Bug 1304700 - segfault in network::TcpListener::TcpListener
segfault in network::TcpListener::TcpListener
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: tigervnc (Show other bugs)
Unspecified Unspecified
high Severity medium
: rc
: ---
Assigned To: Jan Grulich
Desktop QE
: ZStream
Depends On: 1283925
  Show dependency treegraph
Reported: 2016-02-04 07:10 EST by Marcel Kolaja
Modified: 2016-05-07 15:02 EDT (History)
12 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: Using -inetd option with tigervnc caused tigervnc to immediately crash. Consequence: Tigervnc immediately crashes and is not usable. Fix: I didn't backport IPv6 support properly during tigervnc rebase for RHEL 7.2 and there was a missing part of IPv6 patch which was causing this crash. The missing part was added and tigervnc no longer crashes with -inetd option. Result: You can now use tigervnc with -inetd option.
Story Points: ---
Clone Of: 1283925
Last Closed: 2016-03-31 18:03:06 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
coredump (1.84 MB, application/x-core)
2016-02-23 17:25 EST, Joe Wright
no flags Details

  None (edit)
Description Marcel Kolaja 2016-02-04 07:10:43 EST
This bug has been copied from bug #1283925 and has been proposed
to be backported to 7.2 z-stream (EUS).
Comment 3 Jan Grulich 2016-02-04 07:25:41 EST
Fixed in tigervnc-1.3.1-4.el7_2.
Comment 8 Joe Wright 2016-02-23 17:25 EST
Created attachment 1129931 [details]

Customre reports test package does not resolve the issue. coredump attached
Comment 9 Joe Wright 2016-02-23 18:02:33 EST
$ gdb `which Xvnc` coredump 
GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-80.el7
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
Reading symbols from /usr/bin/Xvnc...Reading symbols from /usr/lib/debug/usr/bin/Xvnc.debug...done.
[New LWP 3853]
Core was generated by `Xvnc -inetd -query localhost -once -geometry 1024x768 -depth 16 securitytypes=n'.
Program terminated with signal 11, Segmentation fault.
#0  0x0000000000527267 in InputDevice::isAffectedByNumLock (this=<optimized out>, keycode=<optimized out>) at InputXKB.cc:516
516             act = XkbKeyActionPtr(xkb, numlock_keycode, state);
(gdb) bt
#0  0x0000000000527267 in InputDevice::isAffectedByNumLock (this=<optimized out>, keycode=<optimized out>) at InputXKB.cc:516
#1  0x00007ffd60856b70 in ?? ()
#2  0x000000000f3b9a5b in ?? ()
#3  0x190a8f440aeba800 in ?? ()
#4  0x0000000000000032 in ?? ()
#5  0x0000000000000032 in ?? ()
#6  0x0000000000000008 in ?? ()
#7  0x0000000000000001 in ?? ()
#8  0x000000000000000a in ?? ()
#9  0x000000000044794e in glColor3ubv@plt ()
#10 0x0000000000000000 in ?? ()

(gdb) info loc
state = 50
numlock_mask = <optimized out>
xkb = 0x7ffd60856ba0
type = <optimized out>
numlock_keycode = 0 '\000'
act = <optimized out>
(gdb) l
511             if (numlock_keycode == 0)
512                     return false;
514             xkb = GetMaster(keyboardDev, KEYBOARD_OR_FLOAT)->key->xkbInfo->desc;
516             act = XkbKeyActionPtr(xkb, numlock_keycode, state);
517             if (act == NULL)
518                     return false;
519             if (act->type != XkbSA_LockMods)
520                     return false;
(gdb) p keyboardDev
value has been optimized out
(gdb) edit
(gdb) info sh
No shared libraries loaded at this time.

This makes no sense at all
[root@localhost C01585119]# ldd -r /usr/bin/Xvnc
        linux-vdso.so.1 =>  (0x00007fffc79a7000)
        libjpeg.so.62 => /lib64/libjpeg.so.62 (0x00007f4022235000)
        libz.so.1 => /lib64/libz.so.1 (0x00007f402201f000)
        libgnutls.so.28 => /lib64/libgnutls.so.28 (0x00007f4021ce9000)
        libnettle.so.4 => /lib64/libnettle.so.4 (0x00007f4021ab8000)
        libdl.so.2 => /lib64/libdl.so.2 (0x00007f40218b4000)
        libpixman-1.so.0 => /lib64/libpixman-1.so.0 (0x00007f4021606000)
        libXfont.so.1 => /lib64/libXfont.so.1 (0x00007f40213d2000)
        libXau.so.6 => /lib64/libXau.so.6 (0x00007f40211ce000)
        libxshmfence.so.1 => /lib64/libxshmfence.so.1 (0x00007f4020fcb000)
        libXdmcp.so.6 => /lib64/libXdmcp.so.6 (0x00007f4020dc5000)
        libpam_misc.so.0 => /lib64/libpam_misc.so.0 (0x00007f4020bc1000)
        libpam.so.0 => /lib64/libpam.so.0 (0x00007f40209b1000)
        libGL.so.1 => /lib64/libGL.so.1 (0x00007f402071a000)
        libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f40204fe000)
        libX11.so.6 => /lib64/libX11.so.6 (0x00007f40201bf000)
        libstdc++.so.6 => /lib64/libstdc++.so.6 (0x00007f401feb6000)
        libm.so.6 => /lib64/libm.so.6 (0x00007f401fbb4000)
        libgcc_s.so.1 => /lib64/libgcc_s.so.1 (0x00007f401f99d000)
        libc.so.6 => /lib64/libc.so.6 (0x00007f401f5dc000)
        libp11-kit.so.0 => /lib64/libp11-kit.so.0 (0x00007f401f396000)
        libtspi.so.1 => /lib64/libtspi.so.1 (0x00007f401f124000)
        libtasn1.so.6 => /lib64/libtasn1.so.6 (0x00007f401ef10000)
        libhogweed.so.2 => /lib64/libhogweed.so.2 (0x00007f401ece9000)
        libgmp.so.10 => /lib64/libgmp.so.10 (0x00007f401ea71000)
        /lib64/ld-linux-x86-64.so.2 (0x00007f40224a5000)
        libfreetype.so.6 => /lib64/libfreetype.so.6 (0x00007f401e7cb000)
        libfontenc.so.1 => /lib64/libfontenc.so.1 (0x00007f401e5c4000)
        libaudit.so.1 => /lib64/libaudit.so.1 (0x00007f401e39c000)
        libexpat.so.1 => /lib64/libexpat.so.1 (0x00007f401e172000)
        libglapi.so.0 => /lib64/libglapi.so.0 (0x00007f401df44000)
        libselinux.so.1 => /lib64/libselinux.so.1 (0x00007f401dd1e000)
        libXext.so.6 => /lib64/libXext.so.6 (0x00007f401db0c000)
        libXdamage.so.1 => /lib64/libXdamage.so.1 (0x00007f401d909000)
        libXfixes.so.3 => /lib64/libXfixes.so.3 (0x00007f401d702000)
        libX11-xcb.so.1 => /lib64/libX11-xcb.so.1 (0x00007f401d500000)
        libxcb-glx.so.0 => /lib64/libxcb-glx.so.0 (0x00007f401d2e6000)
        libxcb-dri2.so.0 => /lib64/libxcb-dri2.so.0 (0x00007f401d0e0000)
        libxcb-dri3.so.0 => /lib64/libxcb-dri3.so.0 (0x00007f401cedd000)
        libxcb-present.so.0 => /lib64/libxcb-present.so.0 (0x00007f401ccda000)
        libxcb-randr.so.0 => /lib64/libxcb-randr.so.0 (0x00007f401cacb000)
        libxcb-xfixes.so.0 => /lib64/libxcb-xfixes.so.0 (0x00007f401c8c3000)
        libxcb-render.so.0 => /lib64/libxcb-render.so.0 (0x00007f401c6b9000)
        libxcb-shape.so.0 => /lib64/libxcb-shape.so.0 (0x00007f401c4b4000)
        libxcb-sync.so.1 => /lib64/libxcb-sync.so.1 (0x00007f401c2ad000)
        libxcb.so.1 => /lib64/libxcb.so.1 (0x00007f401c08b000)
        libXxf86vm.so.1 => /lib64/libXxf86vm.so.1 (0x00007f401be84000)
        libdrm.so.2 => /lib64/libdrm.so.2 (0x00007f401bc77000)
        libffi.so.6 => /lib64/libffi.so.6 (0x00007f401ba6e000)
        libcrypto.so.10 => /lib64/libcrypto.so.10 (0x00007f401b687000)
        libssl.so.10 => /lib64/libssl.so.10 (0x00007f401b41a000)
        libpcre.so.1 => /lib64/libpcre.so.1 (0x00007f401b1b8000)
        liblzma.so.5 => /lib64/liblzma.so.5 (0x00007f401af93000)
        libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x00007f401ad46000)
        libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007f401aa61000)
        libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007f401a85d000)
        libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007f401a62a000)
        libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x00007f401a41b000)
        libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007f401a217000)
        libresolv.so.2 => /lib64/libresolv.so.2 (0x00007f4019ffc000)
Comment 10 Jan Grulich 2016-02-24 04:31:53 EST
This is a completely different crash. Is any other customer able to confirm that the latest tigervnc still crashes due to the same problem?
Comment 11 Joe Wright 2016-02-24 11:14:52 EST
I haven't had anyone come back and say yes/no for confirmation.
Comment 16 Joe Wright 2016-03-01 11:08:18 EST
Ok so we figured out why it was still showing the old version. The vncserver-minimal package was not updated. Is there a reason that the minimal server package is not a dependency for the main package? RPM never should have allowed the main server package to update without the minimal package being updated as well.
Comment 17 Jan Grulich 2016-03-01 11:21:59 EST
There is a dependency between them, but it's not versioned. Usually when you update system using yum/dnf/whatever you won't have this problem.
Comment 18 Joe Wright 2016-03-01 11:24:05 EST
Can we make it versioned? I'd like to prevent this from happening again.
Comment 19 Jan Grulich 2016-03-01 13:49:21 EST
Yep, we can do that. I have another tigervnc bug(s) for RHEL 7.3 so I'll include your request too.
Comment 20 Joe Wright 2016-03-01 13:51:18 EST
Thanks much! :)
Comment 27 errata-xmlrpc 2016-03-31 18:03:06 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.