Bug 45529 - packagekitd[19607]: segfault at 8 ip 0000000008057124 sp 00000000ffff5b20 error 4 in packagekitd[8048000+49000]
Summary: packagekitd[19607]: segfault at 8 ip 0000000008057124 sp 00000000ffff5b20 err...
Status: RESOLVED FIXED
Alias: None
Product: PackageKit
Classification: Unclassified
Component: General (show other bugs)
Version: unspecified
Hardware: Other All
: medium normal
Assignee: Richard Hughes
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-02-02 02:07 UTC by Paul Menzel
Modified: 2012-03-12 11:43 UTC (History)
0 users

See Also:
i915 platform:
i915 features:

Attachments

Description Paul Menzel 2012-02-02 02:07:05 UTC 
Using PackageKit 0.7.2-3 from Debian Sid/unstable it seems to crash rather often since a long time. There is a message in the Linux kernel ring buffer about that.

        [18517.614833] packagekitd[15743]: segfault at 8 ip 0000000008057124 sp 00000000ffe577a0 error 4 in packagekitd[8048000+49000]
        [18921.802652] packagekitd[26960]: segfault at 8 ip 0000000008057124 sp 00000000fff569c0 error 4 in packagekitd[8048000+49000]
        [22110.984904] packagekitd[31607]: segfault at 8 ip 0000000008057124 sp 00000000ffe1a130 error 4 in packagekitd[8048000+49000]
        [25093.355277] hda-intel: IRQ timing workaround is activated for card #0. Suggest a bigger bdl_pos_adj.
        [27830.366700] packagekitd[19607]: segfault at 8 ip 0000000008057124 sp 00000000ffff5b20 error 4 in packagekitd[8048000+49000]

Trying to debug it using the instructions from [1] I could reproduce the
crash but I had not debugging symbols installed. Installing those doing
`sudo aptitude install packagekit-dbg` I could only reproduce this after
two tries and captured the following backtrace.

        $ sudo -s
        # killall packagekitd
        packagekitd: Kein Prozess gefunden
        # gdb /usr/lib/packagekit/packagekitd
        GNU gdb (GDB) 7.3-debian
        Copyright (C) 2011 Free Software Foundation, Inc.
        License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
        This is free software: you are free to change and redistribute it.
        There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
        and "show warranty" for details.
        This GDB was configured as "i486-linux-gnu".
        For bug reporting instructions, please see:
        <http://www.gnu.org/software/gdb/bugs/>...
        Reading symbols from /usr/lib/packagekit/packagekitd...(no debugging symbols found)...done.
        (gdb) run
        Starting program: /usr/lib/packagekit/packagekitd 
        [Thread debugging using libthread_db enabled]
        [New Thread 0xf762fb70 (LWP 21963)]
        [New Thread 0xf6e2eb70 (LWP 21967)]
        [New Thread 0xf64ffb70 (LWP 21968)]
        [Thread 0xf6e2eb70 (LWP 21967) exited]
        [New Thread 0xf6e2eb70 (LWP 22352)]
        [Thread 0xf6e2eb70 (LWP 22352) exited]
        [Thread 0xf762fb70 (LWP 21963) exited]
        [Thread 0xf64ffb70 (LWP 21968) exited]
        [Inferior 1 (process 21687) exited normally]
        Starting program: /usr/lib/packagekit/packagekitd 
        [Thread debugging using libthread_db enabled]
        [New Thread 0xf762fb70 (LWP 7546)]
        [New Thread 0xf6e2eb70 (LWP 7547)]
        [New Thread 0xf662db70 (LWP 7548)]
        [New Thread 0xf5e2cb70 (LWP 7549)]
        [Thread 0xf6e2eb70 (LWP 7547) exited]
        
        Program received signal SIGSEGV, Segmentation fault.
        0x08057124 in pk_dbus_init (dbus=0x80a3240) at pk-dbus.c:313
        313	pk-dbus.c: Datei oder Verzeichnis nicht gefunden.
        	in pk-dbus.c
        
        Thread 5 (Thread 0xf5e2cb70 (LWP 7549)):
        #0  0xf7fe0425 in __kernel_vsyscall ()
        No symbol table info available.
        #1  0xf7b8a703 in pthread_cond_timedwait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_timedwait.S:236
        No locals.
        #2  0xf7ce1241 in g_cond_timed_wait_posix_impl (cond=0x80b7f98, entered_mutex=0x80a2060, abs_time=0xf5e2c2c8)
            at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./gthread/gthread-posix.c:242
                result = <optimized out>
                end_time = {tv_sec = 1328130912, tv_nsec = 780723000}
                timed_out = <optimized out>
                __PRETTY_FUNCTION__ = "g_cond_timed_wait_posix_impl"
        #3  0xf7bf2bf0 in g_async_queue_pop_intern_unlocked (queue=0x80a5788, try=<optimized out>, end_time=0xf5e2c2c8)
            at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./glib/gasyncqueue.c:415
                retval = <optimized out>
                __PRETTY_FUNCTION__ = "g_async_queue_pop_intern_unlocked"
        #4  0xf7bf35ae in g_async_queue_timed_pop (queue=0x80a5788, end_time=0xf5e2c2c8)
            at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./glib/gasyncqueue.c:536
                retval = <optimized out>
                __PRETTY_FUNCTION__ = "g_async_queue_timed_pop"
        #5  0xf7c4a13b in g_thread_pool_wait_for_new_pool () at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./glib/gthreadpool.c:175
                end_time = {tv_sec = 1328130912, tv_usec = 780723}
                pool = <optimized out>
                local_max_idle_time = 15000
                local_wakeup_thread_serial = <optimized out>
                local_max_unused_threads = 2
                last_wakeup_thread_serial = 0
                have_relayed_thread_marker = 0
        #6  g_thread_pool_thread_proxy (data=0x80a5728) at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./glib/gthreadpool.c:378
                free_pool = <optimized out>
                task = 0x2
                pool = <optimized out>
        #7  0xf7c47dd4 in g_thread_create_proxy (data=0x80ab2d0) at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./glib/gthread.c:1962
                thread = 0x80ab2d0
                __PRETTY_FUNCTION__ = "g_thread_create_proxy"
        #8  0xf7b85c39 in start_thread (arg=0xf5e2cb70) at pthread_create.c:304
                __res = <optimized out>
                __ignore1 = <optimized out>
                __ignore2 = <optimized out>
                pd = 0xf5e2cb70
                now = <optimized out>
                unwind_buf = {cancel_jmp_buf = {{jmp_buf = {-138846220, 0, 4001536, -169688008, -1703736656, 793622708}, mask_was_saved = 0}}, priv = {pad = {0x0, 
                      0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
                not_first_call = <optimized out>
                freesize = <optimized out>
                __PRETTY_FUNCTION__ = "start_thread"
        #9  0xf7af212e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130
        No locals.
        Backtrace stopped: Not enough registers or memory available to unwind further
        
        Thread 4 (Thread 0xf662db70 (LWP 7548)):
        #0  0xf7fe0425 in __kernel_vsyscall ()
        No symbol table info available.
        #1  0xf7ae4746 in *__GI___poll (fds=0xf7b7aff4, nfds=3, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:87
                resultvar = <optimized out>
                oldtype = 0
                result = <optimized out>
        #2  0xf7c2fafb in g_poll (fds=0x80aafb0, nfds=3, timeout=-1) at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./glib/gpoll.c:132
        No locals.
        #3  0xf7c21076 in g_main_context_poll (n_fds=3, fds=0x80aafb0, timeout=<optimized out>, context=0x80aa5b0, priority=<optimized out>)
            at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./glib/gmain.c:3391
                poll_func = 0xf7c2fad0 <g_poll>
        #4  g_main_context_iterate (context=0x80aa5b0, block=-138216752, dispatch=1, self=<optimized out>)
            at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./glib/gmain.c:3071
                max_priority = 2147483647
                timeout = -1
                some_ready = <optimized out>
                nfds = 3
                allocated_nfds = <optimized out>
                fds = 0x80aafb0
        #5  0xf7c2177b in g_main_loop_run (loop=0x80aa5a0) at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./glib/gmain.c:3284
                __PRETTY_FUNCTION__ = "g_main_loop_run"
        #6  0xf7dff59a in gdbus_shared_thread_func (user_data=0x80a66f0) at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./gio/gdbusprivate.c:276
                data = 0x80a66f0
        #7  0xf7c47dd4 in g_thread_create_proxy (data=0x80ac228) at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./glib/gthread.c:1962
                thread = 0x80ac228
                __PRETTY_FUNCTION__ = "g_thread_create_proxy"
        #8  0xf7b85c39 in start_thread (arg=0xf662db70) at pthread_create.c:304
                __res = <optimized out>
                __ignore1 = <optimized out>
                __ignore2 = <optimized out>
                pd = 0xf662db70
                now = <optimized out>
                unwind_buf = {cancel_jmp_buf = {{jmp_buf = {-138846220, 0, 4001536, -161295304, -1705833801, 793622708}, mask_was_saved = 0}}, priv = {pad = {0x0, 
                      0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
                not_first_call = <optimized out>
                freesize = <optimized out>
                __PRETTY_FUNCTION__ = "start_thread"
        #9  0xf7af212e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130
        No locals.
        Backtrace stopped: Not enough registers or memory available to unwind further
        
        Thread 2 (Thread 0xf762fb70 (LWP 7546)):
        #0  0xf7fe0425 in __kernel_vsyscall ()
        No symbol table info available.
        #1  0xf7b8d33b in read () at ../sysdeps/unix/syscall-template.S:82
        No locals.
        #2  0xf7c1c60b in unix_signal_helper_thread (data=0x0) at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./glib/gmain.c:4542
                i = <optimized out>
                bytes_read = <optimized out>
                b = "\000\000\000\000\220\226z\367\005\000\000\000\000\000\000\000\001\000\000\000PK\316\367", '\000' <repeats 32 times>, " \363b\367\330\362b\367\344\362b\367\000\000\000\000PK\316\367\000\000\000\000\000\000\000\000'\263\270\367\060%\270\367\000\000\000\000\350\362b\367\002ϸ\367\350\362b\367rи\367\000\000\000\000\000\000\000\000\364_\271\367\v\226\270", <incomplete sequence \367>
                sigterm_received = 0
                sigint_received = 0
                sighup_received = 0
        #3  0xf7c47dd4 in g_thread_create_proxy (data=0x809af30) at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./glib/gthread.c:1962
                thread = 0x809af30
                __PRETTY_FUNCTION__ = "g_thread_create_proxy"
        #4  0xf7b85c39 in start_thread (arg=0xf762fb70) at pthread_create.c:304
                __res = <optimized out>
                __ignore1 = <optimized out>
                __ignore2 = <optimized out>
                pd = 0xf762fb70
                now = <optimized out>
                unwind_buf = {cancel_jmp_buf = {{jmp_buf = {-138846220, 0, 4001536, -144509896, -1710028107, 793622708}, mask_was_saved = 0}}, priv = {pad = {0x0, 
                      0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
                not_first_call = <optimized out>
                freesize = <optimized out>
                __PRETTY_FUNCTION__ = "start_thread"
        #5  0xf7af212e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130
        No locals.
        Backtrace stopped: Not enough registers or memory available to unwind further
        
        Thread 1 (Thread 0xf77a7720 (LWP 7503)):
        #0  0x08057124 in pk_dbus_init (dbus=0x80a3240) at pk-dbus.c:313
                error = 0x0
        #1  0xf7d1b60e in g_type_create_instance (type=134988536) at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./gobject/gtype.c:1892
                node = 0x80bc2f8
                instance = 0x80a3240
                class = 0x80bb930
                i = <optimized out>
                total_size = 0
        #2  0xf7cfab6b in g_object_constructor (type=134988536, n_construct_properties=0, construct_params=0x0)
            at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./gobject/gobject.c:1629
                object = <optimized out>
        #3  0xf7cfdcd9 in g_object_newv (object_type=134988536, n_parameters=0, parameters=0x0)
            at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./gobject/gobject.c:1412
                cparams = 0x0
                oparams = 0x0
                nqueue = 0x0
                object = <optimized out>
                class = 0x80bb930
                unref_class = 0x80bb930
                slist = 0x0
                n_total_cparams = <optimized out>
                n_cparams = 0
                n_oparams = 0
                n_cvalues = <optimized out>
                cvalues = <optimized out>
                clist = <optimized out>
                newly_constructed = <optimized out>
                i = <optimized out>
                __PRETTY_FUNCTION__ = "g_object_newv"
        #4  0xf7cfe848 in g_object_new (object_type=134988536, first_property_name=0x0)
            at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./gobject/gobject.c:1322
                object = <optimized out>
                var_args = <optimized out>
                __PRETTY_FUNCTION__ = "g_object_new"
        #5  0x080578e5 in pk_dbus_new () at pk-dbus.c:360
        No locals.
        #6  0x0807236e in pk_engine_init (engine=0x80b8810) at pk-engine.c:1748
                ret = <optimized out>
                filename = <optimized out>
                root = <optimized out>
                proxy_http = <optimized out>
                proxy_https = <optimized out>
                proxy_ftp = <optimized out>
                proxy_socks = <optimized out>
                no_proxy = <optimized out>
                pac = <optimized out>
                error = 0x0
        #7  0xf7d1b60e in g_type_create_instance (type=134921960) at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./gobject/gtype.c:1892
                node = 0x80abee8
                instance = 0x80b8810
                class = 0x80b3a98
                i = <optimized out>
                total_size = 0
        #8  0xf7cfab6b in g_object_constructor (type=134921960, n_construct_properties=0, construct_params=0x0)
            at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./gobject/gobject.c:1629
                object = <optimized out>
        #9  0xf7cfdcd9 in g_object_newv (object_type=134921960, n_parameters=0, parameters=0x0)
            at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./gobject/gobject.c:1412
                cparams = 0x0
                oparams = 0x0
                nqueue = 0x0
                object = <optimized out>
                class = 0x80b3a98
                unref_class = 0x80b3a98
                slist = 0x0
                n_total_cparams = <optimized out>
                n_cparams = 0
                n_oparams = 0
                n_cvalues = <optimized out>
                cvalues = <optimized out>
                clist = <optimized out>
                newly_constructed = <optimized out>
                i = <optimized out>
                __PRETTY_FUNCTION__ = "g_object_newv"
        #10 0xf7cfe848 in g_object_new (object_type=134921960, first_property_name=0x0)
            at /build/buildd-glib2.0_2.30.2-6-i386-6DwKmX/glib2.0-2.30.2/./gobject/gobject.c:1322
                object = <optimized out>
                var_args = <optimized out>
                __PRETTY_FUNCTION__ = "g_object_new"
        #11 0x08074c09 in pk_engine_new () at pk-engine.c:1916
                engine = <optimized out>
        #12 0x08054b0d in main (argc=1, argv=0xffffd834) at pk-main.c:263
                ret = <optimized out>
                disable_timer = 0
                version = 0
                use_daemon = 0
                timed_exit = 0
                immediate_exit = 0
                keep_environment = 0
                do_logging = <optimized out>
                backend_name = 0x809d000 "aptcc"
                backend_names = 0x809d020
                i = <optimized out>
                engine = 0x0
                backend = 0x809f090
                conf = 0x8093848
                syslog = 0x80938a8
                error = 0x0
                context = <optimized out>
                timer_id = 0
                options = {{long_name = 0x8084c62 "backend", short_name = 0 '\000', flags = 0, arg = G_OPTION_ARG_STRING, arg_data = 0xffffd768, 
                    description = 0x807c608 "Packaging backend to use, e.g. dummy", arg_description = 0x0}, {long_name = 0x807c456 "daemonize", 
                    short_name = 0 '\000', flags = 0, arg = G_OPTION_ARG_NONE, arg_data = 0xffffd758, 
                    description = 0x807c630 "Daemonize and detach from the terminal", arg_description = 0x0}, {long_name = 0x807c460 "disable-timer", 
                    short_name = 0 '\000', flags = 0, arg = G_OPTION_ARG_NONE, arg_data = 0xffffd750, description = 0x807c46e "Disable the idle timer", 
                    arg_description = 0x0}, {long_name = 0x807c485 "version", short_name = 0 '\000', flags = 0, arg = G_OPTION_ARG_NONE, arg_data = 0xffffd754, 
                    description = 0x807c48d "Show version and exit", arg_description = 0x0}, {long_name = 0x807c4a3 "timed-exit", short_name = 0 '\000', flags = 0, 
                    arg = G_OPTION_ARG_NONE, arg_data = 0xffffd75c, description = 0x807c4ae "Exit after a small delay", arg_description = 0x0}, {
                    long_name = 0x807c4c7 "immediate-exit", short_name = 0 '\000', flags = 0, arg = G_OPTION_ARG_NONE, arg_data = 0xffffd760, 
                    description = 0x807c658 "Exit after the engine has loaded", arg_description = 0x0}, {long_name = 0x807c4d6 "keep-environment", 
                    short_name = 0 '\000', flags = 0, arg = G_OPTION_ARG_NONE, arg_data = 0xffffd764, description = 0x807c67c "Don't clear environment on startup", 
                    arg_description = 0x0}, {long_name = 0x0, short_name = 0 '\000', flags = 0, arg = G_OPTION_ARG_NONE, arg_data = 0x0, description = 0x0, 
                    arg_description = 0x0}}
        A debugging session is active.
        
        	Inferior 1 [process 7503] will be killed.
        
        Quit anyway? (y or n)

This is report #658293 in the Debian BTS [2] from where I copied the message.


[1] https://bugs.launchpad.net/ubuntu/+source/packagekit/+bug/696686
[2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=658293
Comment 1 Matthias Klumpp 2012-03-05 17:04:10 UTC 
Hi!
Is this bug still valid? There have been some patches in master (which are now in the recent PackageKit 0.7.3 release) which might already have fixed this issue.
Regards,
    Matthias
Comment 2 Paul Menzel 2012-03-08 14:17:15 UTC 
(In reply to comment #1)
> Is this bug still valid? There have been some patches in master (which are now
> in the recent PackageKit 0.7.3 release) which might already have fixed this
> issue.

As far as I could see this issue is fixed in Debian package version 0.7.2-4 und also 0.7.3-1. The changelog for 0.7.2-4 contains the following entry but did not mark the bug as closed.

    * Don't crash if D-Bus is not available

Upstream commit 01935469 [1] seems to be the fix. 

Strangely despite this upgrade happened on February 17th searching for `segfault` in `/var/log/kern*`

    $ zgrep -i segfault /var/log/kern.*

only showed up hits for packagekit segfaulting last time on February 1st. So it might be some other D-Bus issue caused this error and now it was fixed too. Executing

    $ zgrep -i "cannot connect to the system bus" /var/log/*

did not find any matches which supports the above theory.


[1] https://gitorious.org/packagekit/packagekit/commit/01935469067747e6c0093988780d8a593837fee3
Comment 3 Matthias Klumpp 2012-03-12 11:43:41 UTC 
This one had to be a D-Bus issue ^^ We (Richard) imrpved the error handling of the daemon, so it exits without too much noise if there are D-Bus problems.
Thanks you for this report, I marked the Debian bug as fixed too!
Cheers,
    Matthias

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.