[Bug 1994145] [NEW] [SRU] Mirage segfaults immediately when run

Launchpad Bug Tracker 1994145 at bugs.launchpad.net
Mon Dec 25 01:07:35 UTC 2023 

You have been subscribed to a public bug by Sudip Mukherjee (sudipmuk):

[ Impact ]

mirage is completely unusable as it will always segfault if any user
tries to run the application.

Debugger showed that it is causing segfault when it is tryig to import the module xmouse. And then the coredump showed that the segfault is when Python is trying to check the flags for the methods while importing the module.
The upstream Python developers helped and the issue was found to be a missing sentinel value which caused "PyModule_Create" to access memory beyond the end of the array.

[ Test Plan ]

 * Execute the command "mirage", which will segfault if its not fixed.
 * With the fixed package, the "mirage" window will be displayed.

[ Where problems could occur ]

 * This is not changing any part of the code and is only adding a sentinel value to terminate the array.
 * It is already completely unusable for users, and this will not cause any more regression than what user experiences now.

[ Other Info ]

* All versions from Jammy are affected by this.
* More info at https://github.com/python/cpython/issues/113460

[ Original Bug Description ]

Newly installed mirage segfaults immediately when run.

Last few lines of strace:
mmap(NULL, 4096, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f04e7f0a000
newfstatat(AT_FDCWD, "/usr/lib/python3/dist-packages/mirage", {st_mode=S_IFDIR|0755, st_size=4096, ...}, 0) = 0
newfstatat(AT_FDCWD, "/usr/lib/python3/dist-packages/mirage/imgfuncs.cpython-310-x86_64-linux-gnu.so", {st_mode=S_IFREG|0644, st_size=14800, ...}, 0) = 0
openat(AT_FDCWD, "/usr/lib/python3/dist-packages/mirage/imgfuncs.cpython-310-x86_64-linux-gnu.so", O_RDONLY|O_CLOEXEC) = 13
read(13, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
newfstatat(13, "", {st_mode=S_IFREG|0644, st_size=14800, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 16720, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 13, 0) = 0x7f04e7f05000
mmap(0x7f04e7f06000, 4096, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 13, 0x1000) = 0x7f04e7f06000
mmap(0x7f04e7f07000, 4096, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 13, 0x2000) = 0x7f04e7f07000
mmap(0x7f04e7f08000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 13, 0x2000) = 0x7f04e7f08000
close(13)                               = 0
mprotect(0x7f04e7f08000, 4096, PROT_READ) = 0
newfstatat(AT_FDCWD, "/usr/lib/python3/dist-packages/mirage", {st_mode=S_IFDIR|0755, st_size=4096, ...}, 0) = 0
newfstatat(AT_FDCWD, "/usr/lib/python3/dist-packages/mirage/xmouse.cpython-310-x86_64-linux-gnu.so", {st_mode=S_IFREG|0644, st_size=14640, ...}, 0) = 0
openat(AT_FDCWD, "/usr/lib/python3/dist-packages/mirage/xmouse.cpython-310-x86_64-linux-gnu.so", O_RDONLY|O_CLOEXEC) = 13
read(13, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
newfstatat(13, "", {st_mode=S_IFREG|0644, st_size=14640, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 16560, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 13, 0) = 0x7f04e4009000
mmap(0x7f04e400a000, 4096, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 13, 0x1000) = 0x7f04e400a000
mmap(0x7f04e400b000, 4096, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 13, 0x2000) = 0x7f04e400b000
mmap(0x7f04e400c000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 13, 0x2000) = 0x7f04e400c000
close(13)                               = 0
mprotect(0x7f04e400c000, 4096, PROT_READ) = 0
--- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x1} ---
+++ killed by SIGSEGV (core dumped) +++
Segmentation fault (core dumped)

ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: mirage 0.11.1-1build4
ProcVersionSignature: Ubuntu 5.15.0-48.54-generic 5.15.53
Uname: Linux 5.15.0-48-generic x86_64
NonfreeKernelModules: nvidia_modeset nvidia
ApportVersion: 2.20.11-0ubuntu82.1
Architecture: amd64
CasperMD5CheckResult: unknown
CurrentDesktop: ubuntu:GNOME
Date: Tue Oct 25 08:30:56 2022
InstallationDate: Installed on 2022-03-03 (235 days ago)
InstallationMedia: Ubuntu 20.04.4 LTS "Focal Fossa" - Release amd64 (20220223)
ProcEnviron:
 TERM=xterm-256color
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_US.UTF-8
 SHELL=/bin/bash
RebootRequiredPkgs: Error: path contained symlinks.
SourcePackage: mirage
UpgradeStatus: Upgraded to jammy on 2022-06-30 (116 days ago)

** Affects: mirage
     Importance: Unknown
         Status: New

** Affects: mirage (Ubuntu)
     Importance: Undecided
         Status: Confirmed

** Affects: mirage (Ubuntu Jammy)
     Importance: Undecided
         Status: Confirmed

** Affects: mirage (Ubuntu Lunar)
     Importance: Undecided
         Status: Confirmed

** Affects: mirage (Ubuntu Mantic)
     Importance: Undecided
         Status: Confirmed


** Tags: amd64 apport-bug jammy wayland-session
-- 
[SRU] Mirage segfaults immediately when run
https://bugs.launchpad.net/bugs/1994145
You received this bug notification because you are a member of Ubuntu Sponsors, which is subscribed to the bug report.

More information about the Ubuntu-sponsors mailing list