Bug 11170 - testparm --show-all-parameters ends with Segmentation fault
Summary: testparm --show-all-parameters ends with Segmentation fault
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: File services (show other bugs)
Version: 4.1.17
Hardware: x64 Linux
: P5 major (vote)
Target Milestone: ---
Assignee: Karolin Seeger
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-03-18 08:04 UTC by Raphael Olszewski
Modified: 2015-07-05 19:03 UTC (History)
1 user (show)

See Also:


Attachments
Backported patches for 4.1 and 4.2 (1.20 KB, patch)
2015-06-18 21:32 UTC, Christian Ambach
obnox: review+
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Raphael Olszewski 2015-03-18 08:04:03 UTC
OS   : SLES11 SP3
SAMBA: sernet-samba-4.1.17-11.suse111

calling testparm like this ends in segfault:

testparm --show-all-parameters
[local]
 comment=P_STRING,FLAG_BASIC|FLAG_SHARE|FLAG_PRINT|FLAG_ADVANCED
 path=P_STRING,FLAG_BASIC|FLAG_SHARE|FLAG_PRINT|FLAG_ADVANCED (synonyms:  directory)
 ...
 msdfs proxy=P_STRING,FLAG_SHARE|FLAG_ADVANCED
 ntvfs handler=P_LIST,
[global]
 dos charset=P_STRING,FLAG_ADVANCED
 unix charset=P_STRING,FLAG_ADVANCED
 ...
 dns forwarder=P_STRING,FLAG_ADVANCED
Segmentation fault (core dumped)

So - after dns_forwarder there is allways a segfault.
having a look with gdb:

gdb testparm core
 GNU gdb (GDB) SUSE (7.5.1-0.7.29)
 Core was generated by `testparm --show-all-parameters'.
 Program terminated with signal 11, Segmentation fault.
 #0  __strlen_sse2 () at ../sysdeps/x86_64/strlen.S:31
 31      ../sysdeps/x86_64/strlen.S: No such file or directory.
 (gdb) 

Is this enough information?
Comment 1 Volker Lendecke 2015-03-18 08:10:37 UTC
do a "bt full" at the gdb prompt please
Comment 2 Raphael Olszewski 2015-03-23 15:53:20 UTC
(gdb) bt full
#0  __strlen_sse2 () at ../sysdeps/x86_64/strlen.S:31
No locals.
#1  0x00007fc965fc21ef in _IO_vfprintf_internal (s=0x7fc9662ed7c0 <_IO_2_1_stdout_>, format=<optimized out>, ap=0x7fffed5b8830) at vfprintf.c:1570
        len = <optimized out>
        string_malloced = 0
        is_negative = 1734415616
        alt = 0
        space = 0
        is_long_double = 0
        the_arg = {pa_wchar = 1732038656 L'\x673cd000', pa_int = 1732038656, pa_long_int = 140502997192704, pa_long_long_int = 140502997192704, pa_u_int = 1732038656,
          pa_u_long_int = 140502997192704, pa_u_long_long_int = 140502997192704, pa_double = 6.9417704050644152e-310, pa_long_double = <invalid float value>,
          pa_string = 0x7fc9673cd000 "", pa_wstring = 0x7fc9673cd000 L"\x66dc6000?\x67406b88?\x66fcad60?\x673cd4f8?\x674066d0?\x673cd000?",
          pa_pointer = 0x7fc9673cd000, pa_user = 0x7fc9673cd000}
        showsign = 0
        string = 0x200000001 <Address 0x200000001 out of bounds>
        width = 0
        use_outdigits = 0
        pad = 32 ' '
        group = 0
        is_short = 0
        is_long = 0
        is_char = 0
        base = 1
        left = 0
        prec = -1
        spec = 115 's'
        _buffer = {__routine = 0x7fc966fdb7b0 <__funlockfile>, __arg = 0x7fc9662ed7c0 <_IO_2_1_stdout_>, __canceltype = 0, __prev = 0x0}
        _avail = 1
        thousands_sep = 0x0
        grouping = 0xffffffffffffffff <Address 0xffffffffffffffff out of bounds>
        done = 19
        f = 0x7fc966972669 "s"
        lead_str_end = 0x7fc966972665 "%s=%s"
        work_buffer = "\372\032ag\311\177\000\000\002\033ag\311\177\000\000\023\033ag\311\177\000\000\034\033ag\311\177\000\000-\033ag\311\177\000\000\064\033ag\311\177\0
00\000E\033ag\311\177\000\000L\033ag\311\177\000\000]\033ag\311\177\000\000f\033ag\311\177\000\000w\033ag\311\177\000\000~\033ag\311\177\000\000\217\033ag\311\177\000\000
\225\033ag\311\177\000\000\246\033ag\311\177\000\000\255\033ag\311\177\000\000\276\033ag\311\177\000\000\307\033ag\311\177\000\000\330\033ag\311\177\000\000\342\033ag\311
\177\000\000\363\033ag\311\177\000\000\375\033ag\311\177\000\000\000\000\000\000\001\000\000\000\335\001\000\000\001", '\000' <repeats 11 times>, "X\263<g\311\177\000\000
`\205[\355\377\177\000\000(\205[\355\377\177\000\000\307\016\340=\000\000\000\000\020\205[\355\377\177\000\000\000\260<g\311\177\000\000\303,\037"...
        workstart = 0x0
        workend = 0x7fffed5b8718 "H\335<g\311\177"
        ap_save = {{gp_offset = 16, fp_offset = 48, overflow_arg_area = 0x7fffed5b8930, reg_save_area = 0x7fffed5b8850}}
        nspecs_done = 1
        save_errno = 2
        readonly_format = 0
        args_malloced = 0x0
        specs = 0x73000016
        specs_malloced = false
        jump_table = "\001\000\000\004\000\016\000\006\000\000\a\002\000\003\t\000\005\b\b\b\b\b\b\b\b\b\000\000\000\000\000\000\000\032\000\031\000\023\023\023\000\035\0
00\000\f\000\000\000\000\000\000\025\000\000\000\000\022\000\r\000\000\000\000\000\000\032\000\024\017\023\023\023\n\017\034\000\v\030\027\021\026\f\000\025\033\020\000\0
00\022\000\r"
        __PRETTY_FUNCTION__ = "_IO_vfprintf_internal"
        step0_jumps = {0, -2762, -434, -337, -236, -140, -2666, -2459, -2144, -1920, -1519, -1423, 1255, 1362, 2997, 3047, 3135, 3150, 1853, 2425, -1327, -32, 3558,
          -1059, -983, -5914, 3263, 3165, 3214, -2556}
        step1_jumps = {0, 0, 0, 0, 0, 0, 0, 0, 0, -1920, -1519, -1423, 1255, 1362, 2997, 3047, 3135, 3150, 1853, 2425, -1327, -32, 3558, -1059, -983, -5914, 3263,
          3165, 3214, 0}
        step2_jumps = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1519, -1423, 1255, 1362, 2997, 3047, 3135, 3150, 1853, 2425, -1327, -32, 3558, -1059, -983, -5914, 3263, 3165,
          3214, 0}
        step3a_jumps = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1625, 0, 0, 0, 2997, 3047, 3135, 3150, 1853, 0, 0, 0, 0, -1059, 0, 0, 0, 0, 0, 0}
        step3b_jumps = {0 <repeats 11 times>, 1255, 0, 0, 2997, 3047, 3135, 3150, 1853, 2425, -1327, -32, 3558, -1059, -983, -5914, 3263, 0, 0, 0}
        step4_jumps = {0 <repeats 14 times>, 2997, 3047, 3135, 3150, 1853, 2425, -1327, -32, 3558, -1059, -983, -5914, 3263, 0, 0, 0}
        step4_jumps = {-3242 <repeats 14 times>, 460, 510, 1124, 2927, 2790, 2805, -4090, -3786, 1606, 1739, 2942, -5323, 1466, -3242, -3242, -3242}
#2  0x00007fc966069b3d in ___printf_chk (flag=1, format=0x200000001 <Address 0x200000001 out of bounds>) at printf_chk.c:37
        _IO_acquire_lock_file = 0x7fc9662ed7c0 <_IO_2_1_stdout_>
        ap = {{gp_offset = 32, fp_offset = 48, overflow_arg_area = 0x7fffed5b8930, reg_save_area = 0x7fffed5b8850}}
        done = <optimized out>
#3  0x00007fc9669586a7 in show_parameter_list () from /usr/lib64/samba/libsmbconf.so.0
No symbol table info available.
#4  0x00007fc96740cc14 in main ()
No symbol table info available.
(gdb)
Comment 3 Christian Ambach 2015-06-18 21:32:00 UTC
Created attachment 11172 [details]
Backported patches for 4.1 and 4.2
Comment 4 Michael Adam 2015-06-19 09:33:11 UTC
Karo. please apply to 4.2.next and 4.1.next
Comment 5 Karolin Seeger 2015-06-29 19:43:10 UTC
(In reply to Michael Adam from comment #4)
Pushed to autobuild-v4-[1|2]-test.
Comment 6 Karolin Seeger 2015-07-05 19:03:07 UTC
(In reply to Karolin Seeger from comment #5)
Pushed to both branches.
Closing out bug report.

Thanks!