Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 150739 - cupsd segfaults (dbus)
cupsd segfaults (dbus)
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: cups (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Tim Waugh
:
: 150767 150824 150845 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-03-09 22:14 EST by Bill Nottingham
Modified: 2014-03-16 22:52 EDT (History)
6 users (show)

See Also:
Fixed In Version: 1.1.23-14
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-03-10 09:20:05 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Bill Nottingham 2005-03-09 22:14:39 EST 
Description of problem:

# service cups start
Starting cups: cupsd: Child exited on signal 11!
                                                           [FAILED]

Version-Release number of selected component (if applicable):

# rpm -q cups dbus
cups-1.1.23-13
dbus-0.31-2

How reproducible:

Every time

Steps to Reproduce:
1. See above
  
strace shows...

...
3936  socket(PF_FILE, SOCK_STREAM, 0)   = 2
3936  connect(2, {sa_family=AF_FILE,
path="/var/run/dbus/system_bus_socket"}, 110) = 0
3936  fcntl64(2, F_GETFL)               = 0x2 (flags O_RDWR)
3936  fcntl64(2, F_SETFL, O_RDWR|O_NONBLOCK) = 0
3936  fcntl64(2, F_GETFD)               = 0
3936  fcntl64(2, F_SETFD, FD_CLOEXEC)   = 0
3936  getuid32()                        = 0
3936  rt_sigaction(SIGPIPE, {SIG_IGN}, {SIG_DFL}, 8) = 0
3936  poll([{fd=2, events=POLLOUT, revents=POLLOUT}], 1, 0) = 1
3936  write(2, "\0", 1)                 = 1
3936  write(2, "AUTH EXTERNAL 30\r\n", 18) = 18
3936  poll([{fd=2, events=POLLIN, revents=POLLIN}], 1, -1) = 1
3936  read(2, "OK\r\n", 2048)           = 4
3936  poll([{fd=2, events=POLLOUT, revents=POLLOUT}], 1, -1) = 1
3936  write(2, "BEGIN\r\n", 7)          = 7
3936  poll([{fd=2, events=POLLIN|POLLOUT, revents=POLLOUT}], 1, -1) = 1
3936  writev(2,
[{"l\1\0\1\0\0\0\0\1\0\0\0n\0\0\0\1\1o\0\25\0\0\0/org/fre"..., 128},
{"", 0}], 2) = 128
3936  gettimeofday({1110424069, 211329}, NULL) = 0
3936  poll([{fd=2, events=POLLIN, revents=POLLIN}], 1, 25000) = 1
3936  read(2,
"l\2\1\1\n\0\0\0\1\0\0\0=\0\0\0\6\1s\0\5\0\0\0:1.23\0\0"..., 2048) = 260
3936  read(2, 0x8a60838, 2048)          = -1 EAGAIN (Resource
temporarily unavailable)
3936  --- SIGSEGV (Segmentation fault) @ 0 (0) ---

Will attept to get a gdb backtrace.
Comment 1 Bill Nottingham 2005-03-09 22:15:19 EST 
Program received signal SIGSEGV, Segmentation fault.
0x0034ea6b in strlen () from /lib/tls/libc.so.6
(gdb) bt
#0  0x0034ea6b in strlen () from /lib/tls/libc.so.6
#1  0x002bdc42 in marshal_string (str=0x6c797473, insert_at=1819898995,
    value=0x6c797473 <Address 0x6c797473 out of bounds>,
    byte_order=-1074363444, pos_after=0xbff683cc) at
dbus-marshal-basic.c:808
#2  0x00298cee in _dbus_type_writer_write_basic_no_typecode (
    writer=0xbff683cc, type=1819898995, value=0x6c797473)
    at dbus-marshal-recursive.c:1682
#3  0x002999b2 in _dbus_type_writer_write_basic (writer=0xbff682ac,
type=115,
    value=0x6c797473) at dbus-marshal-recursive.c:2387
#4  0x0029f4fc in dbus_message_iter_append_basic (iter=0xbff682a4,
type=115,
    value=0xbff683cc) at dbus-message.c:2087
#5  0x0079d4bf in dbus_broadcast_printer_added (
    printer_name=0x6c797473 <Address 0x6c797473 out of bounds>) at
main.c:200
#6  0x007b4a46 in AddPrinter (name=Variable "name" is not available.
) at printers.c:147
#7  0x007b7518 in LoadAllPrinters () at printers.c:887
#8  0x00799b84 in ReadConfiguration () at conf.c:687
#9  0x0079dc8f in main (argc=2, argv=0xbff6d124) at main.c:500
Comment 2 John (J5) Palmieri 2005-03-10 00:04:23 EST 
fixed to the dbus patch to send the address of the values to
dbus_message_iter_append_basic instead of the values themselves.  Tim
can you rebuild.
Comment 3 Tim Waugh 2005-03-10 08:02:52 EST 
*** Bug 150767 has been marked as a duplicate of this bug. ***
Comment 4 Tim Waugh 2005-03-10 08:03:55 EST 
Please try 1.1.23-14.
Comment 5 Alfred Glanzer 2005-03-10 08:50:08 EST 
cups 1.1.23-14 works !! Thanks.
Comment 6 Tim Waugh 2005-03-11 04:07:17 EST 
*** Bug 150824 has been marked as a duplicate of this bug. ***
Comment 7 Tim Waugh 2005-03-11 05:31:18 EST 
*** Bug 150845 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.