Created attachment 22668 [details] [review] Fix crash on 64-bit platforms The jingle code attempts to apply GINT_TO_POINTER to GTypes. This is invalid since a GType is a 64-bit type. The result is that GObjects cannot be properly instantiated since the GType may be truncated. A backtrace will look something like: gdb) run Starting program: /usr/local/libexec/telepathy-gabble [New LWP 100156] [New Thread 0x803402180 (LWP 100156)] (telepathy-gabble:35148): tp-glib-DEBUG: started version 0.7.20 (telepathy-glib version 0.7.25) ^[[A Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x803402180 (LWP 100156)] 0x000000080145002b in IA__g_type_fundamental (type_id=55025280) at gtype.c:3680 3680 gtype.c: No such file or directory. in gtype.c (gdb) bt #0 0x000000080145002b in IA__g_type_fundamental (type_id=55025280) at gtype.c:3680 #1 0x0000000801430337 in IA__g_object_new (object_type=55025280, first_property_name=0x48115f "connection") at gobject.c:1053 #2 0x000000000041dcef in create_content (sess=0x8034eb0c0, content_type=55025280, type=JINGLE_MEDIA_TYPE_NONE, content_ns=0x803464430 "http://www.google.com/session/phone", transport_ns=0x0, name=0x0, content_node=0x803463ce0, error=0x7fffffffe350) at jingle-session.c:557 #3 0x000000000041e00a in _each_content_add (sess=0x8034eb0c0, c=0x0, content_node=0x803463ce0, error=0x7fffffffe350) at jingle-session.c:659 #4 0x000000000041e2e5 in on_session_initiate (sess=0x8034eb0c0, node=0x803463ce0, error=0x7fffffffe350) at jingle-session.c:760 #5 0x000000000041e80e in jingle_state_machine_dance (sess=0x8034eb0c0, action=JINGLE_ACTION_SESSION_INITIATE, node=0x803463ce0, error=0x7fffffffe350) at jingle-session.c:958 #6 0x000000000041ed4c in gabble_jingle_session_parse (sess=0x8034eb0c0, action=JINGLE_ACTION_SESSION_INITIATE, message=0x803485450, error=0x7fffffffe350) at jingle-session.c:1126 #7 0x000000000041b95e in jingle_cb (handler=0x80347c980, lmconn=0x80344f280, msg=0x803485450, user_data=0x803419820) at jingle-factory.c:529 #8 0x00000008006d94b3 in _lm_message_handler_handle_message (handler=0x80347c980, connection=0x80344f280, message=0x803485450) at lm-message-handler.c:47 #9 0x00000008006d5e3a in ?? () from /usr/local/lib/libloudmouth-1.so.0 #10 0x00000008006d621d in ?? () from /usr/local/lib/libloudmouth-1.so.0 #11 0x00000008006da46b in message_queue_dispatch_func (source=0x803440550, callback=0, user_data=0x0) at lm-message-queue.c:100 #12 0x00000008015a953b in g_main_dispatch (context=0x8034301c0) at gmain.c:2144 #13 0x00000008015aacb1 in IA__g_main_context_dispatch (context=0x8034301c0) at gmain.c:2697 #14 0x00000008015ab2db in g_main_context_iterate (context=0x8034301c0, block=1, dispatch=1, self=0x803409540) at gmain.c:2778 #15 0x00000008015abae5 in IA__g_main_loop_run (loop=0x80342d5b0) at gmain.c:2986 #16 0x0000000801065f80 in tp_run_connection_manager (prog_name=0x47c97c "telepathy-gabble", version=0x47c975 "0.7.20", construct_cm=0x410914 <construct_cm>, argc=1, argv=0x7fffffffe828) at run.c:264 #17 0x0000000000410a63 in gabble_main (argc=1, argv=0x7fffffffe828) at gabble.c:76 #18 0x000000000041090f in main (argc=1, argv=0x7fffffffe828) at main.c:27 This problem is identical to the one I described for seahorse in http://bugzilla.gnome.org/show_bug.cgi?id=562084 . To fix this, I encapsulate the GType into a struct which can be inserted into the hash table.
GType is defined to be the same as gsize, so I think we could just use GPOINTER_TO_SIZE to fix this.
Fixed less intrusively (as per comment #1) in a branch, pending review. http://git.collabora.co.uk/?p=user/smcv/telepathy-gabble-smcv.git;a=shortlog;h=refs/heads/type-safety-whats-that
Fixed in git, will be in 0.7.21
0.7.21 released with the fix.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.