7.4.5 FD segfault on OS without ACL support

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

7.4.5 FD segfault on OS without ACL support

Stuart Henderson
I tried posting this a few days ago via gmane but it didn't come through,
now retrying directly. Apologies if you get two copies.

I'm running 7.4.5 on OpenBSD, which doesn't have ACLs. I'm seeing a segfault
in the FD:

Thread 4 received signal SIGSEGV, Segmentation fault.
[Switching to thread 556104]
blast_data_to_storage_daemon (jcr=0x15d9b875a028, addr=<optimized out>) at backup.c:166
166        if (jcr->xacl->get_acl_nr_errors() > 0) {
(gdb) bt
#0  blast_data_to_storage_daemon (jcr=0x15d9b875a028, addr=<optimized out>) at backup.c:166
#1  0x000015d78a212d9b in backup_cmd (jcr=0x15d9b875a028) at job.c:2049
#2  0x000015d78a214547 in handle_director_request (dir=<optimized out>) at job.c:312
#3  handle_connection_request (caller=0x15da514a2628) at job.c:457
#4  0x000015da3c3fed79 in workq_server (arg=0x15d78a43aa00 <dir_workq>) at workq.c:326
#5  0x000015d9da9c23de in _rthread_start (v=0x0) at /usr/src/lib/librthread/rthread.c:114
#6  0x000015da447b24db in __tfork_thread () at /usr/src/lib/libc/arch/amd64/sys/tfork_thread.S:75
#7  0x0000000000000000 in ?? ()

It looks like it's just missing a null check before trying to dereference
the function pointer (backup.c:166, 170) like is done in 184?

  (gdb) list
  161      if (!find_files(jcr, (FF_PKT *)jcr->ff, save_file, plugin_save)) {
  162         ok = false;                     /* error */
  163         jcr->setJobStatus(JS_ErrorTerminated);
  164      }
  165
> 166      if (jcr->xacl->get_acl_nr_errors() > 0) {
  167         Jmsg(jcr, M_WARNING, 0, _("Had %ld acl errors while doing backup\n"), jcr->xacl->get_acl_nr_errors());
  168      }
  169
> 170      if (jcr->xacl->get_xattr_nr_errors() > 0) {
  (gdb) list
  171         Jmsg(jcr, M_WARNING, 0, _("Had %ld xattr errors while doing backup\n"), jcr->xacl->get_xattr_nr_errors());
  172      }
  173
  174      /* Delete or keep snapshots */
  175      close_snapshot_backup_session(jcr);
  176      close_vss_backup_session(jcr);
  177
  178      accurate_finish(jcr);              /* send deleted or base file list to SD */
  179
  180      stop_heartbeat_monitor(jcr);
  (gdb) list
  181
  182      sd->signal(BNET_EOD);            /* end of sending data */
  183
> 184      if (jcr->xacl) {
  185         delete(jcr->xacl);
  186         jcr->xacl = NULL;
  187      }
  188      if (jcr->big_buf) {
  189         bfree_and_null(jcr->big_buf);
  190      }

Thanks,
Stuart


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Bacula-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/bacula-devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: 7.4.5 FD segfault on OS without ACL support

Kern Sibbald
Hello,

Thanks for the report. I recommend that you submit it as a bug report to
avoid all chances of it getting lost.

The acl code was totally rewritten for this release, and and in looking
at the code, I see that there is no implementation at all for OpenBSD,
not even an empty implementation, which leads to the seg fault.

I will contact the author to see if he has a solution.  In the mean
time, I suggest that you comment out all
calls to jcr->xacl-> ...

Best regards,
Kern

On 02/20/2017 09:42 PM, Stuart Henderson wrote:

> I tried posting this a few days ago via gmane but it didn't come through,
> now retrying directly. Apologies if you get two copies.
>
> I'm running 7.4.5 on OpenBSD, which doesn't have ACLs. I'm seeing a segfault
> in the FD:
>
> Thread 4 received signal SIGSEGV, Segmentation fault.
> [Switching to thread 556104]
> blast_data_to_storage_daemon (jcr=0x15d9b875a028, addr=<optimized out>) at backup.c:166
> 166        if (jcr->xacl->get_acl_nr_errors() > 0) {
> (gdb) bt
> #0  blast_data_to_storage_daemon (jcr=0x15d9b875a028, addr=<optimized out>) at backup.c:166
> #1  0x000015d78a212d9b in backup_cmd (jcr=0x15d9b875a028) at job.c:2049
> #2  0x000015d78a214547 in handle_director_request (dir=<optimized out>) at job.c:312
> #3  handle_connection_request (caller=0x15da514a2628) at job.c:457
> #4  0x000015da3c3fed79 in workq_server (arg=0x15d78a43aa00 <dir_workq>) at workq.c:326
> #5  0x000015d9da9c23de in _rthread_start (v=0x0) at /usr/src/lib/librthread/rthread.c:114
> #6  0x000015da447b24db in __tfork_thread () at /usr/src/lib/libc/arch/amd64/sys/tfork_thread.S:75
> #7  0x0000000000000000 in ?? ()
>
> It looks like it's just missing a null check before trying to dereference
> the function pointer (backup.c:166, 170) like is done in 184?
>
>    (gdb) list
>    161      if (!find_files(jcr, (FF_PKT *)jcr->ff, save_file, plugin_save)) {
>    162         ok = false;                     /* error */
>    163         jcr->setJobStatus(JS_ErrorTerminated);
>    164      }
>    165
>> 166      if (jcr->xacl->get_acl_nr_errors() > 0) {
>    167         Jmsg(jcr, M_WARNING, 0, _("Had %ld acl errors while doing backup\n"), jcr->xacl->get_acl_nr_errors());
>    168      }
>    169
>> 170      if (jcr->xacl->get_xattr_nr_errors() > 0) {
>    (gdb) list
>    171         Jmsg(jcr, M_WARNING, 0, _("Had %ld xattr errors while doing backup\n"), jcr->xacl->get_xattr_nr_errors());
>    172      }
>    173
>    174      /* Delete or keep snapshots */
>    175      close_snapshot_backup_session(jcr);
>    176      close_vss_backup_session(jcr);
>    177
>    178      accurate_finish(jcr);              /* send deleted or base file list to SD */
>    179
>    180      stop_heartbeat_monitor(jcr);
>    (gdb) list
>    181
>    182      sd->signal(BNET_EOD);            /* end of sending data */
>    183
>> 184      if (jcr->xacl) {
>    185         delete(jcr->xacl);
>    186         jcr->xacl = NULL;
>    187      }
>    188      if (jcr->big_buf) {
>    189         bfree_and_null(jcr->big_buf);
>    190      }
>
> Thanks,
> Stuart
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
> _______________________________________________
> Bacula-devel mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/bacula-devel
>


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Bacula-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/bacula-devel
Loading...