Bug 545757 - polkitd segfault starting VNC session
polkitd segfault starting VNC session
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: polkit (Show other bugs)
12
All Linux
low Severity medium
: ---
: ---
Assigned To: David Zeuthen
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-12-09 05:04 EST by Tim Waugh
Modified: 2009-12-17 12:51 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-12-17 12:51:24 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Tim Waugh 2009-12-09 05:04:17 EST
Description of problem:
VNC sessions starts using /etc/sysconfig/vncservers no longer work, starting today.

Part of the reason is that polkitd is crashing.

Version-Release number of selected component (if applicable):
polkit-0.95-0.git20090913.3.fc12.x86_64
selinux-policy-3.6.32-55.fc12.noarch

How reproducible:
100%

Steps to Reproduce:
1.Configure a VNC server in /etc/sysconfig/vncservers and enable the vncserver service
  
Actual results:
Session does not start correctly, polkitd crashes.

Additional info:
Core was generated by `/usr/libexec/polkit-1/polkitd'.
Program terminated with signal 11, Segmentation fault.
#0  _egg_dbus_error_encode_gerror (error=0x2099200) at eggdbuserror.c:135
135	  if (strcmp (domain_as_string, "EggDBusError") == 0)
[...]
(gdb) bt full
#0  _egg_dbus_error_encode_gerror (error=0x2099200) at eggdbuserror.c:135
        domain_as_string = 0x0
        s = <value optimized out>
        n = <value optimized out>
        enum_type = <value optimized out>
#1  0x0000003f522287c1 in egg_dbus_method_invocation_return_gerror (
    method_invocation=0x20b6ec0, error=0x2099200)
    at eggdbusmethodinvocation.c:342
        error_name = <value optimized out>
#2  0x00000035c761a5d1 in check_auth_cb (source_object=0x0, res=0x0, 
    user_data=0x20b6ec0) at polkitbackendauthority.c:632
        method_invocation = 0x20b6ec0
        full_cancellation_id = 0x0
        result = 0x0
        error = 0x2099200
#3  0x00000035c761cdf0 in polkit_backend_interactive_authority_check_authorization (authority=0x208e6d0, caller=0x20998e0, subject=<value optimized out>, 
    action_id=<value optimized out>, details=<value optimized out>, 
    flags=<value optimized out>, cancellable=<value optimized out>, 
    callback=<value optimized out>, user_data=<value optimized out>)
    at polkitbackendinteractiveauthority.c:492
        interactive_authority = <value optimized out>
        caller_str = <value optimized out>
        subject_str = <value optimized out>
        user_of_caller = 0x2099ac0
        user_of_subject = 0x0
        user_of_caller_str = <value optimized out>
        user_of_subject_str = 0x0
        result = 0x0
        implicit_authorization = <value optimized out>
        error = 0x20990a0
        simple = 0x209db60
        has_details = <value optimized out>
        detail_keys = <value optimized out>
#4  0x00000035c761a25e in authority_handle_check_authorization (
    instance=0x20b7550, real_subject=<value optimized out>, 
    action_id=<value optimized out>, real_details=<value optimized out>, 
    flags=<value optimized out>, cancellation_id=<value optimized out>, 
    method_invocation=<value optimized out>) at polkitbackendauthority.c:700
        server = 0x209c240
        caller_name = 0x209c900 ":1.33"
        subject = 0x20b7550
        caller = 0x20998e0
        cancellable = 0x0
        details = <value optimized out>
#5  0x00000035c76285d9 in handle_method_call (message=<value optimized out>, 
    interface=<value optimized out>) at _polkitauthority.c:2309
        _flags = _POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE
        _cancellation_id = 0x20a4f10 ""
        _subject = 0x20b6e80
        _action_id = 0x20a46e0 "org.freedesktop.RealtimeKit1.acquire-high-priority"
        _details = 0x20b2800
        method_name = 0x20a46e0 "org.freedesktop.RealtimeKit1.acquire-high-priority"
        error = 0x0
        signature = 0x20b6ec0 "@\273\t\002"
        expected_signature = 0x30fa5 <Address 0x30fa5 out of bounds>
        iface = 0x20b6e80
        method_invocation = 0x20b6ec0
#6  handle_message (message=<value optimized out>, 
    interface=<value optimized out>) at _polkitauthority.c:2857
        __PRETTY_FUNCTION__ = "handle_message"
#7  0x0000003f5222067c in filter_function_handle_method_call (
    user_data=<value optimized out>, dmessage=<value optimized out>, 
    dconnection=<value optimized out>) at eggdbusconnection.c:2213
        connection = <value optimized out>
        method_name = <value optimized out>
        data = <value optimized out>
        message = 0x209ab40
        objpath = 0x20aa3f8 "/org/freedesktop/PolicyKit1/Authority"
        sender = <value optimized out>
        interface_name = 0x20aa450 "org.freedesktop.PolicyKit1.Authority"
#8  filter_function (user_data=<value optimized out>, 
    dmessage=<value optimized out>, dconnection=<value optimized out>)
    at eggdbusconnection.c:294
        ret = DBUS_HANDLER_RESULT_HANDLED
#9  0x0000003df54109d6 in dbus_connection_dispatch (connection=0x20bcfc0)
    at dbus-connection.c:4444
        filter = <value optimized out>
        next = 0x0
        message = 0x20a9a90
        link = <value optimized out>
        filter_list_copy = 0x209b3d0
        message_link = 0x209b508
        result = <value optimized out>
        pending = <value optimized out>
        reply_serial = <value optimized out>
        status = <value optimized out>
        __FUNCTION__ = "dbus_connection_dispatch"
#10 0x0000003f506098e5 in message_queue_dispatch (
    source=<value optimized out>, callback=<value optimized out>, 
    user_data=<value optimized out>) at dbus-gmain.c:101
        connection = 0x20bcfc0
#11 0x0000003f4d23922e in g_main_dispatch (context=<value optimized out>)
    at gmain.c:1960
        dispatch = 0x3f506098d0 <message_queue_dispatch>
        was_in_call = 0
        user_data = 0x0
        callback = 0
        cb_funcs = 0x0
        cb_data = <value optimized out>
        current_source_link = {data = 0x2095f60, next = 0x0}
        source = 0x2095f60
        current = 0x2099140
        i = <value optimized out>
#12 IA__g_main_context_dispatch (context=<value optimized out>) at gmain.c:2513
No locals.
#13 0x0000003f4d23cc18 in g_main_context_iterate (context=0x2093800, 
    block=<value optimized out>, dispatch=<value optimized out>, 
    self=<value optimized out>) at gmain.c:2591
        max_priority = 0
        timeout = 0
        some_ready = 1
        nfds = 2
        allocated_nfds = <value optimized out>
        fds = <value optimized out>
        __PRETTY_FUNCTION__ = "g_main_context_iterate"
#14 0x0000003f4d23d065 in IA__g_main_loop_run (loop=0x2090180) at gmain.c:2799
        self = 0x20949b0
        __PRETTY_FUNCTION__ = "IA__g_main_loop_run"
#15 0x0000000000400982 in main (argc=<value optimized out>, 
    argv=<value optimized out>) at main.c:59
        ret = 1
        error = 0x0
        loop = 0x0
        authority = 0x208e6d0
(gdb) p *error
$1 = {domain = 34181744, code = 0, message = 0x0}
Comment 1 Matthias Clasen 2009-12-11 14:14:33 EST
Can you reproduce this problem with 
polkit-0.95-2.fc12 and selinux-policy-3.6.32-57.fc12 ? 
Both are either in updates or updates-testing.
Comment 2 Tim Waugh 2009-12-14 11:43:15 EST
Had to fetch them from koji.

No, I can't reproduce it with those packages.
Comment 3 Matthias Clasen 2009-12-17 12:51:24 EST
Thanks for testing. I'll assume it is fixed then.

Note You need to log in before you can comment on or make changes to this bug.