[Bug 1602264] Re: libvirtd crashes with double free or corruption (out)
Olaf Seibert
1602264 at bugs.launchpad.net
Fri Apr 16 11:44:09 UTC 2021
It is my opinion at this time that the bug is really in glibc. These
functions like _nss_extrausers_endgrent() must share state from call to
call, and therefore cannot possibly be thread safe.
Unfortunately, the fix with making the shared state thread-local could
probably make problems for callers which try to be careful when using
these functions, but still take into account the globally shared state
(which isn't global any more with the patch). For instance, if one
thread calls _nss_extrausers_setgrent() under some lock, and another
thread later calls _nss_extrausers_endgrent() under some lock, this
would reasonably be expected to work, but it won't with the thread-local
state.
The getgrouplist() is documented as thread safe, while it calls these functions without locking.
I think the fix should be made in glibc by adding appropriate locking there.
I have filed a report for glibc:
https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1923738
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to libnss-extrausers in Ubuntu.
https://bugs.launchpad.net/bugs/1602264
Title:
libvirtd crashes with double free or corruption (out)
Status in libnss-extrausers package in Ubuntu:
Confirmed
Bug description:
I saw libvirtd crash with the attached error when someone tried to
start a VM via openstack nova.
Anyone with hints howto debug this further?
Thanks,
Tom
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libnss-extrausers/+bug/1602264/+subscriptions
More information about the foundations-bugs
mailing list