Bug#947237: gnome-software: Crashes on click over any software icon
Package: gnome-software-plugin-snap Version: 3.34.2-1 Followup-For: Bug #947237 I can confirm that removing the snap plugin package gnome-software works as intended. Installing the dbgsym packages and running gdb this is what I obtain [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". [New Thread 0x727e8700 (LWP 338376)] [New Thread 0x71fe7700 (LWP 338377)] [New Thread 0x71410700 (LWP 338378)] [New Thread 0x7fffe3fff700 (LWP 338379)] 19:22:43:0603 Gs enabled plugins: desktop-categories, fwupd, os-release, packagekit, packagekit-local, packagekit-offline, packagekit-proxy, packagekit- refine-repos, packagekit-refresh, packagekit-upgrade, packagekit-url-to-app, shell-extensions, appstream, snap, desktop-menu-path, epiphany, flatpak, hardcoded-blacklist, hardcoded-featured, hardcoded-popular, modalias, packagekit-refine, rewrite-resource, odrs, packagekit-history, provenance, systemd-updates, generic-updates, provenance-license, icons, key-colors, key- colors-metadata 19:22:43:0603 Gs disabled plugins: dpkg, dummy, repos [New Thread 0x7fffe2d02700 (LWP 338380)] 19:22:43:0884 Gs not handling error failed for action get-updates-historical: failed to build result for 2da31270d317b076424992de14a0f08ae373c137 [New Thread 0x7fffe2460700 (LWP 338386)] 19:22:44:0638 Gs not handling error failed for action refresh: E: Failed to fetch http://ftp.it.debian.org/debian/dists/sid/InRelease E: Failed to fetch http://deb.debian.org/debian-debug/dists/unstable- debug/InRelease E: Failed to fetch http://httpredir.debian.org/debian/dists/experimental/InRelease E: Failed to fetch http://linux.dropbox.com/debian/dists/sid/InRelease E: Failed to fetch http://dl.google.com/linux/chrome/deb/dists/stable/InRelease E: Failed to fetch http://apt.insynchq.com/debian/dists/buster/InRelease E: Failed to fetch http://apt.insync.io/debian/dists/buster/InRelease E: Failed to fetch https://mega.nz/linux/MEGAsync/Debian_10.0/./InRelease E: Failed to fetch https://repo.skype.com/deb/dists/stable/InRelease E: Failed to fetch http://repository.spotify.com/dists/stable/InRelease E: Failed to fetch http://repo.steampowered.com/steam/dists/precise/InRelease E: Some index files failed to download. They have been ignored, or old ones used instead. [New Thread 0x7fffe12e1700 (LWP 338403)] [New Thread 0x7fffe0ae0700 (LWP 338404)] [New Thread 0x7fffcbfff700 (LWP 338405)] [New Thread 0x7fffcb7fe700 (LWP 338406)] 19:22:46:0478 GsPluginSnap Failed to load snap icon: local snap has no icon [Thread 0x7fffe2460700 (LWP 338386) exited] [Thread 0x7fffe3fff700 (LWP 338379) exited] [Thread 0x7fffe0ae0700 (LWP 338404) exited] 19:22:48:0168 GsPluginSnap Failed to load snap icon: local snap has no icon [Thread 0x7fffcbfff700 (LWP 338405) exited] 19:22:48:0625 GsPluginSnap Failed to load snap icon: local snap has no icon [New Thread 0x7fffcbfff700 (LWP 338473)] [Thread 0x7fffcbfff700 (LWP 338473) exited] [Detaching after fork from child process 338477] [Detaching after fork from child process 338479] [Detaching after fork from child process 338481] [Detaching after fork from child process 338483] [Detaching after fork from child process 338485] [Detaching after fork from child process 338487] [Detaching after fork from child process 338489] [New Thread 0x7fffcbfff700 (LWP 338491)] [Thread 0x7fffcbfff700 (LWP 338491) exited] [New Thread 0x7fffcbfff700 (LWP 338492)] [Thread 0x7fffcbfff700 (LWP 338492) exited] [Detaching after fork from child process 338557] [Detaching after fork from child process 338559] [New Thread 0x7fffcbfff700 (LWP 338561)] [Thread 0x7fffcbfff700 (LWP 338561) exited] 19:22:58:0238 GsPluginSnap Failed to load snap icon: local snap has no icon 19:22:58:0244 GsPluginSnap Failed to load snap icon: local snap has no icon [Thread 0x7fffe2d02700 (LWP 338380) exited] [New Thread 0x7fffe2d02700 (LWP 338698)] [New Thread 0x7fffcbfff700 (LWP 338699)] 19:23:00:0604 Gs can't reliably fixup error from domain as-icon-error-quark 19:23:00:0604 Gs can't reliably fixup error from domain as-icon-error-quark 19:23:00:0604 Gs can't reliably fixup error from domain as-icon-error-quark 19:23:00:0608 Gs can't reliably fixup error from domain as-icon-error-quark 19:23:00:0612 Gs can't reliably fixup error from domain as-icon-error-quark 19:23:00:0629 Gs can't reliably fixup error from domain as-icon-error-quark 19:23:00:0631 Gs can't reliably fixup error from domain as-icon-error-quark 19:23:00:0631 Gs can't reliably fixup error from domain as-icon-error-quark 19:23:00:0639 Gs can't reliably fixup error from domain as-icon-error-quark 19:23:00:0641 Gs can't reliably fixup error from domain as-icon-error-quark 19:23:00:0652 Gs can't reliably fixup error from domain as-icon-error-quark 19:23:00:0654 Gs can't reliably fixup error from domain as-icon-error-quark 19:23:00:0698 Gs can't reliably fixup error from domain as-icon-error-quark 19:23:00:0708 Gs can't reliably fixup
Bug#947237: gnome-software: Crashes on click over any software icon
Dear Maintainer, the given valgrind backtrace should translate to something like below (which did not crash for me). The crashing instruction tries to read memory pointed by register $rdi, that held in my test the address in parameters "v" / "key" / "name". So I assume for some reason this register $rdi and parameter "v" / "key" / "name" contain a null pointer leading to the crash seen by definetti. Kind regards, Bernhard (gdb) bt #0 0x77df6e20 in g_str_hash (v=0x7fffdc38d780) at ../../../glib/ghash.c:2324 #1 0x77df5eff in g_hash_table_lookup_node (hash_return, key=0x7fffdc38d780, hash_table) at ../../../glib/ghash.c:473 #2 0x77df5eff in g_hash_table_lookup (hash_table, key=key@entry=0x7fffdc38d780) at ../../../glib/ghash.c:1509 #3 0x708f9389 in store_snap_cache_lookup (need_details, name=0x7fffdc38d780 "notepad-plus-plus", plugin) at ../plugins/snap/gs-plugin-snap.c:204 #4 0x708f9389 in get_store_snap (plugin, name=0x7fffdc38d780 "notepad-plus-plus", need_details, cancellable, error) at ../plugins/snap/gs-plugin-snap.c:520 #5 0x708f9d2d in gs_plugin_add_alternates (plugin, app, list, cancellable, error) at ../plugins/snap/gs-plugin-snap.c:592 #6 0x555cca3f in gs_plugin_loader_call_vfunc (helper, plugin, app, app@entry, list, list@entry, refine_flags, refine_flags@entry, cancellable, error) at ../lib/gs-plugin-loader.c:651 #7 0x555ccc62 in gs_plugin_loader_run_results (helper, cancellable, error) at ../lib/gs-plugin-loader.c:1084 #8 0x555cdac5 in gs_plugin_loader_process_thread_cb (task, object, task_data, cancellable) at ../lib/gs-plugin-loader.c:3040 #9 0x77c92bae in g_task_thread_pool_thread (thread_data, pool_data) at ../../../gio/gtask.c:1410 #10 0x77e31404 in g_thread_pool_thread_proxy (data) at ../../../glib/gthreadpool.c:308 #11 0x77e30d0d in g_thread_proxy (data) at ../../../glib/gthread.c:805 #12 0x76fcdfb7 in start_thread (arg) at pthread_create.c:486 #13 0x76eff2df in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 (gdb) display/i $pc 2: x/i $pc => 0x77df6e20 : movsbl (%rdi),%eax (gdb) print/x $rdi $5 = 0x7fffdc38d780
Bug#947237: gnome-software: Crashes on click over any software icon
On Mon, 23 Dec 2019 11:45:45 +0100 definetti wrote: > Dear Maintainer, Hello, > upon updating to 3.34.2, the application crashes when I click over any software > icon, before the relative page is loaded. > Valgrind reports a segmentation fault with the error > > ==186020== Thread 5 pool-gnome-soft: > ==186020== Invalid read of size 1 > ==186020== at 0x49AAE20: g_str_hash (in /usr/lib/x86_64-linux- > gnu/libglib-2.0.so.0.6200.3) > ==186020== by 0x49A9EFE: g_hash_table_lookup (in /usr/lib/x86_64-linux- > gnu/libglib-2.0.so.0.6200.3) > ==186020== by 0xE030388: ??? (in /usr/lib/x86_64-linux-gnu/gs- > plugins-13/libgs_plugin_snap.so) > ==186020== by 0xE030D2C: gs_plugin_add_alternates (in /usr/lib/x86_64-linux- > gnu/gs-plugins-13/libgs_plugin_snap.so) The issue seems to be in the snap plugin, are you using snap? Could you please install the debug packages (gnome-software-plugin-snap-dbgsym and gnome-software-dbgsym) and try to reproduce the issue so we have a better trace? If you are not using snap, could you try to uninstall the gnome-software-plugin-snap package and see if you can still reproduce it? Thanks, Laurent Bigonville
Bug#947237: gnome-software: Crashes on click over any software icon
Package: gnome-software Version: 3.34.2-1 Severity: grave Justification: renders package unusable Dear Maintainer, upon updating to 3.34.2, the application crashes when I click over any software icon, before the relative page is loaded. Valgrind reports a segmentation fault with the error ==186020== Thread 5 pool-gnome-soft: ==186020== Invalid read of size 1 ==186020==at 0x49AAE20: g_str_hash (in /usr/lib/x86_64-linux- gnu/libglib-2.0.so.0.6200.3) ==186020==by 0x49A9EFE: g_hash_table_lookup (in /usr/lib/x86_64-linux- gnu/libglib-2.0.so.0.6200.3) ==186020==by 0xE030388: ??? (in /usr/lib/x86_64-linux-gnu/gs- plugins-13/libgs_plugin_snap.so) ==186020==by 0xE030D2C: gs_plugin_add_alternates (in /usr/lib/x86_64-linux- gnu/gs-plugins-13/libgs_plugin_snap.so) ==186020==by 0x180A3E: ??? (in /usr/bin/gnome-software) ==186020==by 0x180C61: ??? (in /usr/bin/gnome-software) ==186020==by 0x181AC4: ??? (in /usr/bin/gnome-software) ==186020==by 0x4B3FBAD: ??? (in /usr/lib/x86_64-linux- gnu/libgio-2.0.so.0.6200.3) ==186020==by 0x49E5403: ??? (in /usr/lib/x86_64-linux- gnu/libglib-2.0.so.0.6200.3) ==186020==by 0x49E4D0C: ??? (in /usr/lib/x86_64-linux- gnu/libglib-2.0.so.0.6200.3) ==186020==by 0x586DFB6: start_thread (pthread_create.c:486) ==186020==by 0x59802DE: clone (clone.S:95) ==186020== Address 0x0 is not stack'd, malloc'd or (recently) free'd ==186020== ==186020== ==186020== Process terminating with default action of signal 11 (SIGSEGV) ==186020== Access not within mapped region at address 0x0 ==186020==at 0x49AAE20: g_str_hash (in /usr/lib/x86_64-linux- gnu/libglib-2.0.so.0.6200.3) ==186020==by 0x49A9EFE: g_hash_table_lookup (in /usr/lib/x86_64-linux- gnu/libglib-2.0.so.0.6200.3) ==186020==by 0xE030388: ??? (in /usr/lib/x86_64-linux-gnu/gs- plugins-13/libgs_plugin_snap.so) ==186020==by 0xE030D2C: gs_plugin_add_alternates (in /usr/lib/x86_64-linux- gnu/gs-plugins-13/libgs_plugin_snap.so) ==186020==by 0x180A3E: ??? (in /usr/bin/gnome-software) ==186020==by 0x180C61: ??? (in /usr/bin/gnome-software) ==186020==by 0x181AC4: ??? (in /usr/bin/gnome-software) ==186020==by 0x4B3FBAD: ??? (in /usr/lib/x86_64-linux- gnu/libgio-2.0.so.0.6200.3) ==186020==by 0x49E5403: ??? (in /usr/lib/x86_64-linux- gnu/libglib-2.0.so.0.6200.3) ==186020==by 0x49E4D0C: ??? (in /usr/lib/x86_64-linux- gnu/libglib-2.0.so.0.6200.3) ==186020==by 0x586DFB6: start_thread (pthread_create.c:486) ==186020==by 0x59802DE: clone (clone.S:95) ==186020== If you believe this happened as a result of a stack ==186020== overflow in your program's main thread (unlikely but ==186020== possible), you can try to increase the size of the ==186020== main thread stack using the --main-stacksize= flag. ==186020== The main thread stack size used in this run was 8388608. ==186020== ==186020== HEAP SUMMARY: ==186020== in use at exit: 65,941,044 bytes in 622,962 blocks ==186020== total heap usage: 8,637,607 allocs, 8,014,645 frees, 651,438,846 bytes allocated ==186020== ==188776== LEAK SUMMARY: ==188776==definitely lost: 210,222 bytes in 8,611 blocks ==188776==indirectly lost: 81,462 bytes in 2,996 blocks ==188776== possibly lost: 78,811 bytes in 2,970 blocks ==188776==still reachable: 56,820,856 bytes in 558,369 blocks ==188776== of which reachable via heuristic: ==188776== length64 : 14,928 bytes in 234 blocks ==188776== newarray : 2,288 bytes in 63 blocks ==188776== suppressed: 0 bytes in 0 blocks ==188776== Rerun with --leak-check=full to see details of leaked memory ==188776== ==188776== Use --track-origins=yes to see where uninitialised values come from ==188776== For lists of detected and suppressed errors, rerun with: -s ==188776== ERROR SUMMARY: 99 errors from 5 contexts (suppressed: 0 from 0) ==186020== LEAK SUMMARY: ==186020==definitely lost: 203,152 bytes in 8,601 blocks ==186020==indirectly lost: 88,160 bytes in 3,275 blocks ==186020== possibly lost: 80,963 bytes in 2,977 blocks ==186020==still reachable: 58,422,441 bytes in 560,670 blocks ==186020== of which reachable via heuristic: ==186020== length64 : 15,016 bytes in 235 blocks ==186020== newarray : 2,288 bytes in 63 blocks ==186020== suppressed: 0 bytes in 0 blocks ==186020== Rerun with --leak-check=full to see details of leaked memory ==186020== ==186020== Use --track-origins=yes to see where uninitialised values come from ==186020== For lists of detected and suppressed errors, rerun with: -s ==186020== ERROR SUMMARY: 100 errors from 6 contexts (suppressed: 0 from 0) zsh: segmentation fault valgrind gnome-software --verbose *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? * What exactly did you do
