=<value optimized out>, state=<value optimized out>) at put.c:544
#5  put_lens (lens=<value optimized out>, state=<value optimized out>) at put.c:627
#6  0x00ba8433 in put_concat (lens=<value optimized out>, state=<value optimized out>) at put.c:504
#7  put_lens (lens=<value optimized out>, state=<value optimized out>) at put.c:618
#8  0x00ba8c8d in lns_put (out=0x9f6f028, lens=0x9f250c8, tree=0x959b288, 
    text=0x9c6b8e8 "# This is the main Samba configuration file. For detailed information about the\n# options listed here, refer to the smb.conf(5) manual page. Samba has a huge\n# number of configurable options, most of "..., err=0xbfa6da20) at put.c:787
#9  0x00ba3ef9 in transform_save (aug=0x88f8d38, xfm=0xa176808, path=0xa172a08 "/files/etc/samba/smb.conf", tree=0x9f0bbf8) at transform.c:940
#10 0x00b88136 in tree_save (aug=0x88f8d38, tree=<value optimized out>, path=0xa170060 "/files/etc/samba") at augeas.c:1117
#11 0x00b88231 in tree_save (aug=0x88f8d38, tree=<value optimized out>, path=0xa172948 "/files/etc") at augeas.c:1121
#12 0x00b88231 in tree_save (aug=0x88f8d38, tree=<value optimized out>, path=0xbb4fdd "/files") at augeas.c:1121
#13 0x00b89850 in aug_save (aug=0x88f8d38) at augeas.c:1216


Expected results:
No segfault.

Additional info:

Comment 1 Sandro Bonazzola 2010-10-01 09:54:29 UTC

Any additional info needed?

Comment 2 Sandro Bonazzola 2010-10-04 11:54:39 UTC

This seems to be fixed upstream in their git repository by David Lutterkort. Just applying this fixed the segfault on my system:

--- augeas-0.7.3/src/transform.c.orig	2010-10-04 13:40:29.671031166 +0200
+++ augeas-0.7.3/src/transform.c	2010-10-04 13:41:08.451028361 +0200
@@ -1011,7 +1011,7 @@
     result = 1;

  done:
-    r = add_file_info(aug, path, lens, lens_name, filename);
+    r = add_file_info(aug, path, lens, lens_name, augorig);
     if (r < 0) {
         err_status = "file_info";
         result = -1;

Comment 3 Sandro Bonazzola 2010-10-04 12:17:19 UTC

(In reply to comment #2)
> This seems to be fixed upstream in their git repository by David Lutterkort.
> Just applying this fixed the segfault on my system:

Sorry, it wasn't the patch that fixed the issue. It seems that compiling with CFLAGS="-O0 -fno-strict-aliasing" solved the issue without any additional patch.

Comment 4 Sandro Bonazzola 2010-11-18 11:08:10 UTC

As said by Matthew Booth in commit c17cd53d8d4a643e4f7277da37d21dc3bade5ed6:
[quote]
Fix crasher in ast.c:dict_pos on i686 with gcc 4.5 and -O2
    
    This patch works around what appears to be an optimization bug in gcc 4.5. The
    symptom of the bug is that dict_pos, called from dict_lookup, receives an
    invalid value when accessing dict->used. The following ticket describes the bug,
    and includes a simple test case:
    
    https://fedorahosted.org/augeas/ticket/149
[/quote]

This could explain why compiling with -O0 fix the issue for me.

I'm going to test http://koji.fedoraproject.org/koji/taskinfo?taskID=2596688
that should include the c17cd53d8d4a643e4f7277da37d21dc3bade5ed6 git version.

Comment 5 Sandro Bonazzola 2010-11-18 11:15:15 UTC

I've tested http://koji.fedoraproject.org/koji/taskinfo?taskID=2596688
and it works for me.

On https://fedorahosted.org/augeas/ticket/149 upstream says that the committed c17cd53d8d4a643e4f7277da37d21dc3bade5ed6 differs from the kojy task build.
Could somebody build again augeas with c17cd53d8d4a643e4f7277da37d21dc3bade5ed6 ?

Removing external tracker because it points to cobbler instead of augeas :-(

Comment 6 Sandro Bonazzola 2010-11-22 07:06:26 UTC

Augeas-o.7.4 released 19-Nov-2010 fixing this issue.
http://augeas.net/download/augeas-0.7.4.tar.gz

Comment 7 Sandro Bonazzola 2010-11-22 09:07:38 UTC

Closing as duplicate of bug #651992

*** This bug has been marked as a duplicate of bug 651992 ***

Note You need to log in before you can comment on or make changes to this bug.