(FreeNX/X2Go) gnome-session crashed with SIGSEGV in gnome_idle_monitor_get_idletime()

Bug #1416081 reported by Ryan Tandy on 2015-01-29
30
This bug affects 3 people
Affects Status Importance Assigned to Milestone
gnome-desktop3 (Ubuntu)
Medium
Unassigned
Trusty
Undecided
Unassigned
Utopic
Undecided
Unassigned
Vivid
Medium
Unassigned
unity-settings-daemon (Ubuntu)
Undecided
Unassigned
Trusty
Undecided
Unassigned
Utopic
Undecided
Unassigned
Vivid
Undecided
Unassigned

Bug Description

SRU justification:

[Impact]

 * The NX server (and derivatives e.g. FreeNX, X2Go) and Xvnc server (and derivatives e.g. tightvncserver, xrdp) do not support the IDLETIME counter. Violating the assumption that this is available leads to gnome-session (in trusty) or unity-settings-daemon (in utopic) crashing when trying to set up an idle monitor.

 * This bug renders GNOME Flashback unusable on the mentioned X servers. Per the justification in bug 1251281, these collectively affect quite a few users, particularly on the LTS which tends to be chosen when setting up a terminal server.

* The proposed patch adds missing precondition checks to gnome_idle_monitor_get_idletime, avoiding the crash. Other public entry points to the idle monitor library already have similar checks.

[Test Case]

 * Install gnome-session-flashback, tightvncserver, and vncviewer.

 * If bug 1251281 is not fixed in -updates yet: install gnome-session-bin from -proposed (needed for --disable-acceleration-check).

 * Create ~/.vnc/xstartup with the following content (3 lines):

#!/bin/sh
export STARTUP="gnome-session --session=gnome-flashback --disable-acceleration-check"
exec /etc/X11/Xsession

 * Make it executable: chmod +x ~/.vnc/xstartup

 * Log out from the desktop, log in on a tty, and run: vncserver :1

 * Log in to the desktop as a guest, and run: vncviewer :1

Expected results: a GNOME Flashback VNC session is started.

Actual results:
- trusty: gnome-session crashes on startup.
- utopic: gnome-session starts, but unity-settings-daemon crashes, so gnome-session gives up shortly after (because it's a required component).

[Regression Potential]

 * The patch was accepted in unity-settings-daemon for vivid and there were no regression reports so far.

 * There should be no changes observed under a conventional local (Xorg) session.

[Other Info]

 * Packages for testing are available in ppa:rtandy/flashback. So far at least one user reported success using those packages in comment 68 on bug 1251281.

Original description:

The X server used by FreeNX and X2Go does not support the IDLETIME counter. This eventually leads to a NULL pointer dereference by gnome-session due to a missing parameter check in gnome_idle_monitor_get_idletime. This renders GNOME Flashback unusable via FreeNX/X2Go in Trusty.

Utopic and newer are not affected and the patch is not applicable as the GnomeIdleMonitor implementation was rewritten. Saucy is also affected but is EOL, however I would like to fix this in Trusty as the patch is tiny and IMO obviously correct.

This and bug #1251281 are the only bugs preventing GNOME Flashback being used via FreeNX/X2Go in Trusty; and the latter has an easy workaround (divert the acceleration-check helper and replace it with /bin/true) and may be fixed properly soon.

I would be happy to prepare a debdiff and fill out the SRU template if a sponsor agrees that the patch is SRUable.

ProblemType: Crash
DistroRelease: Ubuntu 14.04
Package: gnome-session-bin 3.9.90-0ubuntu12 [modified: usr/lib/gnome-session/gnome-session-check-accelerated usr/lib/gnome-session/gnome-session-check-accelerated-helper]
ProcVersionSignature: Ubuntu 3.13.0-32.57-generic 3.13.11.4
Uname: Linux 3.13.0-32-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.6
Architecture: amd64
CasperVersion: 1.340
Date: Thu Jan 29 19:28:42 2015
ExecutablePath: /usr/bin/gnome-session
ExecutableTimestamp: 1394758239
LiveMediaBuild: Ubuntu 14.04.1 LTS "Trusty Tahr" - Release amd64 (20140722.2)
ProcCmdline: /usr/bin/gnome-session --session=gnome-flashback
ProcCwd: /home/ubuntu
ProcEnviron:
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_US.UTF-8
 SHELL=/bin/bash
 LD_LIBRARY_PATH=<set>
SegvAnalysis:
 Segfault happened at: 0x7fb690b29196 <gnome_idle_monitor_get_idletime+6>: mov 0x18(%rdi),%rax
 PC (0x7fb690b29196) ok
 source "0x18(%rdi)" (0x00000018) not located in a known VMA region (needed readable region)!
 destination "%rax" ok
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: gnome-session
StacktraceTop:
 gnome_idle_monitor_get_idletime (monitor=0x0) at gnome-idle-monitor.c:613
 reset_idle_watch (presence=0x7fb6780036f0) at gsm-presence.c:196
 gsm_presence_set_idle_enabled (presence=0x7fb6780036f0, enabled=1) at gsm-presence.c:354
 start_phase (manager=manager@entry=0x1658100) at gsm-manager.c:1568
 end_phase (manager=manager@entry=0x1658100) at gsm-manager.c:580
Title: gnome-session crashed with SIGSEGV in gnome_idle_monitor_get_idletime()
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo

Ryan Tandy (rtandy) wrote :
information type: Private → Public
affects: gnome-session (Ubuntu) → gnome-desktop3 (Ubuntu)

StacktraceTop:
 gnome_idle_monitor_get_idletime (monitor=0x0) at gnome-idle-monitor.c:613
 reset_idle_watch (presence=0x7fb6780036f0) at gsm-presence.c:196
 gsm_presence_set_idle_enabled (presence=0x7fb6780036f0, enabled=1) at gsm-presence.c:354
 start_phase (manager=manager@entry=0x1658100) at gsm-manager.c:1568
 end_phase (manager=manager@entry=0x1658100) at gsm-manager.c:580

Changed in gnome-desktop3 (Ubuntu):
importance: Undecided → Medium
tags: removed: need-amd64-retrace
Ryan Tandy (rtandy) wrote :

Sorry, I lied about utopic not being affected. The corresponding code in unity-settings-daemon does fail -- differently, but it does fail. Patch to follow shortly, after I check vivid...

Ryan Tandy (rtandy) wrote :

The attachment "trusty patch" seems to be a debdiff. The ubuntu-sponsors team has been subscribed to the bug report so that they can review and hopefully sponsor the debdiff. If the attachment isn't a patch, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are member of the ~ubuntu-sponsors, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issue please contact him.]

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package unity-settings-daemon - 15.04.1+15.04.20150318-0ubuntu1

---------------
unity-settings-daemon (15.04.1+15.04.20150318-0ubuntu1) vivid; urgency=medium

  [ Ryan Tandy ]
  * Don't call XSyncQueryCounter with a null counter. Avoids a crash
    under FreeNX/X2Go which don't support the IDLETIME counter. (LP:
    #1416081)

  [ Sebastien Bacher ]
  * Open the battery info dialog when using the corresponding hotkey.
    The current code was trying to display a notification with the info
    but we don't have design on how that should look like with notify-
    osd so go back to what we were doing before (LP: #1432976)
  * Restore code that set the scaling factor according the screen dpi,
    but only when not under and Unity session. That was desactived in
    r4020 because Unity is handling those values, but this is not the
    case under ubiquity or unity-greeter. (LP: #1286878)
 -- CI Train Bot <email address hidden> Wed, 18 Mar 2015 12:07:44 +0000

Changed in unity-settings-daemon (Ubuntu):
status: New → Fix Released

As per sidebar with Ryan Tandy, unity-settings-daemon needs a Utopic task, and gnome-desktop3 needs a Trusty task.

Ryan Tandy (rtandy) wrote :

The attachment "utopic patch" I uploaded previously was not actually a debdiff, this is the corrected one.

Ryan Tandy (rtandy) wrote :

Had to submit a follow-up MP to correct a stupid mistake, attaching corrected stable diffs.

Ryan Tandy (rtandy) on 2015-03-31
description: updated
Changed in gnome-desktop3 (Ubuntu Vivid):
status: New → Invalid
Changed in gnome-desktop3 (Ubuntu Utopic):
status: New → Invalid
Changed in gnome-desktop3 (Ubuntu Trusty):
status: New → In Progress
Changed in unity-settings-daemon (Ubuntu Trusty):
status: New → Invalid
Changed in unity-settings-daemon (Ubuntu Utopic):
status: New → In Progress
Dmitry Shachnev (mitya57) wrote :

Thanks Ryan, I have uploaded gnome-desktop3/trusty and unity-settings-daemon/utopic debdiffs to the SRU queue.

Hello Ryan, or anyone else affected,

Accepted unity-settings-daemon into utopic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/unity-settings-daemon/14.04.0+14.10.20141014-0ubuntu1.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in unity-settings-daemon (Ubuntu Utopic):
status: In Progress → Fix Committed
tags: added: verification-needed
Changed in gnome-desktop3 (Ubuntu Trusty):
status: In Progress → Fix Committed
Brian Murray (brian-murray) wrote :

Hello Ryan, or anyone else affected,

Accepted gnome-desktop3 into trusty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/gnome-desktop3/3.8.4-0ubuntu3.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Ryan Tandy (rtandy) wrote :

Just learned that LightDM knows how to launch a VNC server, thought I'd try it out.

trusty: apt-get install gnome-session-flashback gnome-session-bin/trusty-proposed libgnome-desktop-3-7/trusty-proposed tightvncserver

utopic: apt-get install gnome-session-flashback gnome-session-bin/utopic-proposed unity-settings-daemon/utopic-proposed tightvncserver

cat > /etc/lightdm/lightdm.conf
[VNCServer]
enabled=true
width=1366
height=768
depth=24
^D

service lightdm restart

Launching vncviewer on another machine presents the LightDM login screen, and logging into a GNOME Flashback (Metacity) session works.

Is that enough to consider this verified?

tags: added: verification-done
removed: verification-needed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gnome-desktop3 - 3.8.4-0ubuntu3.1

---------------
gnome-desktop3 (3.8.4-0ubuntu3.1) trusty; urgency=medium

  * debian/patches/idletime_sanity_checks.patch: Ensure the argument to
    get_idletime() and its counter are both not NULL. Fixes
    unity-settings-daemon crashing under NX3/X2Go, which do not support the
    IDLETIME counter. (LP: #1416081)
 -- Ryan Tandy <email address hidden> Tue, 31 Mar 2015 10:59:01 -0700

Changed in gnome-desktop3 (Ubuntu Trusty):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for gnome-desktop3 has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package unity-settings-daemon - 14.04.0+14.10.20141014-0ubuntu1.1

---------------
unity-settings-daemon (14.04.0+14.10.20141014-0ubuntu1.1) utopic; urgency=medium

  * Ensure the argument to get_idletime() and its counter are both not NULL.
    Fixes unity-settings-daemon crashing under NX3/X2Go, which do not support
    the IDLETIME counter. (LP: #1416081)
 -- Ryan Tandy <email address hidden> Tue, 31 Mar 2015 11:00:02 -0700

Changed in unity-settings-daemon (Ubuntu Utopic):
status: Fix Committed → Fix Released
To post a comment you must log in.