[Bug 29952] New: telepathy-idle crash in g_realloc_n() called from tp_debug_sender_constructor()

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Thu Sep 2 00:08:46 CEST 2010 

https://bugs.freedesktop.org/show_bug.cgi?id=29952

           Summary: telepathy-idle crash in g_realloc_n() called from
                    tp_debug_sender_constructor()
           Product: Telepathy
           Version: 0.10
          Platform: Other
        OS/Version: Linux (All)
            Status: NEW
          Severity: major
          Priority: medium
         Component: idle
        AssignedTo: telepathy-bugs at lists.freedesktop.org
        ReportedBy: nalimilan at club.fr
         QAContact: telepathy-bugs at lists.freedesktop.org


This crash is occurring regularly while using IRC with Empathy on Ubuntu 10.04.
telepathy-idle is version 0.1.6-1, telepathy 0.10.1-1ubuntu2. Several users are
experiencing it, see
https://bugs.launchpad.net/ubuntu/+source/telepathy-idle/+bug/546246

I hope the trace is good enough, and the crash isn't already fixed!

#0  0x007e1422 in __kernel_vsyscall ()
No symbol table info available.
#1  0x00314641 in *__GI_raise (sig=6)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
    resultvar = <value optimized out>
    pid = 4456436
    selftid = 3103
#2  0x00317a72 in *__GI_abort () at abort.c:92
    act = {__sigaction_handler = {
    sa_handler = 0xa124e4 <_rtld_local+1220>, 
    sa_sigaction = 0xa124e4 <_rtld_local+1220>}, sa_mask = {__val = {917504, 
      134583744, 134520168, 3215586392, 7175, 3215586360, 134515384, 
      134515324, 3, 10561784, 3865137, 3, 134583744, 3215586288, 4456436, 25, 
      3215587748, 3215586408, 3984180, 2, 3215586288, 4, 0, 3215586384, 
      3215586396, 2, 4312327, 4312323, 4307873, 4307899, 230, 3215586288}}, 
  sa_flags = -1079380936, sa_restorer = 0x41e0a3}
    sigs = {__val = {32, 0 <repeats 31 times>}}
#3  0x0034b48d in __libc_message (do_abort=2, 
    fmt=0x41fef8 "*** glibc detected *** %s: %s: 0x%s ***\n")
    at ../sysdeps/unix/sysv/linux/libc_fatal.c:189
    ap = <value optimized out>
    fd = -1079380576
    on_2 = <value optimized out>
    list = <value optimized out>
    nlist = <value optimized out>
    cp = <value optimized out>
    written = false
#4  0x00355581 in malloc_printerr (action=<value optimized out>, 
    str=0x6 <Address 0x6 out of bounds>, ptr=0x90db480) at malloc.c:6264
    buf = "090db480"
    cp = <value optimized out>
#5  0x00356dd8 in _int_free (av=<value optimized out>, 
    p=<value optimized out>) at malloc.c:4792
    size = 0
    nextchunk = (mchunkptr) 0xc1f
    nextsize = 12093416
    prevsize = <value optimized out>
    bck = <value optimized out>
    fwd = <value optimized out>
    errstr = 0x6 <Address 0x6 out of bounds>
    __func__ = "_int_free"
#6  0x00359ebd in *__GI___libc_free (mem=0x90db480) at malloc.c:3738
    ar_ptr = (mstate) 0x4413c0
    p = (mchunkptr) 0x6
#7  0x00b03086 in g_realloc_n () from /lib/libglib-2.0.so.0
No symbol table info available.
#8  0x00224e45 in tp_debug_sender_constructor (type=151893216, 
    n_construct_params=3215588520, construct_params=0x3736b6)
    at debug-sender.c:207
    retval = <value optimized out>
#9  0x00224f76 in tp_debug_sender_set_property (object=0x90bc030, 
    property_id=3215588408, value=0x90c7ca8, pspec=0x80) at debug-sender.c:175
No locals.
#10 0x0804decd in idle_debug (flag=IDLE_DEBUG_PARSER, 
    format=0x8063123 "%s: set handle %u") at idle-debug.c:97
    message = (gchar *) 0x9109920 "_parse_atom: set handle 63"
#11 0x0805502e in _parse_atom (parser=<value optimized out>, 
    arr=<value optimized out>, atom=99 'c', token=<value optimized out>, 
    contact_reffed=0x911dc28, room_reffed=0x90f06c8) at idle-parser.c:493
    id = <value optimized out>
    modechar = 0 '\0'
    priv = (IdleParserPrivate *) 0x90cc028
    handle = 6
    val = {g_type = 0, data = {{v_int = 0, v_uint = 0, v_long = 0, 
      v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, 
      v_pointer = 0x0}, {v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, 
      v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}}}
    contact_repo = (TpHandleRepoIface *) 0x90bcd80
    room_repo = (TpHandleRepoIface *) 0x90bce30
    __PRETTY_FUNCTION__ = "_parse_atom"
#12 0x080551eb in _parse_and_forward_one (parser=<value optimized out>, 
    tokens=<value optimized out>, code=IDLE_PARSER_PREFIXCMD_PRIVMSG_USER, 
    format=0x8063252 "cIc:") at idle-parser.c:385
    val = {g_type = 0, data = {{v_int = 0, v_uint = 0, v_long = 0, 
      v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, 
      v_pointer = 0x0}, {v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, 
      v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}}}
    priv = (IdleParserPrivate *) 0x90cc028
    args = (GValueArray *) 0x90efc70
    link = <value optimized out>
    result = <value optimized out>
    iter = (gchar **) 0x912b3a8
    contact_reffed = (TpHandleSet *) 0x911dc28
    room_reffed = (TpHandleSet *) 0x90f06c8
    __PRETTY_FUNCTION__ = "_parse_and_forward_one"
#13 0x08055843 in idle_parser_receive (parser=0x90cc018, 
    msg=0x90dfce8 ":slangasek!vorlon at canonical-cloaked-3BF2D1B4.dodds.net
PRIVMSG #distro :smoser: due to
http://package-import.ubuntu.com/failures/libvirt, I guess\r\n") at
idle-parser.c:333
    i = <value optimized out>
    lasti = <value optimized out>
    tmp = <value optimized out>
    line_ends = <value optimized out>
    len = 147
    concat_buf = '\0' <repeats 1025 times>
    __PRETTY_FUNCTION__ = "idle_parser_receive"
#14 0x0805067d in sconn_received_cb (sconn=0x90cf010, 
    raw_msg=0x9103750 ":slangasek!vorlon at canonical-cloaked-3BF2D1B4.dodds.net
PRIVMSG #distro :smoser: due to
http://package-import.ubuntu.com/failures/libvirt, I guess\r\n",
conn=0x90ca810) at idle-connection.c:635
    converted = <value optimized out>
#15 0x00129c4c in g_signal_handler_block () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#16 0x0011b252 in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#17 0x0013297d in g_signal_connect_data () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#18 0x00133fe4 in g_type_class_get_private ()
   from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#19 0x001342d5 in ?? () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#20 0x08059052 in ssl_io_func (src=0x90c4880, cond=G_IO_IN, data=0x90cf010)
    at idle-ssl-server-connection.c:341
    conn = (IdleSSLServerConnection *) 0x90cf010
    priv = (IdleSSLServerConnectionPrivate *) 0x16
    buf = ":slangasek!vorlon at canonical-cloaked-3BF2D1B4.dodds.net PRIVMSG
#distro :smoser: due to http://package-import.ubuntu.com/failures/libvirt, I
guess\r\n", '\0' <repeats 365 times>
    err = 5198848
    __PRETTY_FUNCTION__ = "ssl_io_func"
#21 0x00b3f17b in ?? () from /lib/libglib-2.0.so.0
No symbol table info available.
#22 0x00afa645 in g_main_context_dispatch () from /lib/libglib-2.0.so.0
No symbol table info available.
#23 0x00afe338 in ?? () from /lib/libglib-2.0.so.0
No symbol table info available.
#24 0x00afe877 in g_main_loop_run () from /lib/libglib-2.0.so.0
No symbol table info available.
#25 0x0024599f in tp_text_mixin_get_message_types (obj=0x8061edb, 
    ret=0x8061ed5, error=0x804d940) at text-mixin.c:565
    mixin = <value optimized out>
    i = <value optimized out>
#26 0x0804d92a in main (argc=1, argv=0xbfaa0b04) at idle.c:47
    debug_sender = (TpDebugSender *) 0x90bc030
    result = <value optimized out>

-- 
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
You are the assignee for the bug.

More information about the telepathy-bugs mailing list