Bug 32076

Summary: Segfault on shutdown if using comment=systemd.automount in fstab
Product: systemd Reporter: Franz Dietrich <enaut.w>
Component: generalAssignee: Lennart Poettering <lennart>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: medium CC: arvidjaar, rogutes, teg
Version: unspecified   
Hardware: Other   
OS: All   
Whiteboard:
i915 platform: i915 features:
Attachments: gdb backtrace of /core

Description Franz Dietrich 2010-12-03 03:05:55 UTC 
As Michael sugested it is probably better to track bugs with the bugtracker.

The Bug:
When shutting down my system stops with a Segfault right after the message "stopping remount-rootfs.service".

Trigger:
This always happens if I have an entry in the fstab with the option comment=systemd.automount. At least for me it only happens with that option and never happened without.

Expected:
Unmount everything cleanly and shutdown/restart.

Version of Systemd:
git commit 9bee76ee44a

Details and Context:
With Gentoo I had a nasty segfault on shutdown/reboot. I have not been able to track down the bug reasonably enough because while recompiling stuff with newer libs and Debug info I totally broke my system :(.

So I reinstalled it all by migrating from Gentoo to Exherbo.

Shutdown and Reboot worked quite well until I copied over the fstab from my old system.

I found out that it always crashes with this segfault when I have the option "comment=systemd.automount" on any drive (filesystem doesn't matter tested ntfs and ext4, Philantrop tested nfs). It doesn't matter if the automount was used and the drive is mounted or not and the drive is still unmounted.

I tried to use gdb to produce a backtrace but I'm still struggling with the debug symbols (help appreciated):

(gdb) bt
#0  0x00007f106a20bedb in raise () from /lib64/libpthread.so.0
#1  0x000000000040865b in crash ()
#2  <signal handler called>
#3  0x0000000000468236 in automount_check_gc ()
#4  0x00000000004606b5 in unit_add_to_gc_queue ()
#5  0x0000000000460851 in unit_free ()
#6  0x000000000040ac48 in manager_clear_jobs_and_units ()
#7  0x0000000000411adb in manager_free ()
#8  0x0000000000408cf4 in main ()

I hope this information is enough to debug that Segfault. With instructions I can provide further information.
enaut
Comment 1 Rogutės Sparnuotos 2010-12-05 05:13:45 UTC 
Created attachment 40812 [details]
gdb backtrace of /core

Confirming this with systemd-0.15 on x86_64. Backtrace attached.
Comment 2 Franz Dietrich 2010-12-05 08:33:32 UTC 
Well I'm on an 64Bit machine too.

$uname -a
Linux localhost 2.6.36.1 #1 SMP PREEMPT Mon Nov 22 22:27:59 UTC 2010 x86_64 GNU/Linux

despite the gentoo in the kernel string it's not really gentoo... (just the old config).

Another thing I realized: It does not help to deactivate the automount stuff.

I tried to systemctl stop [unit].automount and systemctl stop [unit].mount aswell as removing the fstab entry.having all that stuff done I think there should be almost nothing left. But on halt the segfault occurs.

Another appearance: If I do a systemctl daemon-reexec I had the segfault too.
Comment 3 Rogutės Sparnuotos 2010-12-08 03:26:58 UTC 
If my system is booted up with such a line in /etc/fstab (and no corresponding unit), then systemd segfaults on `systemctl poweroff`:
//pc/d  /mnt/d  cifs  noauto,guest,comment=systemd.automount  0  0

If the system is booted up without the 'comment=systemd.automount' fstab option, there are no segfaults.

Didn't see any `systemctl daemon-reexec` crashes.
Comment 4 Tom Gundersen 2010-12-29 05:37:15 UTC 
I can reproduce the bug in the following way:

Put "comment=systemd.automount" in fstab.
Access the directory so the volume is mounted.
Exit the directory and stop the .mount unit.
Do "systemctl daemon-reexec".

The segfault happens in automount_check_gc() when reading "a->mount".

I also see the problem on reboot/poweroff (but not as reproducible, maybe 60% of the time).
Comment 5 Lennart Poettering 2011-01-20 16:14:16 UTC 
Fixed now in git. Please verify!
Comment 6 Tom Gundersen 2011-01-21 05:25:20 UTC 
Brilliant, works here (after many, many boots) :-)

Thanks for fixing this.
Comment 7 Franz Dietrich 2011-01-21 10:26:09 UTC 
Works for me too thanks :)

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.