Ubuntu
gnome-shell package

gnome-shell crashed with SIGSEGV in getenv("STEMD_DEVICE_VERIFY_SYSFS")

Bug #1990000 reported by Khairul Aizat Kamarudzzaman on 2022-09-16

284

This bug affects 3 people

Affects		Status	Importance	Assigned to	Milestone
	Mutter	New	Unknown	auto-gitlab.gnome.org-gnome-mutter-- #2463
	gnome-shell (Ubuntu)	Confirmed	Medium	Unassigned

Bug Description

sudden crashed

ProblemType: Crash
DistroRelease: Ubuntu 22.10
Package: gnome-shell 43~rc-1ubuntu2
ProcVersionSignature: Ubuntu 5.19.0-16.16-generic 5.19.7
Uname: Linux 5.19.0-16-generic x86_64
ApportVersion: 2.23.0-0ubuntu2
Architecture: amd64
CasperMD5CheckResult: unknown
CurrentDesktop: GNOME-Greeter:GNOME
Date: Sat Sep 17 01:24:15 2022
DisplayManager: gdm3
ExecutablePath: /usr/bin/gnome-shell
GsettingsChanges:

InstallationDate: Installed on 2020-06-25 (812 days ago)
InstallationMedia:

JournalErrors: -- No entries --
ProcCmdline: /usr/bin/gnome-shell
RelatedPackageVersions: mutter-common 43~rc-2ubuntu2
SegvAnalysis:
Segfault happened at: 0x7fb42e23f13d <__GI_getenv+173>: cmp (%rbx),%r12w
PC (0x7fb42e23f13d) ok
source "(%rbx)" (0x556030920c76) not located in a known VMA region (needed readable region)!
destination "%r12w" ok
Stack memory exhausted (SP below stack segment)
SegvReason: reading unknown VMA
Signal: 11
SourcePackage: gnome-shell
StacktraceTop:
__GI_getenv (name=0x7fb42b5af43b "STEMD_DEVICE_VERIFY_SYSFS") at ./stdlib/getenv.c:84
?? () from /lib/x86_64-linux-gnu/libudev.so.1
?? () from /lib/x86_64-linux-gnu/libudev.so.1
?? () from /lib/x86_64-linux-gnu/libudev.so.1
?? () from /lib/x86_64-linux-gnu/libudev.so.1
Title: gnome-shell crashed with SIGSEGV in __GI_getenv()
UpgradeStatus: Upgraded to kinetic on 2022-04-25 (144 days ago)
UserGroups: N/A
separator:

Tags:

Revision history for this message

Khairul Aizat Kamarudzzaman (fenris) wrote on 2022-09-16:

#1

Dependencies.txt Edit (23.5 KiB, text/plain; charset="utf-8")
Disassembly.txt Edit (1015 bytes, text/plain; charset="utf-8")
ProcCpuinfoMinimal.txt Edit (1.7 KiB, text/plain; charset="utf-8")
ProcEnviron.txt Edit (291 bytes, text/plain; charset="utf-8")
ProcMaps.txt Edit (115.0 KiB, text/plain; charset="utf-8")
ProcStatus.txt Edit (1.4 KiB, text/plain; charset="utf-8")
Registers.txt Edit (1.4 KiB, text/plain; charset="utf-8")
ShellJournal.txt Edit (83.9 KiB, text/plain; charset="utf-8")
Stacktrace.txt Edit (3.0 KiB, text/plain; charset="utf-8")
ThreadStacktrace.txt Edit (68.7 KiB, text/plain; charset="utf-8")

information type:

Private → Public

Revision history for this message

Apport retracing service (apport) wrote on 2022-09-16:

#2

StacktraceTop:
__GI_getenv (name=0x7fb42b5af43b "STEMD_DEVICE_VERIFY_SYSFS", name@entry=0x7fb42b5af439 "SYSTEMD_DEVICE_VERIFY_SYSFS") at ./stdlib/getenv.c:84
__GI___libc_secure_getenv (name=name@entry=0x7fb42b5af439 "SYSTEMD_DEVICE_VERIFY_SYSFS") at ./stdlib/secure-getenv.c:29
getenv_bool_secure (p=0x7fb42b5af439 "SYSTEMD_DEVICE_VERIFY_SYSFS") at ../src/basic/env-util.c:769
device_set_syspath (device=0x7fb3d0157500, _syspath=_syspath@entry=0x7fb3d00404b0 "/sys/devices/platform", verify=verify@entry=true) at ../src/libsystemd/sd-device/sd-device.c:221
sd_device_new_from_syspath (ret=ret@entry=0x7fb3d0157360, syspath=syspath@entry=0x7fb3d00404b0 "/sys/devices/platform") at ../src/libsystemd/sd-device/sd-device.c:264

tags:

removed: need-amd64-retrace

Revision history for this message

Daniel van Vugt (vanvugt) wrote on 2022-09-19:

#3

It looks like libudev is passing bogus memory to getenv().

summary:	- gnome-shell crashed with SIGSEGV in __GI_getenv() + gnome-shell crashed with SIGSEGV in getenv("STEMD_DEVICE_VERIFY_SYSFS")
affects:	gnome-shell (Ubuntu) → udev (Ubuntu)
information type:	Public → Public Security

Revision history for this message

Apport retracing service (apport) wrote on 2022-09-20:

#4

StacktraceTop:
__GI_getenv (name=0x7fb42b5af43b "STEMD_DEVICE_VERIFY_SYSFS", name@entry=0x7fb42b5af439 "SYSTEMD_DEVICE_VERIFY_SYSFS") at ./stdlib/getenv.c:84
__GI___libc_secure_getenv (name=name@entry=0x7fb42b5af439 "SYSTEMD_DEVICE_VERIFY_SYSFS") at ./stdlib/secure-getenv.c:29
getenv_bool_secure (p=0x7fb42b5af439 "SYSTEMD_DEVICE_VERIFY_SYSFS") at ../src/basic/env-util.c:769
device_set_syspath (device=0x7fb3d0157500, _syspath=_syspath@entry=0x7fb3d00404b0 "/sys/devices/platform", verify=verify@entry=true) at ../src/libsystemd/sd-device/sd-device.c:221
sd_device_new_from_syspath (ret=ret@entry=0x7fb3d0157360, syspath=syspath@entry=0x7fb3d00404b0 "/sys/devices/platform") at ../src/libsystemd/sd-device/sd-device.c:264

Revision history for this message

Apport retracing service (apport) wrote on 2022-09-20: Stacktrace.txt

#5

Stacktrace.txt Edit (19.7 KiB, text/plain)

Revision history for this message

Apport retracing service (apport) wrote on 2022-09-20: StacktraceSource.txt

#6

StacktraceSource.txt Edit (7.4 KiB, text/plain)

Revision history for this message

Apport retracing service (apport) wrote on 2022-09-20: ThreadStacktrace.txt

#7

ThreadStacktrace.txt Edit (107.1 KiB, text/plain)

Changed in udev (Ubuntu):
importance:	Undecided → Medium

Revision history for this message

Launchpad Janitor (janitor) wrote on 2022-09-25:

#8

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in udev (Ubuntu):
status:	New → Confirmed

Revision history for this message

Daniel van Vugt (vanvugt) wrote on 2022-10-10:

#9

This bug suggests it can be worked around in mutter:
https://gitlab.gnome.org/GNOME/mutter/-/issues/2463

Changed in mutter (Ubuntu):
status:	New → Confirmed
importance:	Undecided → Medium

Bug Watch Updater (bug-watch-updater) on 2022-10-10

Changed in mutter:
status:	Unknown → New

Daniel van Vugt (vanvugt) on 2023-11-22

affects:	mutter (Ubuntu) → gnome-shell (Ubuntu)
no longer affects:	udev (Ubuntu)

Report a bug

This report contains Public Security information

Everyone can see this security related information.

Duplicates of this bug

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

auto-gitlab.gnome.org-gnome-mutter-- #2463
[opened] Edit

Bug watches keep track of this bug in other bug trackers.