svn crashes when checking out when saving credentials in kwallet

Bug #563179 reported by Giovanni Beltrame
82
This bug affects 15 people
Affects Status Importance Assigned to Milestone
subversion (Debian)
Fix Released
Unknown
subversion (Ubuntu)
Medium
Unassigned

Bug Description

Binary package hint: subversion

SVN crashes when requesting access to the KDE wallet for the first time, adding a new password, and after clicking on "Allow Always", forcing a cleanup. When running svn again, it runs with no problem using the stored password.

ProblemType: Crash
DistroRelease: Ubuntu 10.04
Package: subversion 1.6.6dfsg-2ubuntu1
ProcVersionSignature: Ubuntu 2.6.32-20.30-generic-pae 2.6.32.11+drm33.2
Uname: Linux 2.6.32-20-generic-pae i686
NonfreeKernelModules: nvidia
Architecture: i386
Date: Wed Apr 14 12:10:53 2010
Disassembly: => 0x3: Cannot access memory at address 0x3
ExecutablePath: /usr/bin/svn
InstallationMedia: Kubuntu 10.04 "Lucid Lynx" - Beta i386 (20100406.1)
ProcCmdline: svn co http://svn.jumpjoe.com/papers/CV CV
ProcEnviron:
 SHELL=/bin/bash
 LANG=en_CA.UTF-8
 LANGUAGE=
 LC_TIME=en_GB.UTF-8
SegvAnalysis:
 Segfault happened at: 0x3: Cannot access memory at address 0x3
 PC (0x00000003) not located in a known VMA region (needed executable region)!
SegvReason: executing NULL VMA
Signal: 11
SourcePackage: subversion
StacktraceTop:
 ?? ()
 ?? () from /usr/lib/libsvn_auth_kwallet-1.so.1
 svn_auth__simple_save_creds_helper ()
 ?? () from /usr/lib/libsvn_auth_kwallet-1.so.1
 svn_auth_save_credentials ()
Title: svn crashed with SIGSEGV in svn_auth__simple_save_creds_helper()
UserGroups: adm admin cdrom dialout lpadmin plugdev sambashare

Revision history for this message
Giovanni Beltrame (giovanni-beltrame) wrote :
Revision history for this message
Apport retracing service (apport) wrote :

StacktraceTop:
 ?? ()
 svn_auth__simple_save_creds_helper (saved=0xbfa8444c,
 kwallet_simple_save_creds (saved=0xbfa8444c,
 svn_auth_save_credentials (state=0x986e390, pool=0x9885ae0)
 svn_ra_neon__maybe_store_auth_info (ras=0x7, pool=0x9885ae0)

Revision history for this message
Apport retracing service (apport) wrote : Stacktrace.txt
Revision history for this message
Apport retracing service (apport) wrote : ThreadStacktrace.txt
Changed in subversion (Ubuntu):
importance: Undecided → Medium
tags: removed: need-i386-retrace
visibility: private → public
summary: - svn crashed with SIGSEGV in svn_auth__simple_save_creds_helper()
+ svn crashes when checking out when saving credentials in kwallet
Revision history for this message
aanno (thomas-pasch) wrote :

This also happens on amd64 architecture.

Revision history for this message
Roland Bless (roland-bless) wrote :

I can confirm this bug for svn up (used gdb), but for me it crashes all the time, not only when creating an entry, i.e. all subsequent trials crash also. Workaround is to use --no-auth-cache :-(

Revision history for this message
Thomas Dreibholz (dreibh) wrote :

I can also confirm the described problem.

Changed in subversion (Ubuntu):
status: New → Confirmed
Revision history for this message
Jens Jorgensen (jorgensen) wrote :

I went through and debugged this yesterday and found what the problem is. The crash is due to the fact that the KWallet object is being deleted twice. I've got a patch that fixes it getting deleted twice. Though my patch fixes the crash, I think there's a deeper problem. I still get prompted each time for my password even though it is stored in kwallet. This is pretty annoying at any rate fixing the crash is a great first step.

The patch can be dropped into debian/patches/kwallet-delete-once in the source directory and the the filename added to the end of debian/patches/series and the problem is fixed.

tags: added: patch
Revision history for this message
Peter Wu (lekensteyn) wrote :

The problem persists in 11.04.

Entry from `dmesg`:
svn[15978]: segfault at 700000003 ip 0000000700000003 sp 00007fff47927b08 error 14 in UTF-16.so[7f75d3c48000+3000]

Revision history for this message
Steven Sroka (lin-unix) wrote :

I am now affected by this bug.

Revision history for this message
Mikael (mikael-p-persson+lp) wrote :

Problem persists in kubuntu 13.04 and kubuntu 14.04.

Revision history for this message
James McCoy (jamessan) wrote :

Thanks for the patch, Jens. I'll forward that upstream and take a look at the prompting issue.

Changed in subversion (Debian):
status: Unknown → New
Changed in subversion (Debian):
status: New → Confirmed
Changed in subversion (Debian):
status: Confirmed → Fix Committed
Changed in subversion (Debian):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (4.3 KiB)

This bug was fixed in the package subversion - 1.9.2-3ubuntu1

---------------
subversion (1.9.2-3ubuntu1) xenial; urgency=medium

  * Merge with Debian unstable, remaining changes:
    - Build a python-subversion-dbg package.
    - Build-depend on python-all-dbg.
    - Only build on requested python versions (X-Python-Versions:).
    - debian/patches/verbose-tests: Make tests verbose.
  * Drop CVE patches that are included in this new upstream version.

subversion (1.9.2-3) unstable; urgency=medium

  * Re-enable libsvn-java on kfreebsd-*.
  * Ensure swig2.0 is used to avoid build failures, until upstream figures
    out how to work with swig >= 3.0. (Closes: #804389)
  * Fix FTBFS with Ruby 2.2 (Closes: #803589)
    + Add ruby-frozen-nil patch to create a new Object instead of trying to
      make modifications to the nil object.
    + Add ruby-test-unit patch to be compatible with the ruby-test-unit gem as
      well as the older test-unit API provided by minitest.

subversion (1.9.2-2) unstable; urgency=medium

  * Fix FTBFS with older Ruby versions by using RbConfig['vendorarchdir'] to
    find the .a/.la files we're deleting.

subversion (1.9.2-1) unstable; urgency=medium

  * New upstream release
    + Fix crash when saving credentials in kwallet. (Closes: #736879,
      LP: #563179)

subversion (1.9.1-1) unstable; urgency=medium

  * New upstream release
    + Remove direct use of svn_fs_open2 from libsvn_fs_x, thus fixing the
      missing svn_fs_open2 symbol. (Closes: #795160)
  * Enable gpg verification of new releases.
  * Rename bash-completion file to svn and add symlinks for all other commands
    which have completion. (Closes: #797648)
  * debian/tests/libapache2-mod-svn: Stop apache2 before ending the test, to
    avoid leaving stray processes running.

subversion (1.9.0-1) unstable; urgency=medium

  * Upload to unstable
  * New upstream release.
    + Security fixes
      - CVE-2015-3184: Mixed anonymous/authenticated path-based authz with
        httpd 2.4
      - CVE-2015-3187: svn_repos_trace_node_locations() reveals paths hidden
        by authz
  * Add >= 2.7 requirement for python-all-dev Build-Depends, needed to run
    tests.
  * Remove Build-Conflicts against ruby-test-unit. (Closes: #791844)
  * Remove patches/apache_module_dependency in favor of expressing the
    dependencies in authz_svn.load/dav_svn.load.
  * Build-Depend on apache2-dev (>= 2.4.16) to ensure ap_some_authn_required()
    is available when building mod_authz_svn and Depend on apache2-bin (>=
    2.4.16) for runtime support.

subversion (1.9.0~rc3-1) experimental; urgency=medium

  * New upstream pre-release.
  * Point the Vcs-* URLs at the right directory

subversion (1.9.0~rc2-2) experimental; urgency=medium

  * Bump minimum JDK version to 1.6 in accordance with upstream change,
    “javahl: requires Java 1.6 (r1677003)”
    - This causes libsvn-java to no longer be available where gcj is the only
      available Java implementation

subversion (1.9.0~rc2-1) experimental; urgency=medium

  * New upstream pre-release. Refresh patches.

subversion (1.9.0~rc1-2) experimental; urgency=medium

  * Install bash completion to /usr/share/bash-c...

Read more...

Changed in subversion (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.