[Bug 915626] Re: usb-creator-gtk crashed with SIGSEGV in _dbus_watch_invalidate
Brian Murray
brian at ubuntu.com
Tue Dec 17 00:21:11 UTC 2013
** Description changed:
+ [Impact]
+ usb-creator is unable to create usb sticks with Ubuntu on it for lots of people, due to this crash.
+
+ [Test Case]
+ We never came up with a reliable test case for creating the crash in this bug report. There are reports of being able to recreate it by using usb-creator on an amd64 system to create and i386 iso with persistence. However, I think the best way to verify the fix is to check the errors bucket and ensure that the -proposed versions of the package do not appear on that page.
+
Errors bucket:
https://errors.ubuntu.com/bucket/?id=/usr/bin/usb-creator-gtk:11:_dbus_watch_invalidate:free_watches:socket_disconnect:_dbus_transport_disconnect:_dbus_transport_disconnect
To reproduce:
Fairly reliably reproducible with ubuntu-12.10-desktop-i386.iso or raring-desktop-i386.iso and choosing persitence on a 12.10/raring amd64 system.
Traceback:
Program received signal SIGSEGV, Segmentation fault.
_dbus_watch_invalidate (watch=0x0) at ../../dbus/dbus-watch.c:171
171 ../../dbus/dbus-watch.c: No such file or directory.
#0 _dbus_watch_invalidate (watch=0x0) at ../../dbus/dbus-watch.c:171
No locals.
#1 0x00007ffff5dec93d in free_watches (transport=transport at entry=0xf12590) at ../../dbus/dbus-transport-socket.c:83
socket_transport = 0xf12590
#2 0x00007ffff5dec9a9 in socket_disconnect (transport=0xf12590) at ../../dbus/dbus-transport-socket.c:987
socket_transport = 0xf12590
#3 0x00007ffff5debd67 in _dbus_transport_disconnect (transport=0xf12590) at ../../dbus/dbus-transport.c:509
No locals.
#4 _dbus_transport_disconnect (transport=0xf12590) at ../../dbus/dbus-transport.c:500
No locals.
#5 0x00007ffff5dec595 in _dbus_transport_queue_messages (transport=0xf12590) at ../../dbus/dbus-transport.c:1165
status = <optimised out>
#6 0x00007ffff5dd48e4 in _dbus_connection_get_dispatch_status_unlocked (connection=0xf152b0) at ../../dbus/dbus-connection.c:4211
No locals.
It seems to be that NULL is passed to _dbus_watch_invalidate. And that
function does not assert it's input. In the past this caused to crash
tomboy (bug #1043887), evalution-data-server (bug #852342) and possible
other software (e.g. https://bugzilla.redhat.com/show_bug.cgi?id=553601
).
I'd like to open dbus bug and fix that function in dbus to be more
resilient.
Attaching full gdb tracelog: https://bugs.launchpad.net/ubuntu/+source
/usb-creator/+bug/915626/+attachment/3480179/+files/gdb-dbus.txt
** Description changed:
[Impact]
usb-creator is unable to create usb sticks with Ubuntu on it for lots of people, due to this crash.
[Test Case]
We never came up with a reliable test case for creating the crash in this bug report. There are reports of being able to recreate it by using usb-creator on an amd64 system to create and i386 iso with persistence. However, I think the best way to verify the fix is to check the errors bucket and ensure that the -proposed versions of the package do not appear on that page.
Errors bucket:
https://errors.ubuntu.com/bucket/?id=/usr/bin/usb-creator-gtk:11:_dbus_watch_invalidate:free_watches:socket_disconnect:_dbus_transport_disconnect:_dbus_transport_disconnect
+ and possibly this bucket
+ https://errors.ubuntu.com/problem/2a6909bd90bfe27a333e310be9e091055841a810
+
To reproduce:
Fairly reliably reproducible with ubuntu-12.10-desktop-i386.iso or raring-desktop-i386.iso and choosing persitence on a 12.10/raring amd64 system.
Traceback:
Program received signal SIGSEGV, Segmentation fault.
_dbus_watch_invalidate (watch=0x0) at ../../dbus/dbus-watch.c:171
171 ../../dbus/dbus-watch.c: No such file or directory.
#0 _dbus_watch_invalidate (watch=0x0) at ../../dbus/dbus-watch.c:171
No locals.
#1 0x00007ffff5dec93d in free_watches (transport=transport at entry=0xf12590) at ../../dbus/dbus-transport-socket.c:83
socket_transport = 0xf12590
#2 0x00007ffff5dec9a9 in socket_disconnect (transport=0xf12590) at ../../dbus/dbus-transport-socket.c:987
socket_transport = 0xf12590
#3 0x00007ffff5debd67 in _dbus_transport_disconnect (transport=0xf12590) at ../../dbus/dbus-transport.c:509
No locals.
#4 _dbus_transport_disconnect (transport=0xf12590) at ../../dbus/dbus-transport.c:500
No locals.
#5 0x00007ffff5dec595 in _dbus_transport_queue_messages (transport=0xf12590) at ../../dbus/dbus-transport.c:1165
status = <optimised out>
#6 0x00007ffff5dd48e4 in _dbus_connection_get_dispatch_status_unlocked (connection=0xf152b0) at ../../dbus/dbus-connection.c:4211
No locals.
It seems to be that NULL is passed to _dbus_watch_invalidate. And that
function does not assert it's input. In the past this caused to crash
tomboy (bug #1043887), evalution-data-server (bug #852342) and possible
other software (e.g. https://bugzilla.redhat.com/show_bug.cgi?id=553601
).
I'd like to open dbus bug and fix that function in dbus to be more
resilient.
Attaching full gdb tracelog: https://bugs.launchpad.net/ubuntu/+source
/usb-creator/+bug/915626/+attachment/3480179/+files/gdb-dbus.txt
--
You received this bug notification because you are a member of Ubuntu
Review Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/915626
Title:
usb-creator-gtk crashed with SIGSEGV in _dbus_watch_invalidate
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dbus/+bug/915626/+subscriptions
More information about the Ubuntu-patch-reviews
mailing list