On 05/19/2010 03:38 PM, Denys Vlasenko wrote:
On Wed, 2010-05-19 at 14:55 +0200, Nikola Pajkovsky wrote:
run abrtd -dvvv run gui click on report choose bugzilla plugin try to Refresh all information close gui kill abrtd with ctrl+c
result is that abrt abnormally leaks and die with SIGSEGV
Yes, I see it. It's pointless to try to plug leaks until we stop it from SEGVing. Let's find out why it SEGVs:
abrtd: UnRegistered Reporter plugin TicketUploader abrtd: Got signal 2, exiting ==14157== Thread 1: ==14157== Invalid read of size 2 ==14157== at 0x364C035430: getenv (in /lib64/libc-2.12.so) ==14157== by 0x3D46A1A339: PR_GetEnv (in /lib64/libnspr4.so) ==14157== by 0x3D47ADDB32: PKIX_PL_Shutdown (pkix_pl_lifecycle.c:293) ==14157== by 0x3D47A9F4B8: PKIX_Shutdown (pkix_lifecycle.c:231) ==14157== by 0x3D47A18850: nss_Shutdown (nssinit.c:1032) ==14157== by 0x3D49218574: rpmFreeCrypto (in /usr/lib64/librpmio.so.1.0.0) ==14157== by 0x40ABF5: CRPM::~CRPM() (RPM.cpp:31) ==14157== by 0x364C035FF1: exit (in /lib64/libc-2.12.so) ==14157== by 0x4C29291: xfunc_die() (logging.cpp:37) ==14157== by 0x4C2940F: error_msg_and_die(char const*, ...) (logging.cpp:117) ==14157== by 0x4184E2: main (Daemon.cpp:927) ==14157== Address 0xbf0e6b2 is not stack'd, malloc'd or (recently) free'd ==14157==. ==14157==. ==14157== Process terminating with default action of signal 11 (SIGSEGV) ==14157== Access not within mapped region at address 0xBF0E6B2 ==14157== at 0x364C035430: getenv (in /lib64/libc-2.12.so) ==14157== by 0x3D46A1A339: PR_GetEnv (in /lib64/libnspr4.so) ==14157== by 0x3D47ADDB32: PKIX_PL_Shutdown (pkix_pl_lifecycle.c:293) ==14157== by 0x3D47A9F4B8: PKIX_Shutdown (pkix_lifecycle.c:231) ==14157== by 0x3D47A18850: nss_Shutdown (nssinit.c:1032) ==14157== by 0x3D49218574: rpmFreeCrypto (in /usr/lib64/librpmio.so.1.0.0) ==14157== by 0x40ABF5: CRPM::~CRPM() (RPM.cpp:31) ==14157== by 0x364C035FF1: exit (in /lib64/libc-2.12.so) ==14157== by 0x4C29291: xfunc_die() (logging.cpp:37) ==14157== by 0x4C2940F: error_msg_and_die(char const*, ...) (logging.cpp:117) ==14157== by 0x4184E2: main (Daemon.cpp:927)
Obviously, it SEGVed in PR_GetEnv. Possibly a bogus pointer. I will look into the source of these functions.
Just to make sure that environment is not corrupted, can you add this to CRPM::~CRPM() and rerun the test?
CRPM::~CRPM() {
- log("Environment dump:");
- char **pp = environ;
- if (pp) while (*pp)
- log(" envvar:'%s'", *pp++);
- log("Environment dump done"); rpmcliFini(m_poptContext);
}
Here we go:
abrtd: Environment dump: abrtd: envvar:'HOSTNAME=redhat.com' abrtd: envvar:'SHELL=/bin/bash' abrtd: envvar:'HISTSIZE=1000' abrtd: envvar:'QTDIR=/usr/lib64/qt-3.3' abrtd: envvar:'QTINC=/usr/lib64/qt-3.3/include' abrtd: envvar:'USER=root' abrtd: envvar:'LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lz=01;31:*.xz=01;31:*.bz2=01;31:*.tbz=01;31:*.tbz2=01;31:*.bz=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.rar=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=0 1;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=01;36:*.au=01;36:*.flac=01;36:*.mid=01;36:*.midi=01;36:*.mka=01;36:*.mp3=01;36:*.mpc=01;36:*.ogg=01;36:*.ra=01;36:*.wav=01;36:*.axa=01;36:*.oga=01;36:*.spx=01;36:*.xspf=01;36:' abrtd: envvar:'COBBLER_SERVER=lab.rhts.englab.brq.redhat.com' abrtd: envvar:'MAIL=/var/spool/mail/root' abrtd: envvar:'PATH=/usr/lib64/qt-3.3/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin' abrtd: envvar:'PWD=/root' abrtd: envvar:'LANG=en_US.UTF-8' abrtd: envvar:'KDE_IS_PRELINKED=1' abrtd: envvar:'KDEDIRS=/usr' abrtd: envvar:'HISTCONTROL=ignoredups' abrtd: envvar:'SHLVL=1' abrtd: envvar:'HOME=/root' abrtd: envvar:'LOGNAME=root' abrtd: envvar:'QTLIB=/usr/lib64/qt-3.3/lib' abrtd: envvar:'CVS_RSH=ssh' abrtd: envvar:'LESSOPEN=|/usr/bin/lesspipe.sh %s' abrtd: envvar:'DISPLAY=:0.0' abrtd: envvar:'G_BROKEN_FILENAMES=1' abrtd: envvar:'XAUTHORITY=/root/.xauthyDbCiX' abrtd: envvar:'_=/usr/sbin/abrtd' <---- this line looks weird
If "Environment dump done" message is not reached, we have corrupted environment, and the bug is not in libnspr. Otherwise, it is likely in libnspr.
Right, "Environment dump done" message is not reached!
crash-catcher@lists.fedorahosted.org