[cups.development] cups-polld issue and cupsd segfaulting

Wed Sep 2 12:21:05 PDT 2009

Maciej (Matchek) Blizinski wrote:

> Hi cups-dev,
> 
> About July 2009, I noticed an issue with cups-polld (initially in
> version 1.3.9) in which polld daemons would start consuming 100% of a
> processor and stop otherwise working.
> 
> http://www.cups.org/str.php?L3257
> 
> I then reproduced the issue with 1.3.11, but I wasn't quick enough and
> the issue got closed. I got back to this issue now and did some more
> debugging. I compiled an unoptimized binary with symbols under Sun
> Studio 12 and ran it under a debugger in the hope that I would be able
> to reproduce the polld issue. I did reproduce something, but it looks
> like a completely different issue. I don't know whether it's better go
> pursue the new issue I'm seeing, or try to debug the original polld
> outside the debugger. I'll try to give the new issue a shot.
> 
> The main daemon, cupsd, segfaults. Here are all the details I've been
> able to collect so far:
> 
> Code: cups-1.3.11 tarball
> OS: Solaris 10 U6 (free from Sun)
> Compiler: Sun Studio 12 (available freely from Sun)
> 
> The segfault is reproducible, it happens every time I run cups. The
> location is line 446 of mime.c, in function delete_rules(mime_magic_t
> *rules).
> 
>   while (rules != NULL)
>   {
>     next = rules->next; /* <-- here */
>     (...)
>   }
> 
> The rules pointer has a value, but the memory address can not be read
> from:
> 
> (dbx) where
>   [1] delete_rules(rules = 0x4d2d5355), line 444 in "mime.c"
> =>[2] mimeDeleteType(mime = 0x80c2788, mt = 0x8103e40), line 160 in
> "mime.c"
>   [3] cupsdRenamePrinter(p = 0x8185348, name = 0x8045330
> "hpduke at cabbage.dub.corp.google.com"), line 1284 in "printers.c"
>   [4] process_browse_data(uri = 0x8046480
> "ipp://x.x.x.x/printers/hpduke", host = 0x8046080 "y.y.y.y", resource
> = 0x8045c80 "/printers/hpduke", type = 16814110U, state =
> IPP_PRINTER_IDLE, location = 0x8045a80 "1250 Charleston", info =
> 0x8045b80 "HP Color Laserjet 3600", make_model = 0x8045980 "HP Color
> LaserJet 3600 Foomatic/hpijs (recommended) - HPLIP 0.9.7", num_attrs =
> 2, attrs = 0x863f2d0), line 1868 in "dirsvc.c"
>   [5] update_cups_browse(), line 3747 in "dirsvc.c"
>   [6] cupsdDoSelect(timeout = 1), line 655 in "select.c"
>   [7] main(argc = 4, argv = 0x8047890), line 829 in "main.c"
> (dbx) frame 1
> Current function is delete_rules
> (dbx) print rules
> rules = 0x4d2d5355
> (dbx) print *rules
> dbx: cannot access address 0x4d2d5355
> (dbx) frame 2
> Current function is mimeDeleteType
> (dbx) print mt
> mt = 0x8103e40
> (dbx) print *mt
> *mt = {
>     rules = 0x4d2d5355
>     super = "TV-202/1250 Char"
>     type  = "leston/105"
> }
> 
> That's all the information I have at this time. I'm unfamiliar with
> cups code, so I can't really guess what the issue might be. I have the
> session open in Sun Studio IDE and can interrogate the current (dead)
> process some more. I can also offer all the information on how to set
> up Sun Studio and reproduce the issue.
> 
> The issue I'm really after is the wedged cups-polld (STR 3257), but I
> can't reproduce it until I get this segfault sorted out.
> 
> What course of action do  you suggest?
> 
> Maciej
I'd suggest to try to compile the stuff using gcc - there are rumors that 
sun's own c compiler is a bit touchy. And sometimes - as for my experience
wich non-linux systems - it ometimes helps to reduce the optimization
level.

Helge