Description of problem: ldap-agent crashes on start with signal SIGSEGV, Segmentation fault. Version-Release number of selected component (if applicable): 389-ds-base-1.2.10.2-1.fc16.x86_64 How reproducible: Steps to Reproduce: 1. /usr/sbin/ldap-agent-bin /etc/dirsrv/config/ldap-agent.conf Actual results: Program received signal SIGSEGV, Segmentation fault. Expected results: Supposed to start. Additional info: # cat /etc/dirsrv/config/ldap-agent.conf agentx-master /var/agentx/master agent-logdir /var/log/dirsrv server slapd-CASTLE-AIMK-COM server slapd-PKI-IPA # strace /usr/sbin/ldap-agent-bin /etc/dirsrv/config/ldap-agent.conf ... open("/etc/dirsrv/config/ldap-agent.conf", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=1059, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fdcf7ad0000 read(3, "# The agentx-master setting defi"..., 4096) = 1059 open("/etc/dirsrv/slapd-CASTLE-AIMK-COM/dse.ldif", O_RDONLY) = 4 fstat(4, {st_mode=S_IFREG|0600, st_size=88044, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fdcf7acf000 read(4, "dn:\nobjectClass: top\naci: (targe"..., 4096) = 4096 open("/etc/dirsrv/slapd-PKI-IPA/dse.ldif", O_RDONLY) = 5 fstat(5, {st_mode=S_IFREG|0600, st_size=107311, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fdcf7ace000 read(5, "dn:\nobjectClass: top\naci: (targe"..., 4096) = 4096 --- {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0} (Segmentation fault) --- +++ killed by SIGSEGV (core dumped) +++ Segmentation fault (core dumped) # gdb --args /usr/sbin/ldap-agent-bin /etc/dirsrv/config/ldap-agent.conf GNU gdb (GDB) Fedora (7.3.50.20110722-10.fc16) ... Reading symbols from /usr/sbin/ldap-agent-bin...Reading symbols from /usr/lib/debug/usr/sbin/ldap-agent-bin.debug...done. done. (gdb) run Starting program: /usr/sbin/ldap-agent-bin /etc/dirsrv/config/ldap-agent.conf [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". Program received signal SIGSEGV, Segmentation fault. __strcpy_ssse3 () at ../sysdeps/x86_64/multiarch/strcpy-ssse3.S:2473 2473 movl %eax, (%rdx) Missing separate debuginfos, use: debuginfo-install bzip2-libs-1.0.6-3.fc15.x86_64 elfutils-libelf-0.152-1.fc16.x86_64 keyutils-libs-1.5.2-1.fc16.x86_64 libacl-2.2.51-2.fc16.x86_64 libattr-2.4.46-2.fc16.x86_64 libcap-2.22-1.fc15.x86_64 libselinux-2.1.6-6.fc16.x86_64 lua-5.1.4-9.fc16.x86_64 nss-softokn-freebl-3.13.1-15.fc16.x86_64 nss-util-3.13.1-3.fc16.x86_64 perl-libs-5.14.2-195.fc16.x86_64 popt-1.13-9.fc16.x86_64 xz-libs-5.1.1-1alpha.fc16.x86_64 zlib-1.2.5-6.fc16.x86_64 (gdb) info stack #0 __strcpy_ssse3 () at ../sysdeps/x86_64/multiarch/strcpy-ssse3.S:2473 #1 0x000000396c63bfff in ldif_read_record (lfp=0x60b890, lno=0x7fffffffd27c, bufp=0x7fffffffd250, buflenp=0x7fffffffd278) at /usr/include/bits/string3.h:105 #2 0x000000000040259f in load_config (conf_path=<optimized out>) at ldap/servers/snmp/main.c:404 #3 0x0000000000401cb6 in main (argc=<optimized out>, argv=<optimized out>) at ldap/servers/snmp/main.c:102
Upstream ticket: https://fedorahosted.org/389/ticket/319
Would you mind sharing your /etc/dirsrv/slapd-PKI-IPA/dse.ldif file here as an attachment? The subagent process is crashing when trying to read some configuration attributes from the dse.ldif, so perhaps it is encountering something it doesn't like in your specific config file.
Created attachment 571264 [details] The file that the agent fails to parse
Alexander, sorry to have to ask for more information, but can you also provide the file: /etc/dirsrv/config/ldap-agent.conf ? Initial analysis, it looks like we are crashing reading the first entry from the dse.ldif read(5, "dn:\nobjectClass: top\naci: (targe"..., 4096) = 4096 --- {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0} (Segmentation fault) --- +++ killed by SIGSEGV (core dumped) +++ Segmentation fault (core dumped) dn: objectClass: top aci: (targetattr != "aci")(version 3.0; aci "rootdse anon read access"; allow( read,search,compare) userdn="ldap:///anyone";) creatorsName: cn=server,cn=plugins,cn=config modifiersName: cn=server,cn=plugins,cn=config createTimestamp: 20110917235009Z modifyTimestamp: 20110917235009Z This is the standard root dse entry, which yours was not modified. Very strange that we are crashing here. Anyway, if you can get me that file I would really appreciate it. Thanks, Mark
Sorry I just saw you pasted the conf file at the top of the bug. Nevermind... Mark
(In reply to comment #4) > Alexander, sorry to have to ask for more information, but can you also provide > the file: /etc/dirsrv/config/ldap-agent.conf ? > > Initial analysis, it looks like we are crashing reading the first entry from > the dse.ldif Not necessarily. It's reading a large buffer (4096) then parsing it - so it may be then 1st entry or the 10th entry or the 100th entry. Can you provide a stack trace? > > read(5, "dn:\nobjectClass: top\naci: (targe"..., 4096) = 4096 > --- {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0} (Segmentation fault) --- > +++ killed by SIGSEGV (core dumped) +++ > Segmentation fault (core dumped) > > dn: > objectClass: top > aci: (targetattr != "aci")(version 3.0; aci "rootdse anon read access"; allow( > read,search,compare) userdn="ldap:///anyone";) > creatorsName: cn=server,cn=plugins,cn=config > modifiersName: cn=server,cn=plugins,cn=config > createTimestamp: 20110917235009Z > modifyTimestamp: 20110917235009Z > > This is the standard root dse entry, which yours was not modified. Very > strange that we are crashing here. > > Anyway, if you can get me that file I would really appreciate it. > > Thanks, > Mark
Alex, Can you find out what version of openldap you are using? rpm -qi openldap Thanks, Mark
(In reply to comment #6) > Can you provide a stack trace? It is in the comment #1 (gdb) info stack #0 __strcpy_ssse3 () at ../sysdeps/x86_64/multiarch/strcpy-ssse3.S:2473 #1 0x000000396c63bfff in ldif_read_record (lfp=0x60b890, lno=0x7fffffffd27c, bufp=0x7fffffffd250, buflenp=0x7fffffffd278) at /usr/include/bits/string3.h:105 #2 0x000000000040259f in load_config (conf_path=<optimized out>) at ldap/servers/snmp/main.c:404 #3 0x0000000000401cb6 in main (argc=<optimized out>, argv=<optimized out>) at ldap/servers/snmp/main.c:102 (In reply to comment #7) > Can you find out what version of openldap you are using? # rpm -qi openldap Name : openldap Version : 2.4.26 Release : 6.fc16 Architecture: x86_64 Install Date: Fri 09 Mar 2012 12:57:04 AM CST Group : System Environment/Daemons Size : 789889 License : OpenLDAP Signature : RSA/SHA256, Wed 01 Feb 2012 07:48:28 AM CST, Key ID 067f00b6a82ba4b7 Source RPM : openldap-2.4.26-6.fc16.src.rpm Build Date : Tue 31 Jan 2012 11:44:36 AM CST Build Host : x86-04.phx2.fedoraproject.org Relocations : (not relocatable) Packager : Fedora Project Vendor : Fedora Project URL : http://www.openldap.org/ Summary : LDAP support libraries Description : OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. Name : openldap Version : 2.4.26 Release : 6.fc16 Architecture: i686 Install Date: Fri 09 Mar 2012 01:10:41 AM CST Group : System Environment/Daemons Size : 806485 License : OpenLDAP Signature : RSA/SHA256, Wed 01 Feb 2012 09:14:11 AM CST, Key ID 067f00b6a82ba4b7 Source RPM : openldap-2.4.26-6.fc16.src.rpm Build Date : Tue 31 Jan 2012 11:44:21 AM CST Build Host : x86-06.phx2.fedoraproject.org Relocations : (not relocatable) Packager : Fedora Project Vendor : Fedora Project URL : http://www.openldap.org/ Summary : LDAP support libraries Description : OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. The openldap package contains configuration files, libraries, and documentation for OpenLDAP.
OK the version of open ldap I usedis actually older: Name : openldap Relocations: (not relocatable) Version : 2.4.23 Vendor: Red Hat, Inc. Release : 20.el6 Build Date: Tue 04 Oct 2011 07:48:15 AM EDT Install Date: Wed 21 Dec 2011 09:15:50 PM EST Build Host: x86-010.build.bos.redhat.com Group : System Environment/Daemons Source RPM: openldap-2.4.23-20.el6.src.rpm Size : 779076 License: OpenLDAP Signature : RSA/8, Mon 07 Nov 2011 02:37:10 AM EST, Key ID 199e2f91fd431d51 Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> URL : http://www.openldap.org/ Summary : LDAP support libraries Also, I could not reproduce the crash with your dse.ldif. Still investigating... Mark
I have the exact same setup, but I can not reproduce the crash: [root@nec-em11 ~]# rpm -qi openldap Name : openldap Version : 2.4.26 Release : 6.fc16 Architecture: x86_64 Install Date: Thu 22 Mar 2012 09:55:03 AM EDT Group : System Environment/Daemons Size : 789889 License : OpenLDAP Signature : RSA/SHA256, Wed 01 Feb 2012 08:48:28 AM EST, Key ID 067f00b6a82ba4b7 Source RPM : openldap-2.4.26-6.fc16.src.rpm Build Date : Tue 31 Jan 2012 12:44:36 PM EST Build Host : x86-04.phx2.fedoraproject.org Relocations : (not relocatable) Packager : Fedora Project Vendor : Fedora Project URL : http://www.openldap.org/ Summary : LDAP support libraries Description : OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. Name : openldap Version : 2.4.26 Release : 6.fc16 Architecture: i686 Install Date: Thu 22 Mar 2012 03:37:45 PM EDT Group : System Environment/Daemons Size : 806485 License : OpenLDAP Signature : RSA/SHA256, Wed 01 Feb 2012 10:14:11 AM EST, Key ID 067f00b6a82ba4b7 Source RPM : openldap-2.4.26-6.fc16.src.rpm Build Date : Tue 31 Jan 2012 12:44:21 PM EST Build Host : x86-06.phx2.fedoraproject.org Relocations : (not relocatable) Packager : Fedora Project Vendor : Fedora Project URL : http://www.openldap.org/ Summary : LDAP support libraries Description : OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. Can you reproduce this everytime? What about with a new default instance of DS? Have you ever used Valgrind before? I might ask you to do this, but not yet. Continuing investigation. Mark
Can you also get me the output from: [1] ldd /usr/sbin/ldap-agent-bin [2] rpm -qi glibc [3] cat /proc/cpuinfo Thanks, Mark
(In reply to comment #11) > Can you reproduce this everytime? It seems to crash if there are 2 servers in the config, like this server slapd-CASTLE-AIMK-COM server slapd-PKI-IPA On another hand, if I comment out any one it works, like this #server slapd-CASTLE-AIMK-COM server slapd-PKI-IPA or server slapd-CASTLE-AIMK-COM #server slapd-PKI-IPA > What about with a new default instance of DS? If you want me to try it explain how to create the default instance. > Have you ever used Valgrind before? No. Will do if you point me to the right direction. (In reply to comment #12) > Can you also get me the output from: > > [1] ldd /usr/sbin/ldap-agent-bin # ldd /usr/sbin/ldap-agent-bin linux-vdso.so.1 => (0x00007fff321ec000) libldap-2.4.so.2 => /usr/lib64/libldap-2.4.so.2 (0x000000396c600000) liblber-2.4.so.2 => /usr/lib64/liblber-2.4.so.2 (0x000000396c200000) libsasl2.so.2 => /usr/lib64/libsasl2.so.2 (0x000000396a600000) libssl3.so => /usr/lib64/libssl3.so (0x0000003967600000) libnss3.so => /usr/lib64/libnss3.so (0x0000003965a00000) libplc4.so => /lib64/libplc4.so (0x0000003965200000) libplds4.so => /lib64/libplds4.so (0x0000003965e00000) libnspr4.so => /lib64/libnspr4.so (0x0000003966600000) libnetsnmpmibs.so.30 => /usr/lib64/libnetsnmpmibs.so.30 (0x000000395aa00000) libsensors.so.4 => /usr/lib64/libsensors.so.4 (0x000000395a200000) libdl.so.2 => /lib64/libdl.so.2 (0x0000003957600000) librpm.so.2 => /usr/lib64/librpm.so.2 (0x0000003959e00000) librpmio.so.2 => /usr/lib64/librpmio.so.2 (0x0000003959a00000) libnetsnmpagent.so.30 => /usr/lib64/libnetsnmpagent.so.30 (0x0000003958e00000) libwrap.so.0 => /lib64/libwrap.so.0 (0x0000003970000000) libnetsnmp.so.30 => /usr/lib64/libnetsnmp.so.30 (0x000000395be00000) libssl.so.10 => /usr/lib64/libssl.so.10 (0x0000003963600000) libcrypto.so.10 => /lib64/libcrypto.so.10 (0x000000395f600000) libm.so.6 => /lib64/libm.so.6 (0x0000003957e00000) libpthread.so.0 => /lib64/libpthread.so.0 (0x0000003957200000) libc.so.6 => /lib64/libc.so.6 (0x0000003956e00000) libresolv.so.2 => /lib64/libresolv.so.2 (0x0000003959200000) libsmime3.so => /usr/lib64/libsmime3.so (0x0000003967200000) libnssutil3.so => /usr/lib64/libnssutil3.so (0x0000003965600000) libcrypt.so.1 => /lib64/libcrypt.so.1 (0x0000003961600000) libz.so.1 => /lib64/libz.so.1 (0x0000003958200000) libperl.so => /usr/lib64/perl5/CORE/libperl.so (0x000000395ca00000) libnsl.so.1 => /lib64/libnsl.so.1 (0x000000396ae00000) libutil.so.1 => /lib64/libutil.so.1 (0x000000396a200000) /lib64/ld-linux-x86-64.so.2 (0x0000003956a00000) libbz2.so.1 => /lib64/libbz2.so.1 (0x0000003963200000) libelf.so.1 => /usr/lib64/libelf.so.1 (0x0000003959600000) liblzma.so.5 => /usr/lib64/liblzma.so.5 (0x0000003966a00000) libpopt.so.0 => /lib64/libpopt.so.0 (0x0000003967a00000) libselinux.so.1 => /lib64/libselinux.so.1 (0x0000003958a00000) libcap.so.2 => /lib64/libcap.so.2 (0x000000395a600000) libacl.so.1 => /lib64/libacl.so.1 (0x0000003969200000) liblua-5.1.so => /usr/lib64/liblua-5.1.so (0x000000396d200000) libdb-4.8.so => /lib64/libdb-4.8.so (0x0000003964600000) librt.so.1 => /lib64/librt.so.1 (0x0000003957a00000) libgcc_s.so.1 => /lib64/libgcc_s.so.1 (0x0000003958600000) libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x0000003960a00000) libkrb5.so.3 => /lib64/libkrb5.so.3 (0x000000395fe00000) libcom_err.so.2 => /lib64/libcom_err.so.2 (0x000000395f200000) libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x0000003960200000) libfreebl3.so => /lib64/libfreebl3.so (0x0000003963a00000) libattr.so.1 => /lib64/libattr.so.1 (0x0000003964e00000) libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x000000395fa00000) libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x000000395ea00000) > [2] rpm -qi glibc # rpm -qi glibc Name : glibc Version : 2.14.90 Release : 24.fc16.6 Architecture: x86_64 Install Date: Sat 10 Mar 2012 11:59:50 PM CST Group : System Environment/Libraries Size : 13677058 License : LGPLv2+ and LGPLv2+ with exceptions and GPLv2+ Signature : RSA/SHA256, Tue 21 Feb 2012 01:20:18 PM CST, Key ID 067f00b6a82ba4b7 Source RPM : glibc-2.14.90-24.fc16.6.src.rpm Build Date : Mon 20 Feb 2012 10:51:40 PM CST Build Host : x86-09.phx2.fedoraproject.org Relocations : (not relocatable) Packager : Fedora Project Vendor : Fedora Project URL : http://www.gnu.org/software/glibc/ Summary : The GNU libc libraries Description : The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets of shared libraries: the standard C library and the standard math library. Without these two libraries, a Linux system will not function. > [3] cat /proc/cpuinfo # cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 23 model name : Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz stepping : 6 microcode : 0x60f cpu MHz : 3000.000 cache size : 6144 KB physical id : 0 siblings : 2 core id : 0 cpu cores : 2 apicid : 0 initial apicid : 0 fpu : yes fpu_exception : yes cpuid level : 10 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx lm constant_tsc arch_perfmon pebs bts rep_good nopl aperfmperf pni dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm sse4_1 lahf_lm dts tpr_shadow vnmi flexpriority bogomips : 5999.31 clflush size : 64 cache_alignment : 64 address sizes : 36 bits physical, 48 bits virtual power management: processor : 1 vendor_id : GenuineIntel cpu family : 6 model : 23 model name : Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz stepping : 6 microcode : 0x60f cpu MHz : 2000.000 cache size : 6144 KB physical id : 0 siblings : 2 core id : 1 cpu cores : 2 apicid : 1 initial apicid : 1 fpu : yes fpu_exception : yes cpuid level : 10 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx lm constant_tsc arch_perfmon pebs bts rep_good nopl aperfmperf pni dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm sse4_1 lahf_lm dts tpr_shadow vnmi flexpriority bogomips : 5999.06 clflush size : 64 cache_alignment : 64 address sizes : 36 bits physical, 48 bits virtual power management:
Alex, Having two servers in the ldap-agent.conf was the trick to reproducing the crash. Continuing investigation... Thanks, Mark
When using openldap, we were not resetting the buffer length between dse.ldif files. So we end passing in a huge buffer length for the first line of the new file, which leads to invalid memory being read later on. Fix is out for review... Mark
Fedora 16 changed to end-of-life (EOL) status on 2013-02-12. Fedora 16 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. Thank you for reporting this bug and we are sorry it could not be fixed.