Created attachment 598995 [details] ifcfg-em1 sample that causes a segfault Description of problem: NetworkNanager segfaults if a shell variable in /etc/sysconfig/network-scripts/ifcfg-$iface is multi-line. /bin/sh (bash) accepts this, ifcfg-rh accepts this, maybe, but NetworkManager crashes and the system becomes NIC-unmanaged. Upon boot, all interfaces are down; this is very bad for headless in-the-cloud usage. Version-Release number of selected component (if applicable): $ uname -a Linux mybox 3.4.4-4.fc16.i686 #1 SMP Thu Jul 5 20:58:10 UTC 2012 i686 i686 i386 GNU/Linux $ rpm -q -f /usr/sbin/NetworkManager NetworkManager-0.9.4-6.git20120521.fc16.i686 How reproducible: 100% Steps to Reproduce: 1a. use ifcfg-em1.sample 1b. see the segfault 2a. use ifcfg.fixed 2b. see NetworkManager function Actual results: NetworkManager[20046]: segfault at 9b12000 ip 46fbbd93 sp bfa02738 error 4 in libc-2.14.90.so[46f3b000+1a7000] Expected results: NetworkManager manages interfaces Additional info: for attachments included nearby. $ diff ifcfg-em1.{segfault,fixed} 37,40c37 < IPV6ADDR_SECONDARIES=" < 2001:0123:4567:89ab:0123:45ff:fe67:89ab/64 < 2001:4567:89ab:cdef:0123:45ff:fe67:89ab/64 < " --- > IPV6ADDR_SECONDARIES=" 2001:0123:4567:89ab:0123:45ff:fe67:89ab/64 2001:4567:89ab:cdef:0123:45ff:fe67:89ab/64 " $ sudo gdb /usr/sbin/NetworkManager /var/spool/abrt/ccpp-2012-07-18-13:13:04-20046/coredump GNU gdb (GDB) Fedora (7.3.50.20110722-13.fc16) Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i686-redhat-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /usr/sbin/NetworkManager...Reading symbols from /usr/lib/debug/usr/sbin/NetworkManager.debug...done. done. [New LWP 20046] [New LWP 20047] [New LWP 20048] [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/libthread_db.so.1". Core was generated by `/usr/sbin/NetworkManager --no-daemon'. Program terminated with signal 11, Segmentation fault. #0 __memmove_ia32 () at ../sysdeps/i386/i686/memmove.S:77 77 2: rep Missing separate debuginfos, use: debuginfo-install libffi-3.0.10-1.fc16.i686 libgcc-4.6.3-2.fc16.i686 libselinux-2.1.6-6.fc16.i686 nss-softokn-3.13.4-1.fc16.i686 nss-softokn-freebl-3.13.4-1.fc16.i686 sqlite-3.7.7.1-1.fc16.i686 zlib-1.2.5-6.fc16.i686 (gdb) where #0 __memmove_ia32 () at ../sysdeps/i386/i686/memmove.S:77 #1 0xb64d0aeb in svUnescape (s=0x9afe8c0 "") at /usr/include/bits/string3.h:58 #2 0xb64d0e78 in svGetValue (s=0x9adb848, key=0xb64e6e03 "IPV6ADDR_SECONDARIES", verbatim=0) at shvar.c:209 #3 0xb64d9536 in make_ip6_setting (error=0xbfa02868, iscsiadm_path=0xb64e6bf3 "/sbin/iscsiadm", network_file=0xb64e58e5 "/etc/sysconfig/network", ifcfg=0x9adb848) at reader.c:1570 #4 connection_from_file (filename=0x9add3a8 "/etc/sysconfig/network-scripts/ifcfg-em1", network_file=0xb64e58e5 "/etc/sysconfig/network", test_type=0x0, iscsiadm_path=0xb64e6bf3 "/sbin/iscsiadm", unmanaged=0xbfa02910, keyfile=0xbfa02914, routefile=0xbfa02918, route6file=0xbfa0291c, out_error=0xbfa02978, ignore_error=0xbfa0297c) at reader.c:4085 #5 0xb64d0708 in nm_ifcfg_connection_new ( full_path=0x9add3a8 "/etc/sysconfig/network-scripts/ifcfg-em1", source=0x0, error=0xbfa02978, ignore_error=0xbfa0297c) at nm-ifcfg-connection.c:119 #6 0xb64ce9f4 in _internal_new_connection (self=0x9ad6c90, path=0x9add3a8 "/etc/sysconfig/network-scripts/ifcfg-em1", source=0x0, error=0x0) at plugin.c:128 #7 0xb64cf0be in read_connections (plugin=0x9ad6c90) at plugin.c:182 #8 0xb64cf2d6 in get_unmanaged_specs (config=0x9ad6c90) at plugin.c:442 #9 0x080e4790 in nm_system_config_interface_get_unmanaged_specs (config=0x9ad6c90) at nm-system-config-interface.c:146 #10 0x080e05d0 in unmanaged_specs_changed (config=0x0, user_data=0x9abad18) at nm-settings.c:491 #11 0x080e3ae0 in nm_settings_new ( ---Type <return> to continue, or q <return> to quit--- config_file=0x9abbe98 "/etc/NetworkManager/NetworkManager.conf", plugins=0x9abbedc, error=0xbfa02de0) at nm-settings.c:1760 #12 0x08063417 in main (argc=1, argv=0xbfa02eb4) at main.c:578 (gdb) <aside> <different bug report> The larger issue here is that the ifcfg-* system is parsed by many systems, not all of which obey the same conventions. We know of at least: bash via /etc/sysconfig/network-scripts/* scripting NetworkManager via /usr/lib/NetworkManager/libnm-settings-plugin-ifcfg-rh.so This shows up often in the different syntax required for route-$iface and route6-$iface </different bug report> </aside> The segfault is indicated in /var/log/messages as: Jul 18 13:13:04 mybox.local NetworkManager[20046]: <info> NetworkManager (version 0.9.4-6.git20120521.fc16) is starting... Jul 18 13:13:04 mybox.local NetworkManager[20046]: <info> Read config file /etc/NetworkManager/NetworkManager.conf Jul 18 13:13:04 mybox.local NetworkManager[20046]: <info> WEXT support is enabled Jul 18 13:13:04 mybox.local NetworkManager[20046]: <info> VPN: loaded org.freedesktop.NetworkManager.openvpn Jul 18 13:13:04 mybox.local NetworkManager[20046]: <info> VPN: loaded org.freedesktop.NetworkManager.pptp Jul 18 13:13:04 mybox.local NetworkManager[20046]: <info> VPN: loaded org.freedesktop.NetworkManager.vpnc Jul 18 13:13:04 mybox.local NetworkManager[20046]: <info> VPN: loaded org.freedesktop.NetworkManager.openconnect Jul 18 13:13:04 mybox.local NetworkManager[20046]: ifcfg-rh: Acquired D-Bus service com.redhat.ifcfgrh1 Jul 18 13:13:04 mybox.local NetworkManager[20046]: <info> Loaded plugin ifcfg-rh: (c) 2007 - 2010 Red Hat, Inc. To report bugs please use the NetworkManager mailing list. Jul 18 13:13:04 mybox.local NetworkManager[20046]: <info> Loaded plugin keyfile: (c) 2007 - 2010 Red Hat, Inc. To report bugs please use the NetworkManager mailing list. Jul 18 13:13:04 mybox.local NetworkManager[20046]: ifcfg-rh: parsing /etc/sysconfig/network-scripts/ifcfg-wlan0 ... Jul 18 13:13:04 mybox.local NetworkManager[20046]: <warn> failed to allocate link cache: (-12) Netlink Error (errno = Operation not supported) Jul 18 13:13:04 mybox.local NetworkManager[20046]: ifcfg-rh: read connection 'System 'acedia' (wlan0)' Jul 18 13:13:04 mybox.local NetworkManager[20046]: ifcfg-rh: parsing /etc/sysconfig/network-scripts/ifcfg-sit1 ... Jul 18 13:13:04 mybox.local NetworkManager[20046]: <warn> failed to allocate link cache: (-12) Netlink Error (errno = Operation not supported) Jul 18 13:13:04 mybox.local NetworkManager[20046]: ifcfg-rh: read connection 'System sit1' Jul 18 13:13:04 mybox.local NetworkManager[20046]: ifcfg-rh: Ignoring connection 'System sit1' and its device due to NM_CONTROLLED/BRIDGE/VLAN. Jul 18 13:13:04 mybox.local NetworkManager[20046]: ifcfg-rh: parsing /etc/sysconfig/network-scripts/ifcfg-em1 ... Jul 18 13:13:04 mybox.local kernel: [103967.305467] NetworkManager[20046]: segfault at 9b12000 ip 46fbbd93 sp bfa02738 error 4 in libc-2.14.90.so[46f3b000+1a7000]
Created attachment 598996 [details] ifcfg-em1 sample that causes a segfault; fixed to not cause the segfault
Thanks for reporting the issue! The crash has been fixed upstream: 974c39fe3e8f0262961a6326577bd87bcd50fb28 However, note that NM's ifcfg-rh plugin doesn't support variables that span across multiple lines. Legacy 'network' service inherently accept them as it is a bunch of bash scripts (and bash support multi-line variables). Later, we may consider adding support for multi-line variables into ifcfg-rh plugin too.
This message is a reminder that Fedora 16 is nearing its end of life. Approximately 4 (four) weeks from now Fedora will stop maintaining and issuing updates for Fedora 16. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as WONTFIX if it remains open with a Fedora 'version' of '16'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version prior to Fedora 16's end of life. Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Fedora 16 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged to click on "Clone This Bug" and open it against that version of Fedora. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Fedora 16 changed to end-of-life (EOL) status on 2013-02-12. Fedora 16 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. Thank you for reporting this bug and we are sorry it could not be fixed.