[Bug 968218] [NEW] ssh x11 forwarding precise to oneiric causes glibc malloc(): memory corruption

Launchpad Bug Tracker 968218 at bugs.launchpad.net
Thu Apr 12 20:18:29 UTC 2012 

You have been subscribed to a public bug by Ubuntu Foundation's Bug Bot (crichton):

SSHing (with X11 forwarding enabled) from a Precise machine to an
Oneiric machine and running certain X11 forwarded programs causes a
crash of the program, either immediately or on the first mouse click on
that program's window.

I have seen this on two client machines (a laptop and a desktop) running
the latest precise release, connecting to either the oneiric desktop
release or oneiric server release on the server side.  I have also
reproduced this with two VirtualBox VMs, connected together with host-
only networking and with desktop releases of Oneiric and Precise
installed.

To reproduce:
- On client machine, install Precise with all updates as of 2012-03-29.
- On server machine, install Oneiric with all updates as of 2012-03-29.
- Set up host-only networking so that machines can ssh to each other.
- On client machine, "ssh -X" to the server machine.  Then run an X11 application.  Some applications will crash immediately or on the first mouse click on that application.

On my test VirtualBox setup, applications that always crash on first click:
- gnome-terminal
- nautilus
- aisleriot solitaire
- gnome-control-center
- file-roller
- brasero
- gcalctool
- palimpsest

Applications that do not crash:
- Libre Office
- gimp
- banshee
- firefox
- thunderbird

Obviously, this isn't an exhaustive list.  When applications crash, they
spew out a large error message.  On my desktop machine, sshing in to an
Oneiric Server install on a physical machine, the programs crash
immediately without showing a window, but on my test setup with two
VirtualBox VMs, you first have to click on the window to cause it to
crash.  Sample crash output is attched to this bug report in the
crash_output.txt file.

OS and Software Versions:

Client:
=====
lsb_release -rd:
Description:	Ubuntu precise (development branch)
Release:	12.04

apt-cache policy xorg:
xorg:
  Installed: 1:7.6+12ubuntu1
  Candidate: 1:7.6+12ubuntu1
  Version table:
 *** 1:7.6+12ubuntu1 0
        500 http://gb.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages
        100 /var/lib/dpkg/status

Server:
======
lsb_release -rd:
Description:	Ubuntu 11.10
Release:	11.10

apt-cache policy xorg:
xorg:
  Installed: 1:7.6+7ubuntu7.1
  Candidate: 1:7.6+7ubuntu7.1
  Version table:
 *** 1:7.6+7ubuntu7.1 0
        500 http://mirror.ox.ac.uk/sites/archive.ubuntu.com/ubuntu/ oneiric-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu/ oneiric-security/main amd64 Packages
        100 /var/lib/dpkg/status
     1:7.6+7ubuntu7 0
        500 http://mirror.ox.ac.uk/sites/archive.ubuntu.com/ubuntu/ oneiric/main amd64 Packages

ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: xorg 1:7.6+12ubuntu1
ProcVersionSignature: Ubuntu 3.2.0-20.33-generic 3.2.12
Uname: Linux 3.2.0-20-generic x86_64
.tmp.unity.support.test.0:

ApportVersion: 1.95-0ubuntu1
Architecture: amd64
CompizPlugins: [core,composite,opengl,compiztoolbox,decor,vpswitch,snap,mousepoll,resize,place,move,wall,grid,regex,imgpng,session,gnomecompat,animation,fade,unitymtgrabhandles,workarounds,scale,expo,ezoom,unityshell]
CompositorRunning: compiz
Date: Thu Mar 29 13:32:19 2012
DistUpgraded: Fresh install
DistroCodename: precise
DistroVariant: ubuntu
DkmsStatus: virtualbox, 4.1.10, 3.2.0-20-generic, x86_64: installed
ExtraDebuggingInterest: Yes, whatever it takes to get this fixed in Ubuntu
InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Beta amd64+mac (20120327.1)
MachineType: Dell Inc. OptiPlex 960
ProcEnviron:
 LANGUAGE=en_GB:en
 TERM=xterm
 LANG=en_GB.UTF-8
 SHELL=/bin/bash
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.2.0-20-generic root=UUID=587e726d-6c02-4c7f-aec3-843dbfd68f4c ro quiet splash vt.handoff=7
SourcePackage: xorg
Symptom: display
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 07/31/2009
dmi.bios.vendor: Dell Inc.
dmi.bios.version: A05
dmi.board.name: 0F428D
dmi.board.vendor: Dell Inc.
dmi.board.version: A00
dmi.chassis.type: 3
dmi.chassis.vendor: Dell Inc.
dmi.modalias: dmi:bvnDellInc.:bvrA05:bd07/31/2009:svnDellInc.:pnOptiPlex960:pvr:rvnDellInc.:rn0F428D:rvrA00:cvnDellInc.:ct3:cvr:
dmi.product.name: OptiPlex 960
dmi.sys.vendor: Dell Inc.
version.compiz: compiz 1:0.9.7.2-0ubuntu4
version.ia32-libs: ia32-libs N/A
version.libdrm2: libdrm2 2.4.32-1ubuntu1
version.libgl1-mesa-dri: libgl1-mesa-dri 8.0.2-0ubuntu2
version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A
version.libgl1-mesa-glx: libgl1-mesa-glx 8.0.2-0ubuntu2
version.xserver-xorg-core: xserver-xorg-core 2:1.11.4-0ubuntu7
version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.7.0-0ubuntu1
version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:6.14.99~git20111219.aacbd629-0ubuntu2
version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.17.0-1ubuntu4
version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:0.0.16+git20111201+b5534a1-1build2

** Affects: libxi (Ubuntu)
     Importance: High
         Status: Triaged


** Tags: amd64 apport-bug compiz-0.9 patch precise ubuntu
-- 
ssh x11 forwarding precise to oneiric causes glibc malloc(): memory corruption
https://bugs.launchpad.net/bugs/968218
You received this bug notification because you are a member of Ubuntu Sponsors Team, which is subscribed to the bug report.

More information about the Ubuntu-sponsors mailing list