Return-Path: Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (Postfix) with ESMTP id 9844C3E6F4; Tue, 12 Jan 2010 11:34:34 -0500 (EST) Received: from pch.mit.edu (pch.mit.edu [127.0.0.1]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id o0CGYY4p009507; Tue, 12 Jan 2010 11:34:34 -0500 Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.7.7.76]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id o0C52cHH013150 for ; Tue, 12 Jan 2010 00:02:38 -0500 Received: from dmz-mailsec-scanner-6.mit.edu (DMZ-MAILSEC-SCANNER-6.MIT.EDU [18.7.68.35]) by fort-point-station.mit.edu (8.13.6/8.9.2) with ESMTP id o0C52sLN003575 for ; Tue, 12 Jan 2010 00:02:59 -0500 (EST) X-Auditid: 12074423-b7c94ae000000269-76-4b4c026c0770 Received: from mail.deksai.com (mail.deksai.com [66.103.254.248]) by dmz-mailsec-scanner-6.mit.edu (Symantec Brightmail Gateway) with SMTP id 86.7F.00617.C620C4B4; Tue, 12 Jan 2010 00:02:36 -0500 (EST) Received: from localhost (24-180-82-212.dhcp.bycy.mi.charter.com [24.180.82.212]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mail.deksai.com (Postfix) with ESMTPSA id 83C0974410A1 for ; Tue, 12 Jan 2010 00:02:35 -0500 (EST) Date: Tue, 12 Jan 2010 00:02:35 -0500 From: Chris To: krb5-bugs@mit.edu Subject: Segfault with unused pkinit Message-ID: <20100112050225.GA6165@chris-laptop.a2hosting.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit User-Agent: Mutt/1.5.20 (2009-06-14) X-Brightmail-Tracker: AAAAARJXwFo= X-Mailman-Approved-At: Tue, 12 Jan 2010 11:34:33 -0500 X-Beenthere: krb5-bugs-incoming@mailman.mit.edu X-Mailman-Version: 2.1.6 Precedence: list Sender: krb5-bugs-incoming-bounces@PCH.mit.edu Errors-To: krb5-bugs-incoming-bounces@PCH.mit.edu Content-Length: 1780 I have three kdc servers running 1.7. Every one of them goes down several times a day with a segfault. Looking at the logs, the last thing I see every time is "preauth pkinit failed to initialize: No realms configured correctly for pkinit support". I disabled pkinit when I compiled them, so I'm not entirely sure what is going on there. It appears to be one person at a time who is doing something unordinary, and failing over from one server to the next, and killing them off somehow. Anyway, a back trace looks like this: klog_com_err_proc (whoami=0xbfd2df4b "krb5kdc", code=-1765328141, format=0x0, ap=0xbfd2bbac "�G\f\b0�ҿ") at logger.c:221 221 if ((((unsigned char) *format) > 0) && (((unsigned char) *format) <= 8)) { (gdb) bt #0 klog_com_err_proc (whoami=0xbfd2df4b "krb5kdc", code=-1765328141, format=0x0, ap=0xbfd2bbac "�G\f\b0�ҿ") at logger.c:221 #1 0xb7e4e65a in com_err_va (whoami=0xbfd2df4b "krb5kdc", code=-1765328141, fmt=0x0, ap=0xbfd2bbac "�G\f\b0�ҿ") at com_err.c:112 #2 0x080561c0 in kdc_err (call_context=0x8061ae8, code=-1765328141, fmt=0x0) at main.c:121 #3 0x0804f2ee in process_tgs_req (pkt=0xbfd2d150, from=0xbfd2c048, response=0xbfd2c044) at do_tgs_req.c:1161 #4 0x0804bf1b in dispatch (pkt=0xbfd2d150, from=0xbfd2c048, response=0xbfd2c044) at dispatch.c:89 #5 0x080585ea in process_packet (conn=0x813a098, selflags=1) at network.c:1229 #6 0x080593a0 in listen_and_process () at network.c:1555 #7 0x08057359 in main (argc=1, argv=0xbfd2d394) at main.c:898 To me it looks like maybe kdc_err(kdc_context, retval, 0); at do_tgs_req.c:1161 accidentally passed what it wanted *format to equal, which was 0. Whatever the plan was for format, it doesn't seem to appreciate being dereferenced.