Project

General

Profile

Bug #12196

fmadm faulty NULL pointer dereference

Added by Hans Rosenfeld about 1 month ago.

Status:
New
Priority:
Normal
Category:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Difficulty:
Bite-size
Tags:

Description

We ran "fmadm faulty" on a customer system, and it died with a segmentation fault after printing a single fault header. It died in print_sup_record() when dereferencing status_record_t`host, which was NULL. The "suspect" nvlists obtained from the fmadm core revealed that the host id is parsed from the FMRI "authority", which is expected to be in the "de" sub-list of the suspect list. If everything is as expected, this is what it looks like:

> 0x81df248::nvlist
version=00
class='list.suspect'
uuid='aef06f82-fe7e-4bc3-cac5-ec1e9562d9ee'
code='PCIEX-8000-0A'
diag-time=000000005c4f38dd.0000000000084e48
de
    version=00
    scheme='fmd'
    authority
        version=00
        product-id='PowerEdge-R740xd'
        chassis-id='FL991T2'
        server-id='GRRSDCDN001'
    mod-name='eft'
    mod-version='1.16'
fault-list-sz=00000001
fault-list[0]
...

In the case where no host id was generated, the "de" sublist was empty:

ersion=00
class='list.suspect'
uuid='af168faf-46a0-cdb0-e82b-ed38f470f7f8'
code='PCIEX-8000-0A'
diag-time=000000005deaa1c5.000000000004139f
de
fault-list-sz=00000005
fault-list[0]
...

It would be interesting to know why "de" is empty, but in any case we have to conclude that fmadm cannot blindly rely on a host id being present.

Also available in: Atom PDF