← Back to team overview

touch-packages team mailing list archive

[Bug 1347147] Re: krb5 database propagation enters infinite loop

 

Thank you for taking the time to report this bug and helping to make
Ubuntu better.

I don't follow all of the conversation here. Is it clear that the
workaround suggested (https://github.com/krb5/krb5/commit/26d8744129) is
still valid, should be applied to the version of krb5 in Utopic, will
fix the version in Utopic, won't introduce any regression, and will be
released by upstream? If someone can confirm these things, then we can
get it landed in Ubuntu.

Next, for Trusty, we need the steps in
https://wiki.ubuntu.com/StableReleaseUpdates#Procedure followed - in
particular, a test case that has exact steps to reproduce the problem
with a slave KDC so that the problem can be verified fixed with the new
proposed binary during stable verification testing, and an understanding
of impact to users and potential regression risk so that the SRU team
can make a decision about whether this fix is acceptable to SRU to
Trusty.

I understand that this is potentially difficult to reproduce and verify.
This is fine and we can be pragmatic about it, but if this is the case
then extra clarity around these issues would be appreciated. For
verification, we'll still want to exercise the code around the areas
changed to make sure that we haven't fundamentally broken anything, and
so a test case is still useful even if it comes with the caveat that it
may not always fail.

Setting to Triaged since upstream consider this a valid bug, and that's
good enough for me. I've not set Importance because it isn't clear to me
yet what proportion of production krb5-kdc slave users are or would
actually be affected.

** Changed in: krb5 (Ubuntu)
       Status: Confirmed => Triaged

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gcc-4.8 in Ubuntu.
https://bugs.launchpad.net/bugs/1347147

Title:
  krb5 database propagation enters infinite loop

Status in The GNU Compiler Collection:
  Unknown
Status in Network Authentication System:
  Unknown
Status in “gcc-4.8” package in Ubuntu:
  New
Status in “krb5” package in Ubuntu:
  Triaged

Bug description:
  In some conditions, propagating a kerberos database to a slave KDC server can stall.
  This is due to a misoptimization by gcc 4.8 of the CIRCLEQ famliy of macros, apparently due to overzealous strict aliasing deductions.

  One case of this stall is reported at
  http://mailman.mit.edu/pipermail/kerberos/2014-July/020007.html (and
  the rest of the thread), and there is an entry in the upstream
  bugtracker at http://krbdev.mit.edu/rt/Ticket/Display.html?id=7860 .

  gcc 4.9 (as used in Debian unstable at present) is not believed to
  induce this problem.  Upstream has patched their code to use the TAILQ
  family of macros instead, as a workaround, but that workaround has not
  yet appeared in an upstream release:
  https://github.com/krb5/krb5/commit/26d8744129

  Because of the different compiler versions used on Debian and Ubuntu,
  I am filing this as an Ubuntu-specific bug.

To manage notifications about this bug go to:
https://bugs.launchpad.net/gcc/+bug/1347147/+subscriptions


References