Bug#851210: segfault during update and directly after initramfs, system unusable

Sven Hartge sven at svenhartge.de
Thu Jan 12 23:16:34 GMT 2017 

Package: systemd
Version: 232-9
Severity: critical
Justification: breaks the complete system

(This is a manual bug report, because of Bug#850317 in reportbug.)

Hi!

During the upgrade from 232-8 to 232-9 I encountered the following:

-----------------------------8<--------------------------
Setting up systemd (232-9) ...
addgroup: The group `systemd-journal' already exists as a system group.
Exiting.

Message from syslogd at ds9 at Jan 12 22:39:34 ...
 kernel:[10718245.407639] systemd[1]: segfault at 37 ip 00000000f7277936
sp 00000000ffce0204 error 4 in libc-2.24.so[f71f9000+1b1000]

Message from syslogd at ds9 at Jan 12 22:39:34 ...
 kernel:[10718245.407639] systemd[1]: segfault at 37 ip 00000000f7277936
sp 00000000ffce0204 error 4 in libc-2.24.so[f71f9000+1b1000]

Message from syslogd at ds9 at Jan 12 22:39:34 ...
 systemd[1]: Caught <SEGV>, dumped core as pid 3361714.

Broadcast message from systemd-journald at ds9 (Thu 2017-01-12 22:39:34 CET):

systemd[1]: Caught <SEGV>, dumped core as pid 3361714.


Message from syslogd at ds9 at Jan 12 22:39:34 ...
 systemd[1]: Caught <SEGV>, dumped core as pid 3361714.

Broadcast message from systemd-journald at ds9 (Thu 2017-01-12 22:39:34 CET):

systemd[1]: Caught <SEGV>, dumped core as pid 3361714.


Message from syslogd at ds9 at Jan 12 22:39:34 ...
 systemd[1]: Freezing execution.
-----------------------------8<--------------------------

After that anything involving systemd was dead, even a reboot was not
possible with normal methods, only a hard reset worked.

Directly after the initramfs and shortly after setting the hostname,
systemd segfaults again, rendering the system broken and useless.
Unfortunately I only have an image of that state, see attachement.

I did get a core dump and did a backrace using gdb, but because I did not
have all dbgsyms installed at the time, it was rather useless:

-----------------------------8<--------------------------
Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
Core was generated by `/lib/systemd/systemd --system --deserialize 21'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0xf7728d09 in __kernel_vsyscall ()
(gdb) bt full
#0  0xf7728d09 in __kernel_vsyscall ()
No symbol table info available.
#1  0xf7225066 in kill () at ../sysdeps/unix/syscall-template.S:84
No locals.
#2  0x5657f916 in ?? ()
No symbol table info available.
#3  <signal handler called>
No symbol table info available.
#4  __strlen_sse2_bsf () at
../sysdeps/i386/i686/multiarch/strlen-sse2-bsf.S:50
No locals.
#5  0xf761dbfc in strjoin () from /lib/systemd/libsystemd-shared-232.so
No symbol table info available.
#6  0x565a2815 in ?? ()
No symbol table info available.
#7  0xf7633639 in config_parse () from /lib/systemd/libsystemd-shared-232.so
No symbol table info available.
#8  0x565b6ccf in ?? ()
No symbol table info available.
#9  0x565b9427 in ?? ()
No symbol table info available.
#10 0x565b96c0 in ?? ()
No symbol table info available.
#11 0x565c3c3c in ?? ()
No symbol table info available.
#12 0x565d3ef7 in ?? ()
No symbol table info available.
#13 0x5659286e in ?? ()
No symbol table info available.
#14 0x565a11b5 in ?? ()
No symbol table info available.
#15 0x565a15c6 in ?? ()
No symbol table info available.
#16 0x565dbb30 in ?? ()
No symbol table info available.
#17 0x565c5e0c in ?? ()
No symbol table info available.
#18 0x56579228 in ?? ()
No symbol table info available.
#19 0xf7211276 in __libc_start_main (main=0x565781e0, argc=4,
argv=0xffce1294, init=0x565f5ef0, fini=0x565f5f50, rtld_fini=0xf77398a0
<_dl_fini>, stack_end=0xffce128c)
    at ../csu/libc-start.c:291
        result = <optimized out>
        unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, 4, -147144704, 0,
2070705052, -1519640691}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0,
0xffce1290, 0xf772a000}, data = {
              prev = 0x0, cleanup = 0x0, canceltype = -3272048}}}
        not_first_call = <optimized out>
#20 0x5657ccb7 in ?? ()
No symbol table info available.
-----------------------------8<--------------------------

I am also attaching the core file in case it may be helpful.

I first thought the bug was a result of my mixed multi-arch system (64bit
kernel + 32bit userland), but even after booting with sysvinit and
changing systemd from 32bit to 64bit the segfault prevailed.

I also checked the integrity of the system with "debsums -c", but
everything was OK.

After downgrading to 232-8 the system was working again. Unfortunately I
could no longer experiment at that moment, because the system in question
is my main home router and server (Yes, I know, I like to live on the
bleeding edge and have been for the last 16 years.)

If you need any additional information, please ask and I will provide
them.

Grüße,
Sven.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: systemd-232-9-segfault-on-boot.jpg
Type: image/jpeg
Size: 849924 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-systemd-maintainers/attachments/20170113/b0b2eeaf/attachment-0001.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: systemd-232-9-core.20170112.gz
Type: application/gzip
Size: 245337 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-systemd-maintainers/attachments/20170113/b0b2eeaf/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-systemd-maintainers/attachments/20170113/b0b2eeaf/attachment-0001.sig>

More information about the Pkg-systemd-maintainers mailing list