! Please note that this is a snapshot of our old Bugzilla server, which is read only since May 29, 2020. Please go to gitlab.xfce.org for our new server !
crash in xfce4-xkb-plugin-0.5.3.3-3.fc13: IA__gtk_tree_model_get_valist: Proc...
Status:
RESOLVED: FIXED
Priority:
Medium
Severity:
major
Product:
Xfce4-xkb-plugin
Component:
General

Comments

Description Christoph Wickert editbugs 2010-05-28 19:26:09 CEST 
Created attachment 2998 
backtrace of the crash

Forwarded from https://bugzilla.redhat.com/show_bug.cgi?id=597207

abrt 1.1.1 detected a crash.

architecture: x86_64
Attached file: backtrace
cmdline: /usr/libexec/xfce4/panel-plugins/xfce4-xkb-plugin socket_id 25165875
name xkb-plugin id 12632952080 display_name 'Keyboard Layouts' size 26
screen_position 2
comment: it doesn't crash If I choose keyboard model and set the "change layout
option"
component: xfce4-xkb-plugin
crash_function: IA__gtk_tree_model_get_valist
executable: /usr/libexec/xfce4/panel-plugins/xfce4-xkb-plugin
global_uuid: 75c9a18eab4bac42cb5688101e6dfcef60037944
kernel: 2.6.33.4-95.fc13.x86_64
package: xfce4-xkb-plugin-0.5.3.3-3.fc13
rating: 4
reason: Process /usr/libexec/xfce4/panel-plugins/xfce4-xkb-plugin was killed by
signal 11 (SIGSEGV)
release: Fedora release 13 (Goddard)

How to reproduce
-----
1. add Keyboard Layouts plugin to the panel
2. leave all combos on defaults (model: empty, c layout option: -, compose key:
-)
3. CLick Add layout -> Czechia -> qwerty
Comment 1 Konstantin Svist 2010-07-22 18:04:15 CEST 
Please fix this asap, lots of users are affected!
Comment 2 Lionel Le Folgoc 2010-09-23 18:42:24 CEST 
There are several times things like that:
    gtk_tree_model_get_iter_first (model, &iter);
    gtk_tree_model_get (model, &iter, NOM, &id, -1);

(a gtk_tree_model_get_iter() call followed by gtk_tree_model_get()).

AIUI, it's wrong: these get_iter funcs can fail to set the iter and return FALSE (http://library.gnome.org/devel/gtk/unstable/GtkTreeModel.html#gtk-tree-model-get-iter-first). Since the code snippet above doesn't check its return value, it can pass an unset iter to gtk_tree_model_get, which might crash just as we can see in the backtrace.
Comment 3 Lionel Le Folgoc 2010-09-24 19:39:59 CEST 
Created attachment 3119 
Proposed patch

Mmmh, no, I didn't look at the correct place, so it's probably simpler than that. In the code, there's no check on the validity on the iter set by gtk_combo_box_get_active_iter() for the keyboard model. So when you have an empty model, I guess the iter isn't valid.

The attached patch might fix it for you (unfortunately, I can't check/reproduce, because I've always a keyboard model set, so it's never empty).
Comment 4 Latchezar Tzvetkoff 2010-10-04 13:11:05 CEST 
*** Bug 6720 has been marked as a duplicate of this bug. ***

Bug #6477

Reported by:
Christoph Wickert
Reported on: 2010-05-28
Last modified on: 2011-02-26
Duplicates (1):
  • 6720 Settings dialog crash on close (xkb_settings_update_from_ui)

People

Assignee:
Alexander Iliev
CC List:
4 users

Version

Version:
unspecified
Target Milestone:
0.5.4.0

Attachments

backtrace of the crash (30.45 KB, text/plain)
2010-05-28 19:26 CEST , Christoph Wickert 		no flags
Proposed patch (1.36 KB, patch)
2010-09-24 19:39 CEST , Lionel Le Folgoc 		no flags

Additional information