Bug 205731 - gam_server segfault in gam_queue_event
gam_server segfault in gam_queue_event
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: gamin (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Alexander Larsson
:
Depends On:
Blocks: FC6Blocker
  Show dependency treegraph
 
Reported: 2006-09-08 05:12 EDT by Denis Leroy
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-09-08 08:51:41 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
Core file from /usr/libexec/gam_server (312.00 KB, application/octet-stream)
2006-09-08 05:12 EDT, Denis Leroy
no flags Details

  None (edit)
Description Denis Leroy 2006-09-08 05:12:10 EDT
On my freshly updated Rawhide VM, found attached core file from
/usr/libexec/gam_server. This is gamin 0.1.7-6.fc6.

(gdb) bt
#0  0x08050eda in gam_queue_event (conn=0x1, reqno=7, event=32, 
    path=0x8bb8368 "fedora-soundconverter.desktop;45012a5b", len=38) at
gam_connection.c:631
#1  0x0804b3b9 in gam_server_emit_one_event (
    path=0x8bb8350
"/usr/share/applications/fedora-soundconverter.desktop;45012a5b", 
    node_is_dir=1, event=GAMIN_EVENT_CREATED, sub=0x8bb0ec0, force=1) at
gam_server.c:346
#2  0x08052a47 in gam_inotify_event_callback (
    fullpath=0x8bb8350
"/usr/share/applications/fedora-soundconverter.desktop;45012a5b", mask=256, 
    subdata=0x8bb0ec0) at gam_inotify.c:135
#3  0x08053310 in ih_event_callback (event=0x8bb5340, sub=0x8bb0e50) at
inotify-helper.c:213
#4  0x08055433 in ip_event_dispatch (dir_list=0x8bae520, pair_dir_list=0x0,
event=0x8bb5340)
    at inotify-path.c:325
#5  0x080555a3 in ip_event_callback (event=0x8bb5340) at inotify-path.c:375
#6  0x08054563 in ik_process_eq_callback (user_data=0x0) at inotify-kernel.c:673
#7  0x0093c916 in g_source_get_current_time () from /lib/libglib-2.0.so.0
#8  0x0093c342 in g_main_context_dispatch () from /lib/libglib-2.0.so.0
#9  0x0093f31f in g_main_context_check () from /lib/libglib-2.0.so.0
#10 0x0093f6c9 in g_main_loop_run () from /lib/libglib-2.0.so.0
#11 0x0804bafd in main (argc=1, argv=0xbfe1ee24) at gam_server.c:647
#12 0x0077ff2c in __libc_start_main () from /lib/libc.so.6
#13 0x0804a311 in _start ()

The path argument ("soundconverter.desktop") was from a built RPM I was
installing at the time. Will try to reproduce and post more info.
Comment 1 Denis Leroy 2006-09-08 05:12:10 EDT
Created attachment 135831 [details]
Core file from /usr/libexec/gam_server
Comment 2 Alexander Larsson 2006-09-08 07:19:51 EDT
Seems inotify related. John, got any idea about this one?
Comment 3 Alexander Larsson 2006-09-08 07:22:10 EDT
It fails on the line:
	g_assert (conn->eq);

But it doesn't actually call into the assert, so i guess the problem is
dereferenceing conn. Maybe we can actually believe the conn=0x1 part from gdb.
Comment 4 Alexander Larsson 2006-09-08 07:25:48 EDT
Actually, it seems like sub->listener points to some bogus memory area in
gam_server_emit_one_event(). (Although sub itself seems to be ok):
Comment 5 Alexander Larsson 2006-09-08 07:59:36 EDT
running gam_server in valgrind immediately turned up this:
 static
 gchar *ih_sub_get_filename (gchar *pathname)
 {
-       gchar *out;
-       // FIXME: return filename here
-       return out;
+       return g_path_get_basename (pathname);
 }

I dunno if that is the cause of the problem though.
Comment 6 Alexander Larsson 2006-09-08 08:51:41 EDT
There were some other bugs too. I fixed them in upstream cvs and in
gamin-0.1.7-7.fc6.
Comment 7 Alexander Larsson 2006-09-08 08:54:23 EDT
This fixed a lot more of the gamin test suite too...
Comment 8 Denis Leroy 2006-09-08 08:57:59 EDT
Thanks for the quick response.
Comment 9 John McCutchan 2006-09-08 11:51:55 EDT
Wow, I totally missed that when I committed. Thanks for the quick fix!

Note You need to log in before you can comment on or make changes to this bug.