617204 – Segfault on updating packages

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 617204 - Segfault on updating packages

Summary: Segfault on updating packages

Keywords:
Status:	CLOSED DUPLICATE of bug 607650
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	rpm
Sub Component:
Version:	6.0
Hardware:	All
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Panu Matilainen
QA Contact:	BaseOS QE Security Team
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2010-07-22 13:33 UTC by Amit Shah
Modified:	2014-01-21 06:18 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2010-07-29 04:36:44 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
Complete backtrace for the crash (39.23 KB, text/plain) 2010-07-22 13:33 UTC, Amit Shah	no flags	Details
List of packages being updated (36.56 KB, text/plain) 2010-07-22 15:54 UTC, Amit Shah	no flags	Details
View All

Description Amit Shah 2010-07-22 13:33:30 UTC

Created attachment 433696 [details]
Complete backtrace for the crash

Description of problem:

Attached is the invalid pointer crash I get on updating some packages, snippet below:

Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Updating       : glib2-2.22.5-4.el6.x86_64                              1/437
  Updating       : 1:dbus-libs-1.2.24-2.el6 [                         ]   2/437*** glibc detected *** /usr/bin/python: free(): invalid pointer: 0x00000000068484d0 ***
======= Backtrace: =========
/lib64/libc.so.6(+0x75736)[0x7f063d00d736]
/lib64/libselinux.so.1(selinux_trans_to_raw_context+0x8e)[0x7f063a3fdb1e]
/lib64/libselinux.so.1(lsetfilecon+0x28)[0x7f063a3fab58]
/usr/lib64/librpm.so.1(+0x2ceb7)[0x7f0634105eb7]
/usr/lib64/librpm.so.1(+0x2f158)[0x7f0634108158]
/usr/lib64/librpm.so.1(+0x2f4e0)[0x7f06341084e0]
/usr/lib64/librpm.so.1(+0x2ccfd)[0x7f0634105cfd]
/usr/lib64/librpm.so.1(fsmSetup+0x17b)[0x7f063410988b]
/usr/lib64/librpm.so.1(+0x35dd6)[0x7f063410edd6]
/usr/lib64/librpm.so.1(+0x35714)[0x7f063410e714]
/usr/lib64/librpm.so.1(rpmtsRun+0x86b)[0x7f0634127afb]
/usr/lib64/python2.6/site-packages/rpm/_rpmmodule.so(+0xe51c)[0x7f063435151c]

...

# rpm -q rpm
Freeing read locks for locker 0xe: 1864/139664788297472
Freeing read locks for locker 0x10: 1864/139664788297472
Freeing read locks for locker 0x11: 1864/139664788297472
Freeing read locks for locker 0x12: 1864/139664788297472
Freeing read locks for locker 0x7e1: 1864/139664788297472
Freeing read locks for locker 0x7e3: 1864/139664788297472
Freeing read locks for locker 0x7e4: 1864/139664788297472
Freeing read locks for locker 0x7e5: 1864/139664788297472
Freeing read locks for locker 0x7e6: 1864/139664788297472
Freeing read locks for locker 0x7e7: 1864/139664788297472
Freeing read locks for locker 0x7e8: 1864/139664788297472
Freeing read locks for locker 0x7e9: 1864/139664788297472
Freeing read locks for locker 0x7ea: 1864/139664788297472
Freeing read locks for locker 0x7eb: 1864/139664788297472
Freeing read locks for locker 0x7ec: 1864/139664788297472
Freeing read locks for locker 0x7ed: 1864/139664788297472
Freeing read locks for locker 0x7ee: 1864/139664788297472
Freeing read locks for locker 0x7ef: 1864/139664788297472
rpm-4.8.0-10.el6.x86_64
[root@localhost ~]# rpm -q yum
yum-3.2.27-12.el6.noarch


This is always reproducible for me on this VM so I'm happy to try out anything you want me to.

Comment 2 RHEL Program Management 2010-07-22 13:58:27 UTC

This issue has been proposed when we are only considering blocker
issues in the current Red Hat Enterprise Linux release.

** If you would still like this issue considered for the current
release, ask your support representative to file as a blocker on
your behalf. Otherwise ask that it be considered for the next
Red Hat Enterprise Linux release. **

Comment 3 Eduard Benes 2010-07-22 14:33:16 UTC

Amit, what packages are you updating? Are you able to reproduce this on an another box with the same rpm version?

Comment 4 Amit Shah 2010-07-22 15:44:03 UTC

The list of packages being updated is attached.

I also tried just updating rpm first to the latest avl. on the repo (4.8.0-12) and got this:

Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Updating       : glib2-2.22.5-4.el6.x86_64                              1/431 
  Updating       : 1:dbus-libs-1.2.24-2.el6.x86_64                        2/431 
  Updating       : libgcc-4.4.4-12.el6.x86_64                             3/431 
  Updating       : libstdc++-4.4.4-12.el6.x86_64                          4/431 
  Updating       : dbus-glib-0.86-5.el6.x86_64                            5/431 
  Updating       : libcom_err-1.41.12-3.el6.x86_64                        6/431 
  Updating       : openssl-1.0.0-4.el6.x86_64                             7/431 
  Updating       : python-libs-2.6.5-3.el6.x86_64                         8/431 
Segmentation fault (core dumped)

Comment 5 Amit Shah 2010-07-22 15:54:50 UTC

Created attachment 433742 [details]
List of packages being updated

Comment 6 Amit Shah 2010-07-22 16:31:38 UTC

Just updating python and python-libs first and then rpm also doesn't help:


Dependencies Resolved

================================================================================
 Package             Arch           Version              Repository        Size
================================================================================
Updating:
 python-libs         x86_64         2.6.5-3.el6          rhel-pnq         617 k
Updating for dependencies:
 python              x86_64         2.6.5-3.el6          rhel-pnq         4.8 M

...


Dependencies Resolved

================================================================================
 Package            Arch           Version               Repository        Size
================================================================================
Updating:
 rpm                x86_64         4.8.0-12.el6          rhel-pnq         895 k
Updating for dependencies:
 rpm-libs           x86_64         4.8.0-12.el6          rhel-pnq         307 k
 rpm-python         x86_64         4.8.0-12.el6          rhel-pnq          51 k

...

# yum update

...

--------------------------------------------------------------------------------
Total                                           4.5 MB/s | 183 MB     00:40     
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Updating       : glib2-2.22.5-4.el6.x86_64                              1/427 
  Updating       : 1:dbus-libs-1.2.24-2.el6.x86_64                        2/427 
  Updating       : libgcc-4.4.4-12.el6.x86_64                             3/427 
*** glibc detected *** /usr/bin/python: malloc(): smallbin double linked list corrupted: 0x0000000004c28610 ***


In this case, I don't get to the prompt, yum just hangs here.

In the previous two cases (direct yum update, yum update after rpm update) I was dropped back to the shell.

Comment 7 Dave Malcolm 2010-07-23 14:51:45 UTC

This may be a duplicate of bug 608710 ; hopefully we can get a scratch build for testing soon.

Comment 8 Denise Dumas 2010-07-28 17:19:26 UTC

And 608710 appears to be caused by 607650, 
which should be fixed in the respun Snap 7 kernel, kernel-2.6.32-44.2.el6 
(this needs to be on the host - guest kernel doesn't matter)

Comment 9 Bill Nottingham 2010-07-28 21:26:22 UTC

Amit - are you running on KVM?

Comment 10 Amit Shah 2010-07-29 04:36:44 UTC

(In reply to comment #9)
> Amit - are you running on KVM?    

Ah; yes. I didn't realise this is the KVM MMU bug since my host kernels were updated but due to a grub screwup I was always booted into an older kernel.

Pointing grub to the newest avl. does solve it. Marking as a dupe of 607650

*** This bug has been marked as a duplicate of bug 607650 ***

Note You need to log in before you can comment on or make changes to this bug.