GNOME Bugzilla – Bug 332679
gdmgreeter segfaults when clicking on "Username"
Last modified: 2006-03-20 23:00:30 UTC
That bug has been opened on https://launchpad.net/distros/ubuntu/+source/gdm/+bug/31982 "gdm 2.13.0.8-0ubuntu1on dapper: At the gdmgreeter login window, if I click on the text "Username", it crashes and gdm is restarted. ... http://librarian.launchpad.net/1577160/gdmgreeter.gdb I didn't find a way for gdmgreeter to dump core, so I attached gdb to it. ... > Thanks for your bug. What locale and theme do you use? The backtrace is not really useful because it lacks debug information, could you get a debug one (https://wiki.ubuntu.com/DebuggingProgramCrash)? ... locale is en_US.UTF-8, theme is default. Program received signal SIGSEGV, Segmentation fault.
+ Trace 66539
Thread 2001721024 (LWP 6654)
Thanks for the debug package! This is on a very clean and standard flight 4 installation, so I would be surprised if nobody else can confirm this. Just saw bug #26202 in gdm (Ubuntu): "gdm crash when tries to show face list" Is clicking on "Username" meant to bring up face list?"
This bug has been fixed in 2.13.0.10. If you still see the problem, reopen the bug.
still happening with 2.14.0
Weird, a similar problem was fixed when we added a missing header #include <glib/gi18n.h> to daemon/filecheck.c. Could you provide a stack trace of the core dump? Any debug information about where the problem occurs would be useful. Turn on gdm debug, any messages?
The bug description has a debug backtrace, what else strack trace do you want?
It is strange that this would cause a problem. The only way that function, greeter_item_run_action_callback should be called is if the user clicks on a button, not "Username" as the bug report suggestions. Notice in the gui/greeter code that the calls to greeter_item_register_action_callback all do pass valid functions as the 2nd argument. And the only way I could possibly see that this function could SEGV is if the cb_info structure pulled from the hash in this function is NULL. If this happened, then the code would try to call cb_info->func which would be invalid. The code should probably protect better against invalid input, but it seems all calls are passing non-NULL values to get registered in the hash and the id strings are all static strings, so that looks okay to me. I hope I am making sense. Perhaps I am just overlooking something else the problem could be. If you recompiled with "-g" option in CFLAGS, and provide a stacktrace so I could see the line number it is crashing on might help. Also, if you could run it in a debugger (or add a gdm_common_debug call to print out the value to the syslog), finding out what the "id" value passed to this function when it SEGV's, then this would be interesting. Perhaps there is a memory corruption problem causing the hash to get corrupted? Not sure.
that's the second time you ask for a debug backtrace for this bug, do you want a debug for libgnomecanvas too? The bug description has "#0 0x0805661c in greeter_item_run_action_callback (id=0x812ed00 "pam-prompt") at greeter_events.c:131" greeter_item_run_action_callback (), greeter_events.c, line number 131, id = "pam-prompt" "#1 0x08056709 in greeter_item_event_handler (item=0x8131088, event=0x80a55a0, data=0x812ec58) at greeter_events.c:176" greeter_item_event_handler (), greeter_events.c line 176 What other information do you expect from a backtrace?
Sorry, I missed that detail. Thanks, I think that helps me pinpoint the problem. I notice that run_action_callback gets called for any field that has an id, such as the Username field, so this function should just do nothing if there is no callback registered for the item. Check the code from CVS head - I think this will fix our problem. If you could test and let me know that would be great.
That fixes the issue, thank you