Bug 967719 - Segfault in Perl_gv_fetchpvn_flags when trying to initialize back_perl openldap backend
Segfault in Perl_gv_fetchpvn_flags when trying to initialize back_perl openld...
Status: CLOSED EOL
Product: Fedora
Classification: Fedora
Component: perl (Show other bugs)
19
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Jitka Plesnikova
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-05-28 02:50 EDT by Jan Synacek
Modified: 2015-02-17 10:21 EST (History)
12 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1054061 (view as bug list)
Environment:
Last Closed: 2015-02-17 10:21:22 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Reproducer pack (788 bytes, application/x-gzip)
2013-05-28 02:50 EDT, Jan Synacek
no flags Details
full backtrace during the crash (31.67 KB, text/plain)
2013-05-28 02:53 EDT, Jan Synacek
no flags Details


External Trackers
Tracker ID Priority Status Summary Last Updated
OpenLDAP ITS 7573 None None None Never

  None (edit)
Description Jan Synacek 2013-05-28 02:50:29 EDT
Created attachment 753756 [details]
Reproducer pack

Description of problem:
When trying to initialize back_perl, a segfault occurs deep in perl itself.


Version-Release number of selected component (if applicable):
perl-5.16.3-264.fc19.x86_64
openldap-2.4.35-4.fc19.x86_64


How reproducible:
Almost always.


Steps to Reproduce:
1. Install fresh F19
2. If you try the reproducer here, all goes well
3. yum install perl-A* (I have no idea why I needed to do this to get it to segfault)
4. Try reproducer
5. Observe the segfault
6. From now on, reproducer works *without* producing any segfaults. I had to reboot the machine to be able to reproduce the issue again.

Note on how to use the reproducer:
1. Unpack
2. Run go.sh (warning: it will wipe your /var/lib/ldap/* and your /etc/openldap/*, so don't run if you use openldap in production)
   This will run slapd in debug mode, so you will need another console to run the rest.
3. Run try.sh
4. If you want to repeat, go to 2.

You can modify go.sh to run slapd through a debugger. However, you will probably need to set LD_PRELOAD=/usr/lib64/perl5/CORE/libperl.so to be able to run try.sh.


Actual results:
Perl segfaults.

Expected results:
The back_perl gets initialized without any problems.


Additional info:
This also happens on my production F18, but it happens always. It looks like it might have something to do with Bug 960048.
Comment 1 Jan Synacek 2013-05-28 02:53:11 EDT
Created attachment 753757 [details]
full backtrace during the crash

Note that in the frame #3, the my_perl variable changes from a (probably valid) pointer to 0x0.
Comment 2 Petr Pisar 2013-07-03 08:38:09 EDT
What's expected output on the client site?

I have patched perl so that it links all XS modules to libperl.so explicitly in my private F20 machine, and I do not get any segfaults. Instead I just get an error message from the second command:

$ sh try.sh
SASL/EXTERNAL authentication started
SASL username: gidNumber=500+uidNumber=500,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "cn=module,cn=config"
ldap_add: Insufficient access (50)

SASL/EXTERNAL authentication started
SASL username: gidNumber=500+uidNumber=500,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "olcDatabase=perl,cn=config"
ldap_add: Invalid syntax (21)
        additional info: objectClass: value #1 invalid per syntax

I guess this is how to should work.

If this is the real fix, than this issue will be fixed in F20.
Comment 3 Jan Synacek 2013-07-03 08:57:38 EDT
All LDAP operations should succeed without any errors. You don't have sufficient access rights to modify the LDAP database. Running the script as root should do it.

You should see something like this:
# ./try.sh 
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "cn=module,cn=config"

SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "olcDatabase=perl,cn=config"
ldap_result: Can't contact LDAP server (-1)

The last line indicates the termination (you can see that slapd segfaulted in the console where you ran go.sh). Expected output would look like the one above minus the 'ldap_result: ...' line. Plus there may be one additional 'adding new entry' line.
Comment 4 Petr Pisar 2013-07-03 10:07:01 EDT
I run it as a non-root. I get much better results as a root:

# ./try.sh
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "cn=module,cn=config"

SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "olcDatabase=perl,cn=config"

adding new entry "dc=perl-example,dc=com"

However the server sometimes segfaults as you reported.
Comment 5 Jan Synacek 2013-07-04 01:54:23 EDT
(In reply to Petr Pisar from comment #4)
> I run it as a non-root. I get much better results as a root:

Yes, that's how the output is supposed to look.

> However the server sometimes segfaults as you reported.

Ok, it's strange that it segfaults only sometimes. Does this mean that you can reproduce it even with all the perl modules linked to libperl.so explicitly?
Comment 6 Petr Pisar 2013-07-04 03:07:56 EDT
I recompiled only modules in perl binary package and openldap for the test. Not yet all modules that exist. I also reverted the RTLD_GLOBAL patch and checked slapd does not crashes on linkage error. So the test does not use any not-yet-rebuild modules.

I conclude this issue is independent on the linking bug #960048. But we will see more after rebuilding everything.
Comment 7 Fedora Admin XMLRPC Client 2013-08-12 07:50:07 EDT
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.
Comment 8 Howard Chu 2013-10-12 20:20:16 EDT
Please also followup to OpenLDAP ITS#7573 with any conclusions you reach, thanks.
Comment 9 Jan Synacek 2013-10-16 02:13:38 EDT
This problem still occurs in F20.
Comment 10 Fedora End Of Life 2015-01-09 13:13:51 EST
This message is a notice that Fedora 19 is now at end of life. Fedora 
has stopped maintaining and issuing updates for Fedora 19. It is 
Fedora's policy to close all bug reports from releases that are no 
longer maintained. Approximately 4 (four) weeks from now this bug will
be closed as EOL if it remains open with a Fedora 'version' of '19'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not 
able to fix it before Fedora 19 is end of life. If you would still like 
to see this bug fixed and are able to reproduce it against a later version 
of Fedora, you are encouraged  change the 'version' to a later Fedora 
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.
Comment 11 Fedora End Of Life 2015-02-17 10:21:22 EST
Fedora 19 changed to end-of-life (EOL) status on 2015-01-06. Fedora 19 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
bug.

Thank you for reporting this bug and we are sorry it could not be fixed.

Note You need to log in before you can comment on or make changes to this bug.