indicator-keyboard-service crashed with SIGSEGV in xkl_config_rec_get_full_from_server()

Bug #1235915 reported by Dan Wood on 2013-10-06
34
This bug affects 4 people
Affects Status Importance Assigned to Milestone
Light Display Manager
Medium
Charles Kerr
1.2
Medium
Unassigned
1.4
Medium
Unassigned
1.8
Medium
Unassigned
indicator-keyboard (Ubuntu)
Medium
William Hua
Precise
Undecided
Unassigned
lightdm (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned

Bug Description

The bug report details have been generated automatically. I'm not sure if this bug happens with lightdm or later on.
The "System Problem Detected" dialogue box appears about 15 to 20 seconds after I've logged in (without me running any apps), so it could be that the crash occurs in the lightdm log-in screen but it just takes my system a while to collect the bug info?

Everything appears to work normally after the "System Problem Detected" dialogue, so whatever is crashing seems to restart gracefully.

ProblemType: Crash
DistroRelease: Ubuntu 13.10
Package: indicator-keyboard 0.0.0+13.10.20131004-0ubuntu1
ProcVersionSignature: Ubuntu 3.11.0-11.17-generic 3.11.3
Uname: Linux 3.11.0-11-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 2.12.5-0ubuntu1
Architecture: amd64
Date: Sat Oct 5 11:15:17 2013
ExecutablePath: /usr/lib/x86_64-linux-gnu/indicator-keyboard-service
InstallationDate: Installed on 2013-09-28 (7 days ago)
InstallationMedia: Ubuntu 13.10 "Saucy Salamander" - Beta amd64 (20130925.1)
MarkForUpload: True
ProcCmdline: /usr/lib/x86_64-linux-gnu/indicator-keyboard-service --use-gtk --use-bamf
ProcEnviron:
 SHELL=/bin/false
 XDG_RUNTIME_DIR=<set>
 PATH=(custom, no user)
 LANGUAGE=en_GB
 LANG=en_GB.UTF-8
SegvAnalysis:
 Segfault happened at: 0x7fa5a9482616: mov 0x18(%rdx),%rax
 PC (0x7fa5a9482616) ok
 source "0x18(%rdx)" (0x00000018) not located in a known VMA region (needed readable region)!
 destination "%rax" ok
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: indicator-keyboard
StacktraceTop:
 ?? () from /usr/lib/libxklavier.so.16
 lightdm_get_layouts () from /usr/lib/liblightdm-gobject-1.so.0
 lightdm_get_layout () from /usr/lib/liblightdm-gobject-1.so.0
 ?? ()
 ?? ()
Title: indicator-keyboard-service crashed with SIGSEGV in lightdm_get_layouts()
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups:

Related branches

Dan Wood (dan-wood) wrote :

StacktraceTop:
 xkl_config_rec_get_full_from_server (rules_file_out=0x0, data=0x24948c0, engine=0x0) at xklavier_props.c:165
 lightdm_get_layouts () at layout.c:120
 lightdm_get_layout () at layout.c:174
 indicator_keyboard_service_migrate_input_sources (self=self@entry=0x233c8b0) at main.c:1846
 ____lambda4_ (pspec=<optimized out>, _data1_=0x23f0480) at main.c:1103

Changed in indicator-keyboard (Ubuntu):
importance: Undecided → Medium
summary: - indicator-keyboard-service crashed with SIGSEGV in lightdm_get_layouts()
+ indicator-keyboard-service crashed with SIGSEGV in
+ xkl_config_rec_get_full_from_server()
tags: removed: need-amd64-retrace
Charles Kerr (charlesk) on 2013-11-15
Changed in indicator-keyboard (Ubuntu):
assignee: nobody → William Hua (attente)
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in indicator-keyboard (Ubuntu):
status: New → Confirmed
Charles Kerr (charlesk) wrote :

  #7

Looks like the crash is happening in this part of liblightdm-gobject:

> xkl_engine = xkl_engine_get_instance (display);
> xkl_config = xkl_config_rec_new ();
> if (!xkl_config_rec_get_from_server (xkl_config, xkl_engine))
> g_warning ("Failed to get Xkl configuration from server");

xkl_engine_get_instance() is returning NULL, and xkl_config_rec_get_from_server() is dereferencing that NULL via its internal xkl_engine_priv() macro:

> #define xkl_engine_priv(engine,member) (engine)->priv->member

> xkl_config_rec_get_full_from_server(char **rules_file_out, XklConfigRec * data, XklEngine * engine)
> {
> gboolean rv = xkl_config_rec_get_from_root_window_property(data,
> xkl_engine_priv
> (engine,
> base_config_atom),

xkl should probably sanitize its inputs, but lightdm should also be careful to not pass a NULL engine back to xkl.

Charles Kerr (charlesk) wrote :

xkl_engine_get_instance(display) should only ever return NULL if display is NULL, and liblighdm-gobject is getting that directly from XOpenDisplay (NULL)... so this is being called by someone without a DISPLAY environment variable being set? Odd.

Charles Kerr (charlesk) on 2014-03-15
Changed in indicator-keyboard (Ubuntu):
status: Confirmed → Invalid
information type: Private → Public
Changed in lightdm:
status: New → Triaged
importance: Undecided → Medium
Changed in lightdm (Ubuntu):
status: New → In Progress
importance: Undecided → Medium
Changed in lightdm:
status: Triaged → Fix Committed
Charles Kerr (charlesk) on 2014-03-18
Changed in lightdm:
assignee: nobody → Charles Kerr (charlesk)
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package lightdm - 1.9.13-0ubuntu1

---------------
lightdm (1.9.13-0ubuntu1) trusty; urgency=medium

  * New upstream release:
    - Handle not getting an X connection when attempting to get X layouts.
      (LP: #1235915)
    - Read config data from both XDG_DATA_DIRS and XDG_CONFIG_DIRS.
 -- Robert Ancell <email address hidden> Tue, 25 Mar 2014 14:45:54 +1300

Changed in lightdm (Ubuntu):
status: In Progress → Fix Released
Changed in lightdm:
milestone: none → 1.9.13
status: Fix Committed → Fix Released
Changed in lightdm (Ubuntu Precise):
importance: Undecided → Medium
Robert Ancell (robert-ancell) wrote :

Confirmed fixed in precise-proposed.

Changed in lightdm (Ubuntu Precise):
status: New → Fix Committed
tags: added: verification-done-precise

Hello Dan, or anyone else affected,

Accepted lightdm into precise-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/lightdm/1.2.3-0ubuntu2.7 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: added: verification-needed
tags: added: verification-done
removed: verification-needed
tags: removed: verification-done
Changed in indicator-keyboard (Ubuntu Precise):
status: New → Invalid
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package lightdm - 1.2.3-0ubuntu2.7

---------------
lightdm (1.2.3-0ubuntu2.7) precise; urgency=medium

  * debian/patches/15_gsources.patch:
    - Correctly remove GSources on finalize (LP: #1431654)

lightdm (1.2.3-0ubuntu2.6) precise; urgency=medium

  * debian/patches/09_close_pipes.patch:
    - Close pipes correctly (LP: #1190344)
  * debian/patches/10_conf_section_name.patch:
    - Correct section name in default users.conf (LP: #1069218)
  * debian/patches/11_quit_timeout.patch:
    - Destroy quit timeout when a process object is destroyed - fixes a crash
      where a deleted Process object might be accessed after a timeout
      (LP: #1207935)
  * debian/patches/12_layout_no_x11.patch:
    - Handle not getting an X connection when attempting to get X layouts
      (LP: #1235915)
  * debian/patches/13_introspection_makefile.patch:
    - Fix introspection build with newer versions of g-ir-scanner
  * debian/patches/14_compile_warnings.patch:
    - Fix compile warnings
 -- Robert Ancell <email address hidden> Tue, 17 Mar 2015 14:21:43 +1300

Changed in lightdm (Ubuntu Precise):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for lightdm has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers