[Pkg-gtkpod-devel] Bug#941703: libimobiledevice6: Crashes upower with stack smashing when connecting an iPhone

Diego Escalante Urrelo diegoe at gnome.org
Fri Oct 4 00:23:33 BST 2019 

Package: libimobiledevice6
Version: 1.2.1~git20181030.92c5462-1
Severity: important

Whenever you connect an iPhone when upower is running, a crash in upower
is triggered, apparently because libimobiledevice is doing something
leading to a stack smash crash.

The same happens if you already have the iPhone connected when upower
starts. I'm attaching a trace and log of the first case (connecting the
iPhone when upower is already running).

Note that this crash triggers upower to endlessly reload because of the
crash-restart-crash cycle it gets into.

TI:18:18:15	on_battery = no
TI:18:18:15	SYSFS add /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2
TI:18:18:15	no changes
TI:18:18:15	failed to refresh /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2
TI:18:18:15	object path = /org/freedesktop/UPower/devices/phone_1_2x2
TI:18:18:15	added /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2
TI:18:18:15	emitting added: /org/freedesktop/UPower/devices/phone_1_2x2
TI:18:18:15	SYSFS add /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2/1-2.2:1.0
TI:18:18:15	failed to coldplug /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2/1-2.2:1.0
[New Thread 0x7ffff532e700 (LWP 5588)]
TI:18:18:15	failed to coldplug /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2/1-2.2:1.0
[Thread 0x7ffff532e700 (LWP 5588) exited]
TI:18:18:15	failed to coldplug /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2/1-2.2:1.0
TI:18:18:15	unhandled action 'bind' on /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2
TI:18:18:15	SYSFS remove /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2/1-2.2:1.0
TI:18:18:15	ignoring remove event on /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2/1-2.2:1.0
TI:18:18:15	SYSFS add /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2/1-2.2:4.0
TI:18:18:15	failed to coldplug /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2/1-2.2:4.0
[New Thread 0x7ffff532e700 (LWP 5594)]
TI:18:18:15	failed to coldplug /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2/1-2.2:4.0
[Thread 0x7ffff532e700 (LWP 5594) exited]
TI:18:18:15	failed to coldplug /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2/1-2.2:4.0
TI:18:18:15	SYSFS add /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2/1-2.2:4.2
TI:18:18:15	failed to coldplug /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2/1-2.2:4.2
[New Thread 0x7ffff532e700 (LWP 5596)]
TI:18:18:15	failed to coldplug /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2/1-2.2:4.2
[Thread 0x7ffff532e700 (LWP 5596) exited]
TI:18:18:15	failed to coldplug /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2/1-2.2:4.2
TI:18:18:15	SYSFS add /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2/1-2.2:4.1
TI:18:18:15	failed to coldplug /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2/1-2.2:4.1
[New Thread 0x7ffff532e700 (LWP 5598)]
TI:18:18:15	failed to coldplug /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2/1-2.2:4.1
[Thread 0x7ffff532e700 (LWP 5598) exited]
TI:18:18:15	failed to coldplug /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2/1-2.2:4.1
TI:18:18:15	unhandled action 'bind' on /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2/1-2.2:4.1
TI:18:18:15	unhandled action 'bind' on /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2/1-2.2:4.2
TI:18:18:15	unhandled action 'bind' on /sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2.2/1-2.2:4.0
TI:18:18:16	Unknown state on supply /org/freedesktop/UPower/devices/battery_BAT0; forcing update after 1 seconds
TI:18:18:16	on_battery = no
TI:18:18:16	on_battery = no
TI:18:18:16	using min design voltage
TI:18:18:16	on_battery = no
TI:18:18:16	on_battery = no
TI:18:18:16	on_battery = no
TI:18:18:16	Setup poll for 'BAT0' every 120 seconds
TI:18:18:16	on_battery = no
TI:18:18:16	on_battery = no
TI:18:18:16	on_battery = no
TI:18:18:16	Setup poll for 'BAT0' every 120 seconds
TI:18:18:16	on_battery = no
TI:18:18:16	on_battery = no
TI:18:18:16	on_battery = no
TI:18:18:16	Setup poll for 'BAT0' every 120 seconds
TI:18:18:16	on_battery = no
TI:18:18:16	on_battery = no
TI:18:18:16	on_battery = no
TI:18:18:16	on_battery = no
TI:18:18:16	on_battery = no
TI:18:18:16	on_battery = no
TI:18:18:16	on_battery = no
[Thread 0x7ffff5b2f700 (LWP 5543) exited]
*** stack smashing detected ***: <unknown> terminated

Thread 1 "upowerd" received signal SIGABRT, Aborted.
__GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50	../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0  0x00007ffff7a1c081 in __GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1  0x00007ffff7a07535 in __GI_abort () at abort.c:79
#2  0x00007ffff7a5ddb8 in __libc_message (action=<optimized out>, fmt=fmt at entry=0x7ffff7b688a2 "*** %s ***: %s terminated\n")
    at ../sysdeps/posix/libc_fatal.c:181
#3  0x00007ffff7aec81d in __GI___fortify_fail_abort (need_backtrace=need_backtrace at entry=false, msg=msg at entry=0x7ffff7b68880 "stack smashing detected")
    at fortify_fail.c:28
#4  0x00007ffff7aec7d2 in __stack_chk_fail () at stack_chk_fail.c:29
#5  0x00007ffff7bdc4b7 in idevice_new (device=0x7fffffffe1c0, udid=<optimized out>) at idevice.c:262
#6  0x0000000000000000 in  ()


-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.2.0-3-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libimobiledevice6 depends on:
ii  libc6        2.29-2
ii  libgcrypt20  1.8.5-2
ii  libgnutls30  3.6.9-5
ii  libplist3    2.0.1~git20190104.3f96731-1
ii  libtasn1-6   4.14-3
ii  libusbmuxd4  1.1.0~git20190924.b097ea3-2

Versions of packages libimobiledevice6 recommends:
ii  usbmuxd  1.1.1~git20181007.f838cf6-1+b1

Versions of packages libimobiledevice6 suggests:
pn  libusbmuxd-tools  <none>

-- no debconf information

More information about the Pkg-gtkpod-devel mailing list