|
Bugzilla – Full Text Bug Listing |
| Summary: | Test 3T/20T and 41 fails inside a %check and double free. | ||
|---|---|---|---|
| Product: | MyProxy | Reporter: | Steve Traylen <steve.traylen@cern.ch> |
| Component: | MyProxy | Assignee: | Jim Basney <jbasney@ncsa.uiuc.edu> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | ||
| Priority: | P3 | ||
| Version: | 5.3 | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | All | ||
http://cern.ch/steve.traylen/tmp/console.txt returns a 404 not found error.
http://cern.ch/steve.traylen/tmp/console.txt is good now thanks. Steve.
Fix for double free committed to CVS: http://lists.globus.org/pipermail/myproxy-commit/2011-February/000530.html
Thanks, The patch stops the stack trace happening. And I now also realize that if I use a clean X509_CERT_DIR with the <hash>.o and <hash>.singing_policy files only the failing 3 tests also now pass. It seems reasonable that the x509_CERT_DIR should be clean so from my point of view this is closed. I'll try and work the modifications I need to myproxy-test back into it as options and submit a patch for that separately shortly. thanks again. Steve.
MyProxy v5.4 released today includes the fix.
First I'm trying to do something odd and also I'll try and reproduce this in a traditional globus install rather than on EPEL globus and de-flavoured myproxy. I was trying to run myproxy-test inside a %check of rpm .spec file so the tests are run for all builds which makes sense. Essentially it's a case of running all in the same directory. ./configure make PATH=.:$PATH ./myproxy-test -startserver and my result is MyProxy Tests Complete: 52 tests passed, 3 tests failed However since this is typically executed in a minimal install (mock) I have to create a test CA, certificate and proxy first. So I was using: /configure make # Set up a CA. mkdir -p CA/private CA/newcerts CA/public sed 's|/etc/pki/||' /etc/pki/tls/openssl.cnf > CA/openssl.cnf touch CA/index.txt echo '01' > CA/serial openssl req -batch -subj '/cn=test ca' -config CA/openssl.cnf -new -x509 -extensions v3_ca -nodes -keyout CA/private/cakey.pem -out CA/cacert.pem -days 30 HASH=$(openssl x509 -in CA/cacert.pem -hash -noout) cp CA/cacert.pem CA/${HASH}.0 cat <<EOF > CA/${HASH}.signing_policy access_id_CA X509 '' pos_rights globus CA:sign cond_subjects globus '"/*"' EOF # Create a User Certificate. openssl req -batch -subj '/CN=test user' -config CA/openssl.cnf -new -nodes -keyout CA/userkey.pem -out CA/usercert.csr -days 365 openssl ca -batch -config CA/openssl.cnf -policy policy_anything -out CA/usercert.pem -infiles CA/usercert.csr chmod 600 CA/user*.pem # Create a GSI proxy. X509_USER_CERT=CA/usercert.pem X509_USER_KEY=CA/userkey.pem grid-proxy-init -debug # Do the tests... at last. X509_CERT_DIR=$(pwd)/CA PATH=.:$PATH ./myproxy-test -startserver these 3 tests fail MyProxy Test 3T (retrieve stored credential w/ trustroots): FAILED MyProxy Test 20T (retrieve stored credential w/ trustroots): FAILED MyProxy Test 41 (retrieve trustroots w/o authentication): FAILED and all 3 produce traces similar to: *** glibc detected *** /home/steve/rpmbuild/BUILD/myproxy-5.3/.libs/lt-myproxy-logon: double free or corruption (!prev): 0x0000000001429dc0 *** ======= Backtrace: ========= /lib64/libc.so.6[0x35ed676d63] /lib64/libc.so.6(fclose+0x155)[0x35ed665da5] /home/steve/rpmbuild/BUILD/myproxy-5.3/.libs/libmyproxy.so.5(myproxy_install_trusted_cert_files+0x1fd)[0x7f9381f3cc6d] /home/steve/rpmbuild/BUILD/myproxy-5.3/.libs/lt-myproxy-logon[0x402643] /lib64/libc.so.6(__libc_start_main+0xfd)[0x35ed61ee5d] /home/steve/rpmbuild/BUILD/myproxy-5.3/.libs/lt-myproxy-logon[0x401a39] The full build log and check log. (Note I already patched myproxy-test so that if myproxy-server fails to start it does not try again in debug mode which make no sense in a non-interactive build.) http://cern.ch/steve.traylen/tmp/rpmbuild-ba-myproxy-spec.txt Also attached is a console log where the stack traces appear. http://cern.ch/steve.traylen/tmp/console.txt As I say I'll try and produce this with typical vanilla globus install now. Also if this can be made to work it makes sense to then add a --generateproxy option to myproxy-tests.