[Xcb] [Bug 32072] libx11-1.4 may cause xbindkeys to crash

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Fri Dec 3 07:43:19 PST 2010


https://bugs.freedesktop.org/show_bug.cgi?id=32072

--- Comment #3 from Peter Harris <peter.harris at hummingbird.com> 2010-12-03 07:43:19 PST ---
The stack trace does include xcb, but the crash happens inside malloc(). That
usually suggests a heap smash somewhere else in the app, and not in the
immediate stack trace.

Any of the below from the valgrind trace could be the cause. I suggest fixing
these in xbindkeys first.

(The only one potentially benign is the conditional jump depending on an
uninitialized value, if the results of the compare are guaranteed to be thrown
away, as in zlib. I would suggest, however, that most people aren't as smart as
Mark Adler and shouldn't try to outwit the computer in this fashion.)

==5777== Conditional jump or move depends on uninitialised value(s)
==5777==    at 0x80498E2: ??? (in /usr/bin/xbindkeys)
==5777==    by 0x41C1D25: invoke_main_func (in /usr/lib/libguile.so.17.3.1)

==5777== Invalid write of size 1
==5777==    at 0x40251BD: strncat (in
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==5777==    by 0x8049627: ??? (in /usr/bin/xbindkeys)
==5777==    by 0x8049BD9: ??? (in /usr/bin/xbindkeys)
==5777==    by 0x41C1D25: invoke_main_func (in /usr/lib/libguile.so.17.3.1)

==5777== Invalid write of size 1
==5777==    at 0x40251CB: strncat (in
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==5777==    by 0x8049627: ??? (in /usr/bin/xbindkeys)
==5777==    by 0x8049BD9: ??? (in /usr/bin/xbindkeys)
==5777==    by 0x41C1D25: invoke_main_func (in /usr/lib/libguile.so.17.3.1)

==5777== Invalid read of size 1
==5777==    at 0x40270A0: putenv (in
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==5777==    by 0x804962F: ??? (in /usr/bin/xbindkeys)
==5777==    by 0x8049BD9: ??? (in /usr/bin/xbindkeys)
==5777==    by 0x41C1D25: invoke_main_func (in /usr/lib/libguile.so.17.3.1)

==5785== Syscall param execve(envp[i]) points to unaddressable byte(s)
==5785==    at 0x42F377F: execve (in /lib/libc-2.12.1.so)
==5785==    by 0x42F3BEE: execvp (in /lib/libc-2.12.1.so)
==5785==  Address 0x457e043 is 0 bytes after a block of size 11 alloc'd
==5785==    at 0x4024A18: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)

-- 
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the Xcb mailing list