Bug 1057781

Summary: [abrt] PackageKit: g_thread_unref(): packagekitd killed by SIGSEGV
Product: [Fedora] Fedora Reporter: Joachim Frieben <jfrieben>
Component: PackageKitAssignee: Richard Hughes <rhughes>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 22CC: fraph24, jonathan, klember, mclasen, rdieter, rhughes, smparrish
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
URL: https://retrace.fedoraproject.org/faf/reports/bthash/7001d07af60c641373f475cf72960dcf79192d46
Whiteboard: abrt_hash:416c2b74014eb2ea064fc776e4ebbf9565d27d86
Fixed In Version: PackageKit-1.0.9-1.fc22 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-09-15 20:11:45 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
File: backtrace
none
File: cgroup
none
File: core_backtrace
none
File: dso_list
none
File: environ
none
File: exploitable
none
File: limits
none
File: maps
none
File: open_fds
none
File: proc_pid_status
none
File: var_log_messages none

Description Joachim Frieben 2014-01-24 20:27:35 UTC 
Version-Release number of selected component:
PackageKit-0.8.16-1.fc21

Additional info:
reporter:       libreport-2.1.11
backtrace_rating: 4
cmdline:        /usr/libexec/packagekitd
crash_function: g_thread_unref
executable:     /usr/libexec/packagekitd
kernel:         3.14.0-0.rc0.git3.1.fc21.x86_64
runlevel:       3 5
type:           CCpp
uid:            0

Truncated backtrace:
Thread no. 1 (3 frames)
 #0 g_thread_unref at gthread.c:760
 #1 pk_backend_job_thread_setup at pk-backend-job.c:795
 #2 g_thread_proxy at gthread.c:798

Potential duplicate: bug 1048590
Comment 1 Joachim Frieben 2014-01-24 20:27:41 UTC 
Created attachment 855199 [details]
File: backtrace
Comment 2 Joachim Frieben 2014-01-24 20:27:44 UTC 
Created attachment 855200 [details]
File: cgroup
Comment 3 Joachim Frieben 2014-01-24 20:27:46 UTC 
Created attachment 855201 [details]
File: core_backtrace
Comment 4 Joachim Frieben 2014-01-24 20:27:49 UTC 
Created attachment 855202 [details]
File: dso_list
Comment 5 Joachim Frieben 2014-01-24 20:27:51 UTC 
Created attachment 855203 [details]
File: environ
Comment 6 Joachim Frieben 2014-01-24 20:27:53 UTC 
Created attachment 855204 [details]
File: exploitable
Comment 7 Joachim Frieben 2014-01-24 20:27:55 UTC 
Created attachment 855205 [details]
File: limits
Comment 8 Joachim Frieben 2014-01-24 20:27:57 UTC 
Created attachment 855206 [details]
File: maps
Comment 9 Joachim Frieben 2014-01-24 20:27:59 UTC 
Created attachment 855207 [details]
File: open_fds
Comment 10 Joachim Frieben 2014-01-24 20:28:01 UTC 
Created attachment 855208 [details]
File: proc_pid_status
Comment 11 Joachim Frieben 2014-01-24 20:28:03 UTC 
Created attachment 855209 [details]
File: var_log_messages
Comment 12 Jaroslav Reznik 2015-03-03 15:25:14 UTC 
This bug appears to have been reported against 'rawhide' during the Fedora 22 development cycle.
Changing version to '22'.

More information and reason for this action is here:
https://fedoraproject.org/wiki/Fedora_Program_Management/HouseKeeping/Fedora22
Comment 13 Matthias Clasen 2015-05-28 02:46:39 UTC 
This looks like a race in pk_backend_job_thread_create: pk_backend_job_thread_setup may run and try to free the thread object before g_thread_new has returned.

The fix should be simple: Just don't store the thread object inside the job; just do g_thread_unref (g_thread_new (...));
Comment 14 Kalev Lember 2015-06-08 23:43:33 UTC 
*** Bug 1048590 has been marked as a duplicate of this bug. ***
Comment 15 Kalev Lember 2015-09-07 23:45:40 UTC 
Thanks! Fixed upstream in https://github.com/hughsie/PackageKit/commit/c0d0481767a2b11ab0750d51474008a38a503a6e
Comment 16 Kalev Lember 2015-09-15 20:11:45 UTC 
Should be fixed in PackageKit-1.0.9-1.fc22