apport crashed with FileNotFoundError in is_container_pid(): [Errno 2] No such file or directory: '/proc/11102/ns/pid'

Bug #1733366 reported by rajesh
42
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Apport
Fix Released
Undecided
Unassigned
apport (Ubuntu)
Fix Released
Medium
Brian Murray
Trusty
Fix Released
Undecided
Steve Beattie
Xenial
Fix Released
Undecided
Unassigned
Zesty
Fix Released
Undecided
Unassigned
Artful
Fix Released
Undecided
Brian Murray
Bionic
Fix Released
Medium
Brian Murray

Bug Description

https://errors.ubuntu.com/problem/b6b178fe6ed572189dbfe2627876ed9e9d59ace2

---

It appears that after login this was the first action performed by the system which resulted in the generation of the crash report.

ProblemType: Crash
DistroRelease: Ubuntu 18.04
Package: apport 2.20.8-0ubuntu1
ProcVersionSignature: Ubuntu 4.13.0-16.19-generic 4.13.4
Uname: Linux 4.13.0-16-generic x86_64
ApportVersion: 2.20.8-0ubuntu1
Architecture: amd64
CrashReports: 640:0:119:17503:2017-11-20 01:59:45.143901348 +0530:2017-11-20 01:59:46.143901348 +0530:/var/crash/_usr_share_apport_apport.0.crash
Date: Mon Nov 20 01:59:46 2017
ExecutablePath: /usr/share/apport/apport
InstallationDate: Installed on 2017-11-19 (1 days ago)
InstallationMedia: Ubuntu 18.04.0 2017.11.11 amd64 "Unity 7 Desktop Experience Bionic Beaver"
InterpreterPath: /usr/bin/python3.6
PackageArchitecture: all
ProcCmdline: /usr/bin/python3 /usr/share/apport/apport 11102 11 0 1 11102
ProcEnviron:

Python3Details: /usr/bin/python3.6, Python 3.6.3, python3-minimal, 3.6.3-0ubuntu2
PythonArgs: ['/usr/share/apport/apport', '11102', '11', '0', '1', '11102']
PythonDetails: /root/Error: command ['which', 'python'] failed with exit code 1:, Error: [Errno 2] No such file or directory: "/root/Error: command ['which', 'python'] failed with exit code 1:": "/root/Error: command ['which', 'python'] failed with exit code 1:", unpackaged
SourcePackage: apport
Title: apport crashed with FileNotFoundError in is_container_pid(): [Errno 2] No such file or directory: '/proc/11102/ns/pid'
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups:

Revision history for this message
rajesh (bhatt-rajesh20) wrote :
tags: removed: need-duplicate-check
Changed in apport (Ubuntu):
importance: Undecided → Medium
tags: added: rls-bb-incoming
tags: removed: rls-bb-incoming
Changed in apport (Ubuntu Bionic):
status: New → Triaged
information type: Private → Public
Revision history for this message
Mike Hardy (mikehardy) wrote :

I see the same thing on Ubuntu 16.04 / apport 2.20.1-0ubuntu2.14 - same apport command line (except a different PID number), same error number and everything.

Looks like 'is_same_ns' is blindly doing an os.readlink on a path that it assumes must exist (because it does no defensive check) but the path clearly is missing sometimes

Revision history for this message
Brian Murray (brian-murray) wrote :
Revision history for this message
Brian Murray (brian-murray) wrote :

The updates for this fix will need to go through security since many people are getting the package from there.

Revision history for this message
Brian Murray (brian-murray) wrote :

artful fix

Changed in apport (Ubuntu Bionic):
status: Triaged → In Progress
assignee: nobody → Brian Murray (brian-murray)
Changed in apport (Ubuntu Artful):
assignee: nobody → Canonical Security Team (canonical-security)
Revision history for this message
Brian Murray (brian-murray) wrote :

zesty fix

Revision history for this message
Brian Murray (brian-murray) wrote :

xenial fix

tags: added: patch
Revision history for this message
Seth Arnold (seth-arnold) wrote :

Note that these fixes are susceptible to a race condition; better would handle the exception from Python. Probably returning 'false' is the right option in that case. (Assuming that's the case that then does less processing.)

Thanks

Revision history for this message
Seth Arnold (seth-arnold) wrote :

To clarify, I think these patches may reduce the number of reports in the error tracker; but to eliminate the reports, the exception needs to be handled.

Thanks

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apport - 2.20.8-0ubuntu4

---------------
apport (2.20.8-0ubuntu4) bionic; urgency=medium

  * data/apport: add a second os.path.exists check to ensure we do not
    receive a Traceback in is_container_id(). (LP: #1733366)

 -- Brian Murray <email address hidden> Wed, 13 Dec 2017 10:30:23 -0800

Changed in apport (Ubuntu Bionic):
status: In Progress → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in apport (Ubuntu Artful):
status: New → Confirmed
Changed in apport (Ubuntu Xenial):
status: New → Confirmed
Changed in apport (Ubuntu Zesty):
status: New → Confirmed
Revision history for this message
Brian Murray (brian-murray) wrote :

Here's an improved artful debdiff taking into account Seth's comments.

Revision history for this message
Brian Murray (brian-murray) wrote :

Here's a zesty debdiff.

Revision history for this message
Brian Murray (brian-murray) wrote :

And the xenial one.

Tyler Hicks (tyhicks)
Changed in apport (Ubuntu Artful):
assignee: Canonical Security Team (canonical-security) → nobody
Revision history for this message
Tyler Hicks (tyhicks) wrote :

Thanks for the updated debdiffs! They look pretty good to me but I'm wondering if was intentional that True is returned when the "not os.path.exists()" checks are true but the exception handler returns False when os.readlink() throws an errno.ENOENT OSError exception? IIUC, both situations occur when the namespace files don't exist but one situation returns True and the other False.

Should both situations return True? If so, I can make those changes before sponsoring so there's no need to upload new debdiffs.

Changed in apport (Ubuntu Artful):
status: Confirmed → Incomplete
assignee: nobody → Brian Murray (brian-murray)
Revision history for this message
Brian Murray (brian-murray) wrote :

Ah, yes it should return True. Thanks for catching that! To be absolutely clear:

311 except OSError as e:
312 if e.errno == errno.ENOENT:
313 return True

description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apport - 2.20.4-0ubuntu4.10

---------------
apport (2.20.4-0ubuntu4.10) zesty-security; urgency=medium

  * REGRESSION UPDATE: Fix regression that caused a Traceback in the
    container support (LP: #1733366)
    - data/apport: add a second os.path.exists check to ensure we do not
      receive a Traceback in is_container_id() and add an exception handler in
      case either name space can not be found.

 -- Brian Murray <email address hidden> Wed, 13 Dec 2017 10:51:39 -0800

Changed in apport (Ubuntu Zesty):
status: Confirmed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apport - 2.20.1-0ubuntu2.15

---------------
apport (2.20.1-0ubuntu2.15) xenial-security; urgency=medium

  * REGRESSION UPDATE: Fix regression that caused a Traceback in the
    container support (LP: #1733366)
    - data/apport: add a second os.path.exists check to ensure we do not
      receive a Traceback in is_container_id() and add an exception handler in
      case either name space can not be found.

 -- Brian Murray <email address hidden> Wed, 13 Dec 2017 10:54:26 -0800

Changed in apport (Ubuntu Xenial):
status: Confirmed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apport - 2.20.7-0ubuntu3.7

---------------
apport (2.20.7-0ubuntu3.7) artful-security; urgency=medium

  * REGRESSION UPDATE: Fix regression that caused a Traceback in the
    container support (LP: #1733366)
    - data/apport: add a second os.path.exists check to ensure we do not
      receive a Traceback in is_container_id() and add an exception handler in
      case either name space can not be found.

 -- Brian Murray <email address hidden> Wed, 13 Dec 2017 10:49:58 -0800

Changed in apport (Ubuntu Artful):
status: Incomplete → Fix Released
tags: added: id-5a317b0ea645498eaf5dcb39
Revision history for this message
Brian Murray (brian-murray) wrote :
Revision history for this message
Brian Murray (brian-murray) wrote :

The function was slightly in Trusty but the attached debdiff should fix the crash seen in the Error Tracker.

Changed in apport (Ubuntu Trusty):
status: New → In Progress
assignee: nobody → Brian Murray (brian-murray)
Steve Beattie (sbeattie)
Changed in apport (Ubuntu Trusty):
assignee: Brian Murray (brian-murray) → Steve Beattie (sbeattie)
Revision history for this message
Steve Beattie (sbeattie) wrote :

Thanks, Brian, reviewing now.

Revision history for this message
Steve Beattie (sbeattie) wrote :

I've uploaded the trusty apport package to the ubuntu-security-proposed ppa (https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/) for testing, and will likely release this next week. Any feedback is appreciated.

Thanks!

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apport - 2.14.1-0ubuntu3.28

---------------
apport (2.14.1-0ubuntu3.28) trusty-security; urgency=medium

  * REGRESSION UPDATE: Fix regression that caused a Traceback in the
    container support (LP: #1733366)
    - data/apport: add a second os.path.exists check to ensure we do not
      receive a Traceback in is_container_id() and add an exception handler in
      case either name space can not be found.

 -- Brian Murray <email address hidden> Fri, 20 Apr 2018 14:11:44 -0700

Changed in apport (Ubuntu Trusty):
status: In Progress → Fix Released
Benjamin Drung (bdrung)
Changed in apport:
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.