Description of problem: automount of a NFS directory will dump core Version-Release number of selected component (if applicable): 5.1.0-4 How reproducible: Always Steps to Reproduce: 1.Enable the /net entry in auto by removing the comment sign 2.try to list a NFS directory from /net/host 3.It will hang and there is a message in dmesg: automount[917]: segfault at 0 ip (null) sp 00007fef3bb164f8 error 14 Running automount from the command line with "automount -d -f" produces: % automount -d -f Starting automounter version 5.1.0, master map auto.master using kernel protocol version 5.02 lookup_nss_read_master: reading master files auto.master parse_init: parse(sun): init gathered global options: (null) lookup_read_master: lookup(file): read entry /net lookup_read_master: lookup(file): read entry +dir:/etc/auto.master.d lookup_nss_read_master: reading master dir /etc/auto.master.d lookup_read_master: lookup(dir): scandir: /etc/auto.master.d lookup_read_master: lookup(file): read entry +auto.master lookup_nss_read_master: reading master files auto.master parse_init: parse(sun): init gathered global options: (null) lookup_nss_read_master: reading master ldap auto.master parse_server_string: lookup(ldap): Attempting to parse LDAP information from string "auto.master". parse_server_string: lookup(ldap): mapname auto.master parse_ldap_config: lookup(ldap): ldap authentication configured with the following options: parse_ldap_config: lookup(ldap): use_tls: 0, tls_required: 0, auth_required: 1, sasl_mech: (null) parse_ldap_config: lookup(ldap): user: (null), secret: unspecified, client principal: (null) credential cache: (null) parse_init: parse(sun): init gathered global options: (null) do_bind: lookup(ldap): auth_required: 1, sasl_mech (null) do_bind: lookup(ldap): ldap simple bind returned 0 get_query_dn: lookup(ldap): query failed for (&(objectclass=nisMap)(nisMapName=auto.master)): No such object get_query_dn: lookup(ldap): query failed for (&(objectclass=automountMap)(ou=auto.master)): No such object get_query_dn: lookup(ldap): query failed for (&(objectclass=automountMap)(automountMapName=auto.master)): No such object lookup(ldap): failed to find valid query dn lookup(file): failed to read included master map auto.master master_do_mount: mounting /net automount_path_to_fifo: fifo name /run/autofs.fifo-net lookup_nss_read_map: reading map hosts (null) parse_init: parse(sun): init gathered global options: (null) lookup_read_map: lookup(hosts): read hosts map lookup_read_map: lookup(hosts): map not browsable, update existing host entries only mounted indirect on /net with timeout 300, freq 75 seconds st_ready: st_ready(): state = 0 path /net handle_packet: type = 3 handle_packet_missing_indirect: token 9, name backup, request pid 916 attempting to mount entry /net/backup lookup_mount: lookup(hosts): backup -> (null) get_exports: lookup(hosts): fetchng export list for backup Segmentation fault (core dumped) Reproducible: Steps to Reproduce:
Ran this under gdb and got the following backtrace, hope it helps..: #0 0x0000000000000000 in ?? () #1 0x00007ffff69316b5 in clnt_dg_call () from /lib64/libtirpc.so #2 0x00007ffff47612e4 in rpc_portmap_getport () from /usr/lib64/autofs/lookup_hosts.so #3 0x00007ffff4761cf7 in rpc_get_exports () from /usr/lib64/autofs/lookup_hosts.so #4 0x00007ffff475c9e5 in ?? () from /usr/lib64/autofs/lookup_hosts.so #5 0x00007ffff475d43b in lookup_mount () from /usr/lib64/autofs/lookup_hosts.so #6 0x000055555556e101 in do_name_lookup_mount (name_len=6, name=0x7ffff7fb9f10 "backup", map=0x5555557c8740, ap=0x5555557c8630) at lookup.c:979 #7 lookup_nss_mount (ap=ap@entry=0x5555557c8630, source=source@entry=0x0, name=name@entry=0x7ffff7fb9f10 "backup", name_len=6) at lookup.c:1132 #8 0x0000555555563dbb in do_mount_indirect (arg=<optimized out>) at indirect.c:772 #9 0x00007ffff7bc85bd in start_thread () from /lib64/libpthread.so.0 #10 0x00007ffff739b5cd in clone () from /lib64/libc.so.6
Ok, debugged this and found that rpc_get_export() returns a pointer to an exports structure that is on the stack !!! Typical error of inexperience... And might work with some compilers and sometime.... Patching the function with an additional "static" in front of the variable makes things work. Patch enclosed to the case.
Created attachment 6937 [details] Patch to fix returning a reference to the Åtack
CC: (none) => dag
Having a closer look at the (messy) code in rpc_get_exports() the reason I gave for the problem is wrong, so sorry for that. But the patch does work... I just don't know why.
Assignee: bugsquad => shlomif
@ Dag, Thank you for having taken the needed time to report this issue! Did this bug get fixed? If so, please change it's status to RESOLVED - FIXED If it didn't, then we regret that we weren't able to fix it in Mageia 5. Mageia 5 has officially reached its End of Life on December 31st, 2017 https://blog.mageia.org/en/2017/11/07/mageia-5-eol-postponed/ It only continued to get important security updates since then, because we are waiting for a big Plasma5 update in Mageia 6, that'll fix many of the Mageia 5 => 6 upgrade issues. If you haven't seen that this bug got fixed, then please check whether this bug still exists in Mageia 6. If it does, then please change the Version (near the top, at the left) to "6". If you know it exists in Cauldron, then change Version to Cauldron. If you see it in both Cauldron and Mageia 6, then please set version to Cauldron and add MGA6TOO on the Whiteboard. Thanks, Marja
CC: (none) => marja11Keywords: (none) => PATCH
Haven't seen the problem for quite a while now so I believe that it is fixed since my report.
Resolution: (none) => FIXEDStatus: NEW => RESOLVED