Ubuntu
grub2 package

grub package update may crash when used with PnP wireless modems

Bug #657489 reported by Michael Lazarev on 2010-10-09

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	grub2 (Ubuntu)	Fix Released	Undecided	Colin Watson

Bug Description

Binary package hint: grub2

Many plug-and-play wireless modems present themselves as group of USB devices, including storage device, like CD-ROM. It is not a real drive, but a trick to help installing drivers on Windows. This storage has autorun file and drivers for Windows so that they are automatically installed when device is plugged in.

I use Samsung U200 supported by madwimax package. It turns off the CD part of device with '/bin/echo -n $kernel > /sys/$devpath/driver/unbind' command in udev rules. This leads to a condition when in /dev/disk/by-id/ there is a link like this: "usb-Samsung_Install_Disk-0:0 -> ../../sr1". But there is no /dev/sr1

When one updates to grub 1.98+20100804-5ubuntu3 in such condition, or issues "update-grub" or "grub-install" commands, he will see error messages. The output is the following.

milaz@K8N:~$ sudo dpkg-reconfigure grub-pc
Segmentation fault
Generating grub.cfg ...
Segmentation fault
Segmentation fault
Found linux image: /boot/vmlinuz-2.6.35-22-generic
Found initrd image: /boot/initrd.img-2.6.35-22-generic
Segmentation fault
Segmentation fault
Found memtest86+ image: /boot/memtest86+.bin
Segmentation fault
Found Ubuntu 9.10 (9.10) on /dev/sda5
Segmentation fault
Found Ubuntu 10.04.1 LTS (10.04) on /dev/sda6
Segmentation fault
done

During this process, /boot/grub/device.map gets destroyed, and as I believe, more severe consequences will follow on reboot. I just was reluctant to experience them, and tracked this issue.

The reason is grub-mkdevicemap program, which crashes with segfault. It happens because NULL pointer (because of failed canonicalize_file_name) is supplied to strcmp function. By the standard, in such case its behavior is undefined. In my case, it preferred to crash.

The patch to resolve this issue is attached.

While my issue may seem exotic, there may be more plain way to get into the same trouble. There's also bugs like 518026 and 510436 which can be caused by this or likely issue, and remedied by the proposed patch.

I am no way experienced in Debian or Ubuntu infrastructure, so please excuse me if this is prepared in a wrong way, and be welcome with questions and suggestions.

Revision history for this message

Michael Lazarev (milaz) wrote on 2010-10-09:

for “grub2” 1.98+20100804-5ubuntu3 source package in Ubuntu Edit (1.2 KiB, text/plain)

Revision history for this message

Colin Watson (cjwatson) wrote on 2010-11-24:

Thanks for your patch. I'm afraid I hadn't noticed this at the time, but somebody asked about this independently on IRC yesterday and I fixed it a different way:

2010-11-23 Colin Watson <email address hidden>

        * util/deviceiter.c (compare_devices): If the by-id link for a
        device couldn't be resolved, fall back to sorting by the by-id link
        rather than segfaulting.
        Reported and tested by: Daniel Mierswa.

This patch is in version 1.99~20101124-1ubuntu1, now in Natty.

Changed in grub2 (Ubuntu):
assignee:	nobody → Colin Watson (cjwatson)
status:	New → Fix Released

Revision history for this message

Colin Watson (cjwatson) wrote on 2010-11-24:

There was one piece of your patch left, namely that to check for "." and "..". It doesn't actually matter because anything we can't fopen later on is ignored (and the same goes for broken symlinks, once we stop segfaulting while trying to sort them), but it makes sense not to bother sorting "." and "..". I've committed a similar patch upstream.

2010-11-24 Colin Watson <email address hidden>

        * util/deviceiter.c (grub_util_iterate_devices): Save a bit of
        effort by skipping "." and ".." entries up-front.
        Suggested by: Michael Lazarev.

Revision history for this message

TuxFan (make) wrote on 2011-02-28:

Thank you Michael for a good description, it probably saved me from ending up with an unbootable system.

I had the same symptoms in Maverick after activating the proposed repository and installing grub-pc_1.98+20100804-5ubuntu3.1_i386. My reason to segmentation faults wasn't a PnP wireless modem, but a normal USB memory stick. Apparently it wasn't somehow properly unmounted and it showed in /dev/disk/by-id/ even though the stick was removed from the computer. After plugging the stick back in and unmounting it, I could do a clean 'dpkg-reconfigure grub-pc'.