• Replies 19 replies
  • Subscribers 20 subscribers
  • Views 3096 views
  • Users 0 members are here
Options
Related

Bug report: SDK Manager 4.0.6 segfaults on Ubuntu 18 on login

Former Member
Former Member over 3 years ago

I hSteps to reproduce:

I hope somebody at Garmin will read it, this will not fall through the cracks, and it will eventually make it to the developers of the SDK manager. Steps to reproduce:

On Ubuntu 18

apt install libwebkitgtk-1.0-0

Download SDK manager 4.0.6 for Linux

mkdir garmin-sdk

cd garmin-sdk

unzip ~/Downloads/connectiq-sdk-manager-linux.zip # assuming that is where you put it

bin/sdkmanager

agree to the license, then log in to your account

upon successful login, a brief 500 server error message is displayed

In gdb we see this:

gdb bin/sdkmanager

...

(gdb)run

Thread 1 "sdkmanager" received signal SIGSEGV, Segmentation fault.
____longjmp_chk () at ../sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S:130
130     ../sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S: No such file or directory.

(gdb) thread apply all bt

Thread 23 (Thread 0x7fff84f5b700 (LWP 22723)):
#0  0x00007ffff6f5fad3 in futex_wait_cancelable (private=<optimized out>, expected=0, futex_word=0x7fffddc9f4dc)
   at ../sysdeps/unix/sysv/linux/futex-internal.h:88
#1  __pthread_cond_wait_common (abstime=0x0, mutex=0x7fffddc9f488, cond=0x7fffddc9f4b0) at pthread_cond_wait.c:502
#2  __pthread_cond_wait (cond=0x7fffddc9f4b0, mutex=0x7fffddc9f488) at pthread_cond_wait.c:655
#3  0x00007ffff177cf4b in WTF::ThreadCondition::timedWait(WTF::Mutex&, double) ()
  from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-1.0.so.0
#4  0x00007ffff2beae9b in ?? () from /usr/lib/x86_64-linux-gnu/libwebkitgtk-1.0.so.0
#5  0x00007ffff177c95a in ?? () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-1.0.so.0
#6  0x00007ffff6f596db in start_thread (arg=0x7fff84f5b700) at pthread_create.c:463
#7  0x00007ffff028f71f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 18 (Thread 0x7fff6b7fe700 (LWP 22718)):
#0  syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
#1  0x00007ffff52b7a8a in g_cond_wait_until () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007ffff52445a1 in ?? () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007ffff5244b5c in g_async_queue_timeout_pop () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x00007ffff5299d4e in ?? () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#5  0x00007ffff52992a5 in ?? () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#6  0x00007ffff6f596db in start_thread (arg=0x7fff6b7fe700) at pthread_create.c:463
#7  0x00007ffff028f71f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 14 (Thread 0x7fff86dc0700 (LWP 22714)):
#0  0x00007ffff0282cb9 in __GI___poll (fds=0x110e800, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1  0x00007ffff52716e9 in ?? () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007ffff52717fc in g_main_context_iteration () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007fff86dc836d in ?? () from /usr/lib/x86_64-linux-gnu/gio/modules/libdconfsettings.so
#4  0x00007ffff52992a5 in ?? () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#5  0x00007ffff6f596db in start_thread (arg=0x7fff86dc0700) at pthread_create.c:463
#6  0x00007ffff028f71f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

  at ../sysdeps/unix/sysv/linux/futex-internal.h:88
#1  __pthread_cond_wait_common (abstime=0x0, mutex=0x7fffdc8e2fe0, cond=0x7fffdc8e3008) at pthread_cond_wait.c:502
#2  __pthread_cond_wait (cond=0x7fffdc8e3008, mutex=0x7fffdc8e2fe0) at pthread_cond_wait.c:655
#3  0x00007ffff745a8bc in std::condition_variable::wait(std::unique_lock<std::mutex>&) ()
  from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#4  0x00007ffff1492eeb in JSC::GCThread::waitForNextPhase() ()
  from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-1.0.so.0
#5  0x00007ffff1492fd8 in JSC::GCThread::gcThreadMain() ()
  from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-1.0.so.0
#6  0x00007ffff177c95a in ?? () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-1.0.so.0
#7  0x00007ffff6f596db in start_thread (arg=0x7fff877fe700) at pthread_create.c:463
#8  0x00007ffff028f71f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 12 (Thread 0x7fff87fff700 (LWP 22712)):
#0  0x00007ffff6f5fad3 in futex_wait_cancelable (private=<optimized out>, expected=0, futex_word=0x7fffdc8e3034)
   at ../sysdeps/unix/sysv/linux/futex-internal.h:88
#1  __pthread_cond_wait_common (abstime=0x0, mutex=0x7fffdc8e2fe0, cond=0x7fffdc8e3008) at pthread_cond_wait.c:502
#2  __pthread_cond_wait (cond=0x7fffdc8e3008, mutex=0x7fffdc8e2fe0) at pthread_cond_wait.c:655
#3  0x00007ffff745a8bc in std::condition_variable::wait(std::unique_lock<std::mutex>&) ()
  from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#4  0x00007ffff1492eeb in JSC::GCThread::waitForNextPhase() ()
  from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-1.0.so.0
#5  0x00007ffff1492fd8 in JSC::GCThread::gcThreadMain() ()
  from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-1.0.so.0
#6  0x00007ffff177c95a in ?? () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-1.0.so.0
#7  0x00007ffff6f596db in start_thread (arg=0x7fff87fff700) at pthread_create.c:463
#8  0x00007ffff028f71f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 11 (Thread 0x7fff8ce80700 (LWP 22711)):
#0  0x00007ffff6f5fad3 in futex_wait_cancelable (private=<optimized out>, expected=0, futex_word=0x7fffdc8e3034)
   at ../sysdeps/unix/sysv/linux/futex-internal.h:88
#1  __pthread_cond_wait_common (abstime=0x0, mutex=0x7fffdc8e2fe0, cond=0x7fffdc8e3008) at pthread_cond_wait.c:502
#2  __pthread_cond_wait (cond=0x7fffdc8e3008, mutex=0x7fffdc8e2fe0) at pthread_cond_wait.c:655
#3  0x00007ffff745a8bc in std::condition_variable::wait(std::unique_lock<std::mutex>&) ()

  from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#4  0x00007ffff1492eeb in JSC::GCThread::waitForNextPhase() ()
  from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-1.0.so.0
#5  0x00007ffff1492fd8 in JSC::GCThread::gcThreadMain() ()
  from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-1.0.so.0
#6  0x00007ffff177c95a in ?? () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-1.0.so.0
#7  0x00007ffff6f596db in start_thread (arg=0x7fff8ce80700) at pthread_create.c:463
#8  0x00007ffff028f71f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 10 (Thread 0x7fff8d681700 (LWP 22710)):
#0  0x00007ffff6f60065 in futex_abstimed_wait_cancelable (private=<optimized out>, abstime=0x7fff8d680b30,  
   expected=0, futex_word=0x7fffdc8d927c) at ../sysdeps/unix/sysv/linux/futex-internal.h:205
#1  __pthread_cond_wait_common (abstime=0x7fff8d680b30, mutex=0x7fffdc8d9228, cond=0x7fffdc8d9250)
   at pthread_cond_wait.c:539
#2  __pthread_cond_timedwait (cond=0x7fffdc8d9250, mutex=0x7fffdc8d9228, abstime=0x7fff8d680b30)
   at pthread_cond_wait.c:667
#3  0x00007ffff1491938 in JSC::BlockAllocator::waitForDuration(std::chrono::duration<long, std::ratio<1l, 1000l> >)
() from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-1.0.so.0
#4  0x00007ffff14919f8 in JSC::BlockAllocator::blockFreeingThreadMain() ()
  from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-1.0.so.0
#5  0x00007ffff177c95a in ?? () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-1.0.so.0
#6  0x00007ffff6f596db in start_thread (arg=0x7fff8d681700) at pthread_create.c:463
#7  0x00007ffff028f71f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 9 (Thread 0x7fffdc876700 (LWP 22709)):
#0  0x00007ffff6f5fad3 in futex_wait_cancelable (private=<optimized out>, expected=0, futex_word=0x7fffdc881cec)
   at ../sysdeps/unix/sysv/linux/futex-internal.h:88
#1  __pthread_cond_wait_common (abstime=0x0, mutex=0x7fffdc881c98, cond=0x7fffdc881cc0) at pthread_cond_wait.c:502
#2  __pthread_cond_wait (cond=0x7fffdc881cc0, mutex=0x7fffdc881c98) at pthread_cond_wait.c:655
#3  0x00007ffff28a446b in ?? () from /usr/lib/x86_64-linux-gnu/libwebkitgtk-1.0.so.0
#4  0x00007ffff28a605d in ?? () from /usr/lib/x86_64-linux-gnu/libwebkitgtk-1.0.so.0
#5  0x00007ffff177c95a in ?? () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-1.0.so.0
#6  0x00007ffff6f596db in start_thread (arg=0x7fffdc876700) at pthread_create.c:463
#7  0x00007ffff028f71f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 8 (Thread 0x7fffdd179700 (LWP 22708)):
#0  0x00007ffff02527a0 in __GI___nanosleep (requested_time=requested_time@entry=0x7fffdd178b70,  
   remaining=remaining@entry=0x7fffdd178b70) at ../sysdeps/unix/sysv/linux/nanosleep.c:28
#1  0x00007ffff025267a in __sleep (seconds=0) at ../sysdeps/posix/sleep.c:55
#2  0x00007ffff1762314 in WTF::TCMalloc_PageHeap::scavengerThread() ()
  from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-1.0.so.0
#3  0x00007ffff1762399 in WTF::TCMalloc_PageHeap::runScavengerThread(void*) ()
  from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-1.0.so.0
#4  0x00007ffff6f596db in start_thread (arg=0x7fffdd179700) at pthread_create.c:463
#5  0x00007ffff028f71f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 5 (Thread 0x7fffdfa02700 (LWP 22705)):
#0  0x00007ffff0282cb9 in __GI___poll (fds=0xeee560, nfds=2, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1  0x00007ffff52716e9 in ?? () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007ffff5271a82 in g_main_loop_run () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007ffff560b2d6 in ?? () from /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0
#4  0x00007ffff52992a5 in ?? () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#5  0x00007ffff6f596db in start_thread (arg=0x7fffdfa02700) at pthread_create.c:463
#6  0x00007ffff028f71f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 4 (Thread 0x7fffe0203700 (LWP 22704)):
#0  0x00007ffff0282cb9 in __GI___poll (fds=0x7fffd801a050, nfds=2, timeout=-1)
   at ../sysdeps/unix/sysv/linux/poll.c:29
#1  0x00007ffff52716e9 in ?? () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007ffff52717fc in g_main_context_iteration () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007ffff5271841 in ?? () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x00007ffff52992a5 in ?? () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#5  0x00007ffff6f596db in start_thread (arg=0x7fffe0203700) at pthread_create.c:463
#6  0x00007ffff028f71f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 1 (Thread 0x7ffff7f8af00 (LWP 22697)):
#0  ____longjmp_chk () at ../sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S:130
#1  0x67fa6a8b124b7f41 in ?? ()
Backtrace stopped: Cannot access memory at address 0x6bf0ec8493d3f0ee


So clearly we are dealing with some kind of memory overrun/corruption. I hope you can fix the bug. I would also like to offer some feedback on how to avoid such problems as I believe this is the result of some poor decision making in the area of choosing the tools to do the job:

- Why in the world would you write a tool to download the the SDK in C++? A GUI tool in C++ - in addition to adding the extra development time has a problem of being dependent on many libraries. In this particular case, the number is 122. Those libraries change from distro to distro intoducting all kinds of instability. I would recommend that you write it in a scripting language like Python using either QT or GTK bindings.

- It would be very helpful if the GUI tool was a wrapper around a  command-line utility with well-documented interface. This way if GUI blows up, at least there is a command-line workaround to get the job done.

- Any reason the SDK manager could not be open-source? If it was, I would have sent you the fix for this already.

- How much testing did this go through before you released it? Ubuntu 18 is not that rare of system, should have been tested.

All in all, this type of experience is a big turn-off to a skilled engineer that is considering working for Garmin. A crash like this with no workaround short of changing the OS makes a skilled engineer do some thorough debugging which reveals not so thorough technical decisions behind the product. You cannot hide  it with closed source. And who would want to work on a team that produced this? I hope this forum exists because you sincerely desire to hear from the users rather than to just say you have a forum, and somebody at Garmin will do something to improve this situation.

 

  • Former Member
    Former Member over 3 years ago in reply to FlowState

    The reason I am developing a GC tool is that my potential customer base is very conservative in terms of what they run with, and they are very likely to  have a Garmin that they would not want to replace with something else. 

  • over 3 years ago in reply to Former Member

    Sure, the output is 

    lrwxrwxrwx 1 root root 27 dec 10  2019 /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0 -> libgtk-x11-2.0.so.0.2400.32
lrwxrwxrwx 1 root root 35 nov  7  2017 /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-1.0.so.0 -> libjavascriptcoregtk-1.0.so.0.16.19
lrwxrwxrwx 1 root root 27 nov  7  2017 /usr/lib/x86_64-linux-gnu/libwebkitgtk-1.0.so.0 -> libwebkitgtk-1.0.so.0.22.17

  • over 3 years ago in reply to Former Member

    Yeah that makes sense. I do find that "serious" runners are more likely to run with a Garmin, whereas casual runners are happy to run with an Apple Watch or just their phone. (Personally I can't imagine taking my phone with me on a run.)

    Then again most people aren't upgrading their Garmin every two years - lots of runners still have a 235. So even as the platform gets improvements and bug fixes, a lot of users could be left behind. I'm guessing that type of user isn't really interested in CIQ apps in the first place.

    Anecdotally, people seem to look at upgrading a Garmin in the opposite way that they look at upgrading their phone. Like if your phone is older than 2 years, some people think you're crazy, but at the same time, most people don't upgrade their Garmin every two years.

    TBH, even though I've upgraded my watch more often than most users, and made apps for myself, none of that has helped me become a faster runner (which is usually the goal). (I got faster, but not because of upgrading my Garmin or making apps.)

    Another thing I've heard from "serious" runners that I run with is "I don't even use all of these features". For me personally, navigation was a key reason I upgraded from a basic Garmin a few years ago, because I hated getting lost on long runs. There is a great CIQ app that provides nav functionality, but the native implementation was better.

    More recently, I got a watch with maps and music -- I can't say I "needed it", but the faster UI is nice.

    TL;DR, I don't know the specifics of your user base, but I wonder how many people really upgrade their Garmins just to get new features, once they're happy with what they have? As a counter-example, an Apple Watch has a ton of utility besides just being a running watch.

    I was talking about this with 2 co-workers (both under 30) - one of them was training for a marathon with his AW. The other co-worker and I were both wearing Garmins. The convo roughly went:

    - AW guy: "why do you wear a Garmin"

    - Me: "uh Garmins are to Apple Watches like a Kindle is to an iPad, physical buttons are better than a touchscreen during workouts, long battery life, readable screen in sunlight, etc."

    - Other coworker: "people wear Garmins because Garmins came out 'first'"

    The convo kind of went in a direction where the AW guy thought that runners who wear Garmin basically did so out of elitism. i.e. "Oh I guess I'm a f--in loser bc I don't wear a Garmin :("

    I've heard similar sentiments from ppl in the casual runner crowd who just run for likes. To them it doesn't make sense to buy a Garmin when they could run with their phone or buy an AW which can do a lot more than track your runs.

    All of that is to say, I hope Garmin can continue to attract newer customers, and not just people who run with a Garmin because that's what they're used to. Personally, if I wasn't a runner, I'd get an AW in a heartbeat. Unfortunately Garmin is really the only choice for a running watch with 5 buttons that has a well-supported ecosystem, afaik. (I've tried Garmin touchscreen watches and they're terrible in the rain, or in cold weather.)

    I do know a dude who always used to buy Fenix watches. Now he has a Coros Pace 2....

    Anyway, all of that is anecdotal. I haven't done any market research or anything, obviously.

  • over 3 years ago in reply to FlowState

    I guess all of that is to say, I really wish Garmin would appreciate its existing userbase (and dev base) a bit more, since there's a lot of people who don't even understand why you'd buy a Garmin in the first place.

    Also anecdotal, but another co-worker of mine said his wife owns a Garmin, and "it crashes if you breathe on it."

    There's got to some point when users just get fed up.

  • Former Member
    Former Member over 3 years ago in reply to FlowState

    My target is serious runners. Serious runners run in the rain a lot, and even when running in the rain they care to have their time recorded precisely. So touchscreen is not going to cut it, you need buttons that can withstand being pressed many times from odd angles and that are capable of accurately recording the press even after heavy use. It is surprising that relatively few products have this capability, and the ones that do do not seem to go out of their way to market it.

  • over 3 years ago in reply to Former Member
    Serious runners run in the rain a lot, and even when running in the rain they care to have their time recorded precisely. So touchscreen is not going to cut it, you need buttons that can withstand being pressed many times from odd angles and that are capable of accurately recording the press even after heavy use.

    I agree. That's one of the reasons I use a Garmin despite lots of misgivings. Garmin's own touchscreen watches (e.g. 630, Vivoactive 3 and Vivoactive 4) have had numerous complaints of issues in the rain and in cold weather (despite supposedly being designed for use with gloves). (I run all year round.)

    The VA3 is especially bad because unlike 630 and VA4, it doesn't have a dedicated physical lap button - you have to double tap to take a lap. It's bad enough that people have asked for a stopwatch app with special controls for VA3. e.g.:

    - Start / take lap = START button

    - Stop = Double tap

    Then again, I understand the Strava app for Apple Watch doesn't even allow you to take laps. (Although Apple Fitness lets you take laps with a double tap).

    It is surprising that relatively few products have this capability, and the ones that do do not seem to go out of their way to market it.

    Physical buttons aren't trendy or intuitive. (Especially Garmin's implementation. e.g. for 945, when editing a watchface, you press Start to switch between fields, and Up/Down to change the field's type. When editing a data screen, you press Up/Down to switch between fields, and Start to start changing the field's type.)

    Look at how companies market touchscreen consoles for cars: "When's the last time you saw a tablet with buttons haha". I see posts complaining about this trend, too.

    But then again, there's still physical buttons for important functions on the wheel. And gaming controllers still have physical buttons.

    I think it would be great to see the best of both worlds: a 5-button watch with (optional) touchscreen controls. I think a touchscreen would still be very handy for things like panning and zooming a map screen, for example. I think one of Garmin's competitors has a 5-button watch with touchscreen controls, but the touchscreen might be disabled during an activity.

    EDIT: I will also say that it seems the most serious of runners -- elites -- are probably happy to run with just a timex (unless they're being paid to promote a GPS running watch). I think one elite marathoner blogged about a bad experience with a GPS watch that provided unreliable pace, and how they felt they were better off with a simple timex. Even for the more "serious" hobby joggers like me, you often hear about running by feel or turning off your GPS to get a better workout. I like having a running watch because it helps me record my workouts and navigate long routes, but I'm not under any illusions that it makes me faster. (I guess if you were an elite and wanted to squeeze out that last 0.1% of improvement, you could try running by power or whatever.)

    TL;DR I really feel like a Garmin, Apple Watch or any other kind of fitness watch is really just a luxury. And the majority of runners just want something that gives them time, distance and pace, and lets them post their runs to Strava.

  • Former Member
    Former Member over 3 years ago

    I tracked down the root cause of the bug. The problem is that the following URL:

    https://sso.garmin.com/sso/signin?service=https%3A%2F%2Fsso.garmin.com%2Fsso%2Fembed&source=https%3A%2F%2Fsso.garmin.com%2Fsso%2Fembed&redirectAfterAccountLoginUrl=https%3A%2F%2Fsso.garmin.com%2Fsso%2Fembed&redirectAfterAccountCreationUrl=https%3A%2F%2Fsso.garmin.com%2Fsso%2Fembed&gauthHost=https%3A%2F%2Fsso.garmin.com%2Fsso&locale=en&id=gauth-widget&cssUrl=https%3A%2F%2Fdeveloper.garmin.com%2Fdownloads%2Fconnect-iq%2Fsdk-manager-login.css&clientId=ConnectIqSdkManager&rememberMeShown=false&rememberMeChecked=false&createAccountShown=true&openCreateAccount=false&displayNameShown=false&consumeServiceTicket=true&initialFocus=true&embedWidget=true&generateExtraServiceTicket=false&generateTwoExtraServiceTickets=false&generateNoServiceTicket=false&globalOptInShown=false&globalOptInChecked=false&mobile=false&connectLegalTerms=false&showTermsOfUse=false&showPrivacyPolicy=false&showConnectLegalAge=false&locationPromptShown=false&showPassword=true&useCustomHeader=false&mfaRequired=false&performMFACheck=false&rememberMyBrowserShown=false&rememberMyBrowserChecked=false

    returns error 500 on login info POST if the user agent is 

    Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/538.15 (KHTML, like Gecko) Version/8.0 Safari/538.15

    which is what libwebkitgtk-1.0 sets it to on Ubuntu 18.

    If we set the user agent to just Mozilla/5.0, the login works.

    I was able to get my SDK manager to work by compiling my own libwebkit-1.0 modified to set the user agent to just Mozilla/5.0, which you can download from http://asksasha.com/garmin/libwebkitgtk-1.0.so.0, put it in ~/garmin-hack/
    then LD_LIBARARY_PATH=~/garmin-hack/ ~/garmin-sdk/bin/sdkmanager

    and was able to log in and download SDK 4.0.6.

    This makes it a nice job interview or capture the flag challenge - get SDK Manager 4.0.6 to work on Ubuntu 18 :-) To succeed, I had to apply the following skills on the level that some will consider advanced:

    - C++

    - GDB

    - Valgrind internals

    - x86 assembly

    - Understanding of how Linux loads shared libraries

    - TCP/IP

    - HTTP(S)

    - Creative reverse engineering

    The part that was particularly fun was figuring out what is in the body on HTTPS request that the sdkmanager was sending to the server. After some trial and error I figured out it was using gnutls library, set a breakpoint in gnutls_record_send, poked around with disassembly, and discovered that the pointer to the request body was in the rsi register. After that I reconstructed the request in the form of a curl command, and tried removing different headers until I got to User-agent, and then it worked.

    Another bug is that the error handler structure for the failed request is not properly set up, so as a result on error libwebgtk error handler tries to longjmp to an invalid address. So if login gets an HTTP error status it briefly shows the error page, but then quickly segfaults.

    But if Garmin is listening, the real fix is very simple - do not crash when parsing the user agent in your server code.

  • over 3 years ago in reply to Former Member

    Understand you might only be at step 1, as if you now have the SDK, you probably want to check other things like the simulator, ERA viewer, MonkeyGraph, and MonkeyMotion.

  • Former Member
    Former Member over 3 years ago in reply to jim_m_58

    Visual Studio works, compiles, runs the app in the simulator.