Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 203994 - cupsd dies when printing
Summary: cupsd dies when printing
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: cups
Version: rawhide
Hardware: x86_64
OS: Linux
medium
high
Target Milestone: ---
Assignee: Tim Waugh
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: FC6Target
TreeView+ depends on / blocked
 
Reported: 2006-08-24 21:24 UTC by Horst H. von Brand
Modified: 2007-11-30 22:11 UTC (History)
2 users (show)

Fixed In Version: 1.2.2-17
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-08-27 09:47:42 UTC


Attachments (Terms of Use)

Description Horst H. von Brand 2006-08-24 21:24:09 UTC
Description of problem:
Started cups, then tried to print:

  lpr /tmp/template.pdf

cupsd dies, lpr says "unknown". This hasn'r changed form the last official
rwahide package (-14, IIRC)

Version-Release number of selected component (if applicable):
cups-1.2.2-16

How reproducible:
Always

Steps to Reproduce:
1. lpr /tmp/template.pdf
2.
3.
  
Actual results:
  lpr: Unknown

Dead cupsd. /varLog/messages gets:
 Aug 24 17:27:03 quelen kernel: cupsd[11916]: segfault at 0000000000000000 rip
00002aaaac9c4f92 rsp 00007fff6ad80278 error 4

Expected results:
Printout...

Additional info:

Comment 1 Alan Shutko 2006-08-24 23:16:47 UTC
I'm actually seeing the same thing, also on x86_64.  selinux is disabled.  Core
dump shows

Core was generated by `cupsd -f'.
Program terminated with signal 11, Segmentation fault.
#0  0x00002aaaac73f610 in context_range_get () from /lib64/libselinux.so.1
(gdb) bt
#0  0x00002aaaac73f610 in context_range_get () from /lib64/libselinux.so.1
#1  0x000055555558e815 in main () from /usr/sbin/cupsd



Comment 2 Andy Green 2006-08-25 07:49:33 UTC
Same here on i386 SMP

Comment 3 Tim Waugh 2006-08-25 08:59:20 UTC
Could you please install the corresponding cups-debuginfo package and try gdb
again?  Thanks.

Comment 4 Andy Green 2006-08-25 09:52:09 UTC
# gdb --args cupsd -f
...
(gdb) run
Starting program: /usr/sbin/cupsd -f
[Thread debugging using libthread_db enabled]
[New Thread -1208838448 (LWP 15711)]
(tried to print page from Acrobat)
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1208838448 (LWP 15711)]
0x00599f8a in strcmp () from /lib/libc.so.6
(gdb) bt
#0  0x00599f8a in strcmp () from /lib/libc.so.6
#1  0x00d2ba01 in add_job (con=0x8dee098, uri=0x8debd90, dprinter=0xbfc4b180,
filetype=0x8db9358) at ipp.c:1658
#2  0x00d2d368 in print_job (con=0x8dee098, uri=0x8debd90) at ipp.c:7127
#3  0x00d2fbe6 in cupsdProcessIPPRequest (con=0x8dee098) at ipp.c:470
#4  0x00d0e12b in cupsdReadClient (con=0x8dee098) at client.c:1917
#5  0x00d1d1de in main (argc=2, argv=0xbfc5a6e4) at main.c:938
(gdb)

Comment 5 Tim Waugh 2006-08-25 10:12:10 UTC
Thanks.  Now what does it say if, at that last (gdb) prompt, you enter 'up' and
then 'info locals'?

Comment 6 Tim Waugh 2006-08-25 10:16:03 UTC
Actually, never mind, I think I know what this is.

I'm just about to upload 1.2.2-17 to
http://people.redhat.com/twaugh/tmp/cups-devel -- could you please try that? 
Thanks.

Comment 7 Andy Green 2006-08-25 10:28:30 UTC
Yes that fixes it, thanks a lot :-D

FWIW here are the locals anyway

(gdb) up
#1  0x00d2ba01 in add_job (con=0x8dee098, uri=0x8debd90, dprinter=0xbfc4b180,
filetype=0x8db9358) at ipp.c:1658
1658          if ((strcmp(userheader, Classification) == 0)
(gdb) info locals
uuid = "urn:uuid:2d9196ef-e1e2-3c08-4c61-c04f8991a7d6\000com:631:54", '\0'
<repeats 883 times>,
"\005Y\000\000\000\000\000\000\000\000\000�f\000\000\000\000\000\000\000\000\000\035\030Y\000<\227ĿX\230ĿWĿxĿ�f\000<\227ĿX\230Ŀ(\230Ŀ�`\000<\227Ŀ\225\031�000|ĿX\230Ŀ\000\000\000\000�
attr = <value optimized out>
md5state = {count = {1024, 0}, abcd = {4019622189, 144499425, 1338007820,
3601305993},
  buf = '\0' <repeats 56 times>, "�001\000\000\000\000\000"}
md5sum = "-\221\226��234\b\fa�\211\221�
status = <value optimized out>
attr = (ipp_attribute_t *) 0x8debe88
dest = 0x8dbef10 "printer2"
dtype = 0
val = <value optimized out>
priority = <value optimized out>
title = 0x8debe30 "Acro000r6pOYn"
job = (cupsd_job_t *) 0x8df17e8
job_uri = "exec \n          dup /$F`Uf\000Ç«Ä¿XUf\000 notXQf\000    h \000\000X
\000\000p du\000\000\000\000ngth exch maxlength eq \n          { pop userdict
dup /$FXQf\000ct kk\000\000\000 not\n   \004\000\000\000   { 100 dic�f\000
Qf\000T \000\000�027�b\a`Y\000�027�b\000\000\000\000T
\000\000�213\000\027�b\034Ŀ"...
method = "ipp\000mdict /internaldict get exec \n       /FlxProc known {save
true} {false} ifelse\n    } \n   {\n      userdict /internaldict known not \n  
     \000\003u8ĿI{�000آ�brdict /internaldict HV�b       {�001�000     "...
username = "\0001.2
0\n%%EndComments\n%%BeginDefaults\n%%EndDefaults\n%%BeginProlog\n%%EndProlog\n%%BeginSetup\n%ADOPrintSettings:
L2 W2 vm op crd os scsa T h ef bg ucr SF EF r b fa pr seps ttf hb EF t2 irt
Printer/PostScr"...
host =
"localhost\000uX\223�b\000\000\000\000�237Ŀ)Q�000�027�bxĿ�Y\000�&\000�001�0008Ŀ\001\000\000\000HĿ�\000\000\000\000`�bHH\000\000�\000\000�d\000\000\003u\002",
'\0' <repeats 11 times>, "H
ſ`C\000\230�\b\002\000\000\000\001\000\000\000\177\000\000HĿ\001\000\000\000\000\003u��000X\223�b�f\000
Qf\000�027�b\bĿ`CY\000 Qf\000�027�b�a�000\000\000\000\027�b�&\000\f�\0000Ŀ�...
resource = "/printers/printer2", '\0' <repeats 37 times>,
"XQf\000\000\000\000\000k\000\000\000\205�\000:\003\000\004\000\000\000@�002\000\000\000\000\000\000\000�f\000
Qf\000T \000\000�027�b\a`Y\000�027�b\000\000\000\000T
\000\000�213\000\027�b�233Ŀ�\000�027�b\020\000\000\000\030\234Ŀ�\000\020\000\000\000\002\000\000\000\001\000\000\000�\000lؤ\000h��&\000\000\000\000\000\000\000\000\000\031�000�027�b\000\000\000\000X\n�020\000\000\000\000\003u�\000(\027�b\031�000"...
port = 631
printer = (cupsd_printer_t *) 0x8dbea08
kbytes = <value optimized out>
i = <value optimized out>
argv = {0x0, 0x0, 0x0}
envp = {0x0, 0xbfc496f0 "", 0x0, 0x0, 0xbfc49684 "", 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0xbfc497d0 "", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
  0xffffffff <Address 0xffffffff out of bounds>, 0x1f <Address 0x1f out of
bounds>, 0xd5199b "", 0xd51995 "%c %s ", 0xbfc49684 "",
  0x1 <Address 0x1 out of bounds>, 0x2 <Address 0x2 out of bounds>, 0x0 <repeats
15 times>, 0x20 <Address 0x20 out of bounds>, 0x0, 0x0, 0x0,
  0x73000000 <Address 0x73000000 out of bounds>, 0x1c <Address 0x1c out of
bounds>, 0x0 <repeats 32 times>,
  0xffffffff <Address 0xffffffff out of bounds>, 0x0, 0xbfc4b880 "y\031�,
0xd51999 "s ", 0x0 <repeats 16 times>}
audit_message = <value optimized out>
buffer = '\0' <repeats 1023 times>
acstatus = 0
acpid = 0
printerfile = <value optimized out>
---Type <return> to continue, or q <return> to quit---
userheader = 0x8dc6df8 "none"
userfooter = 0x8dc6e50 "none"
override = <value optimized out>


Comment 8 Tim Waugh 2006-08-25 10:35:59 UTC
Great, thanks for testing.

Alan Shutko, your stack trace is entirely different:

#0  0x00002aaaac73f610 in context_range_get () from /lib64/libselinux.so.1
#1  0x000055555558e815 in main () from /usr/sbin/cupsd

Could you please do the same thing (see comment #3) to get a stack trace with
symbols?

Comment 9 Tim Waugh 2006-08-25 11:39:37 UTC
In fact, Alan, can you confirm what 'rpm -q cups' says in the first instance? 
Are you running 1.2.2-16 or something earlier?

Comment 10 Alan Shutko 2006-08-26 20:11:26 UTC
Hmmm... sorry, I upgraded and got 1.2.2-17 before checking this.  But you'll be
glad to know that -17 fixes my problem as well!


Note You need to log in before you can comment on or make changes to this bug.