[Bug 1347147] Re: krb5 database operations enter infinite loop

Sam Hartman hartmans at debian.org
Thu Jul 31 16:03:58 UTC 2014 

** Description changed:

- In some conditions, propagating a kerberos database to a slave KDC server can stall.
+ In some conditions, propagating a kerberos database to a slave KDC server or performing other database operations can stall.  As we've investigated the issue, it looks like a database with more than a few hundred principals is very likely to run into this issue.
  This is due to a misoptimization by gcc 4.8 of the CIRCLEQ famliy of macros, apparently due to overzealous strict aliasing deductions.
  
  One case of this stall is reported at
  http://mailman.mit.edu/pipermail/kerberos/2014-July/020007.html (and the
  rest of the thread), and there is an entry in the upstream bugtracker at
  http://krbdev.mit.edu/rt/Ticket/Display.html?id=7860 .
  
  gcc 4.9 (as used in Debian unstable at present) is not believed to
  induce this problem.  Upstream has patched their code to use the TAILQ
  family of macros instead, as a workaround, but that workaround has not
  yet appeared in an upstream release:
  https://github.com/krb5/krb5/commit/26d8744129
  
+ A branch is linked including  this upstream work around and two other
+ patches to bugs already nominated for trusty applied to the krb5 in
+ trusty.  We believe the impact is significant because this is likely to
+ be a problem for sites with a large database running trusty.  The
+ regression potential is very small.  The upstream work around changes
+ from one family of queue macros that are stable and well-tested to
+ another.
+ 
+ For utopic, the simplest fix is to rebuild krb5 with the compiler
+ currently in utopic.  An alternative is to request that the Debian
+ maintainers (both monitoring this bug for such a request) upload the
+ upstream work around to Debian and sync that.  You could do an ubuntu-
+ specific upload but it seems undesirable to introduce a change between
+ Ubuntu and Debian when all the right parties are happy to avoid it.
+ 
  Because of the different compiler versions used on Debian and Ubuntu, I
  am filing this as an Ubuntu-specific bug.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/1347147

Title:
  krb5 database operations enter infinite loop

To manage notifications about this bug go to:
https://bugs.launchpad.net/gcc/+bug/1347147/+subscriptions

More information about the Ubuntu-server-bugs mailing list