Invalid read of size 1

Bug #988873 reported by Sebastien Bacher
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Compiz
Triaged
High
Unassigned
Compiz Configuration Library
Triaged
High
Unassigned
libcompizconfig (Ubuntu)
Triaged
High
Unassigned

Bug Description

Running current precise with the first SRU candidate from unity staging I see those errors in valgrind:

==4260== Invalid read of size 1
==4260== at 0x402C28C: index (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==4260== by 0x53F0758: valueChanged (string2.h:1227)
==4260== by 0x56E04E7: notify_listeners_callback (gconf-client.c:2810)
==4260== by 0x56D65AE: gconf_listeners_notify (gconf-listeners.c:590)
==4260== by 0x56E3CB6: notify_one_entry (gconf-client.c:2835)
==4260== by 0x56E3D96: notify_idle_callback (gconf-client.c:2875)
==4260== by 0x45F673F: g_idle_dispatch (gmain.c:4634)
==4260== by 0x45F8CD9: g_main_context_dispatch (gmain.c:2515)
==4260== by 0x45F90E4: g_main_context_iterate.isra.21 (gmain.c:3123)
==4260== by 0x45F91C0: g_main_context_iteration (gmain.c:3184)
==4260== by 0x53F12EB: processEvents (gconf.c:1918)
==4260== by 0x542C7DE: ccsProcessEvents (main.c:2037)
==4260== by 0x403B34A: CcpScreen::timeout() (in /usr/lib/compiz/libccp.so)
==4260== by 0x403B620: boost::detail::function::function_obj_invoker0<boost::_bi::bind_t<bool, boost::_mfi::mf0<bool, CcpScreen>, boost::_bi::list1<boost::_bi::value<CcpScreen*> > >, bool>::invoke(boost::detail::function::function_buffer&) (in /usr/lib/compiz/libccp.so)
==4260== by 0x40D2412: CompTimer::triggerCallback() (function_template.hpp:1013)
==4260== by 0x40D2520: CompTimeoutSource::callback() (timer.cpp:150)
==4260== by 0x40D2631: sigc::internal::slot_call0<sigc::bound_mem_functor0<bool, CompTimeoutSource>, bool>::call_it(sigc::internal::slot_rep*) (mem_fun.h:1787)
==4260== by 0x40D17AE: CompTimeoutSource::dispatch(sigc::slot_base*) (slot.h:440)
==4260== by 0x4586470: Glib::Source::dispatch_vfunc(_GSource*, int (*)(void*), void*) (main.cc:956)
==4260== by 0x45F8CD9: g_main_context_dispatch (gmain.c:2515)
==4260== by 0x45F90E4: g_main_context_iterate.isra.21 (gmain.c:3123)
==4260== by 0x45F952A: g_main_loop_run (gmain.c:3317)
==4260== by 0x42264D2: (below main) (libc-start.c:226)
==4260== Address 0x6fc5b5f is 0 bytes after a block of size 15 alloc'd
==4260== at 0x402BE68: malloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==4260== by 0x45FE96A: standard_malloc (gmem.c:85)
==4260== by 0x45FEE02: g_malloc (gmem.c:159)
==4260== by 0x4614B8A: g_strdup (gstrfuncs.c:356)
==4260== by 0x56DCF95: gconf_entry_new (gconf-value.c:1482)
==4260== by 0x56DCFFE: gconf_entry_copy (gconf-value.c:1548)
==4260== by 0x56DF077: gconf_client_cache (gconf-client.c:2339)
==4260== by 0x56E085A: notify_from_server_callback (gconf-client.c:424)
==4260== by 0x56E5959: gconf_dbus_message_filter (gconf-dbus.c:690)
==4260== by 0x5884440: dbus_connection_dispatch (dbus-connection.c:4603)
==4260== by 0x58579AC: ??? (in /usr/lib/i386-linux-gnu/libdbus-glib-1.so.2.2.2)
==4260== by 0x45F8CD9: g_main_context_dispatch (gmain.c:2515)
==4260== by 0x45F90E4: g_main_context_iterate.isra.21 (gmain.c:3123)
==4260== by 0x45F91C0: g_main_context_iteration (gmain.c:3184)
==4260== by 0x53F12EB: processEvents (gconf.c:1918)
==4260== by 0x542C7DE: ccsProcessEvents (main.c:2037)
==4260== by 0x403B34A: CcpScreen::timeout() (in /usr/lib/compiz/libccp.so)
==4260== by 0x403B620: boost::detail::function::function_obj_invoker0<boost::_bi::bind_t<bool, boost::_mfi::mf0<bool, CcpScreen>, boost::_bi::list1<boost::_bi::value<CcpScreen*> > >, bool>::invoke(boost::detail::function::function_buffer&) (in /usr/lib/compiz/libccp.so)
==4260== by 0x40D2412: CompTimer::triggerCallback() (function_template.hpp:1013)
==4260== by 0x40D2520: CompTimeoutSource::callback() (timer.cpp:150)
==4260== by 0x40D2631: sigc::internal::slot_call0<sigc::bound_mem_functor0<bool, CompTimeoutSource>, bool>::call_it(sigc::internal::slot_rep*) (mem_fun.h:1787)
==4260== by 0x40D17AE: CompTimeoutSource::dispatch(sigc::slot_base*) (slot.h:440)
==4260== by 0x4586470: Glib::Source::dispatch_vfunc(_GSource*, int (*)(void*), void*) (main.cc:956)
==4260== by 0x45F8CD9: g_main_context_dispatch (gmain.c:2515)
==4260== by 0x45F90E4: g_main_context_iterate.isra.21 (gmain.c:3123)
==4260== by 0x45F952A: g_main_loop_run (gmain.c:3317)
==4260== by 0x42264D2: (below main) (libc-start.c:226)

Revision history for this message
Sebastien Bacher (seb128) wrote :

Could be the same issue than bug #932382

it seems like http://bazaar.launchpad.net/~compiz-team/compiz-libcompizconfig/0.9.5/revision/430 is not in precise though...is that an oversight or was it kept out of a reason?

affects: compizconfig-backend-gconf (Ubuntu) → libcompizconfig (Ubuntu)
Changed in libcompizconfig (Ubuntu):
importance: Undecided → High
Revision history for this message
Daniel van Vugt (vanvugt) wrote :

That looks like it might still be a different bug.

Changed in compiz-libcompizconfig:
status: New → Triaged
importance: Undecided → High
Changed in libcompizconfig (Ubuntu):
status: New → Triaged
Changed in compiz:
importance: Undecided → High
status: New → Triaged
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers