Bug 53087

Summary: Crash in tp_base_channel_close
Product: Telepathy Reporter: Guillaume Desmottes <guillaume.desmottes>
Component: gabbleAssignee: Telepathy bugs list <telepathy-bugs>
Status: RESOLVED FIXED QA Contact: Telepathy bugs list <telepathy-bugs>
Severity: normal    
Priority: medium CC: s9iper1, xclaesse
Version: git master   
Hardware: Other   
OS: All   
Whiteboard:
i915 platform: i915 features:
Attachments: Other trace

Description Guillaume Desmottes 2012-08-03 08:22:11 UTC 
I was manually stress testing my SSO accounts (GTalk, Facebook and Windows Live) by connecting/disconnecting them and Gabble crashed.


#0  tp_base_channel_close (chan=0x742f656c62626167) at base-channel.c:402
        klass = <optimized out>
        __PRETTY_FUNCTION__ = "tp_base_channel_close"
#1  0x000000000048f758 in close_all (self=self@entry=0x1875480)
    at server-tls-manager.c:126
        l = 0x219a2f0
#2  0x000000000048f858 in connection_status_changed_cb (user_data=0x1875480, 
    conn=<optimized out>, status=<optimized out>, reason=<optimized out>)
    at server-tls-manager.c:141
No locals.
#3  connection_status_changed_cb (conn=<optimized out>, status=2, 
    reason=<optimized out>, user_data=0x1875480) at server-tls-manager.c:130
        self = 0x1875480
#4  0x00007fc260385bb8 in ffi_call_unix64 () at ../src/x86/unix64.S:75
No locals.
#5  0x00007fc2603855c0 in ffi_call (cif=cif@entry=0x7ffffc0767a0, 
    fn=fn@entry=0x48f800 <connection_status_changed_cb>, 
    rvalue=0x7ffffc076700, avalue=avalue@entry=0x7ffffc0766a0)
    at ../src/x86/ffi64.c:492
        classes = {X86_64_INTEGER_CLASS, X86_64_NO_CLASS, 4228343584, 32767}
        stack = 0x7ffffc0764f0 "\220"
        argp = 0x7ffffc0765a0 ""
        arg_types = <optimized out>
        gprcount = 4
        ssecount = <optimized out>
        ngpr = 1
        nsse = 0
        i = <optimized out>
        avn = <optimized out>
        ret_in_memory = <optimized out>
        reg_args = 0x7ffffc0764f0
#6  0x00007fc2621749bb in g_cclosure_marshal_generic (closure=0x1be9fd0, 
    return_gvalue=0x0, n_param_values=<optimized out>, 
    param_values=<optimized out>, invocation_hint=<optimized out>, 
    marshal_data=0x48f800)
    at /build/buildd/glib2.0-2.33.6/./gobject/gclosure.c:1454
        rtype = <optimized out>
        rvalue = 0x7ffffc076700
        n_args = 4
        atypes = 0x7ffffc0766d0
        args = 0x7ffffc0766a0
        i = <optimized out>
        cif = {abi = FFI_UNIX64, nargs = 4, arg_types = 0x7ffffc0766d0, 
          rtype = 0x7fc260385fa0, bytes = 0, flags = 0}
        cc = 0x1be9fd0
        enum_tmpval = 0x7ffffc076720
        tmpval_used = 0
#7  0x00007fc262174050 in g_closure_invoke (closure=0x1be9fd0, 
    return_value=0x0, n_param_values=3, param_values=0x7ffffc0769f0, 
    invocation_hint=0x7ffffc076990)
    at /build/buildd/glib2.0-2.33.6/./gobject/gclosure.c:777
        marshal = 0x7fc2621747c0 <g_cclosure_marshal_generic>
        marshal_data = 0x0
        in_marshal = 0
        real_closure = 0x1be9fb0
        __PRETTY_FUNCTION__ = "g_closure_invoke"
#8  0x00007fc262185d30 in signal_emit_unlocked_R (node=node@entry=0x189c8f0, 
    detail=detail@entry=0, instance=instance@entry=0x18a6a30, 
    emission_return=emission_return@entry=0x0, 
    instance_and_params=instance_and_params@entry=0x7ffffc0769f0)
    at /build/buildd/glib2.0-2.33.6/./gobject/gsignal.c:3551
        tmp = <optimized out>
        handler = 0x18e9e10
        accumulator = 0x0
        emission = {next = 0x0, instance = 0x18a6a30, ihint = {signal_id = 15, 
            detail = 0, run_type = G_SIGNAL_RUN_FIRST}, state = EMISSION_RUN, 
          chain_type = 4}
        class_closure = 0x0
        hlist = 0x18e3470
        handler_list = 0x18e3470
        return_accu = 0x0
        accu = {g_type = 0, data = {{v_int = 0, v_uint = 0, v_long = 0, 
              v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, 
              v_double = 0, v_pointer = 0x0}, {v_int = 0, v_uint = 0, 
              v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, 
              v_double = 0, v_pointer = 0x0}}}
        signal_id = 15
        max_sequential_handler_number = 1041
        return_value_altered = 1
#9  0x00007fc26218dfb1 in g_signal_emit_valist (instance=0x18a6a30, 
    signal_id=<optimized out>, detail=0, 
    var_args=var_args@entry=0x7ffffc076c68)
    at /build/buildd/glib2.0-2.33.6/./gobject/gsignal.c:3300
        instance_and_params = 0x7ffffc0769f0
        signal_return_type = 4
        param_values = 0x7ffffc076a08
        node = 0x189c8f0
        i = <optimized out>
        n_params = 2
        __PRETTY_FUNCTION__ = "g_signal_emit_valist"
#10 0x00007fc26218e202 in g_signal_emit (instance=instance@entry=0x18a6a30, 
    signal_id=<optimized out>, detail=detail@entry=0)
    at /build/buildd/glib2.0-2.33.6/./gobject/gsignal.c:3356
        var_args = {{gp_offset = 40, fp_offset = 48, 
            overflow_arg_area = 0x7ffffc076d40, 
            reg_save_area = 0x7ffffc076c80}}
#11 0x00007fc262d563b9 in tp_svc_connection_emit_status_changed (
    instance=instance@entry=0x18a6a30, arg_Status=arg_Status@entry=2, 
    arg_Reason=arg_Reason@entry=1) at _gen/tp-svc-connection.c:465
        __PRETTY_FUNCTION__ = "tp_svc_connection_emit_status_changed"
#12 0x00007fc262c4f6d8 in tp_base_connection_change_status (self=0x18a6a30, 
    status=<optimized out>, reason=TP_CONNECTION_STATUS_REASON_REQUESTED)
    at base-connection.c:3121
        priv = 0x18a6ba0
        klass = 0x189d530
        prev_status = TP_CONNECTION_STATUS_CONNECTED
        __PRETTY_FUNCTION__ = "tp_base_connection_change_status"
#13 0x00007fc260385bb8 in ffi_call_unix64 () at ../src/x86/unix64.S:75
No locals.
#14 0x00007fc2603855c0 in ffi_call (cif=cif@entry=0x7ffffc076f90, 
    fn=fn@entry=0x7fc262d55f00 <tp_svc_connection_disconnect>, 
    rvalue=0x7ffffc076ef0, avalue=avalue@entry=0x7ffffc076e90)
    at ../src/x86/ffi64.c:492
        classes = {X86_64_INTEGER_CLASS, X86_64_NO_CLASS, 4228345616, 32767}
        stack = 0x7ffffc076ce0 "\220n\a\374\377\177"
        argp = 0x7ffffc076d90 ""
        arg_types = <optimized out>
        gprcount = 3
        ssecount = <optimized out>
        ngpr = 1
        nsse = 0
        i = <optimized out>
        avn = <optimized out>
        ret_in_memory = <optimized out>
        reg_args = 0x7ffffc076ce0
#15 0x00007fc2621749bb in g_cclosure_marshal_generic (closure=0x7ffffc077100, 
    return_gvalue=0x0, n_param_values=<optimized out>, 
    param_values=<optimized out>, invocation_hint=<optimized out>, 
    marshal_data=0x7fc262d55f00)
    at /build/buildd/glib2.0-2.33.6/./gobject/gclosure.c:1454
        rtype = <optimized out>
        rvalue = 0x7ffffc076ef0
        n_args = 3
        atypes = 0x7ffffc076ec0
        args = 0x7ffffc076e90
        i = <optimized out>
        cif = {abi = FFI_UNIX64, nargs = 3, arg_types = 0x7ffffc076ec0, 
          rtype = 0x7fc260385fa0, bytes = 0, flags = 0}
        cc = 0x7ffffc077100
        enum_tmpval = 0x7ffffc076f10
        tmpval_used = 0
#16 0x00007fc2636df198 in invoke_object_method (message=0x229c360, 
    connection=0x186fff0, method=0x7fc262ff6c18, object_info=0x7fc262ff4980, 
    object=0x18a6a30) at dbus-gobject.c:1889
        had_error = <optimized out>
        value_array = 0x2189980
        gerror = 0x0
        closure = {ref_count = 0, meta_marshal = 0, n_guards = 0, 
          n_fnotifiers = 0, n_inotifiers = 0, in_inotify = 0, floating = 0, 
          derivative_flag = 0, in_marshal = 0, is_invalid = 0, marshal = 0, 
          data = 0x0, notifiers = 0x0}
        out_param_pos = <optimized out>
        have_retval = 0
        send_reply = 1
        in_signature = 0x18c4120 ""
        out_param_count = <optimized out>
        out_param_gvalue_pos = <optimized out>
        retval_signals_error = 0
        arg_metadata = <optimized out>
        is_async = 1
        out_param_values = 0x0
        return_value = {g_type = 0, data = {{v_int = 0, v_uint = 0, 
              v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, 
              v_double = 0, v_pointer = 0x0}, {v_int = 0, v_uint = 0, 
              v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, 
              v_double = 0, v_pointer = 0x0}}}
        out_param_gvalues = 0x0
        reply = 0x0
        retval_is_synthetic = 0
        retval_is_constant = 0
#17 object_registration_message (connection=0x186fff0, message=0x229c360, 
    user_data=<optimized out>) at dbus-gobject.c:2151
        pspec = <optimized out>
        object = 0x18a6a30
        setter = <optimized out>
        getter = <optimized out>
        getall = <optimized out>
        s = <optimized out>
        requested_propname = <optimized out>
        wincaps_propiface = <optimized out>
        iter = {dummy1 = 0x0, dummy2 = 0x18c1ca0, dummy3 = 25964096, 
          dummy4 = 0, dummy5 = 0, dummy6 = 0, dummy7 = 35259336, dummy8 = 0, 
          dummy9 = 0, dummy10 = 0, dummy11 = 1, pad1 = 0, pad2 = 1665836293, 
          pad3 = 0x0}
        method = 0x7fc262ff6c18
        object_info = 0x7fc262ff4980
        ret = <optimized out>
        o = <optimized out>
#18 0x00007fc2634aab01 in ?? ()
   from /tmp/tmp7r7_ds/lib/x86_64-linux-gnu/libdbus-1.so.3
No symbol table info available.
#19 0x00007fc26349c9f0 in dbus_connection_dispatch ()
   from /tmp/tmp7r7_ds/lib/x86_64-linux-gnu/libdbus-1.so.3
No symbol table info available.
#20 0x00007fc2636dc425 in message_queue_dispatch (source=<optimized out>, 
    source@entry=0x1872de0, callback=<optimized out>, 
    user_data=<optimized out>) at dbus-gmain.c:90
        connection = 0x186fff0
#21 0x00007fc261cb0c65 in g_main_dispatch (context=0x1872cf0)
    at /build/buildd/glib2.0-2.33.6/./glib/gmain.c:2691
        dispatch = 0x7fc2636dc410 <message_queue_dispatch>
        was_in_call = 0
        user_data = 0x0
        callback = 0
        cb_funcs = 0x0
        cb_data = 0x0
        current_source_link = {data = 0x1872de0, next = 0x0}
        need_destroy = <optimized out>
        source = 0x1872de0
        current = 0x18820a0
        i = <optimized out>
#22 g_main_context_dispatch (context=context@entry=0x1872cf0)
    at /build/buildd/glib2.0-2.33.6/./glib/gmain.c:3195
No locals.
#23 0x00007fc261cb0f98 in g_main_context_iterate (context=0x1872cf0, 
    block=block@entry=1, dispatch=dispatch@entry=1, 
    self=<error reading variable: Unhandled dwarf expression opcode 0xfa>)
    at /build/buildd/glib2.0-2.33.6/./glib/gmain.c:3266
        max_priority = 0
        timeout = 0
        some_ready = 1
        nfds = <optimized out>
        allocated_nfds = <optimized out>
        fds = 0x1bc7270
#24 0x00007fc261cb1392 in g_main_loop_run (loop=0x1879320)
    at /build/buildd/glib2.0-2.33.6/./glib/gmain.c:3460
        __PRETTY_FUNCTION__ = "g_main_loop_run"
#25 0x00007fc262d35da2 in tp_run_connection_manager (
    prog_name=prog_name@entry=0x4be847 "telepathy-gabble", 
    version=version@entry=0x4cb2c7 "0.16.1", 
    construct_cm=construct_cm@entry=0x4289f0 <construct_cm>, 
    argc=argc@entry=1, argv=argv@entry=0x7ffffc0776b8) at run.c:285
        connection = 0x186fff0
        bus_daemon = 0x1875090
        error = 0x0
        ret = 1
        __PRETTY_FUNCTION__ = "tp_run_connection_manager"
#26 0x0000000000428cec in gabble_main (argc=1, argv=0x7ffffc0776b8)
    at gabble.c:182
        loader = 0x186c860
        out = <optimized out>
        fatal_mask = <optimized out>
#27 0x00007fc2618cd76d in __libc_start_main (main=0x4288c0 <main>, argc=1, 
    ubp_av=0x7ffffc0776b8, init=<optimized out>, fini=<optimized out>, 
    rtld_fini=<optimized out>, stack_end=0x7ffffc0776a8) at libc-start.c:226
        result = <optimized out>
        unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, -4195342927912237773, 
                4360416, 140737421735600, 0, 0, 4195346986990830899, 
                4198453041764500787}, mask_was_saved = 0}}, priv = {pad = {
              0x0, 0x0, 0x4be730, 0x7ffffc0776b8}, data = {prev = 0x0, 
              cleanup = 0x0, canceltype = 4974384}}}
        not_first_call = <optimized out>
#28 0x0000000000428909 in _start ()
No symbol table info available.
Comment 1 Guillaume Desmottes 2012-08-07 07:56:40 UTC 
*** Bug 53200 has been marked as a duplicate of this bug. ***
Comment 2 Guillaume Desmottes 2012-08-08 09:46:42 UTC 
Created attachment 65271 [details]
Other trace

Here is another trace when Gabble crashed because of a SSO auth error (the token expired).
Comment 3 Xavier Claessens 2012-08-14 13:09:43 UTC 
I believe that Jonny already fixed this with 5de7189fa93918cc1dda3bfdf8d5833b63e43020 (f88ae541292e0ff4abd9214bef4c7b99a55dc4e9 in stable branch which is not included in 0.16.1 release).

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.