Ubuntu
gaim package

[apport] gaim crashed with SIGSEGV in malloc() while idle

Bug #103959 reported by Chris Halse Rogers
2
Affects Status Importance Assigned to Milestone
gaim (Ubuntu)
Confirmed
Medium
Unassigned

Bug Description

Binary package hint: gaim

I had just started gaim, and it was idle in the background when it crashed.

I was playing music with Banshee using pulseaudio when this happened, if that's at all important.

ProblemType: Crash
Architecture: amd64
CrashCounter: 1
Date: Sat Apr 7 10:49:23 2007
DistroRelease: Ubuntu 7.04
ExecutablePath: /usr/bin/gaim
Package: gaim 1:2.0.0+beta6-1ubuntu4
PackageArchitecture: amd64
ProcCmdline: gaim
ProcCwd: /home/chris
ProcEnviron:
 LANG=en_AU.UTF-8
 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
 SHELL=/bin/bash
Signal: 11
SourcePackage: gaim
StacktraceTop:
 ?? () from /lib/libc.so.6
 ?? () from /lib/libc.so.6
 malloc () from /lib/libc.so.6
 ?? () from /lib/libc.so.6
 opendir () from /lib/libc.so.6
Uname: Linux Burninator 2.6.20-14-generic #2 SMP Mon Apr 2 16:32:46 UTC 2007 x86_64 GNU/Linux
UserGroups: adm admin audio cdrom dialout dip floppy fuse lpadmin netdev plugdev powerdev pulse-rt scanner users video

Revision history for this message
Chris Halse Rogers (raof) wrote :
Revision history for this message
Apport retracing service (apport) wrote : Symbolic stack trace

StacktraceTop:malloc_consolidate () from /lib/libc.so.6
_int_malloc () from /lib/libc.so.6
malloc () from /lib/libc.so.6
__alloc_dir () from /lib/libc.so.6
opendir () from /lib/libc.so.6

Revision history for this message
Apport retracing service (apport) wrote : Symbolic threaded stack trace
Revision history for this message
Sebastien Bacher (seb128) wrote :

Thanks for your bug report. Could you try to get a valgrind log for it (you can follow the instructions from https://wiki.ubuntu.com/Valgrind for that)?

Changed in gaim:
importance: Undecided → Medium
status: Unconfirmed → Needs Info
Revision history for this message
Chris Halse Rogers (raof) wrote :

Ok, it seems that the "Playing music with Banshee" part of my report is irrelevant. Gaim once again crashed in the background, with no music playing.

Valgrind logs attached.

Revision history for this message
Chris Halse Rogers (raof) wrote :

Ok, it seems that the "Playing music with Banshee" part of my report is irrelevant. Gaim once again crashed in the background, with no music playing.

Valgrind logs attached.

Revision history for this message
Sebastien Bacher (seb128) wrote :

Could you get a log with gaim-dbg libdbus-1-3-dbgsym libnm-glib0-dbgsym installed?

Revision history for this message
Chris Halse Rogers (raof) wrote :

Apparently, yes :). New, debug-symbolified logs attached.

Revision history for this message
Sebastien Bacher (seb128) wrote :

The log has an error:

==22041== Invalid read of size 8
==22041== at 0xCD53BA6: (within /usr/lib/libnotify.so.1.1.1)
==22041== by 0x9F8E73B: (within /usr/lib/libdbus-glib-1.so.2.1.0)
==22041== by 0x69C97D9: g_closure_invoke (in /usr/lib/libgobject-2.0.so.0.1200.11)
==22041== by 0x69D9407: (within /usr/lib/libgobject-2.0.so.0.1200.11)
==22041== by 0x69DA842: g_signal_emit_valist (in /usr/lib/libgobject-2.0.so.0.1200.11)
==22041== by 0x69DAA12: g_signal_emit (in /usr/lib/libgobject-2.0.so.0.1200.11)
==22041== by 0x9F8F688: (within /usr/lib/libdbus-glib-1.so.2.1.0)
==22041== by 0xA1AAF7F: dbus_connection_dispatch (dbus-connection.c:4267)
==22041== by 0x9F86EA4: (within /usr/lib/libdbus-glib-1.so.2.1.0)
==22041== by 0x6C2EA13: g_main_context_dispatch (in /usr/lib/libglib-2.0.so.0.1200.11)
==22041== by 0x6C3185C: (within /usr/lib/libglib-2.0.so.0.1200.11)
==22041== by 0x6C31B69: g_main_loop_run (in /usr/lib/libglib-2.0.so.0.1200.11)
==22041== by 0x5C4D022: gtk_main (in /usr/lib/libgtk-x11-2.0.so.0.1000.11)
==22041== by 0x468630: main (gtkmain.c:816)
==22041== Address 0x1B097540 is 24 bytes inside a block of size 32 free'd
==22041== at 0x4C2067E: free (vg_replace_malloc.c:233)
==22041== by 0x69E70D2: g_type_free_instance (in /usr/lib/libgobject-2.0.so.0.1200.11)
==22041== by 0x69EA352: g_value_unset (in /usr/lib/libgobject-2.0.so.0.1200.11)
==22041== by 0x69DA87D: g_signal_emit_valist (in /usr/lib/libgobject-2.0.so.0.1200.11)
==22041== by 0x69DAA12: g_signal_emit (in /usr/lib/libgobject-2.0.so.0.1200.11)
==22041== by 0xCD53BA5: (within /usr/lib/libnotify.so.1.1.1)
==22041== by 0x9F8E73B: (within /usr/lib/libdbus-glib-1.so.2.1.0)
==22041== by 0x69C97D9: g_closure_invoke (in /usr/lib/libgobject-2.0.so.0.1200.11)
==22041== by 0x69D9407: (within /usr/lib/libgobject-2.0.so.0.1200.11)
==22041== by 0x69DA842: g_signal_emit_valist (in /usr/lib/libgobject-2.0.so.0.1200.11)
==22041== by 0x69DAA12: g_signal_emit (in /usr/lib/libgobject-2.0.so.0.1200.11)
==22041== by 0x9F8F688: (within /usr/lib/libdbus-glib-1.so.2.1.0)
==22041== by 0xA1AAF7F: dbus_connection_dispatch (dbus-connection.c:4267)
==22041== by 0x9F86EA4: (within /usr/lib/libdbus-glib-1.so.2.1.0)
==22041== by 0x6C2EA13: g_main_context_dispatch (in /usr/lib/libglib-2.0.so.0.1200.11)
==22041== by 0x6C3185C: (within /usr/lib/libglib-2.0.so.0.1200.11)
==22041== by 0x6C31B69: g_main_loop_run (in /usr/lib/libglib-2.0.so.0.1200.11)
==22041== by 0x5C4D022: gtk_main (in /usr/lib/libgtk-x11-2.0.so.0.1000.11)
==22041== by 0x468630: main (gtkmain.c:816)

Did you install the libdbus dbgsym version? Could you also get a log with libnotify1-dbgsym?

Revision history for this message
Chris Halse Rogers (raof) wrote :

Fortunately, gaim is being very obliging and crashing nice and repeatedly.

New logs, with libdbus-glib-1-2-dbgsym, libnotify1-dbgsym, and libglib2.0-0-dbg thrown in for good measure.

Sebastien Bacher (seb128)
Changed in gaim:
status: Needs Info → Unconfirmed
Revision history for this message
Chris Halse Rogers (raof) wrote :

Is the change from "needs info" to "unconfirmed" because you have all the needed info? If you still need more, I can install whatever extra debugging packages you want.

Just checking, it's been a while since I posted the last valgrind logs.

Revision history for this message
Sebastien Bacher (seb128) wrote :

The log has an error:

==15021== Invalid read of size 8
==15021== at 0xCD53BA6: _close_signal_handler (notification.c:677)
==15021== by 0x9F8E73B: marshal_dbus_message_to_g_marshaller (dbus-gproxy.c:1635)
==15021== by 0x69C97D9: g_closure_invoke (gclosure.c:490)
==15021== by 0x69D9407: signal_emit_unlocked_R (gsignal.c:2440)
==15021== by 0x69DA842: g_signal_emit_valist (gsignal.c:2199)
==15021== by 0x69DAA12: g_signal_emit (gsignal.c:2243)
==15021== by 0x9F8F688: dbus_g_proxy_manager_filter (dbus-gproxy.c:1688)
==15021== by 0xA1AAF7F: dbus_connection_dispatch (dbus-connection.c:4267)
==15021== by 0x9F86EA4: message_queue_dispatch (dbus-gmain.c:101)
==15021== by 0x6C2EA13: g_main_context_dispatch (gmain.c:2045)
==15021== by 0x6C3185C: g_main_context_iterate (gmain.c:2677)
==15021== by 0x6C31B69: g_main_loop_run (gmain.c:2881)
==15021== by 0x5C4D022: gtk_main (in /usr/lib/libgtk-x11-2.0.so.0.1000.11)
==15021== by 0x468630: main (gtkmain.c:816)
==15021== Address 0x1C3FBD38 is 24 bytes inside a block of size 32 free'd
==15021== at 0x4C2067E: free (vg_replace_malloc.c:233)
==15021== by 0x69E70D2: g_type_free_instance (gtype.c:1602)
==15021== by 0x69EA352: g_value_unset (gvalue.c:155)
==15021== by 0x69DA87D: g_signal_emit_valist (gsignal.c:2229)
==15021== by 0x69DAA12: g_signal_emit (gsignal.c:2243)
==15021== by 0xCD53BA5: _close_signal_handler (notification.c:677)
==15021== by 0x9F8E73B: marshal_dbus_message_to_g_marshaller (dbus-gproxy.c:1635)
==15021== by 0x69C97D9: g_closure_invoke (gclosure.c:490)
==15021== by 0x69D9407: signal_emit_unlocked_R (gsignal.c:2440)
==15021== by 0x69DA842: g_signal_emit_valist (gsignal.c:2199)
==15021== by 0x69DAA12: g_signal_emit (gsignal.c:2243)
==15021== by 0x9F8F688: dbus_g_proxy_manager_filter (dbus-gproxy.c:1688)
==15021== by 0xA1AAF7F: dbus_connection_dispatch (dbus-connection.c:4267)
==15021== by 0x9F86EA4: message_queue_dispatch (dbus-gmain.c:101)
==15021== by 0x6C2EA13: g_main_context_dispatch (gmain.c:2045)
==15021== by 0x6C3185C: g_main_context_iterate (gmain.c:2677)
==15021== by 0x6C31B69: g_main_loop_run (gmain.c:2881)
==15021== by 0x5C4D022: gtk_main (in /usr/lib/libgtk-x11-2.0.so.0.1000.11)
==15021== by 0x468630: main (gtkmain.c:816)

Upstream is not really responsive to bugs though so it's likely to not being work soon, no need of extra informations for now

Changed in gaim:
status: Unconfirmed → Confirmed
Revision history for this message
Sebastien Bacher (seb128) wrote :

duplicate of bug #89828

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.