Your message dated Thu, 17 Dec 2015 23:07:42 +0100 with message-id <20151217220742.ga4...@aurel32.net> and subject line Re: Bug#737079: nscd crashes on netgroup lookups has caused the Debian Bug report #737079, regarding nscd crashes on netgroup lookups to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 737079: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737079 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: nscd Version: 2.17-97 Severity: important I can reasonably consistently crash nscd with netgroup lookups. Below is the simplest configuration I can reproduce this with: /etc/nsswitch.conf: netgroup: files /etc/netgroup : tst5netgroup (foo, , ) (bar, , ) tst6netgroup tst7netgroup tst7netgroup (baz, , ) (/etc/nscd.conf is attached, no /var/cache/nscd present) When running the following lookup nscd crashes. getent netgroup tst5netgroup tst5netgroup (foo,,) (bar,,) (baz,,) Attached is output of running nscd under valgrind with just the one lookup. I also built nscd from source (built 2.17-97, though not particularly clean build environment and used built source directory to run nscd) to get the debug symbols included. Attached also valgrind and gdb output from the crashes with this version also. Thanks, -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: i386 (x86_64) Kernel: Linux 3.11-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages nscd depends on: ii libaudit1 1:2.3.3-3 ii libc6 2.17-97 ii libcap2 1:2.22-1.2 ii libselinux1 2.2.2-1 -- -- arthur - adej...@debian.org - http://people.debian.org/~adejong --# # /etc/nscd.conf # # An example Name Service Cache config file. This file is needed by nscd. # # Legal entries are: # # logfile <file> # debug-level <level> # threads <initial #threads to use> # max-threads <maximum #threads to use> # server-user <user to run server as instead of root> # server-user is ignored if nscd is started with -S parameters # stat-user <user who is allowed to request statistics> # reload-count unlimited|<number> # paranoia <yes|no> # restart-interval <time in seconds> # # enable-cache <service> <yes|no> # positive-time-to-live <service> <time in seconds> # negative-time-to-live <service> <time in seconds> # suggested-size <service> <prime number> # check-files <service> <yes|no> # persistent <service> <yes|no> # shared <service> <yes|no> # max-db-size <service> <number bytes> # auto-propagate <service> <yes|no> # # Currently supported cache names (services): passwd, group, hosts, services # # logfile /var/log/nscd.log # threads 4 # max-threads 32 # server-user nobody # stat-user somebody debug-level 0 # reload-count 5 paranoia no # restart-interval 3600 enable-cache passwd yes positive-time-to-live passwd 600 negative-time-to-live passwd 20 suggested-size passwd 211 check-files passwd yes persistent passwd yes shared passwd yes max-db-size passwd 33554432 auto-propagate passwd yes enable-cache group yes positive-time-to-live group 3600 negative-time-to-live group 60 suggested-size group 211 check-files group yes persistent group yes shared group yes max-db-size group 33554432 auto-propagate group yes enable-cache hosts yes positive-time-to-live hosts 3600 negative-time-to-live hosts 20 suggested-size hosts 211 check-files hosts yes persistent hosts yes shared hosts yes max-db-size hosts 33554432 enable-cache services yes positive-time-to-live services 28800 negative-time-to-live services 20 suggested-size services 211 check-files services yes persistent services yes shared services yes max-db-size services 33554432 enable-cache netgroup yes positive-time-to-live netgroup 28800 negative-time-to-live netgroup 20 suggested-size netgroup 211 check-files netgroup yes persistent netgroup yes shared netgroup yes max-db-size netgroup 33554432# valgrind -v nscd -d ==7497== Memcheck, a memory error detector ==7497== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al. ==7497== Using Valgrind-3.9.0 and LibVEX; rerun with -h for copyright info ==7497== Command: nscd -d ==7497== --7497-- Valgrind options: --7497-- -v --7497-- Contents of /proc/version: --7497-- Linux version 3.11-2-amd64 (debian-ker...@lists.debian.org) (gcc version 4.8.2 (Debian 4.8.2-7) ) #1 SMP Debian 3.11.10-1 (2013-12-04) --7497-- Arch and hwcaps: X86, x86-mmxext-sse1-sse2 --7497-- Page sizes: currently 4096, max supported 4096 --7497-- Valgrind library directory: /usr/lib/valgrind --7497-- Reading syms from /usr/sbin/nscd --7497-- object doesn't have a symbol table --7497-- Reading syms from /lib/i386-linux-gnu/ld-2.17.so --7497-- Considering /lib/i386-linux-gnu/ld-2.17.so .. --7497-- .. CRC mismatch (computed b691a29b wanted 35893dbd) --7497-- Considering /usr/lib/debug/lib/i386-linux-gnu/ld-2.17.so .. --7497-- .. CRC is valid --7497-- Reading syms from /usr/lib/valgrind/memcheck-x86-linux --7497-- Considering /usr/lib/valgrind/memcheck-x86-linux .. --7497-- .. CRC mismatch (computed 826d5f93 wanted f3e80697) --7497-- Considering /usr/lib/debug/usr/lib/valgrind/memcheck-x86-linux .. --7497-- .. CRC is valid --7497-- object doesn't have a dynamic symbol table --7497-- Scheduler: using generic scheduler lock implementation. --7497-- Reading suppressions file: /usr/lib/valgrind/default.supp ==7497== embedded gdbserver: reading from /tmp/vgdb-pipe-from-vgdb-to-7497-by-root-on-??? ==7497== embedded gdbserver: writing to /tmp/vgdb-pipe-to-vgdb-from-7497-by-root-on-??? ==7497== embedded gdbserver: shared mem /tmp/vgdb-pipe-shared-mem-vgdb-7497-by-root-on-??? ==7497== ==7497== TO CONTROL THIS PROCESS USING vgdb (which you probably ==7497== don't want to do, unless you know exactly what you're doing, ==7497== or are doing some strange experiment): ==7497== /usr/lib/valgrind/../../bin/vgdb --pid=7497 ...command... ==7497== ==7497== TO DEBUG THIS PROCESS USING GDB: start GDB like this ==7497== /path/to/gdb nscd ==7497== and then give GDB the following command ==7497== target remote | /usr/lib/valgrind/../../bin/vgdb --pid=7497 ==7497== --pid is optional if only one valgrind process is running ==7497== --7497-- REDIR: 0x4017fe0 (strlen) redirected to 0x38065852 (vgPlain_x86_linux_REDIR_FOR_strlen) --7497-- REDIR: 0x4017e10 (index) redirected to 0x3806582d (vgPlain_x86_linux_REDIR_FOR_index) --7497-- Reading syms from /usr/lib/valgrind/vgpreload_core-x86-linux.so --7497-- Considering /usr/lib/valgrind/vgpreload_core-x86-linux.so .. --7497-- .. CRC mismatch (computed 3d64ba67 wanted 85b597c2) --7497-- Considering /usr/lib/debug/usr/lib/valgrind/vgpreload_core-x86-linux.so .. --7497-- .. CRC is valid --7497-- Reading syms from /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so --7497-- Considering /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so .. --7497-- .. CRC mismatch (computed 6da1bdc1 wanted 6b79a15a) --7497-- Considering /usr/lib/debug/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so .. --7497-- .. CRC is valid --7497-- Reading syms from /lib/i386-linux-gnu/i686/cmov/libpthread-2.17.so --7497-- Considering /lib/i386-linux-gnu/i686/cmov/libpthread-2.17.so .. --7497-- .. CRC mismatch (computed 4c89323c wanted c5c5b103) --7497-- Considering /usr/lib/debug/lib/i386-linux-gnu/i686/cmov/libpthread-2.17.so .. --7497-- .. CRC is valid --7497-- Reading syms from /lib/i386-linux-gnu/i686/cmov/libnsl-2.17.so --7497-- Considering /lib/i386-linux-gnu/i686/cmov/libnsl-2.17.so .. --7497-- .. CRC mismatch (computed b0f25a42 wanted afc8d515) --7497-- Considering /usr/lib/debug/lib/i386-linux-gnu/i686/cmov/libnsl-2.17.so .. --7497-- .. CRC is valid --7497-- Reading syms from /lib/i386-linux-gnu/libselinux.so.1 --7497-- object doesn't have a symbol table --7497-- Reading syms from /lib/i386-linux-gnu/libaudit.so.1.0.0 --7497-- object doesn't have a symbol table --7497-- Reading syms from /lib/i386-linux-gnu/libcap.so.2.22 --7497-- object doesn't have a symbol table --7497-- Reading syms from /lib/i386-linux-gnu/i686/cmov/libc-2.17.so --7497-- Considering /lib/i386-linux-gnu/i686/cmov/libc-2.17.so .. --7497-- .. CRC mismatch (computed 077c2fb4 wanted 5387e7f2) --7497-- Considering /usr/lib/debug/lib/i386-linux-gnu/i686/cmov/libc-2.17.so .. --7497-- .. CRC is valid --7497-- Reading syms from /lib/i386-linux-gnu/libpcre.so.3.13.1 --7497-- Considering /lib/i386-linux-gnu/libpcre.so.3.13.1 .. --7497-- .. CRC mismatch (computed cdfdd34c wanted 80cd9b25) --7497-- object doesn't have a symbol table --7497-- Reading syms from /lib/i386-linux-gnu/i686/cmov/libdl-2.17.so --7497-- Considering /lib/i386-linux-gnu/i686/cmov/libdl-2.17.so .. --7497-- .. CRC mismatch (computed 06adbb74 wanted e17be163) --7497-- Considering /usr/lib/debug/lib/i386-linux-gnu/i686/cmov/libdl-2.17.so .. --7497-- .. CRC is valid --7497-- Reading syms from /lib/i386-linux-gnu/libattr.so.1.1.0 --7497-- object doesn't have a symbol table --7497-- REDIR: 0x4938eb0 (strnlen) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --7497-- REDIR: 0x493a420 (strncasecmp) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --7497-- REDIR: 0x493f650 (memrchr) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --7497-- REDIR: 0x4953e70 (wcslen) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --7497-- REDIR: 0x4938610 (strcmp) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --7497-- REDIR: 0x4939e30 (memmove) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --7497-- REDIR: 0x493a550 (memcpy) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --7497-- REDIR: 0x4939b00 (bcmp) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --7497-- REDIR: 0x493a1e0 (stpcpy) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --7497-- REDIR: 0x49386d0 (strcpy) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --7497-- REDIR: 0x4938400 (index) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --7497-- REDIR: 0x4938da0 (strlen) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --7497-- REDIR: 0x493a3d0 (strcasecmp) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --7497-- REDIR: 0x4939ef0 (memset) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --7497-- REDIR: 0x4939fa0 (mempcpy) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --7497-- REDIR: 0x4939000 (rindex) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --7497-- REDIR: 0x493b7a0 (rawmemchr) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --7497-- REDIR: 0x49528f0 (strstr) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --7497-- REDIR: 0x49523f0 (__GI_strstr) redirected to 0x482ebd0 (strstr) --7497-- REDIR: 0x4939050 (__GI_strrchr) redirected to 0x482b820 (__GI_strrchr) --7497-- REDIR: 0x4934390 (malloc) redirected to 0x4828ae0 (malloc) --7497-- REDIR: 0x4934790 (free) redirected to 0x4829d40 (free) --7497-- REDIR: 0x4938660 (__GI_strcmp) redirected to 0x482ca30 (__GI_strcmp) --7497-- REDIR: 0x4938df0 (__GI_strlen) redirected to 0x482bcc0 (__GI_strlen) --7497-- REDIR: 0x493fcf0 (__GI_strncmp) redirected to 0x482c1e0 (__GI_strncmp) --7497-- REDIR: 0x4938450 (__GI_strchr) redirected to 0x482b900 (__GI_strchr) --7497-- REDIR: 0x493b8c0 (strchrnul) redirected to 0x482e7a0 (strchrnul) --7497-- REDIR: 0x49fc490 (__strcmp_ssse3) redirected to 0x482c9f0 (strcmp) --7497-- REDIR: 0x493a240 (__GI_stpcpy) redirected to 0x482dd60 (__GI_stpcpy) --7497-- REDIR: 0x4934cb0 (calloc) redirected to 0x482aa60 (calloc) --7497-- Reading syms from /lib/i386-linux-gnu/i686/cmov/libnss_files-2.17.so --7497-- Considering /lib/i386-linux-gnu/i686/cmov/libnss_files-2.17.so .. --7497-- .. CRC mismatch (computed 01f002c7 wanted e5205ac4) --7497-- Considering /usr/lib/debug/lib/i386-linux-gnu/i686/cmov/libnss_files-2.17.so .. --7497-- .. CRC is valid --7497-- REDIR: 0x4a07790 (__strnlen_sse2) redirected to 0x482bc40 (strnlen) --7497-- REDIR: 0x4938730 (__GI_strcpy) redirected to 0x482bdc0 (__GI_strcpy) --7497-- REDIR: 0x4934840 (realloc) redirected to 0x482ac80 (realloc) --7497-- REDIR: 0x4951c60 (__GI___strcasecmp_l) redirected to 0x482c680 (__GI___strcasecmp_l) --7497-- REDIR: 0x493b7f0 (__GI___rawmemchr) redirected to 0x482e7f0 (__GI___rawmemchr) Wed 29 Jan 2014 23:01:45 CET - 7497: register trace file /etc/passwd for database passwd Wed 29 Jan 2014 23:01:45 CET - 7497: register trace file /etc/group for database group Wed 29 Jan 2014 23:01:45 CET - 7497: register trace file /etc/hosts for database hosts Wed 29 Jan 2014 23:01:45 CET - 7497: register trace file /etc/resolv.conf for database hosts Wed 29 Jan 2014 23:01:45 CET - 7497: register trace file /etc/services for database services Wed 29 Jan 2014 23:01:45 CET - 7497: register trace file /etc/netgroup for database netgroup --7497-- Reading syms from /lib/i386-linux-gnu/libnss_ldap.so.2 --7497-- REDIR: 0x4018450 (stpcpy) redirected to 0x482de50 (stpcpy) --7497-- Reading syms from /lib/i386-linux-gnu/i686/cmov/libnss_dns-2.17.so --7497-- Considering /lib/i386-linux-gnu/i686/cmov/libnss_dns-2.17.so .. --7497-- .. CRC mismatch (computed 42bf78ce wanted 6e477fd7) --7497-- Considering /usr/lib/debug/lib/i386-linux-gnu/i686/cmov/libnss_dns-2.17.so .. --7497-- .. CRC is valid --7497-- Reading syms from /lib/i386-linux-gnu/i686/cmov/libresolv-2.17.so --7497-- Considering /lib/i386-linux-gnu/i686/cmov/libresolv-2.17.so .. --7497-- .. CRC mismatch (computed fa68d5a3 wanted fd77f72e) --7497-- Considering /usr/lib/debug/lib/i386-linux-gnu/i686/cmov/libresolv-2.17.so .. --7497-- .. CRC is valid Wed 29 Jan 2014 23:01:45 CET - 7497: cannot create /var/cache/nscd/passwd; no persistent database used --7497-- REDIR: 0x49eeda0 (__memset_sse2) redirected to 0x482e190 (memset) Wed 29 Jan 2014 23:01:45 CET - 7497: cannot create /var/cache/nscd/group; no persistent database used Wed 29 Jan 2014 23:01:45 CET - 7497: cannot create /var/cache/nscd/hosts; no persistent database used Wed 29 Jan 2014 23:01:45 CET - 7497: cannot create /var/cache/nscd/services; no persistent database used Wed 29 Jan 2014 23:01:45 CET - 7497: cannot create /var/cache/nscd/netgroup; no persistent database used Wed 29 Jan 2014 23:01:51 CET - 7497: handle_request: request received (Version = 2) from PID 7529 Wed 29 Jan 2014 23:01:51 CET - 7497: GETFDNETGR Wed 29 Jan 2014 23:01:51 CET - 7497: handle_request: request received (Version = 2) from PID 7529 ==7497== Thread 9: ==7497== Conditional jump or move depends on uninitialised value(s) ==7497== at 0x4902B43: vfprintf (vfprintf.c:1649) ==7497== by 0x49BE117: __vsnprintf_chk (vsnprintf_chk.c:63) ==7497== by 0x116A38: ??? (in /usr/sbin/nscd) ==7497== by 0x10F4CE: ??? (in /usr/sbin/nscd) ==7497== by 0x483FCF0: start_thread (pthread_create.c:311) ==7497== by 0x49AAC3D: clone (clone.S:131) ==7497== Wed 29 Jan 2014 23:01:51 CET - 7497: GETNETGRENT (tst5netgroup) ==7497== Conditional jump or move depends on uninitialised value(s) ==7497== at 0x4902B43: vfprintf (vfprintf.c:1649) ==7497== by 0x49BE117: __vsnprintf_chk (vsnprintf_chk.c:63) ==7497== by 0x116A38: ??? (in /usr/sbin/nscd) ==7497== by 0x122FD6: ??? (in /usr/sbin/nscd) ==7497== by 0x123798: ??? (in /usr/sbin/nscd) ==7497== by 0x10ECA8: ??? (in /usr/sbin/nscd) ==7497== by 0x483FCF0: start_thread (pthread_create.c:311) ==7497== by 0x49AAC3D: clone (clone.S:131) ==7497== Wed 29 Jan 2014 23:01:51 CET - 7497: Haven't found "tst5netgroup" in netgroup cache! --7497-- REDIR: 0x493fe20 (__strlen_sse2_bsf) redirected to 0x482bca0 (strlen) ==7497== Conditional jump or move depends on uninitialised value(s) ==7497== at 0x482BCB7: strlen (mc_replace_strmem.c:404) ==7497== by 0x1223FE: ??? (in /usr/sbin/nscd) ==7497== by 0x123798: ??? (in /usr/sbin/nscd) ==7497== by 0x10ECA8: ??? (in /usr/sbin/nscd) ==7497== by 0x483FCF0: start_thread (pthread_create.c:311) ==7497== by 0x49AAC3D: clone (clone.S:131) ==7497== --7497-- REDIR: 0x49efeb0 (__memcpy_ssse3) redirected to 0x482d080 (memcpy) ==7497== Conditional jump or move depends on uninitialised value(s) ==7497== at 0x482BCB7: strlen (mc_replace_strmem.c:404) ==7497== by 0x50495B2: _nss_files_setnetgrent (files-netgrp.c:74) ==7497== by 0x12256C: ??? (in /usr/sbin/nscd) ==7497== by 0x123798: ??? (in /usr/sbin/nscd) ==7497== by 0x10ECA8: ??? (in /usr/sbin/nscd) ==7497== by 0x483FCF0: start_thread (pthread_create.c:311) ==7497== by 0x49AAC3D: clone (clone.S:131) ==7497== --7497-- REDIR: 0x4938f50 (strncmp) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --7497-- REDIR: 0x49fd900 (__strncmp_ssse3) redirected to 0x482c140 (strncmp) ==7497== Invalid read of size 1 ==7497== at 0x482BCA8: strlen (mc_replace_strmem.c:404) ==7497== by 0x1226B0: ??? (in /usr/sbin/nscd) ==7497== by 0x123798: ??? (in /usr/sbin/nscd) ==7497== by 0x10ECA8: ??? (in /usr/sbin/nscd) ==7497== by 0x483FCF0: start_thread (pthread_create.c:311) ==7497== by 0x49AAC3D: clone (clone.S:131) ==7497== Address 0x0 is not stack'd, malloc'd or (recently) free'd ==7497== ==7497== ==7497== Process terminating with default action of signal 11 (SIGSEGV) ==7497== Access not within mapped region at address 0x0 ==7497== at 0x482BCA8: strlen (mc_replace_strmem.c:404) ==7497== by 0x1226B0: ??? (in /usr/sbin/nscd) ==7497== by 0x123798: ??? (in /usr/sbin/nscd) ==7497== by 0x10ECA8: ??? (in /usr/sbin/nscd) ==7497== by 0x483FCF0: start_thread (pthread_create.c:311) ==7497== by 0x49AAC3D: clone (clone.S:131) ==7497== If you believe this happened as a result of a stack ==7497== overflow in your program's main thread (unlikely but ==7497== possible), you can try to increase the size of the ==7497== main thread stack using the --main-stacksize= flag. ==7497== The main thread stack size used in this run was 8388608. --7497-- Discarding syms at 0x5043a80-0x504aa0c in /lib/i386-linux-gnu/i686/cmov/libnss_files-2.17.so due to munmap() --7497-- Discarding syms at 0x5054220-0x505c86c in /lib/i386-linux-gnu/libnss_ldap.so.2 due to munmap() --7497-- Discarding syms at 0x5060c40-0x5063b96 in /lib/i386-linux-gnu/i686/cmov/libnss_dns-2.17.so due to munmap() --7497-- Discarding syms at 0x5069720-0x5075ef4 in /lib/i386-linux-gnu/i686/cmov/libresolv-2.17.so due to munmap() ==7497== ==7497== HEAP SUMMARY: ==7497== in use at exit: 1,099,308 bytes in 22 blocks ==7497== total heap usage: 189 allocs, 167 frees, 1,116,900 bytes allocated ==7497== ==7497== Searching for pointers to 22 not-freed blocks ==7497== Checked 9,580,736 bytes ==7497== ==7497== LEAK SUMMARY: ==7497== definitely lost: 0 bytes in 0 blocks ==7497== indirectly lost: 0 bytes in 0 blocks ==7497== possibly lost: 1,368 bytes in 9 blocks ==7497== still reachable: 1,097,940 bytes in 13 blocks ==7497== suppressed: 0 bytes in 0 blocks ==7497== Rerun with --leak-check=full to see details of leaked memory ==7497== ==7497== Use --track-origins=yes to see where uninitialised values come from ==7497== ERROR SUMMARY: 5 errors from 5 contexts (suppressed: 0 from 0) ==7497== ==7497== 1 errors in context 1 of 5: ==7497== Invalid read of size 1 ==7497== at 0x482BCA8: strlen (mc_replace_strmem.c:404) ==7497== by 0x1226B0: ??? (in /usr/sbin/nscd) ==7497== by 0x123798: ??? (in /usr/sbin/nscd) ==7497== by 0x10ECA8: ??? (in /usr/sbin/nscd) ==7497== by 0x483FCF0: start_thread (pthread_create.c:311) ==7497== by 0x49AAC3D: clone (clone.S:131) ==7497== Address 0x0 is not stack'd, malloc'd or (recently) free'd ==7497== ==7497== ==7497== 1 errors in context 2 of 5: ==7497== Conditional jump or move depends on uninitialised value(s) ==7497== at 0x482BCB7: strlen (mc_replace_strmem.c:404) ==7497== by 0x50495B2: ??? ==7497== by 0x12256C: ??? (in /usr/sbin/nscd) ==7497== by 0x123798: ??? (in /usr/sbin/nscd) ==7497== by 0x10ECA8: ??? (in /usr/sbin/nscd) ==7497== by 0x483FCF0: start_thread (pthread_create.c:311) ==7497== by 0x49AAC3D: clone (clone.S:131) ==7497== ==7497== ==7497== 1 errors in context 3 of 5: ==7497== Conditional jump or move depends on uninitialised value(s) ==7497== at 0x482BCB7: strlen (mc_replace_strmem.c:404) ==7497== by 0x1223FE: ??? (in /usr/sbin/nscd) ==7497== by 0x123798: ??? (in /usr/sbin/nscd) ==7497== by 0x10ECA8: ??? (in /usr/sbin/nscd) ==7497== by 0x483FCF0: start_thread (pthread_create.c:311) ==7497== by 0x49AAC3D: clone (clone.S:131) ==7497== ==7497== ==7497== 1 errors in context 4 of 5: ==7497== Conditional jump or move depends on uninitialised value(s) ==7497== at 0x4902B43: vfprintf (vfprintf.c:1649) ==7497== by 0x49BE117: __vsnprintf_chk (vsnprintf_chk.c:63) ==7497== by 0x116A38: ??? (in /usr/sbin/nscd) ==7497== by 0x122FD6: ??? (in /usr/sbin/nscd) ==7497== by 0x123798: ??? (in /usr/sbin/nscd) ==7497== by 0x10ECA8: ??? (in /usr/sbin/nscd) ==7497== by 0x483FCF0: start_thread (pthread_create.c:311) ==7497== by 0x49AAC3D: clone (clone.S:131) ==7497== ==7497== ==7497== 1 errors in context 5 of 5: ==7497== Conditional jump or move depends on uninitialised value(s) ==7497== at 0x4902B43: vfprintf (vfprintf.c:1649) ==7497== by 0x49BE117: __vsnprintf_chk (vsnprintf_chk.c:63) ==7497== by 0x116A38: ??? (in /usr/sbin/nscd) ==7497== by 0x10F4CE: ??? (in /usr/sbin/nscd) ==7497== by 0x483FCF0: start_thread (pthread_create.c:311) ==7497== by 0x49AAC3D: clone (clone.S:131) ==7497== ==7497== ERROR SUMMARY: 5 errors from 5 contexts (suppressed: 0 from 0) Killed# valgrind -v /usr/src/eglibc-2.17/build-tree/i386-libc/nscd/nscd -d valgrind: /usr/src/eglibc-2.17/build-tree/i386-libc/nscd/nscd: Permission denied sorbet:/usr/src/nss-pam-ldapd# chown 0 /usr/src/eglibc-2.17/build-tree/i386-libc/nscd/nscd sorbet:/usr/src/nss-pam-ldapd# valgrind -v /usr/src/eglibc-2.17/build-tree/i386-libc/nscd/nscd -d ==18131== Memcheck, a memory error detector ==18131== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al. ==18131== Using Valgrind-3.9.0 and LibVEX; rerun with -h for copyright info ==18131== Command: /usr/src/eglibc-2.17/build-tree/i386-libc/nscd/nscd -d ==18131== --18131-- Valgrind options: --18131-- -v --18131-- Contents of /proc/version: --18131-- Linux version 3.11-2-amd64 (debian-ker...@lists.debian.org) (gcc version 4.8.2 (Debian 4.8.2-7) ) #1 SMP Debian 3.11.10-1 (2013-12-04) --18131-- Arch and hwcaps: X86, x86-mmxext-sse1-sse2 --18131-- Page sizes: currently 4096, max supported 4096 --18131-- Valgrind library directory: /usr/lib/valgrind --18131-- Reading syms from /usr/src/eglibc-2.17/build-tree/i386-libc/nscd/nscd --18131-- Reading syms from /lib/i386-linux-gnu/ld-2.17.so --18131-- Considering /lib/i386-linux-gnu/ld-2.17.so .. --18131-- .. CRC mismatch (computed b691a29b wanted 35893dbd) --18131-- Considering /usr/lib/debug/lib/i386-linux-gnu/ld-2.17.so .. --18131-- .. CRC is valid --18131-- Reading syms from /usr/lib/valgrind/memcheck-x86-linux --18131-- Considering /usr/lib/valgrind/memcheck-x86-linux .. --18131-- .. CRC mismatch (computed 826d5f93 wanted f3e80697) --18131-- Considering /usr/lib/debug/usr/lib/valgrind/memcheck-x86-linux .. --18131-- .. CRC is valid --18131-- object doesn't have a dynamic symbol table --18131-- Scheduler: using generic scheduler lock implementation. --18131-- Reading suppressions file: /usr/lib/valgrind/default.supp ==18131== embedded gdbserver: reading from /tmp/vgdb-pipe-from-vgdb-to-18131-by-root-on-??? ==18131== embedded gdbserver: writing to /tmp/vgdb-pipe-to-vgdb-from-18131-by-root-on-??? ==18131== embedded gdbserver: shared mem /tmp/vgdb-pipe-shared-mem-vgdb-18131-by-root-on-??? ==18131== ==18131== TO CONTROL THIS PROCESS USING vgdb (which you probably ==18131== don't want to do, unless you know exactly what you're doing, ==18131== or are doing some strange experiment): ==18131== /usr/lib/valgrind/../../bin/vgdb --pid=18131 ...command... ==18131== ==18131== TO DEBUG THIS PROCESS USING GDB: start GDB like this ==18131== /path/to/gdb /usr/src/eglibc-2.17/build-tree/i386-libc/nscd/nscd ==18131== and then give GDB the following command ==18131== target remote | /usr/lib/valgrind/../../bin/vgdb --pid=18131 ==18131== --pid is optional if only one valgrind process is running ==18131== --18131-- REDIR: 0x4017fe0 (strlen) redirected to 0x38065852 (vgPlain_x86_linux_REDIR_FOR_strlen) --18131-- REDIR: 0x4017e10 (index) redirected to 0x3806582d (vgPlain_x86_linux_REDIR_FOR_index) --18131-- Reading syms from /usr/lib/valgrind/vgpreload_core-x86-linux.so --18131-- Considering /usr/lib/valgrind/vgpreload_core-x86-linux.so .. --18131-- .. CRC mismatch (computed 3d64ba67 wanted 85b597c2) --18131-- Considering /usr/lib/debug/usr/lib/valgrind/vgpreload_core-x86-linux.so .. --18131-- .. CRC is valid --18131-- Reading syms from /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so --18131-- Considering /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so .. --18131-- .. CRC mismatch (computed 6da1bdc1 wanted 6b79a15a) --18131-- Considering /usr/lib/debug/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so .. --18131-- .. CRC is valid --18131-- Reading syms from /lib/i386-linux-gnu/i686/cmov/libpthread-2.17.so --18131-- Considering /lib/i386-linux-gnu/i686/cmov/libpthread-2.17.so .. --18131-- .. CRC mismatch (computed 4c89323c wanted c5c5b103) --18131-- Considering /usr/lib/debug/lib/i386-linux-gnu/i686/cmov/libpthread-2.17.so .. --18131-- .. CRC is valid --18131-- Reading syms from /lib/i386-linux-gnu/i686/cmov/libnsl-2.17.so --18131-- Considering /lib/i386-linux-gnu/i686/cmov/libnsl-2.17.so .. --18131-- .. CRC mismatch (computed b0f25a42 wanted afc8d515) --18131-- Considering /usr/lib/debug/lib/i386-linux-gnu/i686/cmov/libnsl-2.17.so .. --18131-- .. CRC is valid --18131-- Reading syms from /lib/i386-linux-gnu/libselinux.so.1 --18131-- object doesn't have a symbol table --18131-- Reading syms from /lib/i386-linux-gnu/libaudit.so.1.0.0 --18131-- object doesn't have a symbol table --18131-- Reading syms from /lib/i386-linux-gnu/libcap.so.2.22 --18131-- object doesn't have a symbol table --18131-- Reading syms from /lib/i386-linux-gnu/i686/cmov/libc-2.17.so --18131-- Considering /lib/i386-linux-gnu/i686/cmov/libc-2.17.so .. --18131-- .. CRC mismatch (computed 077c2fb4 wanted 5387e7f2) --18131-- Considering /usr/lib/debug/lib/i386-linux-gnu/i686/cmov/libc-2.17.so .. --18131-- .. CRC is valid --18131-- Reading syms from /lib/i386-linux-gnu/libpcre.so.3.13.1 --18131-- Considering /lib/i386-linux-gnu/libpcre.so.3.13.1 .. --18131-- .. CRC mismatch (computed cdfdd34c wanted 80cd9b25) --18131-- object doesn't have a symbol table --18131-- Reading syms from /lib/i386-linux-gnu/i686/cmov/libdl-2.17.so --18131-- Considering /lib/i386-linux-gnu/i686/cmov/libdl-2.17.so .. --18131-- .. CRC mismatch (computed 06adbb74 wanted e17be163) --18131-- Considering /usr/lib/debug/lib/i386-linux-gnu/i686/cmov/libdl-2.17.so .. --18131-- .. CRC is valid --18131-- Reading syms from /lib/i386-linux-gnu/libattr.so.1.1.0 --18131-- object doesn't have a symbol table --18131-- REDIR: 0x4938eb0 (strnlen) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --18131-- REDIR: 0x493a420 (strncasecmp) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --18131-- REDIR: 0x493f650 (memrchr) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --18131-- REDIR: 0x4953e70 (wcslen) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --18131-- REDIR: 0x4938610 (strcmp) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --18131-- REDIR: 0x4939e30 (memmove) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --18131-- REDIR: 0x493a550 (memcpy) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --18131-- REDIR: 0x4939b00 (bcmp) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --18131-- REDIR: 0x493a1e0 (stpcpy) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --18131-- REDIR: 0x49386d0 (strcpy) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --18131-- REDIR: 0x4938400 (index) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --18131-- REDIR: 0x4938da0 (strlen) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --18131-- REDIR: 0x493a3d0 (strcasecmp) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --18131-- REDIR: 0x4939ef0 (memset) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --18131-- REDIR: 0x4939fa0 (mempcpy) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --18131-- REDIR: 0x4939000 (rindex) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --18131-- REDIR: 0x493b7a0 (rawmemchr) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --18131-- REDIR: 0x49528f0 (strstr) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --18131-- REDIR: 0x49523f0 (__GI_strstr) redirected to 0x482ebd0 (strstr) --18131-- REDIR: 0x4939050 (__GI_strrchr) redirected to 0x482b820 (__GI_strrchr) --18131-- REDIR: 0x4934390 (malloc) redirected to 0x4828ae0 (malloc) --18131-- REDIR: 0x4934790 (free) redirected to 0x4829d40 (free) --18131-- REDIR: 0x4938660 (__GI_strcmp) redirected to 0x482ca30 (__GI_strcmp) --18131-- REDIR: 0x4938df0 (__GI_strlen) redirected to 0x482bcc0 (__GI_strlen) --18131-- REDIR: 0x493fcf0 (__GI_strncmp) redirected to 0x482c1e0 (__GI_strncmp) --18131-- REDIR: 0x4938450 (__GI_strchr) redirected to 0x482b900 (__GI_strchr) --18131-- REDIR: 0x493b8c0 (strchrnul) redirected to 0x482e7a0 (strchrnul) --18131-- REDIR: 0x49fc490 (__strcmp_ssse3) redirected to 0x482c9f0 (strcmp) --18131-- REDIR: 0x493a240 (__GI_stpcpy) redirected to 0x482dd60 (__GI_stpcpy) --18131-- REDIR: 0x4934cb0 (calloc) redirected to 0x482aa60 (calloc) --18131-- Reading syms from /lib/i386-linux-gnu/i686/cmov/libnss_files-2.17.so --18131-- Considering /lib/i386-linux-gnu/i686/cmov/libnss_files-2.17.so .. --18131-- .. CRC mismatch (computed 01f002c7 wanted e5205ac4) --18131-- Considering /usr/lib/debug/lib/i386-linux-gnu/i686/cmov/libnss_files-2.17.so .. --18131-- .. CRC is valid --18131-- REDIR: 0x4a07790 (__strnlen_sse2) redirected to 0x482bc40 (strnlen) --18131-- REDIR: 0x4938730 (__GI_strcpy) redirected to 0x482bdc0 (__GI_strcpy) --18131-- REDIR: 0x4934840 (realloc) redirected to 0x482ac80 (realloc) --18131-- REDIR: 0x4951c60 (__GI___strcasecmp_l) redirected to 0x482c680 (__GI___strcasecmp_l) --18131-- REDIR: 0x493b7f0 (__GI___rawmemchr) redirected to 0x482e7f0 (__GI___rawmemchr) Wed 29 Jan 2014 23:42:38 CET - 18131: register trace file /etc/passwd for database passwd Wed 29 Jan 2014 23:42:38 CET - 18131: register trace file /etc/group for database group Wed 29 Jan 2014 23:42:38 CET - 18131: register trace file /etc/hosts for database hosts Wed 29 Jan 2014 23:42:38 CET - 18131: register trace file /etc/resolv.conf for database hosts Wed 29 Jan 2014 23:42:38 CET - 18131: register trace file /etc/services for database services Wed 29 Jan 2014 23:42:38 CET - 18131: register trace file /etc/netgroup for database netgroup --18131-- Reading syms from /lib/i386-linux-gnu/libnss_ldap.so.2 --18131-- REDIR: 0x4018450 (stpcpy) redirected to 0x482de50 (stpcpy) --18131-- Reading syms from /lib/i386-linux-gnu/i686/cmov/libnss_dns-2.17.so --18131-- Considering /lib/i386-linux-gnu/i686/cmov/libnss_dns-2.17.so .. --18131-- .. CRC mismatch (computed 42bf78ce wanted 6e477fd7) --18131-- Considering /usr/lib/debug/lib/i386-linux-gnu/i686/cmov/libnss_dns-2.17.so .. --18131-- .. CRC is valid --18131-- Reading syms from /lib/i386-linux-gnu/i686/cmov/libresolv-2.17.so --18131-- Considering /lib/i386-linux-gnu/i686/cmov/libresolv-2.17.so .. --18131-- .. CRC mismatch (computed fa68d5a3 wanted fd77f72e) --18131-- Considering /usr/lib/debug/lib/i386-linux-gnu/i686/cmov/libresolv-2.17.so .. --18131-- .. CRC is valid Wed 29 Jan 2014 23:42:39 CET - 18131: cannot create /var/cache/nscd/passwd; no persistent database used --18131-- REDIR: 0x49eeda0 (__memset_sse2) redirected to 0x482e190 (memset) Wed 29 Jan 2014 23:42:39 CET - 18131: cannot create /var/cache/nscd/group; no persistent database used Wed 29 Jan 2014 23:42:39 CET - 18131: cannot create /var/cache/nscd/hosts; no persistent database used Wed 29 Jan 2014 23:42:39 CET - 18131: cannot create /var/cache/nscd/services; no persistent database used Wed 29 Jan 2014 23:42:39 CET - 18131: cannot create /var/cache/nscd/netgroup; no persistent database used Wed 29 Jan 2014 23:42:43 CET - 18131: handle_request: request received (Version = 2) from PID 24212 Wed 29 Jan 2014 23:42:43 CET - 18131: GETFDNETGR Wed 29 Jan 2014 23:42:43 CET - 18131: handle_request: request received (Version = 2) from PID 24212 ==18131== Thread 8: ==18131== Conditional jump or move depends on uninitialised value(s) ==18131== at 0x4902B43: vfprintf (vfprintf.c:1649) ==18131== by 0x49BE117: __vsnprintf_chk (vsnprintf_chk.c:63) ==18131== by 0x116A38: dbg_log (stdio2.h:77) ==18131== by 0x10F4CE: nscd_run_worker (connections.c:1183) ==18131== by 0x483FCF0: start_thread (pthread_create.c:311) ==18131== by 0x49AAC3D: clone (clone.S:131) ==18131== Wed 29 Jan 2014 23:42:43 CET - 18131: GETNETGRENT (tst5netgroup) ==18131== Conditional jump or move depends on uninitialised value(s) ==18131== at 0x4902B43: vfprintf (vfprintf.c:1649) ==18131== by 0x49BE117: __vsnprintf_chk (vsnprintf_chk.c:63) ==18131== by 0x116A38: dbg_log (stdio2.h:77) ==18131== by 0x122FD6: addgetnetgrentX.isra.0 (netgroupcache.c:79) ==18131== by 0x123798: addgetnetgrent (netgroupcache.c:628) ==18131== by 0x10ECA8: nscd_run_worker (connections.c:1322) ==18131== by 0x483FCF0: start_thread (pthread_create.c:311) ==18131== by 0x49AAC3D: clone (clone.S:131) ==18131== Wed 29 Jan 2014 23:42:43 CET - 18131: Haven't found "tst5netgroup" in netgroup cache! --18131-- REDIR: 0x493fe20 (__strlen_sse2_bsf) redirected to 0x482bca0 (strlen) ==18131== Conditional jump or move depends on uninitialised value(s) ==18131== at 0x482BCB7: strlen (mc_replace_strmem.c:404) ==18131== by 0x1223FE: addgetnetgrentX.isra.0 (netgroupcache.c:95) ==18131== by 0x123798: addgetnetgrent (netgroupcache.c:628) ==18131== by 0x10ECA8: nscd_run_worker (connections.c:1322) ==18131== by 0x483FCF0: start_thread (pthread_create.c:311) ==18131== by 0x49AAC3D: clone (clone.S:131) ==18131== --18131-- REDIR: 0x49efeb0 (__memcpy_ssse3) redirected to 0x482d080 (memcpy) ==18131== Conditional jump or move depends on uninitialised value(s) ==18131== at 0x482BCB7: strlen (mc_replace_strmem.c:404) ==18131== by 0x50495B2: _nss_files_setnetgrent (files-netgrp.c:74) ==18131== by 0x12256C: addgetnetgrentX.isra.0 (netgroupcache.c:165) ==18131== by 0x123798: addgetnetgrent (netgroupcache.c:628) ==18131== by 0x10ECA8: nscd_run_worker (connections.c:1322) ==18131== by 0x483FCF0: start_thread (pthread_create.c:311) ==18131== by 0x49AAC3D: clone (clone.S:131) ==18131== --18131-- REDIR: 0x4938f50 (strncmp) redirected to 0x4823580 (_vgnU_ifunc_wrapper) --18131-- REDIR: 0x49fd900 (__strncmp_ssse3) redirected to 0x482c140 (strncmp) ==18131== Invalid read of size 1 ==18131== at 0x482BCA8: strlen (mc_replace_strmem.c:404) ==18131== by 0x1226B0: addgetnetgrentX.isra.0 (netgroupcache.c:205) ==18131== by 0x123798: addgetnetgrent (netgroupcache.c:628) ==18131== by 0x10ECA8: nscd_run_worker (connections.c:1322) ==18131== by 0x483FCF0: start_thread (pthread_create.c:311) ==18131== by 0x49AAC3D: clone (clone.S:131) ==18131== Address 0x0 is not stack'd, malloc'd or (recently) free'd ==18131== ==18131== ==18131== Process terminating with default action of signal 11 (SIGSEGV) ==18131== Access not within mapped region at address 0x0 ==18131== at 0x482BCA8: strlen (mc_replace_strmem.c:404) ==18131== by 0x1226B0: addgetnetgrentX.isra.0 (netgroupcache.c:205) ==18131== by 0x123798: addgetnetgrent (netgroupcache.c:628) ==18131== by 0x10ECA8: nscd_run_worker (connections.c:1322) ==18131== by 0x483FCF0: start_thread (pthread_create.c:311) ==18131== by 0x49AAC3D: clone (clone.S:131) ==18131== If you believe this happened as a result of a stack ==18131== overflow in your program's main thread (unlikely but ==18131== possible), you can try to increase the size of the ==18131== main thread stack using the --main-stacksize= flag. ==18131== The main thread stack size used in this run was 8388608. --18131-- Discarding syms at 0x5043a80-0x504aa0c in /lib/i386-linux-gnu/i686/cmov/libnss_files-2.17.so due to munmap() --18131-- Discarding syms at 0x5054220-0x505c86c in /lib/i386-linux-gnu/libnss_ldap.so.2 due to munmap() --18131-- Discarding syms at 0x5060c40-0x5063b96 in /lib/i386-linux-gnu/i686/cmov/libnss_dns-2.17.so due to munmap() --18131-- Discarding syms at 0x5069720-0x5075ef4 in /lib/i386-linux-gnu/i686/cmov/libresolv-2.17.so due to munmap() ==18131== ==18131== HEAP SUMMARY: ==18131== in use at exit: 1,099,308 bytes in 22 blocks ==18131== total heap usage: 189 allocs, 167 frees, 1,116,900 bytes allocated ==18131== ==18131== Searching for pointers to 22 not-freed blocks ==18131== Checked 9,580,832 bytes ==18131== ==18131== LEAK SUMMARY: ==18131== definitely lost: 0 bytes in 0 blocks ==18131== indirectly lost: 0 bytes in 0 blocks ==18131== possibly lost: 1,368 bytes in 9 blocks ==18131== still reachable: 1,097,940 bytes in 13 blocks ==18131== suppressed: 0 bytes in 0 blocks ==18131== Rerun with --leak-check=full to see details of leaked memory ==18131== ==18131== Use --track-origins=yes to see where uninitialised values come from ==18131== ERROR SUMMARY: 5 errors from 5 contexts (suppressed: 0 from 0) ==18131== ==18131== 1 errors in context 1 of 5: ==18131== Invalid read of size 1 ==18131== at 0x482BCA8: strlen (mc_replace_strmem.c:404) ==18131== by 0x1226B0: addgetnetgrentX.isra.0 (netgroupcache.c:205) ==18131== by 0x123798: addgetnetgrent (netgroupcache.c:628) ==18131== by 0x10ECA8: nscd_run_worker (connections.c:1322) ==18131== by 0x483FCF0: start_thread (pthread_create.c:311) ==18131== by 0x49AAC3D: clone (clone.S:131) ==18131== Address 0x0 is not stack'd, malloc'd or (recently) free'd ==18131== ==18131== ==18131== 1 errors in context 2 of 5: ==18131== Conditional jump or move depends on uninitialised value(s) ==18131== at 0x482BCB7: strlen (mc_replace_strmem.c:404) ==18131== by 0x50495B2: ??? ==18131== by 0x12256C: addgetnetgrentX.isra.0 (netgroupcache.c:165) ==18131== by 0x123798: addgetnetgrent (netgroupcache.c:628) ==18131== by 0x10ECA8: nscd_run_worker (connections.c:1322) ==18131== by 0x483FCF0: start_thread (pthread_create.c:311) ==18131== by 0x49AAC3D: clone (clone.S:131) ==18131== ==18131== ==18131== 1 errors in context 3 of 5: ==18131== Conditional jump or move depends on uninitialised value(s) ==18131== at 0x482BCB7: strlen (mc_replace_strmem.c:404) ==18131== by 0x1223FE: addgetnetgrentX.isra.0 (netgroupcache.c:95) ==18131== by 0x123798: addgetnetgrent (netgroupcache.c:628) ==18131== by 0x10ECA8: nscd_run_worker (connections.c:1322) ==18131== by 0x483FCF0: start_thread (pthread_create.c:311) ==18131== by 0x49AAC3D: clone (clone.S:131) ==18131== ==18131== ==18131== 1 errors in context 4 of 5: ==18131== Conditional jump or move depends on uninitialised value(s) ==18131== at 0x4902B43: vfprintf (vfprintf.c:1649) ==18131== by 0x49BE117: __vsnprintf_chk (vsnprintf_chk.c:63) ==18131== by 0x116A38: dbg_log (stdio2.h:77) ==18131== by 0x122FD6: addgetnetgrentX.isra.0 (netgroupcache.c:79) ==18131== by 0x123798: addgetnetgrent (netgroupcache.c:628) ==18131== by 0x10ECA8: nscd_run_worker (connections.c:1322) ==18131== by 0x483FCF0: start_thread (pthread_create.c:311) ==18131== by 0x49AAC3D: clone (clone.S:131) ==18131== ==18131== ==18131== 1 errors in context 5 of 5: ==18131== Conditional jump or move depends on uninitialised value(s) ==18131== at 0x4902B43: vfprintf (vfprintf.c:1649) ==18131== by 0x49BE117: __vsnprintf_chk (vsnprintf_chk.c:63) ==18131== by 0x116A38: dbg_log (stdio2.h:77) ==18131== by 0x10F4CE: nscd_run_worker (connections.c:1183) ==18131== by 0x483FCF0: start_thread (pthread_create.c:311) ==18131== by 0x49AAC3D: clone (clone.S:131) ==18131== ==18131== ERROR SUMMARY: 5 errors from 5 contexts (suppressed: 0 from 0) Killed# gdb /usr/src/eglibc-2.17/build-tree/i386-libc/nscd/nscd GNU gdb (GDB) 7.6.2 (Debian 7.6.2-1) Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i486-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /usr/src/eglibc-2.17/build-tree/i386-libc/nscd/nscd...done. (gdb) r -d Starting program: /usr/src/eglibc-2.17/build-tree/i386-libc/nscd/nscd -d warning: Could not load shared library symbols for linux-gate.so.1. Do you need "set solib-search-path" or "set sysroot"? [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/i386-linux-gnu/i686/cmov/libthread_db.so.1". Wed 29 Jan 2014 23:43:16 CET - 10158: register trace file /etc/passwd for database passwd Wed 29 Jan 2014 23:43:16 CET - 10158: register trace file /etc/group for database group Wed 29 Jan 2014 23:43:16 CET - 10158: register trace file /etc/hosts for database hosts Wed 29 Jan 2014 23:43:16 CET - 10158: register trace file /etc/resolv.conf for database hosts Wed 29 Jan 2014 23:43:16 CET - 10158: register trace file /etc/services for database services Wed 29 Jan 2014 23:43:16 CET - 10158: register trace file /etc/netgroup for database netgroup Wed 29 Jan 2014 23:43:16 CET - 10158: cannot create /var/cache/nscd/passwd; no persistent database used Wed 29 Jan 2014 23:43:16 CET - 10158: cannot create /var/cache/nscd/group; no persistent database used Wed 29 Jan 2014 23:43:16 CET - 10158: cannot create /var/cache/nscd/hosts; no persistent database used Wed 29 Jan 2014 23:43:16 CET - 10158: cannot create /var/cache/nscd/services; no persistent database used Wed 29 Jan 2014 23:43:16 CET - 10158: cannot create /var/cache/nscd/netgroup; no persistent database used [New Thread 0xf7a86b40 (LWP 25012)] [New Thread 0xf7985b40 (LWP 25085)] [New Thread 0xf7884b40 (LWP 25130)] [New Thread 0xf7783b40 (LWP 25161)] [New Thread 0xf7682b40 (LWP 25185)] [New Thread 0xf7581b40 (LWP 25229)] [New Thread 0xf7480b40 (LWP 25252)] [New Thread 0xf737fb40 (LWP 25284)] [New Thread 0xf727eb40 (LWP 25321)] Wed 29 Jan 2014 23:43:18 CET - 10158: handle_request: request received (Version = 2) from PID 2822 Wed 29 Jan 2014 23:43:18 CET - 10158: GETFDNETGR Wed 29 Jan 2014 23:43:18 CET - 10158: handle_request: request received (Version = 2) from PID 2822 Wed 29 Jan 2014 23:43:18 CET - 10158: GETNETGRENT (tst5netgroup) Wed 29 Jan 2014 23:43:18 CET - 10158: Haven't found "tst5netgroup" in netgroup cache! Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xf7480b40 (LWP 25252)] __strlen_sse2_bsf () at ../sysdeps/i386/i686/multiarch/strlen-sse2-bsf.S:50 50 ../sysdeps/i386/i686/multiarch/strlen-sse2-bsf.S: No such file or directory. (gdb) bt full #0 __strlen_sse2_bsf () at ../sysdeps/i386/i686/multiarch/strlen-sse2-bsf.S:50 No locals. #1 0x5656f6b1 in addgetnetgrentX (db=db@entry=0x565783f0 <dbs+944>, fd=fd@entry=11, key=key@entry=0xf747eecc "tst5netgroup", uid=uid@entry=4294967295, he=he@entry=0x0, dh=dh@entry=0x0, resultp=resultp@entry=0xf747ed0c, req=0xf747ed88, req=0xf747ed88) at netgroupcache.c:205 last = <optimized out> hostlen = 4 domainlen = <optimized out> bufused = 44 userlen = <optimized out> needed = <optimized out> nhost = 0xf747e7e8 "foo" nuser = 0x0 ndomain = 0x0 wp = <optimized out> e = -135225086 endfct = <optimized out> getfct = {<No data fields>} status = <optimized out> this_group = <optimized out> setfct = {<No data fields>} nip = 0x56579f98 no_more = <optimized out> timeout = <optimized out> dataset = <optimized out> cacheable = false total = <optimized out> key_copy = 0x0 data = {type = triple_val, val = {triple = {host = 0xf747e7e8 "foo", user = 0x0, domain = 0x0}, group = 0xf747e7e8 "foo"}, data = 0xf6e006b0 "(foo, , ) (bar, , ) tst6netgroup tst7netgroup\n", data_size = 512, { cursor = 0xf6e006b9 " (bar, , ) tst6netgroup tst7netgroup\n", position = 4141876921}, first = 0, known_groups = 0xf747ebd0, needed_groups = 0x0, nip = 0x0} buflen = 1024 buffilled = 40 buffer = 0xf747e7c0 "etgroup\" in netgroup cache!" nentries = 0 use_malloc = false group_len = 4148684776 first_needed = <optimized out> netgroup_database = 0x56579f98 #2 0x56570799 in addgetnetgrent (db=db@entry=0x565783f0 <dbs+944>, fd=fd@entry=11, req=req@entry=0xf747ed88, key=key@entry=0xf747eecc, uid=uid@entry=4294967295) at netgroupcache.c:628 ignore = 0x56577c80 #3 0x5655bca9 in handle_request (pid=2822, key=0xf747eebc, req=0xf747ed78, fd=11, uid=<optimized out>) at connections.c:1322 db = 0x565783f0 <dbs+944> uid = 4294967295 #4 nscd_run_worker (p=0x0) at connections.c:1792 keybuf = "tst5netgroup", '\000' <repeats 1011 times> fd = 11 pid = 2822 it = <optimized out> req = {version = 2, type = GETNETGRENT, key_len = 12} uid = 4294967295 buf = '\000' <repeats 255 times> #5 0xf7fc1cf1 in start_thread (arg=0xf7480b40) at pthread_create.c:311 __res = <optimized out> pd = 0xf7480b40 now = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {-134402048, 0, 4001536, -146275352, -514077644, -1989889995}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = { prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = 0 pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> __PRETTY_FUNCTION__ = "start_thread" #6 0xf7e93c3e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:131 No locals. (gdb)signature.asc
Description: This is a digitally signed message part
--- End Message ---
--- Begin Message ---Version: 2.18-1 On 2014-01-29 23:46, Arthur de Jong wrote: > Package: nscd > Version: 2.17-97 > Severity: important > > I can reasonably consistently crash nscd with netgroup lookups. Below is > the simplest configuration I can reproduce this with: > > /etc/nsswitch.conf: > netgroup: files > > /etc/netgroup : > tst5netgroup (foo, , ) (bar, , ) tst6netgroup tst7netgroup > tst7netgroup (baz, , ) > > (/etc/nscd.conf is attached, no /var/cache/nscd present) > > When running the following lookup nscd crashes. > > getent netgroup tst5netgroup > tst5netgroup (foo,,) (bar,,) (baz,,) > > Attached is output of running nscd under valgrind with just the one > lookup. I also built nscd from source (built 2.17-97, though not > particularly clean build environment and used built source directory to > run nscd) to get the debug symbols included. Attached also valgrind and > gdb output from the crashes with this version also. I have been able to reproduce the issue thanks to snapshot.debian.org. An upgrade of nscd to version 2.18-1 fixes the issue. The problem is very likely the same than upstream bug BZ 15577 [1], fixed by commit 50fd745b4dec07e8e213cf2703b5cabcfa128225 I am therefore closing this bug. Aurelien [1] https://sourceware.org/bugzilla/show_bug.cgi?id=15577 -- Aurelien Jarno GPG: 4096R/1DDD8C9B aurel...@aurel32.net http://www.aurel32.netsignature.asc
Description: PGP signature
--- End Message ---