gnome-control-center crashed with SIGSEGV in acquire_cb() from g_simple_async_result_complete()

Bug #1765353 reported by Paul White on 2018-04-19
54
This bug affects 7 people
Affects Status Importance Assigned to Milestone
gnome-control-center (Ubuntu)
Medium
Unassigned
gnome-shell (Ubuntu)
High
Unassigned

Bug Description

Test Case
=========
Open "Settings" and navigate to "Users".

Click on "Unlock" and cancel dialog without inputting a password.

"Unlock" becomes unresponsive and Settings will eventually crash.

If started from a terminal I see the following output:

(gnome-control-center:24951): GLib-GIO-CRITICAL **: 10:26:38.402: g_permission_acquire_finish: assertion 'G_IS_PERMISSION (permission)' failed
fish: “gnome-control-center” terminated by signal SIGSEGV (Address boundary error)

Regression Potential
====================
This commit fixes the bug and was applied upstream.

https://gitlab.gnome.org/GNOME/gnome-shell/commit/0327069e83b

Other Info
==========
https://errors.ubuntu.com/problem/55b54d35f8bfd6319edbf1e24d53587020b16273

Being discussed on the forums - https://ubuntuforums.org/showthread.php?t=2389622

ProblemType: Crash
DistroRelease: Ubuntu 18.04
Package: gnome-control-center 1:3.28.1-0ubuntu1
ProcVersionSignature: Ubuntu 4.15.0-15.16-generic 4.15.15
Uname: Linux 4.15.0-15-generic x86_64
ApportVersion: 2.20.9-0ubuntu5
Architecture: amd64
CurrentDesktop: GNOME
Date: Thu Apr 19 10:25:11 2018
ExecutablePath: /usr/bin/gnome-control-center
InstallationDate: Installed on 2017-11-07 (163 days ago)
InstallationMedia: Ubuntu 17.10 "Artful Aardvark" - Release amd64 (20171018)
ProcCmdline: gnome-control-center --overview
ProcEnviron:
 LANGUAGE=en_GB:en
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_GB.UTF-8
 SHELL=/bin/bash
SegvAnalysis:
 Segfault happened at: 0x7f7e2de3b845: pushq 0x8(%rax)
 PC (0x7f7e2de3b845) ok
 source "0x8(%rax)" (0x00000008) not located in a known VMA region (needed readable region)!
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: gnome-control-center
StacktraceTop:
 () at /usr/lib/x86_64-linux-gnu/libgtk-3.so.0
 g_simple_async_result_complete () at /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0
 () at /usr/lib/x86_64-linux-gnu/libpolkit-gobject-1.so.0
 g_simple_async_result_complete () at /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0
 () at /usr/lib/x86_64-linux-gnu/libpolkit-gobject-1.so.0
Title: gnome-control-center crashed with SIGSEGV
UpgradeStatus: Upgraded to bionic on 2018-02-21 (56 days ago)
UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo

Paul White (paulw2u) wrote :

StacktraceTop:
 acquire_cb (source=<optimized out>, result=<optimized out>, user_data=0x563bd0111040) at ../../../../gtk/gtklockbutton.c:418
 g_simple_async_result_complete (simple=0x563bd0410560) at ../../../../gio/gsimpleasyncresult.c:802
 acquire_cb (source_object=<optimized out>, res=<optimized out>, user_data=0x563bd03d3860) at polkitpermission.c:579
 g_simple_async_result_complete (simple=0x563bd04104f0) at ../../../../gio/gsimpleasyncresult.c:802
 check_authorization_cb (proxy=<optimized out>, res=<optimized out>, user_data=0x563bd03d0670) at polkitauthority.c:835

Changed in gnome-control-center (Ubuntu):
importance: Undecided → Medium
tags: removed: need-amd64-retrace
Paul White (paulw2u) on 2018-04-19
description: updated
information type: Private → Public

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in gnome-control-center (Ubuntu):
status: New → Confirmed
Doug McMahon (mc3man) wrote :

To note;
this behavior affects all apps that call pkexec, if the auth dialogue is cancelled then issue occurs.
After occurring pkexec cannot be used until gnome-shell is restarted.
Does not occur with gnome-shell (3.28.0-0ubuntu5)

Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in gnome-shell (Ubuntu):
status: New → Confirmed
Daniel van Vugt (vanvugt) wrote :
description: updated
no longer affects: gnome-shell (Ubuntu)
summary: - gnome-control-center crashed with SIGSEGV
+ gnome-control-center crashed with SIGSEGV in acquire_cb() from
+ g_simple_async_result_complete()
Doug McMahon (mc3man) wrote :

Not sure why gnome-shell was removed as clearly that's were the issue is.
G-c-c may be the only apt actually crashing but this affects any apt that calls a pkexec Auth dialog.
Easy examples are software & updates > change something, cancel the auth dialog or synaptic > cancel on the auth.

Daniel van Vugt (vanvugt) wrote :

The trigger may be in gnome-shell, but it would be poor engineering to declare a crash in one process as fixed by modifying another.

So any proper fix should also include changes to gnome-control-center to ensure crashing is impossible (even with a faulty gnome-shell).

Doug McMahon (mc3man) wrote :

Ok but then you'd need to add/address gnome-software, software-properties-gtk, synaptic, gnome-disk-utility, ect. as any & all of them will cause/experience the same issue, sans a segfault.

As soon as 1 app that calls a pkexec auth dialog is canceled then no other app can use pkexec auth until gnome-shell is restarted.
As mentioned this does not happen in prior version of gnome-shell.

None of the other apps 'crash', they can however get an unresponsive window or in the case of gnome-software (ubuntu-software) it'll just endlessly show installing.
There's half a dozen test cases to see this that don't involve g-c-c at all.

Sebastien Bacher (seb128) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better. The issue you are reporting is an upstream one and it would be nice if somebody having it could send the bug to the developers of the software by following the instructions at https://wiki.ubuntu.com/Bugs/Upstream/GNOME. If you have done so, please tell us the number of the upstream bug (or the link), so we can add a bugwatch that will inform us about its status. Thanks in advance.

Doug McMahon (mc3man) wrote :

I have to go out, guess could file upstream bug tonight if no one does.. Seems best place is gitlab? https://gitlab.gnome.org/GNOME/gnome-shell/issues
The commit allowing this seems to be,
https://github.com/GNOME/gnome-shell/commit/cb4252e888c651c5a11fa0cb4c330e9351d61f1b

(- confirmed here by reverting that commit to latest ubuntu gnome-shell source

Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in gnome-shell (Ubuntu):
status: New → Confirmed
Doug McMahon (mc3man) on 2018-04-21
Changed in gnome-shell (Ubuntu):
status: Confirmed → Fix Committed
Doug McMahon (mc3man) wrote :

Fix in gnome-shell should be committed shortly, as seen here in merge request

https://gitlab.gnome.org/GNOME/gnome-shell/merge_requests/85

Doug McMahon (mc3man) on 2018-04-21
Changed in gnome-control-center (Ubuntu):
status: Confirmed → Invalid
Sebastien Bacher (seb128) wrote :

The fix sounds like something worth trying to get still in for the release

Changed in gnome-shell (Ubuntu):
importance: Undecided → High
tags: added: rls-bb-incoming
Jeremy Bicha (jbicha) on 2018-04-23
description: updated
Doug McMahon (mc3man) wrote :

(- off topic slightly.
It would be good it the gnome gitlab issue tracker could be added to launchpad as a valid 'location' to track upstream gnome bugs rather than the current of just bugzilla..

Ads20000 (ads20000) wrote :

100% agreed, mark yourself as affected by bug 1745210

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gnome-shell - 3.28.1-0ubuntu2

---------------
gnome-shell (3.28.1-0ubuntu2) bionic; urgency=medium

  [ Marco Trevisan (Treviño) ]
  * js-ui-Choose-some-actors-to-cache-on-the-GPU.patch:
    - Improve rendering of shell elements moving rendering to GPU
      (LP: #1744001)

  [ Jeremy Bicha ]
  * Cherry-pick polkitAgent-Guard-against-repeated-close-calls.patch:
    - Fix PolicyKit authorization prompt after cancelling once (LP: #1765353)

 -- Marco Trevisan (Treviño) <email address hidden> Mon, 23 Apr 2018 15:29:28 -0500

Changed in gnome-shell (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers