[Bug 915626] Re: usb-creator-gtk crashed with SIGSEGV in _dbus_watch_invalidate

Fri Jan 3 17:22:17 UTC 2014

@Gunnar - on what release does it work for you?

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to udisks in Ubuntu.
https://bugs.launchpad.net/bugs/915626

Title:
  usb-creator-gtk crashed with SIGSEGV in _dbus_watch_invalidate

Status in “dbus” package in Ubuntu:
  Invalid
Status in “udisks” package in Ubuntu:
  Invalid
Status in “usb-creator” package in Ubuntu:
  Fix Released
Status in “dbus” source package in Precise:
  Invalid
Status in “udisks” source package in Precise:
  Invalid
Status in “usb-creator” source package in Precise:
  Fix Committed
Status in “dbus” source package in Quantal:
  Invalid
Status in “udisks” source package in Quantal:
  Invalid
Status in “usb-creator” source package in Quantal:
  Fix Committed
Status in “dbus” source package in Raring:
  Invalid
Status in “udisks” source package in Raring:
  Invalid
Status in “usb-creator” source package in Raring:
  Fix Committed
Status in “dbus” source package in Saucy:
  Invalid
Status in “udisks” source package in Saucy:
  Invalid
Status in “usb-creator” source package in Saucy:
  Fix Committed

Bug description:
  [Impact]
  usb-creator is unable to create usb sticks with Ubuntu on it for lots of people, due to this crash.

  [Test Case]
  What is expected to happen is when one plug in a freshly FAT32 formatted drive (example hardware this is reproducible on, but not limited to):
  Bus 004 Device 002: ID 1058:1130 Western Digital Technologies, Inc.

  and clicks button Make Startup Disk, it doesn't crash. What happens is
  when it prompts for the sudo password, it crashes during this or after
  accepting the password.

  We never came up with a reliable test case for creating the crash in
  this bug report.  There are reports of being able to recreate it by
  using usb-creator on an amd64 system to create and i386 iso with
  persistence.  However, I think the best way to verify the fix is to
  check the errors bucket and ensure that the -proposed versions of the
  package do not appear on that page.

  Errors bucket:
  https://errors.ubuntu.com/bucket/?id=/usr/bin/usb-creator-gtk:11:_dbus_watch_invalidate:free_watches:socket_disconnect:_dbus_transport_disconnect:_dbus_transport_disconnect
  and possibly this bucket
  https://errors.ubuntu.com/problem/2a6909bd90bfe27a333e310be9e091055841a810

  To reproduce:
  Fairly reliably reproducible with ubuntu-12.10-desktop-i386.iso or raring-desktop-i386.iso and choosing persitence on a 12.10/raring amd64 system.

  Traceback:
  Program received signal SIGSEGV, Segmentation fault.
  _dbus_watch_invalidate (watch=0x0) at ../../dbus/dbus-watch.c:171
  171     ../../dbus/dbus-watch.c: No such file or directory.

  #0  _dbus_watch_invalidate (watch=0x0) at ../../dbus/dbus-watch.c:171
  No locals.
  #1  0x00007ffff5dec93d in free_watches (transport=transport at entry=0xf12590) at ../../dbus/dbus-transport-socket.c:83
          socket_transport = 0xf12590
  #2  0x00007ffff5dec9a9 in socket_disconnect (transport=0xf12590) at ../../dbus/dbus-transport-socket.c:987
          socket_transport = 0xf12590
  #3  0x00007ffff5debd67 in _dbus_transport_disconnect (transport=0xf12590) at ../../dbus/dbus-transport.c:509
  No locals.
  #4  _dbus_transport_disconnect (transport=0xf12590) at ../../dbus/dbus-transport.c:500
  No locals.
  #5  0x00007ffff5dec595 in _dbus_transport_queue_messages (transport=0xf12590) at ../../dbus/dbus-transport.c:1165
          status = <optimised out>
  #6  0x00007ffff5dd48e4 in _dbus_connection_get_dispatch_status_unlocked (connection=0xf152b0) at ../../dbus/dbus-connection.c:4211
  No locals.

  It seems to be that NULL is passed to _dbus_watch_invalidate. And that
  function does not assert it's input. In the past this caused to crash
  tomboy (bug #1043887), evalution-data-server (bug #852342) and
  possible other software (e.g.
  https://bugzilla.redhat.com/show_bug.cgi?id=553601 ).

  I'd like to open dbus bug and fix that function in dbus to be more
  resilient.

  Attaching full gdb tracelog: https://bugs.launchpad.net/ubuntu/+source
  /usb-creator/+bug/915626/+attachment/3480179/+files/gdb-dbus.txt

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dbus/+bug/915626/+subscriptions