I will first reproduce the problem with glib2.0 2.64.6-1~ubuntu20.04.3 from -security with the libglib2.0-0 libglib2.0-bin libglib2.0-data packages.
I deleted all existing schemas from /usr/share/glib-2.0/schemas and replaced them with a set of schemas which reproduce the problem easily from my customer.
The gsettings.compiled from the customer has been corrupted, and when I reboot, gdm fails to start and I get a blank screen with a blinking insertion pointer.
The sha256 of the customers corrupted gsettings.compiled is:
$ sudo glib-compile-schemas /usr/share/glib-2.0/schemas
Error parsing key “logout” in schema “org.gnome.settings-daemon.plugins.media-keys” as specified in override file “/usr/share/glib-2.0/schemas/50_vmware_viewagent.gschema.override”: 0-22:can not parse as value of type 'as'. Ignoring override for this key.
$ sudo openssl sha256 /usr/share/glib-2.0/schemas/gschemas.compiled
SHA256(/usr/share/glib-2.0/schemas/gschemas.compiled)= 78163b5f0000efbd6320ce0d355c9531bf657a4f4dc15f057d95ef144323cd56
We see two bytes different. These bytes are the uninitialised memory this bug is about. When I reboot, gdm starts fine, but that is because this time I got lucky and the parser for the gschema.compiled file thinks 4F and C2 are okay. But there are combinations which aren't okay, and will end up with a corrupted gschema.compiled file.
Re-compiling the file again:
$ sudo glib-compile-schemas /usr/share/glib-2.0/schemas
Error parsing key “logout” in schema “org.gnome.settings-daemon.plugins.media-keys” as specified in override file “/usr/share/glib-2.0/schemas/50_vmware_viewagent.gschema.override”: 0-22:can not parse as value of type 'as'. Ignoring override for this key.
$ sudo openssl sha256 /usr/share/glib-2.0/schemas/gschemas.compiled
SHA256(/usr/share/glib-2.0/schemas/gschemas.compiled)= 460c70faca7afc26fa88a0e5918d312478e15f20ad84f4afaa5d17627a823e01
The sha256 changed, and if we bindiff, the bytes have changed:
I then enabled -proposed and installed libglib2.0-0 libglib2.0-bin libglib2.0-data version 2.64.6-1~ubuntu20.04.4.
Now, when I re-compile the gschemas.compiled file, the sha256 matches every time, meaning no more non-deterministic behaviour caused by writing unitialised memory to disk:
$ sudo glib-compile-schemas /usr/share/glib-2.0/schemas
Error parsing key “logout” in schema “org.gnome.settings-daemon.plugins.media-keys” as specified in override file “/usr/share/glib-2.0/schemas/50_vmware_viewagent.gschema.override”: 0-22:can not parse as value of type 'as'. Ignoring override for this key.
$ sudo openssl sha256 /usr/share/glib-2.0/schemas/gschemas.compiled
SHA256(/usr/share/glib-2.0/schemas/gschemas.compiled)= cd9132d18b596a304251cd1eb50b64aa6fd7511a312906f9a49e1975a319fbf1
$ sudo glib-compile-schemas /usr/share/glib-2.0/schemas
Error parsing key “logout” in schema “org.gnome.settings-daemon.plugins.media-keys” as specified in override file “/usr/share/glib-2.0/schemas/50_vmware_viewagent.gschema.override”: 0-22:can not parse as value of type 'as'. Ignoring override for this key.
$ sudo openssl sha256 /usr/share/glib-2.0/schemas/gschemas.compiled
SHA256(/usr/share/glib-2.0/schemas/gschemas.compiled)= cd9132d18b596a304251cd1eb50b64aa6fd7511a312906f9a49e1975a319fbf1
Doing a bindiff, I see the changed bytes from before are now all zeros, which is what the patch initialises the buffer to:
Performing verification for Focal.
I will first reproduce the problem with glib2.0 2.64.6- 1~ubuntu20. 04.3 from -security with the libglib2.0-0 libglib2.0-bin libglib2.0-data packages.
I deleted all existing schemas from /usr/share/ glib-2. 0/schemas and replaced them with a set of schemas which reproduce the problem easily from my customer.
$ cd /usr/share/ glib-2. 0/schemas/
$ sudo rm *
$ sudo cp ~/schemas/* .
The gsettings.compiled from the customer has been corrupted, and when I reboot, gdm fails to start and I get a blank screen with a blinking insertion pointer.
The sha256 of the customers corrupted gsettings.compiled is:
$ sudo openssl sha256 /usr/share/ glib-2. 0/schemas/ gschemas. compiled /usr/share/ glib-2. 0/schemas/ gschemas. compiled) = 2c98dc9a7fdbac8 58a8d5ca7e4dd81 3f16058a46dba2c 54b5239cd8cdba5 bb3e
SHA256(
When I ssh back in, and recompile the file:
$ sudo glib-compile- schemas /usr/share/ glib-2. 0/schemas settings- daemon. plugins. media-keys” as specified in override file “/usr/share/ glib-2. 0/schemas/ 50_vmware_ viewagent. gschema. override” : 0-22:can not parse as value of type 'as'. Ignoring override for this key. glib-2. 0/schemas/ gschemas. compiled /usr/share/ glib-2. 0/schemas/ gschemas. compiled) = 78163b5f0000efb d6320ce0d355c95 31bf657a4f4dc15 f057d95ef144323 cd56
Error parsing key “logout” in schema “org.gnome.
$ sudo openssl sha256 /usr/share/
SHA256(
The sha256 has changed. Doing a bindiff, I see:
$ sudo cmp -l /home/ubuntu/ schemas/ gschemas. compiled /usr/share/ glib-2. 0/schemas/ gschemas. compiled | gawk '{printf "%08X %02X %02X\n", $1, strtonum(0$2), strtonum(0$3)}'
0000376F E3 4F
00003771 A4 C2
We see two bytes different. These bytes are the uninitialised memory this bug is about. When I reboot, gdm starts fine, but that is because this time I got lucky and the parser for the gschema.compiled file thinks 4F and C2 are okay. But there are combinations which aren't okay, and will end up with a corrupted gschema.compiled file.
Re-compiling the file again:
$ sudo glib-compile- schemas /usr/share/ glib-2. 0/schemas settings- daemon. plugins. media-keys” as specified in override file “/usr/share/ glib-2. 0/schemas/ 50_vmware_ viewagent. gschema. override” : 0-22:can not parse as value of type 'as'. Ignoring override for this key. glib-2. 0/schemas/ gschemas. compiled /usr/share/ glib-2. 0/schemas/ gschemas. compiled) = 460c70faca7afc2 6fa88a0e5918d31 2478e15f20ad84f 4afaa5d17627a82 3e01
Error parsing key “logout” in schema “org.gnome.
$ sudo openssl sha256 /usr/share/
SHA256(
The sha256 changed, and if we bindiff, the bytes have changed:
$ sudo cmp -l /home/ubuntu/ schemas/ gschemas. compiled /usr/share/ glib-2. 0/schemas/ gschemas. compiled | gawk '{printf "%08X %02X %02X\n", $1, strtonum(0$2), strtonum(0$3)}'
0000376F E3 A6
00003771 A4 A1
If we run glib-compile- schemas through valgrind, it reports that we are writing to uninitialised memory:
https:/ /paste. ubuntu. com/p/sxrQtbswp w/
I then enabled -proposed and installed libglib2.0-0 libglib2.0-bin libglib2.0-data version 2.64.6- 1~ubuntu20. 04.4.
Now, when I re-compile the gschemas.compiled file, the sha256 matches every time, meaning no more non-deterministic behaviour caused by writing unitialised memory to disk:
$ sudo glib-compile- schemas /usr/share/ glib-2. 0/schemas settings- daemon. plugins. media-keys” as specified in override file “/usr/share/ glib-2. 0/schemas/ 50_vmware_ viewagent. gschema. override” : 0-22:can not parse as value of type 'as'. Ignoring override for this key. glib-2. 0/schemas/ gschemas. compiled /usr/share/ glib-2. 0/schemas/ gschemas. compiled) = cd9132d18b596a3 04251cd1eb50b64 aa6fd7511a31290 6f9a49e1975a319 fbf1
Error parsing key “logout” in schema “org.gnome.
$ sudo openssl sha256 /usr/share/
SHA256(
$ sudo glib-compile- schemas /usr/share/ glib-2. 0/schemas settings- daemon. plugins. media-keys” as specified in override file “/usr/share/ glib-2. 0/schemas/ 50_vmware_ viewagent. gschema. override” : 0-22:can not parse as value of type 'as'. Ignoring override for this key. glib-2. 0/schemas/ gschemas. compiled /usr/share/ glib-2. 0/schemas/ gschemas. compiled) = cd9132d18b596a3 04251cd1eb50b64 aa6fd7511a31290 6f9a49e1975a319 fbf1
Error parsing key “logout” in schema “org.gnome.
$ sudo openssl sha256 /usr/share/
SHA256(
Doing a bindiff, I see the changed bytes from before are now all zeros, which is what the patch initialises the buffer to:
$ sudo cmp -l /home/ubuntu/ schemas/ gschemas. compiled /usr/share/ glib-2. 0/schemas/ gschemas. compiled | gawk '{printf "%08X %02X %02X\n", $1, strtonum(0$2), strtonum(0$3)}'
0000376F E3 00
00003771 A4 00
00003772 55 00
Doing a run through valgrind, we no longer get a report about writing to uninitialised memory:
https:/ /paste. ubuntu. com/p/z52DGZcdz 3/
Rebooting, the VM comes up and GDM starts properly, so glib can parse the gsettings.compiled file without any issues.
Wonderful. The problem is fixed by the package in -proposed, happy to mark as verified.