Ubuntu
gtk+2.0 package

gtk fileselector crash on incorrect bookmarks entries

Bug #238261 reported by John Cromie
18
Affects Status Importance Assigned to Milestone
GTK+
Fix Released
Critical
gtk+2.0 (Ubuntu)
Fix Released
Medium
Ubuntu Desktop Bugs

Bug Description

Binary package hint: gedit

This appears to be a segmentation fault in file chooser. It occurs on a range of applications (gedit, OpenOffice, Evolution...), anything that uses the standard file chooser dialogues. (The bug does not appear in Firefox, which appears to use its own file chooser.)

The bug is 100% consistent. Every File | Open, File | Save As and File | Save of a new file (which invokes chooser to collect a name) will crash with a segmentation fault. Files | Save of an existing file (which does not open a dialogue) works fine in every case.

I have tried the fixes to other similar bugs, including changing desktop to a different theme, and confirming that gvfs is 0.1.11 or later (it appears to be 0.2.4). File system / permission all appear to be fine.

The distribution is Ubuntu Hardy, upgraded on-line from Gutsy. Platform is AMD64.

The bug did not appear at first, and the user (remote from me, unfortunately) cannot say with accuracy when it started appearing. But he's pretty sure it was more recent than the upgrade.

Recent syslog entries:-

Jun 8 12:28:52 jjm kernel: [ 6227.245119] evolution[5687]: segfault at 00000003 eip b6cbbbc7 esp bfc268d8 error 4
Jun 8 12:57:24 jjm kernel: [ 7937.896199] gedit[8035]: segfault at 00000003 eip b736bbc7 esp bfcb6df8 error 4
Jun 8 12:58:30 jjm kernel: [ 8004.054483] gedit[8059]: segfault at 00000003 eip b73aebc7 esp bfb04448 error 4
Jun 8 13:04:47 jjm kernel: [ 8381.373246] gedit[8166]: segfault at 00000003 eip b7356bc7 esp bfce8e28 error 4
Jun 8 13:28:03 jjm kernel: [ 9776.704263] gedit[8709]: segfault at 00000003 eip b7401bc7 esp bfcfb638 error 4
Jun 8 13:40:11 jjm kernel: [ 303.131318] gedit[5711]: segfault at 00000003 eip b741cbc7 esp bf88de48 error 4
Jun 8 14:12:18 jjm kernel: [ 2229.547542] gedit[6034]: segfault at 00000003 eip b734fbc7 esp bfa6dee8 error 4
Jun 8 14:12:54 jjm kernel: [ 2265.241041] gedit[6150]: segfault at 00000003 eip b73a8bc7 esp bfeab328 error 4
Jun 8 14:23:36 jjm kernel: [ 2906.733963] gedit[6438]: segfault at 00000003 eip b734ebc7 esp bfb46478 error 4
Jun 8 14:25:43 jjm kernel: [ 3034.191442] gedit[6482]: segfault at 00000003 eip b73fbbc7 esp bfdcc708 error 4

ProblemType: Crash
Architecture: i386
Date: Sun Jun 8 13:40:12 2008
DistroRelease: Ubuntu 8.04
ExecutablePath: /usr/bin/gedit
Package: gedit 2.22.3-0ubuntu1
PackageArchitecture: i386
ProcCmdline: gedit file:///home/username/Desktop/john%20testing/test1
ProcEnviron:
 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
 LANG=en_NZ.UTF-8
 SHELL=/bin/bash
Signal: 11
SourcePackage: gedit
StacktraceTop:
 strchr () from /lib/tls/i686/cmov/libc.so.6
 ?? () from /usr/lib/libgtk-x11-2.0.so.0
 ?? () from /usr/lib/libgtk-x11-2.0.so.0
 ?? () from /usr/lib/libgtk-x11-2.0.so.0
 ?? () from /usr/lib/libgtk-x11-2.0.so.0
Title: gedit crashed with SIGSEGV in strchr()
Uname: Linux 2.6.24-18-generic i686
UserGroups: adm admin audio cdrom dialout dip floppy lpadmin netdev plugdev powerdev scanner video

Revision history for this message
John Cromie (johnc-itdepartment) wrote :
Revision history for this message
Ralph Janke (txwikinger) wrote :

Thanks for reporting this bug and any supporting documentation. Since this bug has enough information provided for a developer to begin work, I'm going to mark it as confirmed and let them handle it from here. Thanks for taking the time to make Ubuntu better!

Changed in gedit:
importance: Undecided → Medium
status: New → Triaged
Revision history for this message
Pedro Villavicencio (pedro) wrote :

no, It doesn't have enough information, there's no backtrace on it and it's marked as need-i386-retrace to get one, until that the bug is missing information, unsetting the triage status. thanks.

Changed in gedit:
status: Triaged → Incomplete
Revision history for this message
Apport retracing service (apport) wrote : Symbolic stack trace

StacktraceTop:strchr () from /lib/tls/i686/cmov/libc.so.6
?? () from /usr/lib/libgtk-x11-2.0.so.0
?? () from /usr/lib/libgtk-x11-2.0.so.0
?? () from /usr/lib/libgtk-x11-2.0.so.0
?? () from /usr/lib/libgtk-x11-2.0.so.0

Revision history for this message
Apport retracing service (apport) wrote : Symbolic threaded stack trace
Revision history for this message
Pedro Villavicencio (pedro) wrote : Re: gedit crash on save as

Thanks for your bug report. Please try to obtain a backtrace http://wiki.ubuntu.com/DebuggingProgramCrash and attach the file to the bug report. This will greatly help us in tracking down your problem.

Changed in gedit:
assignee: nobody → desktop-bugs
Revision history for this message
John Cromie (johnc-itdepartment) wrote :

Pedro, Right, here is the backtrace. I have provided a backtrace for gedit, because (a) the bug affects all applications that use the Gnome file chooser dialogues (including gedit), and (b) I couldn't get OOo to run under gdb (just not good enough!). Since it appears common to anything using the gedit dialogues, this should be OK.

Revision history for this message
Pedro Villavicencio (pedro) wrote :

the trace is missing a lot of symbols, please install the dbgsyms packages of gtk, glib and gedit and get a new one, thanks.

Revision history for this message
John Cromie (johnc-itdepartment) wrote :

Pedro, I've attached a new backtrace, but to be honest, I'm not sure I have installed the correct dbgsyms packages. For the record, I installed gedit-dbgsyms, libglib2.0-0-dbg, libgtk2.0-0-dbg, and libgnomevfs2-0-dbg. I couldn't find anything named gtk-dbgsym or glib-dbgsym or similar.

If you need me to go around the buoy again, please tell me _exactly_ what dbgsym packages you mean. This is not my area of expertise.

Revision history for this message
Sebastien Bacher (seb128) wrote :

the crash is similar to http://bugzilla.gnome.org/show_bug.cgi?id=455304, do you have anything special in your .gtk-bookmarks? could you attach it to the bug?

Revision history for this message
John Cromie (johnc-itdepartment) wrote :

No, nothing special (as far as I know). File is attached...

Revision history for this message
Sebastien Bacher (seb128) wrote :

could you try removing the first line and see if that fixes the issue?

Revision history for this message
John Cromie (johnc-itdepartment) wrote :

Sebastien, I removed the 'file:///Session=default' line, but it made no difference. In desperation, I removed the whole .gtk-bookmarks file, and the problem has gone. How or why, I don't know. There was no visible corruption (or unprintables) in the file. But everything is back to normal now.

Surely this is a pretty serious defect in GTK? I mean, software shouldn't segfault because it doesn't like the look of a bookmark file! Pretty weak. As an IT pro seeking to move clients across to OSS, this gives me the shivers.

Anyway, probably not your issue, but I would hope that a distro as popular as Ubuntu would be able to exert some influence on the relevant team to get mile-wide bugs like this repaired quickly... I'm only sorry that I don't personally have the time or skills to address this bug at source.

You can close this now. But please open a high-priority bug with GTK for me...!

Thanks for all your help. John.

Revision history for this message
Sebastien Bacher (seb128) wrote :

the session line is the second one, the [] on the first ones are likely the issue, while GTK should not crash on those it would be interesting to know what software wrote those buggy bookmarks lines there

Revision history for this message
Antti Salminen (antti-salminen) wrote :

I had this exact problem, on amd64 and right after doing an upgrade to Hardy from the previous release. Removing .gtk-bookmarks fixed it, I'll attach my .gtk-bookmarks here as well. It looks quite different from the one already here...

Revision history for this message
John Cromie (johnc-itdepartment) wrote :

Sebastian, yes, you're right. Removing the first line "[Desktop]" eliminated the bug. Based on Antti's input, I can only guess that it occurs somewhere in the upgrade process or soon after as a direct result.

It's amazing that something as simple as "[" and "]" characters in the .gtk-bookmarks file can crash every application using the Gnome file chooser. This does not inspire confidence in open source...

Revision history for this message
Sebastien Bacher (seb128) wrote :

the bug is not really an important one, it's just that the people who wrote the parser didn't consider that some users or software would edit the bookmark in a non defined way, not sure why you had those changes but that's not something an update would do since the update doesn't touch to user datas and that's not something the software in the default installation write, if you didn't modify this file by hand you likely used a non standard software which is editing the bookmarks in a buggy way

Revision history for this message
John Cromie (johnc-itdepartment) wrote :

I can't agree with you Sebastien, for two reasons.

First, I can assure you that the incorrect text in .gtk-bookmarks was created somewhere in the normal use/upgrade of Ubuntu. Neither the end user nor myself even knew of the existence of this file. I certainly did not edit it (until directed to do so as part of the debugging process), and the 80 year old user does not know how to display dot files, much less edit them. There are no other users of this machine. So this bug was created by the software on its own.

Second, the bug has a massive impact - crashing all applications that use the Gnome file chooser, and that includes nearly everything an ordinary desktop user uses by default.

<frustration> I don't mean to sound rude, but this is no way to get Ubuntu accepted as anything other than a geek's tinker-toy. I really thought that the open source community (and especially the Ubuntu community) had higher ideals than this. Please, I'm not trying to stand back and throw stones. I'll do everything I can to help solve this bug and popularise OSS, but not if the community doesn't take bugs like this seriously. My company has a large Windows installed base across many companies. I battle daily to get them to take OSS seriously. Now it sounds like I have to battle the OSS community to take their user experiences seriously. </frustration>

Revision history for this message
Sebastien Bacher (seb128) wrote :

The upgrade doesn't touch to user datas, you installed something which does that, would be interesting to know what application that is. Now I don't agree on the fact that a such bug makes ubuntu limited to some users, you are just the first to run in a such situations in years of ubuntu use, it's clearly not an issue for the millions users who don't have the bug. It's clearly possible than corrupting some windows datas will lead to issues too, coders don't always consider that other random applications can touch their datas and change those in a non standard way

Sebastien Bacher (seb128)
Changed in gedit:
status: Incomplete → Confirmed
Revision history for this message
Sebastien Bacher (seb128) wrote :

the bug has been sent on http://bugzilla.gnome.org/show_bug.cgi?id=543960

Changed in gtk+2.0:
status: Confirmed → Triaged
Bug Watch Updater (bug-watch-updater)
Changed in gtk:
status: Unknown → New
Revision history for this message
Sebastien Bacher (seb128) wrote :

the issue is fixed in intrepid now

Changed in gtk+2.0:
status: Triaged → Fix Released
Bug Watch Updater (bug-watch-updater)
Changed in gtk:
status: New → Fix Released
Bug Watch Updater (bug-watch-updater)
Changed in gtk:
importance: Unknown → Critical
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.