[Bug 915626] Re: usb-creator-gtk crashed with SIGSEGV in _dbus_watch_invalidate

Mon Dec 2 01:20:27 UTC 2013

It looks to me like this is a failure due to not initializing multi-
threading in dbus. Two threads appear to be closing the connection at
once and thus the second thread crashes since there is no locking. The
attached patch appears to fix the problem for me at least.

** Patch added: "fix_dbus_crash.patch"
   https://bugs.launchpad.net/ubuntu/+source/usb-creator/+bug/915626/+attachment/3921007/+files/fix_dbus_crash.patch

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to udisks in Ubuntu.
https://bugs.launchpad.net/bugs/915626

Title:
  usb-creator-gtk crashed with SIGSEGV in _dbus_watch_invalidate

Status in “dbus” package in Ubuntu:
  Confirmed
Status in “udisks” package in Ubuntu:
  Confirmed
Status in “usb-creator” package in Ubuntu:
  Triaged
Status in “dbus” source package in Quantal:
  Confirmed
Status in “udisks” source package in Quantal:
  Confirmed
Status in “usb-creator” source package in Quantal:
  Won't Fix

Bug description:
  To reproduce:
  Fairly reliably reproducible with ubuntu-12.10-desktop-i386.iso or raring-desktop-i386.iso and choosing persitence on a 12.10/raring amd64 system.

  Traceback:
  Program received signal SIGSEGV, Segmentation fault.
  _dbus_watch_invalidate (watch=0x0) at ../../dbus/dbus-watch.c:171
  171     ../../dbus/dbus-watch.c: No such file or directory.

  #0  _dbus_watch_invalidate (watch=0x0) at ../../dbus/dbus-watch.c:171
  No locals.
  #1  0x00007ffff5dec93d in free_watches (transport=transport at entry=0xf12590) at ../../dbus/dbus-transport-socket.c:83
          socket_transport = 0xf12590
  #2  0x00007ffff5dec9a9 in socket_disconnect (transport=0xf12590) at ../../dbus/dbus-transport-socket.c:987
          socket_transport = 0xf12590
  #3  0x00007ffff5debd67 in _dbus_transport_disconnect (transport=0xf12590) at ../../dbus/dbus-transport.c:509
  No locals.
  #4  _dbus_transport_disconnect (transport=0xf12590) at ../../dbus/dbus-transport.c:500
  No locals.
  #5  0x00007ffff5dec595 in _dbus_transport_queue_messages (transport=0xf12590) at ../../dbus/dbus-transport.c:1165
          status = <optimised out>
  #6  0x00007ffff5dd48e4 in _dbus_connection_get_dispatch_status_unlocked (connection=0xf152b0) at ../../dbus/dbus-connection.c:4211
  No locals.

  It seems to be that NULL is passed to _dbus_watch_invalidate. And that
  function does not assert it's input. In the past this caused to crash
  tomboy (bug #1043887), evalution-data-server (bug #852342) and
  possible other software (e.g.
  https://bugzilla.redhat.com/show_bug.cgi?id=553601 ).

  I'd like to open dbus bug and fix that function in dbus to be more
  resilient.

  Attaching full gdb tracelog: https://bugs.launchpad.net/ubuntu/+source
  /usb-creator/+bug/915626/+attachment/3480179/+files/gdb-dbus.txt

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dbus/+bug/915626/+subscriptions