[Bug 915626] Re: usb-creator-gtk crashed with SIGSEGV in _dbus_watch_invalidate

Christopher M. Penalver christopher.m.penalver at gmail.com
Wed Dec 18 17:23:31 UTC 2013 

Chris Halse Rogers, verification-done for Saucy.

lsb_release -rd
Description:	Ubuntu 13.10
Release:	13.10

apt-cache policy usb-creator-gtk
usb-creator-gtk:
  Installed: 0.2.50.1
  Candidate: 0.2.50.1
  Version table:
 *** 0.2.50.1 0
        400 http://us.archive.ubuntu.com/ubuntu/ saucy-proposed/main amd64 Packages
        100 /var/lib/dpkg/status
     0.2.50 0
        500 http://us.archive.ubuntu.com/ubuntu/ saucy/main amd64 Packages

With the prior version of usb-creator-gtk, crashes as documented in
https://bugs.launchpad.net/ubuntu/+source/usb-creator/+bug/1262293 .
With the proposed version, no crash.

** Tags removed: verification-needed
** Tags added: verification-done

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to udisks in Ubuntu.
https://bugs.launchpad.net/bugs/915626

Title:
  usb-creator-gtk crashed with SIGSEGV in _dbus_watch_invalidate

Status in “dbus” package in Ubuntu:
  Invalid
Status in “udisks” package in Ubuntu:
  Invalid
Status in “usb-creator” package in Ubuntu:
  Fix Released
Status in “dbus” source package in Precise:
  Invalid
Status in “udisks” source package in Precise:
  Invalid
Status in “usb-creator” source package in Precise:
  Fix Committed
Status in “dbus” source package in Quantal:
  Invalid
Status in “udisks” source package in Quantal:
  Invalid
Status in “usb-creator” source package in Quantal:
  Fix Committed
Status in “dbus” source package in Raring:
  Invalid
Status in “udisks” source package in Raring:
  Invalid
Status in “usb-creator” source package in Raring:
  Fix Committed
Status in “dbus” source package in Saucy:
  Invalid
Status in “udisks” source package in Saucy:
  Invalid
Status in “usb-creator” source package in Saucy:
  Fix Committed

Bug description:
  [Impact]
  usb-creator is unable to create usb sticks with Ubuntu on it for lots of people, due to this crash.

  [Test Case]
  We never came up with a reliable test case for creating the crash in this bug report.  There are reports of being able to recreate it by using usb-creator on an amd64 system to create and i386 iso with persistence.  However, I think the best way to verify the fix is to check the errors bucket and ensure that the -proposed versions of the package do not appear on that page.

  Errors bucket:
  https://errors.ubuntu.com/bucket/?id=/usr/bin/usb-creator-gtk:11:_dbus_watch_invalidate:free_watches:socket_disconnect:_dbus_transport_disconnect:_dbus_transport_disconnect
  and possibly this bucket
  https://errors.ubuntu.com/problem/2a6909bd90bfe27a333e310be9e091055841a810

  
  To reproduce:
  Fairly reliably reproducible with ubuntu-12.10-desktop-i386.iso or raring-desktop-i386.iso and choosing persitence on a 12.10/raring amd64 system.

  Traceback:
  Program received signal SIGSEGV, Segmentation fault.
  _dbus_watch_invalidate (watch=0x0) at ../../dbus/dbus-watch.c:171
  171     ../../dbus/dbus-watch.c: No such file or directory.

  #0  _dbus_watch_invalidate (watch=0x0) at ../../dbus/dbus-watch.c:171
  No locals.
  #1  0x00007ffff5dec93d in free_watches (transport=transport at entry=0xf12590) at ../../dbus/dbus-transport-socket.c:83
          socket_transport = 0xf12590
  #2  0x00007ffff5dec9a9 in socket_disconnect (transport=0xf12590) at ../../dbus/dbus-transport-socket.c:987
          socket_transport = 0xf12590
  #3  0x00007ffff5debd67 in _dbus_transport_disconnect (transport=0xf12590) at ../../dbus/dbus-transport.c:509
  No locals.
  #4  _dbus_transport_disconnect (transport=0xf12590) at ../../dbus/dbus-transport.c:500
  No locals.
  #5  0x00007ffff5dec595 in _dbus_transport_queue_messages (transport=0xf12590) at ../../dbus/dbus-transport.c:1165
          status = <optimised out>
  #6  0x00007ffff5dd48e4 in _dbus_connection_get_dispatch_status_unlocked (connection=0xf152b0) at ../../dbus/dbus-connection.c:4211
  No locals.

  It seems to be that NULL is passed to _dbus_watch_invalidate. And that
  function does not assert it's input. In the past this caused to crash
  tomboy (bug #1043887), evalution-data-server (bug #852342) and
  possible other software (e.g.
  https://bugzilla.redhat.com/show_bug.cgi?id=553601 ).

  I'd like to open dbus bug and fix that function in dbus to be more
  resilient.

  Attaching full gdb tracelog: https://bugs.launchpad.net/ubuntu/+source
  /usb-creator/+bug/915626/+attachment/3480179/+files/gdb-dbus.txt

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dbus/+bug/915626/+subscriptions

More information about the foundations-bugs mailing list