Date: | Tue, 12 Jan 2010 00:02:35 -0500 |
From: | Chris <lists@deksai.com> |
To: | krb5-bugs@mit.edu |
Subject: | Segfault with unused pkinit |
I have three kdc servers running 1.7. Every one of them goes down several
times a day with a segfault. Looking at the logs, the last thing I see every
time is "preauth pkinit failed to initialize: No realms configured correctly
for pkinit support".
I disabled pkinit when I compiled them, so I'm not entirely sure what is going
on there. It appears to be one person at a time who is doing something
unordinary, and failing over from one server to the next, and killing them off
somehow.
Anyway, a back trace looks like this:
klog_com_err_proc (whoami=0xbfd2df4b "krb5kdc", code=-1765328141, format=0x0,
ap=0xbfd2bbac "�G\f\b0�ҿ") at logger.c:221
221 if ((((unsigned char) *format) > 0) && (((unsigned char) *format) <= 8)) {
(gdb) bt
#0 klog_com_err_proc (whoami=0xbfd2df4b "krb5kdc", code=-1765328141,
format=0x0, ap=0xbfd2bbac "�G\f\b0�ҿ") at logger.c:221
#1 0xb7e4e65a in com_err_va (whoami=0xbfd2df4b "krb5kdc", code=-1765328141,
fmt=0x0, ap=0xbfd2bbac "�G\f\b0�ҿ") at com_err.c:112
#2 0x080561c0 in kdc_err (call_context=0x8061ae8, code=-1765328141, fmt=0x0)
at main.c:121
#3 0x0804f2ee in process_tgs_req (pkt=0xbfd2d150, from=0xbfd2c048,
response=0xbfd2c044) at do_tgs_req.c:1161
#4 0x0804bf1b in dispatch (pkt=0xbfd2d150, from=0xbfd2c048,
response=0xbfd2c044) at dispatch.c:89
#5 0x080585ea in process_packet (conn=0x813a098, selflags=1) at network.c:1229
#6 0x080593a0 in listen_and_process () at network.c:1555
#7 0x08057359 in main (argc=1, argv=0xbfd2d394) at main.c:898
To me it looks like maybe kdc_err(kdc_context, retval, 0); at do_tgs_req.c:1161
accidentally passed what it wanted *format to equal, which was 0. Whatever the plan was for format, it doesn't seem to appreciate being dereferenced.
times a day with a segfault. Looking at the logs, the last thing I see every
time is "preauth pkinit failed to initialize: No realms configured correctly
for pkinit support".
I disabled pkinit when I compiled them, so I'm not entirely sure what is going
on there. It appears to be one person at a time who is doing something
unordinary, and failing over from one server to the next, and killing them off
somehow.
Anyway, a back trace looks like this:
klog_com_err_proc (whoami=0xbfd2df4b "krb5kdc", code=-1765328141, format=0x0,
ap=0xbfd2bbac "�G\f\b0�ҿ") at logger.c:221
221 if ((((unsigned char) *format) > 0) && (((unsigned char) *format) <= 8)) {
(gdb) bt
#0 klog_com_err_proc (whoami=0xbfd2df4b "krb5kdc", code=-1765328141,
format=0x0, ap=0xbfd2bbac "�G\f\b0�ҿ") at logger.c:221
#1 0xb7e4e65a in com_err_va (whoami=0xbfd2df4b "krb5kdc", code=-1765328141,
fmt=0x0, ap=0xbfd2bbac "�G\f\b0�ҿ") at com_err.c:112
#2 0x080561c0 in kdc_err (call_context=0x8061ae8, code=-1765328141, fmt=0x0)
at main.c:121
#3 0x0804f2ee in process_tgs_req (pkt=0xbfd2d150, from=0xbfd2c048,
response=0xbfd2c044) at do_tgs_req.c:1161
#4 0x0804bf1b in dispatch (pkt=0xbfd2d150, from=0xbfd2c048,
response=0xbfd2c044) at dispatch.c:89
#5 0x080585ea in process_packet (conn=0x813a098, selflags=1) at network.c:1229
#6 0x080593a0 in listen_and_process () at network.c:1555
#7 0x08057359 in main (argc=1, argv=0xbfd2d394) at main.c:898
To me it looks like maybe kdc_err(kdc_context, retval, 0); at do_tgs_req.c:1161
accidentally passed what it wanted *format to equal, which was 0. Whatever the plan was for format, it doesn't seem to appreciate being dereferenced.