Bug 506679 - initctl segfault after changing date
Summary: initctl segfault after changing date
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: upstart
Version: 11
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
Assignee: Casey Dahlin
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2009-06-18 09:43 UTC by Slawomir Czarko
Modified: 2014-06-18 08:46 UTC (History)
4 users (show)

Fixed In Version: 0.3.11-1.fc11
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-08-11 22:31:51 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Launchpad 388873 0 None None None Never

Description Slawomir Czarko 2009-06-18 09:43:52 UTC 
Description of problem:
After changing date to previous day and using stop/start commands to restart some upstart jobs I get a segfault in init task. Below is the backtrace from gdb. I can reproduce this pretty much 100% of the time and the backtrace looks always the same (only some pointer values are different).

Version-Release number of selected component (if applicable):

upstart-0.3.9-22.fc9.i386

How reproducible:

100%

Steps to Reproduce:
1. Change date to previous day
2. stop <upstart jobs>
3. emit event which will trigger starting of <upstart jobs>
  
Actual results:
Message from syslogd@sonostation-usb26-eth at Mar 27 10:52:22 ...
 kernel:init[1]: segfault at c1 ip 08057d32 sp bf83b980 error 4 in init[8048000+20000]


Expected results:
No segfault, tasks started.

Additional info:

(gdb) bt full
#0  0x00a9b416 in __kernel_vsyscall ()
No symbol table info available.
#1  0x00c318ff in sigprocmask () from /lib/libc.so.6
No symbol table info available.
#2  0x0804a4d5 in crash_handler (signum=11) at main.c:400
	act = {__sigaction_handler = {sa_handler = 0, sa_sigaction = 0}, sa_mask = {__val = {0 <repeats 32 times>}}, sa_flags = 0, sa_restorer = 0x4}
	limit = {rlim_cur = 4294967295, rlim_max = 4294967295}
	mask = {__val = {2147482623, 4294967294, 4294967295 <repeats 30 times>}}
	err = <value optimized out>
	loglevel = <value optimized out>
	mask = {__val = {0, 0, 11121686, 115, 582, 3217000600, 123, 0, 0, 0, 3087986688, 15, 3087987304, 128, 1211428, 1748533395, 54641668, 3, 12627208, 13109375, 142491099, 142490795, 0, 
    0, 1, 1797, 3087987408, 3087986688, 134515571, 12663656, 13521706, 0}}
	oldmask = {__val = {14, 4294967295, 0, 12611584, 134618112, 3217001336, 3217001336, 4, 13455331, 2, 134598413, 4, 134615746, 1, 11121664, 17, 51, 3217000744, 11121664, 17, 51, 
    3228041216, 123, 123, 14073844, 8, 3217000744, 3217000600, 2, 0, 3217000780, 0}}
	__FUNCTION__ = "crash_handler"
#3  <signal handler called>
No symbol table info available.
#4  nih_str_array_append (array=0xbfbf8a48, parent=0x0, len=0xbfbf8a44, args=0x41) at string.c:534
	c_len = 5
	o_len = <value optimized out>
	arg = (char * const *) 0x5
	__FUNCTION__ = "nih_str_array_append"
#5  0x0804bc61 in job_run_process (job=0x87e7f30, process=PROCESS_MAIN) at job.c:1368
	statbuf = {st_dev = 59308975770263300, __pad1 = 61930, st_ino = 134616700, st_mode = 11, st_nlink = 0, st_uid = 13894081, st_gid = 142479368, st_rdev = 21617315872, __pad2 = 35248, 
  st_size = -1077966368, st_blksize = 0, st_blocks = 13808947, st_atim = {tv_sec = 13890026, tv_nsec = 134616700}, st_mtim = {tv_sec = 11, tv_nsec = 14073844}, st_ctim = {
    tv_sec = 142508104, tv_nsec = 142507824}, __unused4 = 3217001048, __unused5 = 12760163}
	proc = (JobProcess *) 0x87e8560
	argv = (char **) 0x887cea8
	script = <value optimized out>
	argc = 5
	error = <value optimized out>
	fds = {142479392, 134616700}
	__FUNCTION__ = "job_run_process"
#6  0x0804c53c in job_change_state (job=0x87e7f30, state=JOB_SPAWNED) at job.c:856
	old_state = <value optimized out>
	__FUNCTION__ = "job_change_state"
#7  0x0804cff2 in job_child_reaper (data=0x0, pid=6764, killed=0, status=0) at job.c:1729
	job = <value optimized out>
	process = PROCESS_PRE_START
	failed = 0
	stop = 0
	state = 1
	__FUNCTION__ = "job_child_reaper"
#8  0x0805959e in nih_child_poll () at child.c:158
	iter = (NihList *) 0x87e1600
	_iter = (NihList *) 0x87e15d0
	pid = 6764
	killed = 0
	status = 0
	info = {si_signo = 17, si_errno = 0, si_code = 1, _sifields = {_pad = {6764, 0 <repeats 28 times>}, _kill = {si_pid = 6764, si_uid = 0}, _timer = {si_tid = 6764, si_overrun = 0, 
      si_sigval = {sival_int = 0, sival_ptr = 0x0}}, _rt = {si_pid = 6764, si_uid = 0, si_sigval = {sival_int = 0, sival_ptr = 0x0}}, _sigchld = {si_pid = 6764, si_uid = 0, si_status = 0, 
      si_utime = 0, si_stime = 0}, _sigfault = {si_addr = 0x1a6c}, _sigpoll = {si_band = 6764, si_fd = 0}}}
#9  0x0805d09d in nih_main_loop () at main.c:606
	timeout = {tv_sec = 4, tv_usec = 992000}
---Type <return> to continue, or q <return> to quit---
	readfds = {fds_bits = {8, 0 <repeats 31 times>}}
	writefds = {fds_bits = {32, 0 <repeats 31 times>}}
	buf = ""
	ret = <value optimized out>
	next_timer = (NihTimer *) 0x0
	exceptfds = {fds_bits = {0 <repeats 32 times>}}
	nfds = 7
#10 0x08049e42 in main (argc=5, argv=0x887cea8) at main.c:302
	args = <value optimized out>
	ret = 5
Comment 1 Slawomir Czarko 2009-06-18 09:44:43 UTC 
I tried upstart version from Fedora 11 and the problem is still present.
Comment 2 Casey Dahlin 2009-06-18 13:23:06 UTC 
I think this may be fixed upstream. Checking now.
Comment 3 Slawomir Czarko 2009-06-19 18:21:47 UTC 
The bug has been triaged upstream. It is targeted for 0.3.11
Comment 4 Casey Dahlin 2009-06-19 18:29:04 UTC 
Yes. Scott seems to have the issue worked out. He should be coming back with a fix soon.
Comment 5 Slawomir Czarko 2009-06-23 11:04:59 UTC 
Any idea when will the patch be included in Fedora?
Comment 6 Petr Lautrbach 2009-06-23 11:32:55 UTC 
I've prepared rpm with 0.3.11 update with merged patches from fedora and already included patches in upstream. I'm testing it right now.

If Casey agree I'm ready to commit it to devel branch.

Rpms are available here:

http://plautrba.fedorapeople.org/upstart/upstart-0.3.11-1.fc12.src.rpm
http://koji.fedoraproject.org/koji/taskinfo?taskID=1429470
Comment 7 Casey Dahlin 2009-06-23 13:15:56 UTC 
Sure, this is worth having. Go ahead and commit it.

We're likely expecting a 0.3.12 soon (Scott said he'd take the state transfer patch as soon as I get test cases written), but how soon is uncertain.
Comment 8 Bug Zapper 2009-07-14 15:05:03 UTC 
Fedora 9 changed to end-of-life (EOL) status on 2009-07-10. Fedora 9 is 
no longer maintained, which means that it will not receive any further 
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of 
Fedora please feel free to reopen this bug against that version.

Thank you for reporting this bug and we are sorry it could not be fixed.
Comment 9 Slawomir Czarko 2009-07-16 06:22:35 UTC 
The problem is still present in Fedora 11.
Comment 10 Slawomir Czarko 2009-07-16 06:45:29 UTC 
It looks like the patch was applied in the development branch of Fedora. Any idea when will this be released as an update to Fedora 11?
Comment 11 Fedora Update System 2009-07-22 12:25:26 UTC 
upstart-0.3.11-1.fc11 has been submitted as an update for Fedora 11.
http://admin.fedoraproject.org/updates/upstart-0.3.11-1.fc11
Comment 12 Fedora Update System 2009-07-23 18:58:40 UTC 
upstart-0.3.11-1.fc11 has been pushed to the Fedora 11 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update upstart'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F11/FEDORA-2009-7922
Comment 13 Fedora Update System 2009-08-11 22:31:46 UTC 
upstart-0.3.11-1.fc11 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.