609187 – [abrt] dconf-0.4.1-1: raise: Process /usr/libexec/dconf-service was killed by signal 6 (SIGABRT)

Bug 609187 - [abrt] dconf-0.4.1-1: raise: Process /usr/libexec/dconf-service was killed by signal 6 (SIGABRT)

Summary: [abrt] dconf-0.4.1-1: raise: Process /usr/libexec/dconf-service was killed by...

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	dconf
Sub Component:
Version:	rawhide
Hardware:	x86_64
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	---
Assignee:	Matthias Clasen
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:	abrt_hash:351f962a96b7f7558eae66b02ec...
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2010-06-29 15:38 UTC by Matthew Garrett
Modified:	2013-01-10 07:51 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2010-07-12 17:44:02 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
File: backtrace (13.54 KB, text/plain) 2010-06-29 15:38 UTC, Matthew Garrett	no flags	Details
Plausible fix (847 bytes, patch) 2010-06-29 19:36 UTC, Matthew Garrett	no flags	Details \| Diff
Fixed patch (853 bytes, patch) 2010-06-29 20:22 UTC, Matthew Garrett	no flags	Details \| Diff
Show Obsolete (1) View All

Description Matthew Garrett 2010-06-29 15:38:16 UTC

abrt version: 1.1.5
architecture: x86_64
Attached file: backtrace
cmdline: /usr/libexec/dconf-service
component: dconf
crash_function: raise
executable: /usr/libexec/dconf-service
global_uuid: 351f962a96b7f7558eae66b02ecc2909ecff182a
kernel: 2.6.35-0.2.rc3.git0.fc14.x86_64
package: dconf-0.4.1-1
rating: 2
reason: Process /usr/libexec/dconf-service was killed by signal 6 (SIGABRT)
release: Fedora release 14 (Rawhide)
time: 1277825776
uid: 500

How to reproduce
-----
Running gsettings-data-convert gives the following output:

Failed to get GConf key '"d"> = /apps/gnome-power-manager/backlight/brightness_ac': Bad key or directory name: ""d"> = /apps/gnome-power-manager/backlight/brightness_ac": Must begin with a slash '/'
*** glibc detected *** gsettings-data-convert: realloc(): invalid next size: 0x00000000016291e0 ***

and then dconf crashes. gsettings-data-convert then hangs.

Comment 1 Matthew Garrett 2010-06-29 15:38:18 UTC

Created attachment 427713 [details]
File: backtrace

Comment 2 Matthew Garrett 2010-06-29 19:36:39 UTC

Created attachment 427769 [details]
Plausible fix

We reallocate length+1, but converted is an array of gchar * and so we walk off the end of the array.

Comment 3 Matthew Garrett 2010-06-29 20:00:42 UTC

Hm. Confused now. This seems to work if I run the libtool-provided shell script for gsettings-data-convert, but not if I run the actual binary that gets built.

Comment 4 Matthew Garrett 2010-06-29 20:22:17 UTC

Created attachment 427787 [details]
Fixed patch

Oh, because I'm an idiot. This one seems to work better.

Comment 5 Matthias Clasen 2010-07-12 17:44:02 UTC

Committed this upstream now, thanks.

Note You need to log in before you can comment on or make changes to this bug.