Ubuntu
geoclue-2.0 package

geoclue crashed with SIGSEGV

Bug #1517793 reported by Anders Kaseorg
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
GeoClue
Fix Released
High
geoclue-2.0 (Ubuntu)
Fix Released
Medium
Unassigned

Bug Description

I get this crash after starting gnome-maps and enabling Location Services in the Privacy pane of gnome-control-center.

ProblemType: Crash
DistroRelease: Ubuntu 16.04
Package: geoclue-2.0 2.3.0-2
ProcVersionSignature: Ubuntu 4.2.0-19.23-generic 4.2.6
Uname: Linux 4.2.0-19-generic x86_64
NonfreeKernelModules: openafs
ApportVersion: 2.19.2-0ubuntu6
Architecture: amd64
Date: Thu Nov 19 04:02:01 2015
ExecutablePath: /usr/lib/geoclue-2.0/geoclue
InstallationDate: Installed on 2015-06-02 (169 days ago)
InstallationMedia: Ubuntu-GNOME 15.04 "Vivid Vervet" - Release amd64 (20150422)
ProcCmdline: /usr/lib/geoclue-2.0/geoclue -t 5
ProcEnviron:
 LANG=en_US.UTF-8
 PATH=(custom, no user)
 SHELL=/bin/false
SegvAnalysis:
 Segfault happened at: 0x4175ed: mov (%rax),%rbx
 PC (0x004175ed) ok
 source "(%rax)" (0x00000000) not located in a known VMA region (needed readable region)!
 destination "%rbx" ok
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: geoclue-2.0
StacktraceTop:
 ?? ()
 ?? ()
 ?? ()
 ?? ()
 ?? ()
Title: geoclue crashed with SIGSEGV
UpgradeStatus: Upgraded to xenial on 2015-10-28 (22 days ago)
UserGroups:

Revision history for this message
Anders Kaseorg (andersk) wrote :
Revision history for this message
Apport retracing service (apport) wrote :

StacktraceTop:
 connect_bss_signals (wifi=0x7efce4003590) at gclue-wifi.c:395
 gclue_wifi_start (source=0x7efce4003590) at gclue-wifi.c:435
 gclue_locator_start (source=<optimized out>) at gclue-locator.c:407
 complete_start (data=0x1750b80, accuracy_level=GCLUE_ACCURACY_LEVEL_EXACT) at gclue-service-client.c:301
 on_authorize_app_ready (source_object=<optimized out>, res=0x7efce40035c0, user_data=0x1750b80) at gclue-service-client.c:350

Revision history for this message
Apport retracing service (apport) wrote : Stacktrace.txt
Revision history for this message
Apport retracing service (apport) wrote : StacktraceSource.txt
Revision history for this message
Apport retracing service (apport) wrote : ThreadStacktrace.txt
Changed in geoclue-2.0 (Ubuntu):
importance: Undecided → Medium
tags: removed: need-amd64-retrace
Revision history for this message
In , Anders Kaseorg (andersk) wrote :
Download full text (5.4 KiB)

I'm seeing the following crash in connect_bss_signals from GeoClue 2.4.0 built from Git master on Ubuntu 16.04. It happens immediately upon starting where-am-i (or, as far as I can tell, any other application that requests a location). The function checks whether bss_list[i] is NULL but never checks whether bss_list itself is NULL.

Program received signal SIGSEGV, Segmentation fault.
0x00000000004176e6 in connect_bss_signals (wifi=0x7fffe40115e0 [GClueWifi])
    at gclue-wifi.c:395
395 for (i = 0; bss_list[i] != NULL; i++)
(gdb) bt full
#0 0x00000000004176e6 in connect_bss_signals (wifi=0x7fffe40115e0 [GClueWifi])
    at gclue-wifi.c:395
        priv = 0x7fffe4011540
        bss_list = 0x0
        i = 0
#1 0x0000000000418501 in gclue_wifi_start (source=0x7fffe40115e0 [GClueWifi])
    at gclue-wifi.c:435
        base_class = <optimized out>
        __func__ = "gclue_wifi_start"
#2 0x0000000000415876 in gclue_location_source_start (source=source@entry=0x7fffe40115e0 [GClueWifi]) at gclue-location-source.c:309
        __func__ = "gclue_location_source_start"
#3 0x0000000000416117 in start_source (locator=locator@entry=0x6803f0 [GClueLocator], src=src@entry=0x7fffe40115e0 [GClueWifi]) at gclue-locator.c:188
        location = 0x0
#4 0x0000000000416a46 in gclue_locator_start (source=<optimized out>)
    at gclue-locator.c:407
        src = 0x7fffe40115e0 [GClueWifi]
        level = GCLUE_ACCURACY_LEVEL_STREET
        base_class = <optimized out>
        locator = 0x6803f0 [GClueLocator]
Python Exception <class 'TypeError'> iter() returned non-iterator of type '_iterator':
        node = 0x697840
        __func__ = "gclue_locator_start"
#5 0x0000000000415876 in gclue_location_source_start (source=0x6803f0 [GClueLocator])
    at gclue-location-source.c:309
        __func__ = "gclue_location_source_start"
#6 0x000000000040a5e5 in start_client (client=0x69f900 [GClueServiceClient], accuracy_level=accuracy_level@entry=GCLUE_ACCURACY_LEVEL_EXACT) at gclue-service-client.c:219
        priv = 0x69f850
#7 0x000000000040a7b8 in complete_start (data=data@entry=0x68ab50, accuracy_level=GCLUE_ACCURACY_LEVEL_EXACT) at gclue-service-client.c:301
        gdbus_client = 0x69f900
#8 0x000000000040a8dd in on_authorize_app_ready (source_object=0x66fbf0 [GClueAgentProxy], res=0x667110, user_data=0x68ab50) at gclue-service-client.c:350
        data = 0x68ab50
        client = 0x69f900
        priv = 0x69f850
        error = 0x0
        authorized = 1
        accuracy_level = GCLUE_ACCURACY_LEVEL_EXACT
#9 0x00007ffff6d0fed3 in g_task_return_now (task=0x667110 [GTask])
    at /build/glib2.0-ZjeN9o/glib2.0-2.47.1/./gio/gtask.c:1106
#10 0x00007ffff6d1057e in g_task_return (task=0x667110 [GTask], type=<optimized out>)
    at /build/glib2.0-ZjeN9o/glib2.0-2.47.1/./gio/gtask.c:1164
        source = 0x7fffe0008480
#11 0x00007ffff6d6875b in reply_cb (connection=<optimized out>, res=<optimized out>, user_data=0x667110) at /build/glib2.0-ZjeN9o/glib2.0-2.47.1/./gio/gdbusproxy.c:2579
        data = <optimized out>
        task = 0x667110 [GTask]
        value = <optimized out>
        error = 0x0
        fd_list = 0x0
#12 0x00007ffff6d0fed3 in g_task_return_n...

Read more...

Anders Kaseorg (andersk)
information type: Private → Public
Bug Watch Updater (bug-watch-updater)
Changed in geoclue:
importance: Unknown → High
status: Unknown → Confirmed
Revision history for this message
In , Zeeshan Ali (zeenix) wrote :

commit: 4ad5069d95d681c716074d8bbfc40b6312fdbd66

    wifi: Add a missing NULL check

    This avoids a crash if we get a NULL as BSS list from wpa_supplicant.

Bug Watch Updater (bug-watch-updater)
Changed in geoclue:
status: Confirmed → Fix Released
Sebastien Bacher (seb128)
Changed in geoclue-2.0 (Ubuntu):
status: New → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package geoclue-2.0 - 2.4.0-1ubuntu1

---------------
geoclue-2.0 (2.4.0-1ubuntu1) xenial; urgency=medium

  * debian/patches/git_no_segfault.patch:
    - backport upstream fix for a segfault issue (lp: #1517793)

 -- Sebastien Bacher <email address hidden> Mon, 23 Nov 2015 17:00:06 +0100

Changed in geoclue-2.0 (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.