I am getting a seg fault building the telepathy-glib package for karmic, which includes make check. The seg fault happens when running the test-callable-example test, the rest pass. Backtrace: (/home/ken/working/telepathy-glib-0.7.31/tests/dbus/.libs/test-callable-example:3492): tp-glib-DEBUG: tp_proxy_borrow_interface_by_id: 0x1c4c030: org.freedesktop.Telepathy.Channel.Type.StreamedMedia DBusGProxy is 0x1c4d600 ** Message: SIGNALLING: send: new streamed media call emit_members_changed_signals: emitting members changed message : "" added : [] removed : [] local_pending : [] remote_pending: [2 (basic-test)] actor : 1 reason : 0: unspecified reason ** Message: SIGNALLING: send: new audio stream ** Message: MEDIA: Sending media to peer for stream 1 ** Message: SIGNALLING: send: Please start sending me stream 1 ** Message: SIGNALLING: receive: contact answered our call emit_members_changed_signals: emitting members changed message : "" added : [2 (basic-test)] removed : [] local_pending : [] remote_pending: [] actor : 2 reason : 0: unspecified reason ** Message: SIGNALLING: receive: OK, I'll send you media on stream 1 (/home/ken/working/telepathy-glib-0.7.31/tests/dbus/.libs/test-callable-example:3492): tp-glib-DEBUG: tp_channel_group_members_changed_cb: 0x1c4c030 MembersChanged: added 0, removed 0, moved 0 to LP and 1 to RP, actor 1, reason 0, message (/home/ken/working/telepathy-glib-0.7.31/tests/dbus/.libs/test-callable-example:3492): tp-glib-DEBUG: handle_members_changed: +RP contact#2 (/home/ken/working/telepathy-glib-0.7.31/tests/dbus/.libs/test-callable-example:3492): tp-glib-DEBUG: tp_channel_group_members_changed_cb: 0x1c4c030 MembersChanged: added 1, removed 0, moved 0 to LP and 0 to RP, actor 2, reason 0, message (/home/ken/working/telepathy-glib-0.7.31/tests/dbus/.libs/test-callable-example:3492): tp-glib-DEBUG: handle_members_changed: +++ contact#2 ** Message: MEDIA: stream connected ** Message: SIGNALLING: send: new video stream ** Message: MEDIA: Sending media to peer for stream 2 ** Message: SIGNALLING: send: Please start sending me stream 2 ** Message: SIGNALLING: receive: OK, I'll send you media on stream 2 ** Message: MEDIA: stream connected ** Message: Sending to server: Closing stream 2 Program received signal SIGSEGV, Segmentation fault. 0x00000000004108fd in example_callable_media_stream_close (self=0x1c4d8e0) at media-stream.c:394 394 if (self->priv->connected_event_id != 0) (gdb) bt #0 0x00000000004108fd in example_callable_media_stream_close (self=0x1c4d8e0) at media-stream.c:394 #1 0x000000000040f4c3 in media_remove_streams (iface=<value optimized out>, stream_ids=0x1c41cc0, context=0x1c3ad80) at media-channel.c:801 #2 0x00007febfc20c7ec in ?? () from /usr/lib/libdbus-glib-1.so.2 #3 0x00007febfc20cca5 in ?? () from /usr/lib/libdbus-glib-1.so.2 #4 0x00007febfbfdd44e in ?? () from /lib/libdbus-1.so.3 #5 0x00007febfbfd1094 in dbus_connection_dispatch () from /lib/libdbus-1.so.3 #6 0x00007febfc209b65 in ?? () from /usr/lib/libdbus-glib-1.so.2 #7 0x00007febfbaed8be in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0 #8 0x00007febfbaf0f98 in ?? () from /usr/lib/libglib-2.0.so.0 #9 0x00007febfbaf13f5 in g_main_loop_run () from /usr/lib/libglib-2.0.so.0 #10 0x000000000040a0b4 in test_basics (test=0x1c25920, data=<value optimized out>) at callable-example.c:944 #11 0x00007febfbb1368a in ?? () from /usr/lib/libglib-2.0.so.0 #12 0x00007febfbb137f6 in ?? () from /usr/lib/libglib-2.0.so.0 #13 0x00007febfbb13adb in g_test_run_suite () from /usr/lib/libglib-2.0.so.0 #14 0x0000000000406b2b in main (argc=1, argv=0x7fff4bffe828) at callable-example.c:1609
Link to the ubuntu bug https://bugs.launchpad.net/ubuntu/+source/telepathy-glib/+bug/385358
Sjoerd is investigating.
Created attachment 26716 [details] Valgrind log of the crash
Created attachment 26718 [details] [review] this might work? I can't reproduce this (on Debian unstable i386 with an amd64 kernel, if that matters), which is strange... the valgrind log looks as though this ought to happen every time, if I'm right about the cause? Anyway, here's an attempt at fixing it blindly by reference to the valgrind log.
Created attachment 26724 [details] Crash after applying the patch from the previous comment
Created attachment 26725 [details] [review] Additional patch: together, these are sufficient in sjoerd's build environment Another instance of a similar problem. Together, these could be simplified to having example_callable_media_stream_close ref the stream until it returns, or even just having the emission of the REMOVED signal be the last thing in the function. I'm not sure which of these is best style, or why this worked reliably (and without use-after-free) for me...
Created attachment 26726 [details] [review] Simpler version of the previous patches The two patches above work, but this one is simpler and seems more appropriate.
Fixed in 0.7.32
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.