I am also convinced that the bug is not inside the pcscd. It could be inside libifd-cyberjack6 or libusb. Please help investigating it.
The exact HW I am using is this device: http://www.reiner- sct.com/produkte/chipkartenleser/cyberjack_secoder.html?pEl=2 To reproduce the bug let the device unconnecting and start the pcscd deamon with options "-d -f". Connect the device, disconnect the device and reconnect. I compiled the source packages in order to investigate the bug a little deeper on my own. When the device is connected the first time a bunch of threads are spawned where 2 will last for longer time. The 2 mentioned threads have the IDs 5+6. (gdb) info thr Id Target Id Frame 6 Thread 0x7ffff555d700 (LWP 19617) "pcscd" 0x00007ffff75aab9d in nanosleep () at ../sysdeps/unix/syscall-template.S:81 5 Thread 0x7ffff5d5e700 (LWP 19616) "pcscd" 0x00007ffff72c2fbd in poll () at ../sysdeps/unix/syscall-template.S:81 2 Thread 0x7ffff71d4700 (LWP 19581) "pcscd" 0x00007ffff72c7c33 in select () at ../sysdeps/unix/syscall-template.S:81 * 1 Thread 0x7ffff7fcf740 (LWP 19580) "pcscd" 0x00007ffff72c7c33 in select () at ../sysdeps/unix/syscall-template.S:81 Thead with ID 5 will cause the crash later on: Looking into the call stack show the following: (gdb) thr 5 [Switching to thread 5 (Thread 0x7ffff5d5e700 (LWP 19616))] #0 0x00007ffff72c2fbd in poll () at ../sysdeps/unix/syscall-template.S:81 81 ../sysdeps/unix/syscall-template.S: No such file or directory. (gdb) bt #0 0x00007ffff72c2fbd in poll () at ../sysdeps/unix/syscall-template.S:81 #1 0x00007ffff658d248 in poll (__timeout=-1, __nfds=2, __fds=0x7ffff5d5def0) at /usr/include/x86_64-linux-gnu/bits/poll2.h:46 #2 linux_udev_event_thread_main (arg=<optimized out>) at ../../libusb/os/linux_udev.c:175 #3 0x00007ffff75a3182 in start_thread (arg=0x7ffff5d5e700) at pthread_create.c:312 #4 0x00007ffff72d030d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111 When disconnecting the device the thread with ID5 is gone while the one with ID5 is still present but in a strange state. info threads Id Target Id Frame 5 Thread 0x7ffff5d5e700 (LWP 19616) "pcscd" 0x00007ffff72c2fbd in poll () at ../sysdeps/unix/syscall-template.S:81 2 Thread 0x7ffff71d4700 (LWP 19581) "pcscd" 0x00007ffff72c7c33 in select () at ../sysdeps/unix/syscall-template.S:81 * 1 Thread 0x7ffff7fcf740 (LWP 19580) "pcscd" 0x00007ffff72c7c33 in select () at ../sysdeps/unix/syscall-template.S:81 (gdb) thr 5 [Switching to thread 5 (Thread 0x7ffff5d5e700 (LWP 19616))] #0 0x00007ffff72c2fbd in poll () at ../sysdeps/unix/syscall-template.S:81 81 ../sysdeps/unix/syscall-template.S: No such file or directory. (gdb) bt #0 0x00007ffff72c2fbd in poll () at ../sysdeps/unix/syscall-template.S:81 #1 0x00007ffff658d248 in ?? () #2 0x00007ffff7590868 in __elf_set___libc_thread_subfreeres_element___rpc_thread_destroy__ () #3 0x00007ffff7590860 in __elf_set___libc_thread_subfreeres_element_res_thread_freeres__ () from /lib/x86_64-linux-gnu/libc.so.6 #4 0x0000000100000006 in ?? () #5 0x0000000100000005 in ?? () #6 0x00007ffff5d5e700 in ?? () #7 0x00007ffff5d5e700 in ?? () #8 0x0000000000000000 in ?? () The thread seems to be in destruction but is still waiting inside poll for something. Perhaps some hook (pthread_cleanup_push)? In Task List it has still an priority, so it's no zombie. When I reconnect the device the pcscd crashed after some seconds. This is the stack trace: Program received signal SIGSEGV, Segmentation fault. 0x00007ffff658d248 in ?? () (gdb) bt #0 0x00007ffff658d248 in ?? () #1 0x00007ffff7590868 in __elf_set___libc_thread_subfreeres_element___rpc_thread_destroy__ () #2 0x00007ffff7590860 in __elf_set___libc_thread_subfreeres_element_res_thread_freeres__ () from /lib/x86_64-linux-gnu/libc.so.6 #3 0x0000000100000006 in ?? () #4 0x0001000100000005 in ?? () #5 0x00007ffff5d5e700 in ?? () #6 0x00007ffff5d5e700 in ?? () #7 0x0000000000000000 in ?? () (gdb) info threads Id Target Id Frame * 5 Thread 0x7ffff5d5e700 (LWP 19616) "pcscd" 0x00007ffff658d248 in ?? () 2 Thread 0x7ffff71d4700 (LWP 19581) "pcscd" 0x00007ffff72c7c33 in select () at ../sysdeps/unix/syscall-template.S:81 1 Thread 0x7ffff7fcf740 (LWP 19580) "pcscd" 0x00007ffff72c7c33 in select () at ../sysdeps/unix/syscall-template.S:81 The poll returned and while returning the segfault is beeing generated. The thread itself stucks inside libusb. Perhaps the error is inside libusb. I have not the project knowledge to get deeper into it. ** Package changed: pcsc-lite (Ubuntu) => pcsc-cyberjack (Ubuntu) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to pcsc-lite in Ubuntu. https://bugs.launchpad.net/bugs/1296288 Title: pcscd crashes when disconnecting / reconnecting USB device Status in “pcsc-cyberjack” package in Ubuntu: New Bug description: $ lsb_release -rd Description: Ubuntu Trusty Tahr (development branch) Release: 14.04 $ apt-cache policy pcscd pcscd: Installed: 1.8.10-1ubuntu1 Candidate: 1.8.10-1ubuntu1 Version table: *** 1.8.10-1ubuntu1 0 500 http://de.archive.ubuntu.com/ubuntu/ trusty/universe amd64 Packages 100 /var/lib/dpkg/status The HW used is a Reiner SCT supported by the following package: $ apt-cache policy libifd-cyberjack6 libifd-cyberjack6: Installed: 3.99.5final.sp03-2 Candidate: 3.99.5final.sp03-2 Version table: *** 3.99.5final.sp03-2 0 500 http://de.archive.ubuntu.com/ubuntu/ trusty/universe amd64 Packages 100 /var/lib/dpkg/status The error occures mostly when disconnecting or reconnecting the device. Please wait a few seconds after changing conection state. I am unsure if the deamon is stable over time when the connection state is unchanged. I found the service missing in various scenarios. After crashing I found the following entries in syslog: Mar 23 14:13:51 einstein kernel: [ 560.029754] pcscd[2560]: segfault at 7f062128c248 ip 00007f062128c248 sp 00007f0620a5cee0 error 14 in libc-2.19.so[7f06216d3000+1bb000] Mar 23 14:14:30 einstein kernel: [ 599.765633] pcscd[2572]: segfault at 7f7840e4f248 ip 00007f7840e4f248 sp 00007f784061fee0 error 14 in libc-2.19.so[7f7841296000+1bb000] I attached the crash report from /var/crash/_usr_sbin_pcscd.0.crash. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pcsc-cyberjack/+bug/1296288/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
