I think I see a potential problem if 'initctl notify-disk-writeable' is called multiple times. The log_clear_unflushed() function walks the log_unflushed_files list, attempting to flush each of the logs and freeing them when done with nih_free(). But as far as I know, nih_free() will not cause the element to be removed from the log_unflushed_files list, so if this function is ever called a second time it looks to me that it will re-process the list, traversing freed memory with undefined results.
We can't see anything in the official Ubuntu rootfs that would account for this function being called more than once. On the other hand, we also haven't seen this reproduced on any devices other than those installed in the factory, so it could be that an error has crept in there. We can try to produce a patch to upstart to fix this bug, to see if it fixes the segfault for those who are seeing it. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1447756 Title: segfault in log.c code causes phone reboot loops To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1447756/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
