Bug 1656518
| Summary: | [abrt] fprintd: g_malloc0(): fprintd killed by SIGTRAP | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | lray+redhatbugzilla | ||||||||||||||||||||||||||
| Component: | libfprint | Assignee: | Bastien Nocera <bnocera> | ||||||||||||||||||||||||||
| Status: | CLOSED UPSTREAM | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||||||||||||||||||||||
| Severity: | unspecified | Docs Contact: | |||||||||||||||||||||||||||
| Priority: | unspecified | ||||||||||||||||||||||||||||
| Version: | 29 | CC: | bnocera | ||||||||||||||||||||||||||
| Target Milestone: | --- | ||||||||||||||||||||||||||||
| Target Release: | --- | ||||||||||||||||||||||||||||
| Hardware: | x86_64 | ||||||||||||||||||||||||||||
| OS: | Unspecified | ||||||||||||||||||||||||||||
| URL: | https://retrace.fedoraproject.org/faf/reports/bthash/529a34bd58acf4fb10d0f78c3d84960f5f729d8f | ||||||||||||||||||||||||||||
| Whiteboard: | abrt_hash:b55ac7cefaa3cbae3d35564190e88ffe5c3fac96;VARIANT_ID=workstation; | ||||||||||||||||||||||||||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |||||||||||||||||||||||||||
| Doc Text: | Story Points: | --- | |||||||||||||||||||||||||||
| Clone Of: | Environment: | ||||||||||||||||||||||||||||
| Last Closed: | 2018-12-06 10:08:03 UTC | Type: | --- | ||||||||||||||||||||||||||
| Regression: | --- | Mount Type: | --- | ||||||||||||||||||||||||||
| Documentation: | --- | CRM: | |||||||||||||||||||||||||||
| Verified Versions: | Category: | --- | |||||||||||||||||||||||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||||||||||||||||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||||||||||||||||||||||
| Embargoed: | |||||||||||||||||||||||||||||
| Attachments: |
|
||||||||||||||||||||||||||||
|
Description
lray+redhatbugzilla
2018-12-05 16:53:39 UTC
Created attachment 1511794 [details]
File: backtrace
Created attachment 1511795 [details]
File: cgroup
Created attachment 1511796 [details]
File: core_backtrace
Created attachment 1511797 [details]
File: cpuinfo
Created attachment 1511798 [details]
File: dso_list
Created attachment 1511799 [details]
File: environ
Created attachment 1511800 [details]
File: limits
Created attachment 1511801 [details]
File: maps
Created attachment 1511802 [details]
File: mountinfo
Created attachment 1511803 [details]
File: open_fds
Created attachment 1511804 [details]
File: proc_pid_status
Created attachment 1511805 [details]
File: var_log_messages
Looks like a integer overflow in the assembling functions:
msg_alloc = 0x56415598dd30 "gmem.c:135: failed to allocate 18446744073709551612 bytes"
#4 0x00007f4ea042702a in g_malloc0 (n_bytes=n_bytes@entry=18446744073709551612) at gmem.c:134
mem = <optimized out>
#5 0x00007f4ea07b1afb in median_filter (filtersize=25, size=-1, data=0x0) at ../libfprint/assembling.c:317
i = <optimized out>
result = <optimized out>
sortbuf = <optimized out>
i = <optimized out>
result = <optimized out>
sortbuf = <optimized out>
i1 = <optimized out>
i2 = <optimized out>
#6 fpi_assemble_lines (ctx=ctx@entry=0x7f4ea08163c0 <assembling_ctx>, lines=0x56415598d790, lines_len=1) at ../libfprint/assembling.c:400
i = 0
row1 = 0x56415598d790
row2 = <optimized out>
y = 0
line_ind = 0
offsets = 0x0
output = 0x5641559cfed0 ""
img = <optimized out>
__func__ = "fpi_assemble_lines"
Ultimately it's a bug in the vfs5011 driver though, which is a device I don't have access to.
The crasher fix is here, and will be in the next version of libfprint:
https://gitlab.freedesktop.org/libfprint/libfprint/merge_requests/37
This is the driver bug:
https://gitlab.freedesktop.org/libfprint/libfprint/issues/135
Hi Bastien, that's great news. Thanks for taking care within a really timely manner. Cheers from Cologne, L. |