gnome-software crashed with SIGSEGV in as_format_get_kind()

Bug #1675633 reported by C Schilder on 2017-03-24
28
This bug affects 5 people
Affects Status Importance Assigned to Milestone
appstream-glib (Ubuntu)
Status tracked in Artful
Zesty
High
Robert Ancell
Artful
High
Unassigned

Bug Description

[Impact]
errors.ubuntu.com [1] is showing a high crash rate in GNOME Software. This appears to be due to apt updates occuring outside of GNOME Software and triggering access of a NULL pointer inside appstream-glib. Upstream fixed this crash by correctly handling the NULL pointer in appstream-glib 0.7.0. I have not been able to locally reproduce the issue.

[Test Case]
1. Run GNOME Software

Expected result:
This crash doesn't show in errors.ubuntu.com.

Observed result:
This crash shows in errors.ubuntu.com.

[Regression Potential]
Low, the fix is a simple check for a NULL value. It is already running this way in 17.10 (no significant errors showing there).

[1] https://errors.ubuntu.com/problem/dd8fcedf828660b976a106b7c2142ba50ab85fd1

C Schilder (cschilder) wrote :

StacktraceTop:
 as_format_get_kind (format=format@entry=0x0) at as-format.c:152
 as_store_add_app (store=0x561a8c4b41a0, app=0x561a8e4fe1a0) at as-store.c:1231
 as_store_load_yaml_file (error=0x7ffe80bd2bc0, cancellable=0x0, scope=AS_APP_SCOPE_SYSTEM, file=0x561a8e4fe1a0, store=0x561a8c4b41a0) at as-store.c:1669
 as_store_from_file_internal (store=store@entry=0x561a8c4b41a0, file=file@entry=0x561a8da9bba0, scope=AS_APP_SCOPE_SYSTEM, arch=<optimized out>, load_flags=load_flags@entry=AS_STORE_LOAD_FLAG_NONE, watch_flags=watch_flags@entry=AS_STORE_WATCH_FLAG_NONE, cancellable=0x0, error=0x7ffe80bd2bc0) at as-store.c:1890
 as_store_watch_source_added (store=store@entry=0x561a8c4b41a0, filename=<optimized out>) at as-store.c:1747

Changed in gnome-software (Ubuntu):
importance: Undecided → Medium
tags: removed: need-amd64-retrace
information type: Private → Public
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in gnome-software (Ubuntu):
status: New → Confirmed
Robert Ancell (robert-ancell) wrote :

This was worked around upstream:

commit c47660f2f8ece972f4f6dbbb19700a522b2fe791
Author: Richard Hughes <email address hidden>
Date: Thu Jun 1 08:49:24 2017 +0100

    trivial: Prevent crash when a sanity check fails

Changed in gnome-software (Ubuntu):
importance: Medium → High
status: Confirmed → Triaged
affects: gnome-software (Ubuntu) → appstream-glib (Ubuntu)
Robert Ancell (robert-ancell) wrote :

Upstream fix was released in 0.7.0

Robert Ancell (robert-ancell) wrote :

The crash seems to be due to the package list being reloaded outside of GNOME Software. An inconsistency inside AppStream has a package with a NULL value for format, and the crash occurs accessing that.

Changed in appstream-glib (Ubuntu):
assignee: nobody → Robert Ancell (robert-ancell)
description: updated
Changed in appstream-glib (Ubuntu Zesty):
assignee: nobody → Robert Ancell (robert-ancell)
Changed in appstream-glib (Ubuntu Artful):
assignee: Robert Ancell (robert-ancell) → nobody
status: Triaged → Fix Released
Changed in appstream-glib (Ubuntu Zesty):
importance: Undecided → High
Changed in appstream-glib (Ubuntu Zesty):
status: New → Fix Committed
Brian Murray (brian-murray) wrote :

The linked to bucket in the Error Tracker shows the crash being about gnome-software so when verifying the fix in the Error Tracker we should query the instances in the bucket to find out if the new version of appstream-glib appears in the Dependencies. Ping me when its time to release this and I'll run the right query.

tags: added: verification-needed verification-needed-zesty

Hello C, or anyone else affected,

Accepted appstream-glib into zesty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/appstream-glib/0.6.9-1ubuntu2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-zesty to verification-done-zesty. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-zesty. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers