Compositor crashes when switching tty

Matteo Valdina matteo.valdina at gmail.com
Wed May 29 02:53:54 UTC 2019 

As valgrind pointing out at shell.c line 982

shell = zalloc (sizeof (shell));

Here you are allocating the pointer size not the structure size. You
probably want type Shell.

Best
Matteo

On Tue, May 28, 2019 at 9:36 PM adlo <adloconwy at gmail.com> wrote:

> On Tue, 2019-05-28 at 13:38 -0400, Adam Jackson wrote:
> > On Tue, 2019-05-28 at 08:26 +0100, adlo wrote:
> > > When switching tty, my compositor crashes with error messages such
> > > as
> > >
> > > free (): invalid size Aborted (core dumped)
> > > or
> > > malloc (): invalid chunk size
> >
> > This means something is corrupting the malloc arena metadata. Run
> > your
> > compositor under valgrind and fix what it complains about.
> >
>
> Here is the valgrind output:
>
> ==15641== Memcheck, a memory error detector
> ==15641== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et
> al.
> ==15641== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright
> info
> ==15641== Command: src/xfway
> ==15641== Parent PID: 7074
> ==15641==
> ==15641== Invalid write of size 8
> ==15641==    at 0x404604: launch_desktop_shell_process (shell.c:961)
> ==15641==    by 0x48822D2: wl_event_loop_dispatch_idle (in
> /usr/lib64/libwayland-server.so.0.1.0)
> ==15641==    by 0x4882327: wl_event_loop_dispatch (in
> /usr/lib64/libwayland-server.so.0.1.0)
> ==15641==    by 0x4880F24: wl_display_run (in /usr/lib64/libwayland-
> server.so.0.1.0)
> ==15641==    by 0x403A47: main (main-wayland.c:626)
> ==15641==  Address 0x8f21c58 is 0 bytes after a block of size 8 alloc'd
> ==15641==    at 0x483AB1A: calloc (vg_replace_malloc.c:762)
> ==15641==    by 0x4052C2: zalloc (zalloc.h:38)
> ==15641==    by 0x4052C2: xfway_server_shell_init (shell.c:982)
> ==15641==    by 0x403A37: main (main-wayland.c:623)
> ==15641==
> ==15641== Invalid write of size 8
> ==15641==    at 0x40460D: launch_desktop_shell_process (shell.c:968)
> ==15641==    by 0x48822D2: wl_event_loop_dispatch_idle (in
> /usr/lib64/libwayland-server.so.0.1.0)
> ==15641==    by 0x4882327: wl_event_loop_dispatch (in
> /usr/lib64/libwayland-server.so.0.1.0)
> ==15641==    by 0x4880F24: wl_display_run (in /usr/lib64/libwayland-
> server.so.0.1.0)
> ==15641==    by 0x403A47: main (main-wayland.c:626)
> ==15641==  Address 0x8f21c78 is 24 bytes after a block of size 16 in
> arena "client"
> ==15641==
> ==15641== Invalid write of size 8
> ==15641==    at 0x4884AB8: wl_list_insert (in /usr/lib64/libwayland-
> server.so.0.1.0)
> ==15641==    by 0x48822D2: wl_event_loop_dispatch_idle (in
> /usr/lib64/libwayland-server.so.0.1.0)
> ==15641==    by 0x4882327: wl_event_loop_dispatch (in
> /usr/lib64/libwayland-server.so.0.1.0)
> ==15641==    by 0x4880F24: wl_display_run (in /usr/lib64/libwayland-
> server.so.0.1.0)
> ==15641==    by 0x403A47: main (main-wayland.c:626)
> ==15641==  Address 0x8f21c68 is 16 bytes after a block of size 8
> alloc'd
> ==15641==    at 0x483AB1A: calloc (vg_replace_malloc.c:762)
> ==15641==    by 0x4052C2: zalloc (zalloc.h:38)
> ==15641==    by 0x4052C2: xfway_server_shell_init (shell.c:982)
> ==15641==    by 0x403A37: main (main-wayland.c:623)
> ==15641==
>
> valgrind: m_mallocfree.c:305 (get_bszB_as_is): Assertion 'bszB_lo ==
> bszB_hi' failed.
> valgrind: Heap block lo/hi size mismatch: lo = 80, hi = 4211536.
> This is probably caused by your program erroneously writing past the
> end of a heap block and corrupting heap metadata.  If you fix any
> invalid writes reported by Memcheck, this assertion failure will
> probably go away.  Please try that before reporting this as a bug.
>
>
> host stacktrace:
> ==15641==    at 0x58046F6A: ??? (in /usr/libexec/valgrind/memcheck-
> amd64-linux)
> ==15641==    by 0x58047097: ??? (in /usr/libexec/valgrind/memcheck-
> amd64-linux)
> ==15641==    by 0x5804723B: ??? (in /usr/libexec/valgrind/memcheck-
> amd64-linux)
> ==15641==    by 0x580513A3: ??? (in /usr/libexec/valgrind/memcheck-
> amd64-linux)
> ==15641==    by 0x5803DD8A: ??? (in /usr/libexec/valgrind/memcheck-
> amd64-linux)
> ==15641==    by 0x5803CC8F: ??? (in /usr/libexec/valgrind/memcheck-
> amd64-linux)
> ==15641==    by 0x58041E04: ??? (in /usr/libexec/valgrind/memcheck-
> amd64-linux)
> ==15641==    by 0x5803C0C8: ??? (in /usr/libexec/valgrind/memcheck-
> amd64-linux)
> ==15641==    by 0x1002D09984: ???
> ==15641==    by 0x1002BA5F2F: ???
> ==15641==    by 0x1002BA5F17: ???
> ==15641==    by 0x1002BA5F2F: ???
> ==15641==    by 0x1002BA5F3F: ???
>
> sched status:
>   running_tid=1
>
> Thread 1: status = VgTs_Runnable (lwpid 15641)
> ==15641==    at 0x4884ABB: wl_list_insert (in /usr/lib64/libwayland-
> server.so.0.1.0)
> ==15641==    by 0x48822D2: wl_event_loop_dispatch_idle (in
> /usr/lib64/libwayland-server.so.0.1.0)
> ==15641==    by 0x4882327: wl_event_loop_dispatch (in
> /usr/lib64/libwayland-server.so.0.1.0)
> ==15641==    by 0x4880F24: wl_display_run (in /usr/lib64/libwayland-
> server.so.0.1.0)
> ==15641==    by 0x403A47: main (main-wayland.c:626)
> client stack range: [0x1FFEFF5000 0x1FFF000FFF] client SP: 0x1FFEFFF6C8
> valgrind stack range: [0x1002AA6000 0x1002BA5FFF] top usage: 8360 of
> 1048576
>
> Thread 2: status = VgTs_WaitSys syscall 202 (lwpid 15659)
> ==15641==    at 0x57A54E5: pthread_cond_wait@@GLIBC_2.3.2 (in
> /usr/lib64/libpthread-2.29.so)
> ==15641==    by 0x6ECC5DA: ??? (in /usr/lib64/dri/i965_dri.so)
> ==15641==    by 0x6ECC31A: ??? (in /usr/lib64/dri/i965_dri.so)
> ==15641==    by 0x579F5A1: start_thread (in /usr/lib64/libpthread-
> 2.29.so)
> ==15641==    by 0x58B3162: clone (in /usr/lib64/libc-2.29.so)
> client stack range: [0x7B2D000 0x832BFFF] client SP: 0x832B9F0
> valgrind stack range: [0x1005BC0000 0x1005CBFFFF] top usage: 2936 of
> 1048576
>
>
> Note: see also the FAQ in the source distribution.
> It contains workarounds to several common problems.
> In particular, if Valgrind aborted or crashed after
> identifying problems in your program, there's a good chance
> that fixing those problems will prevent Valgrind aborting or
> crashing, especially if it happened in m_mallocfree.c.
>
> If that doesn't help, please report this bug to: www.valgrind.org
>
> In the bug report, send all the above text, the valgrind
> version, and what OS and version you are using.  Thanks.
>
> _______________________________________________
> wayland-devel mailing list
> wayland-devel at lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/wayland-devel



-- 
“There are two ways of constructing a software design: One way is to make
it so simple that there are obviously no deficiencies, and the other way is
to make it so complicated that there are no obvious deficiencies. The first
method is far more difficult.”
- Tony Hoare
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/wayland-devel/attachments/20190528/7e6374df/attachment-0001.html>

More information about the wayland-devel mailing list