GNOME Bugzilla – Bug 789464
Invalid read valgrind error in got_screen_proxy_cb
Last modified: 2018-02-20 10:18:48 UTC
Using g-c-c 3.26.1 and just opening the different panels under valgrind that error got listed ==10978== Invalid read of size 8 ==10978== at 0x1A8C16: got_screen_proxy_cb (cc-power-panel.c:1081) ==10978== by 0xC0D1202: g_task_return_now (gtask.c:1145) ==10978== by 0xC0D1C25: g_task_return (gtask.c:1203) ==10978== by 0xC110297: init_second_async_cb (gdbusproxy.c:1810) ==10978== by 0xC0D1202: g_task_return_now (gtask.c:1145) ==10978== by 0xC0D1C25: g_task_return (gtask.c:1203) ==10978== by 0xC10FCB7: async_init_start_service_by_name_cb (gdbusproxy.c:1646) ==10978== by 0xC0D1202: g_task_return_now (gtask.c:1145) ==10978== by 0xC0D1C25: g_task_return (gtask.c:1203) ==10978== by 0xC104C88: g_dbus_connection_call_done (gdbusconnection.c:5720) ==10978== by 0xC0D1202: g_task_return_now (gtask.c:1145) ==10978== by 0xC0D1238: complete_in_idle_cb (gtask.c:1159) ==10978== Address 0x31bf5228 is 776 bytes inside a block of size 792 free'd ==10978== at 0x4C30D3B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==10978== by 0xC415AE2: g_type_free_instance (gtype.c:1937) ==10978== by 0xA788A1B: gtk_box_forall (gtkbox.c:2671) ==10978== by 0xA7D3B0D: gtk_container_destroy (gtkcontainer.c:1700) ==10978== by 0xC3F0F9C: g_closure_invoke (gclosure.c:804) ==10978== by 0xC403E51: signal_emit_unlocked_R (gsignal.c:3751) ==10978== by 0xC40C4B4: g_signal_emit_valist (gsignal.c:3391) ==10978== by 0xC40CECE: g_signal_emit (gsignal.c:3447) ==10978== by 0xA9EFD5B: gtk_widget_dispose (gtkwidget.c:12070) ==10978== by 0xC3F5E42: g_object_unref (gobject.c:3293) ==10978== by 0xA7D2038: gtk_container_remove (gtkcontainer.c:1909) ==10978== by 0x16430B: cc_window_set_active_panel_from_id.isra.2 (cc-window.c:445) ==10978== Block was alloc'd at ==10978== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==10978== by 0xC685578: g_malloc (gmem.c:94) ==10978== by 0xC69D0F5: g_slice_alloc (gslice.c:1025) ==10978== by 0xC69D588: g_slice_alloc0 (gslice.c:1051) ==10978== by 0xC4157E5: g_type_create_instance (gtype.c:1839) ==10978== by 0xC3F65E7: g_object_new_internal (gobject.c:1797) ==10978== by 0xC3F845F: g_object_new_valist (gobject.c:2120) ==10978== by 0xC3F87D8: g_object_new (gobject.c:1640) ==10978== by 0x1640FF: activate_panel (cc-window.c:130) ==10978== by 0x1640FF: cc_window_set_active_panel_from_id.isra.2 (cc-window.c:432) ==10978== by 0xC3F3B60: g_cclosure_marshal_VOID__STRINGv (gmarshal.c:1794) ==10978== by 0xC3F11D5: _g_closure_invoke_va (gclosure.c:867) ==10978== by 0xC40C79E: g_signal_emit_valist (gsignal.c:3300)
Created attachment 368613 [details] [review] power: Fix crash when panel is closed quickly Another use-after-free on cancellation crash. #0 g_type_check_instance_cast (type_instance=type_instance@entry=0x1eac3c0, iface_type=32150864) at /glib/gobject/gtype.c:4057 #1 0x0000000000494077 in got_screen_proxy_cb (source_object=<optimized out>, res=0x1eceab0, user_data=user_data@entry=0x1eac3c0) at panels/power/cc-power-panel.c:1083