Bug 35613 - Segfault on file xfer
Summary: Segfault on file xfer
Status: RESOLVED MOVED
Alias: None
Product: Telepathy
Classification: Unclassified
Component: gabble (show other bugs)
Version: 0.10
Hardware: Other All
: medium normal
Assignee: Telepathy bugs list
QA Contact: Telepathy bugs list
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-03-23 21:26 UTC by Olivier Crête
Modified: 2019-12-03 19:51 UTC (History)
1 user (show)

See Also:
i915 platform:
i915 features:

Attachments

Description Olivier Crête 2011-03-23 21:26:10 UTC 
Segfault after failing to receive a file transfer

(gdb) c
Continuing.
[New Thread 0x7fbeb76ac700 (LWP 19984)]
[Thread 0x7fbeb76ac700 (LWP 19984) exited]

Program received signal SIGSEGV, Segmentation fault.
__libc_free (mem=0x7f006d6f7266) at malloc.c:3710
3710	  if (chunk_is_mmapped(p))                       /* release mmapped memory. */
(gdb) bt
#0  __libc_free (mem=0x7f006d6f7266) at malloc.c:3710
#1  0x000000000043195c in attribute_free (a=0xdaca90) at wocky-node.c:103
#2  0x0000000000431e98 in wocky_node_free (node=0xdfaa40) at wocky-node.c:139
#3  0x0000000000434bd1 in wocky_node_tree_finalize (object=0xf4f0f0)
    at wocky-node-tree.c:137
#4  0x00007fbebafda614 in g_object_unref (_object=<value optimized out>)
    at gobject.c:2734
#5  0x0000000000451c37 in stanza_received_cb (source=<value optimized out>, 
    res=<value optimized out>, user_data=<value optimized out>)
    at wocky-porter.c:1257
#6  0x00000000004548a8 in _xmpp_connection_received_data (source=0x7e0f80, 
    result=0x1, user_data=<value optimized out>) at wocky-xmpp-connection.c:561
#7  0x00007fbebb4977a9 in async_ready_callback_wrapper (
    source_object=0x7e0f80, res=0xe83a40, user_data=0xaaaaa0)
    at ginputstream.c:470
#8  0x00000000004b9026 in wocky_tls_job_result_gssize (
    job=<value optimized out>, result=231) at wocky-tls.c:359
#9  0x00007fbebb4977a9 in async_ready_callback_wrapper (
    source_object=0x795b40, res=0xfb85e0, user_data=0x77a1a0)
    at ginputstream.c:470
#10 0x00007fbebb4b068e in g_socket_input_stream_read_ready (
    socket=<value optimized out>, condition=<value optimized out>, 
    stream=0x795b40) at gsocketinputstream.c:155
---Type <return> to continue, or q <return> to quit---
#11 0x00007fbeba8edfa1 in g_main_dispatch (context=0x766d70) at gmain.c:2440
#12 g_main_context_dispatch (context=0x766d70) at gmain.c:3013
#13 0x00007fbeba8f2638 in g_main_context_iterate (context=0x766d70, 
    block=<value optimized out>, dispatch=<value optimized out>, 
    self=<value optimized out>) at gmain.c:3091
#14 0x00007fbeba8f2b45 in g_main_loop_run (loop=0x773530) at gmain.c:3299
#15 0x00007fbebc53bf8f in tp_run_connection_manager (
    prog_name=<value optimized out>, version=<value optimized out>, 
    construct_cm=<value optimized out>, argc=<value optimized out>, 
    argv=<value optimized out>) at run.c:285
#16 0x000000000043075e in gabble_main (argc=1, argv=0x7ffff8854448)
    at gabble.c:149
#17 0x00007fbeba0b8bbd in __libc_start_main (main=<value optimized out>, 
    argc=<value optimized out>, ubp_av=<value optimized out>, 
    init=<value optimized out>, fini=<value optimized out>, 
    rtld_fini=<value optimized out>, stack_end=0x7ffff8854438)
    at libc-start.c:226
#18 0x00000000004305b9 in _start ()
(gdb) thread apply all bt

Thread 3 (Thread 0x7fbeb6ca6700 (LWP 19843)):
#0  0x00007fbeba162af3 in __poll (fds=<value optimized out>, 
    nfds=<value optimized out>, timeout=-1)
    at ../sysdeps/unix/sysv/linux/poll.c:87
#1  0x00007fbeba8f2399 in g_main_context_poll (context=0x79fab0, 
    block=<value optimized out>, dispatch=<value optimized out>, 
    self=<value optimized out>) at gmain.c:3404
#2  g_main_context_iterate (context=0x79fab0, block=<value optimized out>, 
    dispatch=<value optimized out>, self=<value optimized out>) at gmain.c:3086
#3  0x00007fbeba8f2b45 in g_main_loop_run (loop=0x7fbeb0000940) at gmain.c:3299
#4  0x00007fbeb80c7beb in dconf_context_thread (data=0x79fab0)
    at dconfcontext.c:11
#5  0x00007fbeba917c16 in g_thread_create_proxy (data=0x79fb90)
    at gthread.c:1897
#6  0x00007fbeba3fa914 in start_thread (arg=<value optimized out>)
    at pthread_create.c:297
#7  0x00007fbeba16b7dd in clone ()
    at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

Thread 2 (Thread 0x7fbeb64a5700 (LWP 19844)):
#0  0x00007fbeba162af3 in __poll (fds=<value optimized out>, 
    nfds=<value optimized out>, timeout=-1)
---Type <return> to continue, or q <return> to quit---
    at ../sysdeps/unix/sysv/linux/poll.c:87
#1  0x00007fbeba8f2399 in g_main_context_poll (context=0x7ea7e0, 
    block=<value optimized out>, dispatch=<value optimized out>, 
    self=<value optimized out>) at gmain.c:3404
#2  g_main_context_iterate (context=0x7ea7e0, block=<value optimized out>, 
    dispatch=<value optimized out>, self=<value optimized out>) at gmain.c:3086
#3  0x00007fbeba8f2b45 in g_main_loop_run (loop=0x7ec610) at gmain.c:3299
#4  0x00007fbebb4f8ec4 in gdbus_shared_thread_func (data=<value optimized out>)
    at gdbusprivate.c:276
#5  0x00007fbeba917c16 in g_thread_create_proxy (data=0x7ea8c0)
    at gthread.c:1897
#6  0x00007fbeba3fa914 in start_thread (arg=<value optimized out>)
    at pthread_create.c:297
#7  0x00007fbeba16b7dd in clone ()
    at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

Thread 1 (Thread 0x7fbebc9b0700 (LWP 19840)):
#0  __libc_free (mem=0x7f006d6f7266) at malloc.c:3710
#1  0x000000000043195c in attribute_free (a=0xdaca90) at wocky-node.c:103
#2  0x0000000000431e98 in wocky_node_free (node=0xdfaa40) at wocky-node.c:139
#3  0x0000000000434bd1 in wocky_node_tree_finalize (object=0xf4f0f0)
    at wocky-node-tree.c:137
#4  0x00007fbebafda614 in g_object_unref (_object=<value optimized out>)
---Type <return> to continue, or q <return> to quit---
    at gobject.c:2734
#5  0x0000000000451c37 in stanza_received_cb (source=<value optimized out>, 
    res=<value optimized out>, user_data=<value optimized out>)
    at wocky-porter.c:1257
#6  0x00000000004548a8 in _xmpp_connection_received_data (source=0x7e0f80, 
    result=0x1, user_data=<value optimized out>) at wocky-xmpp-connection.c:561
#7  0x00007fbebb4977a9 in async_ready_callback_wrapper (
    source_object=0x7e0f80, res=0xe83a40, user_data=0xaaaaa0)
    at ginputstream.c:470
#8  0x00000000004b9026 in wocky_tls_job_result_gssize (
    job=<value optimized out>, result=231) at wocky-tls.c:359
#9  0x00007fbebb4977a9 in async_ready_callback_wrapper (
    source_object=0x795b40, res=0xfb85e0, user_data=0x77a1a0)
    at ginputstream.c:470
#10 0x00007fbebb4b068e in g_socket_input_stream_read_ready (
    socket=<value optimized out>, condition=<value optimized out>, 
    stream=0x795b40) at gsocketinputstream.c:155
#11 0x00007fbeba8edfa1 in g_main_dispatch (context=0x766d70) at gmain.c:2440
#12 g_main_context_dispatch (context=0x766d70) at gmain.c:3013
#13 0x00007fbeba8f2638 in g_main_context_iterate (context=0x766d70, 
    block=<value optimized out>, dispatch=<value optimized out>, 
    self=<value optimized out>) at gmain.c:3091
#14 0x00007fbeba8f2b45 in g_main_loop_run (loop=0x773530) at gmain.c:3299
---Type <return> to continue, or q <return> to quit---
#15 0x00007fbebc53bf8f in tp_run_connection_manager (
    prog_name=<value optimized out>, version=<value optimized out>, 
    construct_cm=<value optimized out>, argc=<value optimized out>, 
    argv=<value optimized out>) at run.c:285
#16 0x000000000043075e in gabble_main (argc=1, argv=0x7ffff8854448)
    at gabble.c:149
#17 0x00007fbeba0b8bbd in __libc_start_main (main=<value optimized out>, 
    argc=<value optimized out>, ubp_av=<value optimized out>, 
    init=<value optimized out>, fini=<value optimized out>, 
    rtld_fini=<value optimized out>, stack_end=0x7ffff8854438)
    at libc-start.c:226
#18 0x00000000004305b9 in _start ()
(gdb) 
(gdb)
Comment 1 Olivier Crête 2011-03-23 21:28:30 UTC 
It's probalby memory corruption.. I blame libnice.. Nirbheek got this:

#0  magazine_chain_pop_head (mem_size=16) at gslice.c:492
#1  thread_memory_magazine1_alloc (mem_size=16) at gslice.c:795
#2  g_slice_alloc (mem_size=16) at gslice.c:833
#3  0x00007f8918370430 in g_slist_prepend (list=0x0, data=0x15a0780) at gslist.c:297
#4  0x000000000043417b in wocky_node_add_build_va (node=0x15a0780, ap=0x7fff892f9710) at wocky-node.c:1212
#5  0x00000000004532a5 in wocky_stanza_build_va (type=WOCKY_STANZA_TYPE_IQ, sub_type=WOCKY_STANZA_SUB_TYPE_ERROR, from=0x0, to=0x1564140 "thetester@gmail.com/3199799a", ap=0x7fff892f9710)
    at wocky-stanza.c:343
#6  0x0000000000453197 in wocky_stanza_build (type=WOCKY_STANZA_TYPE_IQ, sub_type=WOCKY_STANZA_SUB_TYPE_ERROR, from=0x0, to=0x1564140 "thetester@gmail.com/3199799a") at wocky-stanza.c:313
#7  0x0000000000461f20 in lm_message_new_with_sub_type (to=0x1564140 "thetester@gmail.com/3199799a", type=WOCKY_STANZA_TYPE_IQ, sub_type=WOCKY_STANZA_SUB_TYPE_ERROR) at lm-message.c:36
#8  0x000000000047b313 in _gabble_connection_send_iq_error (conn=0x156c080, message=0x1a99800, error=XMPP_ERROR_JINGLE_UNKNOWN_SESSION, errmsg=0x1a651a0 "session 17207025 is unknown")
    at connection.c:2387
#9  0x000000000048bdb6 in jingle_cb (handler=0x15a0600, lmconn=0x156bdc0, msg=0x1a99800, user_data=0x154d220) at jingle-factory.c:837
#10 0x000000000046126e in stanza_cb (self=0x154d5e0, stanza=0x1a99800, user_data=0x15a0600) at lm-connection.c:32
#11 0x000000000045b661 in handle_stanza (self=0x154d5e0, stanza=0x1a99800) at wocky-porter.c:1061
#12 0x000000000045bc63 in stanza_received_cb (source=0x1873e30, res=0x1af1aa0, user_data=0x154d5e0) at wocky-porter.c:1256
#13 0x000000000045499a in _xmpp_connection_received_data (source=0x153f900, result=0x1a9cf60, user_data=0x1873e30) at wocky-xmpp-connection.c:561
#14 0x00007f8918f1203a in async_ready_callback_wrapper (source_object=<value optimized out>, res=0x1a9cf60, user_data=0x1873e30) at ginputstream.c:470
#15 0x00000000004dd4e1 in wocky_tls_job_result_gssize (job=0x1558230, result=235) at wocky-tls.c:359
#16 0x00000000004dd7ce in wocky_tls_session_try_operation (session=0x15581a0, operation=WOCKY_TLS_OP_READ) at wocky-tls.c:429
#17 0x00000000004df107 in wocky_tls_session_read_ready (object=0x1537150, result=0x1acd700, user_data=0x15581a0) at wocky-tls.c:1110
#18 0x00007f8918f1203a in async_ready_callback_wrapper (source_object=<value optimized out>, res=0x1acd700, user_data=0x15581a0) at ginputstream.c:470
#19 0x00007f8918f2971b in g_socket_input_stream_read_ready (socket=<value optimized out>, condition=<value optimized out>, stream=0x1537150) at gsocketinputstream.c:155
#20 0x00007f89183516bb in g_main_dispatch (context=0x1544de0) at gmain.c:2440
#21 g_main_context_dispatch (context=0x1544de0) at gmain.c:3013
#22 0x00007f8918351ec0 in g_main_context_iterate (context=0x1544de0, block=1, dispatch=1, self=<value optimized out>) at gmain.c:3091
#23 0x00007f8918352532 in g_main_loop_run (loop=0x15515b0) at gmain.c:3299
#24 0x00007f89195531d3 in tp_run_connection_manager (prog_name=<value optimized out>, version=<value optimized out>, construct_cm=<value optimized out>, argc=<value optimized out>, 
    argv=<value optimized out>) at run.c:285
#25 0x00000000004311c5 in gabble_main (argc=1, argv=0x7fff892f9f08) at gabble.c:149
#26 0x0000000000430ec9 in main (argc=1, argv=0x7fff892f9f08) at main.c:28
(gdb) bt full
#0  magazine_chain_pop_head (mem_size=16) at gslice.c:492
        chunk = 0x6f74
#1  thread_memory_magazine1_alloc (mem_size=16) at gslice.c:795
        mag = 0x1533750
#2  g_slice_alloc (mem_size=16) at gslice.c:833
        tmem = 0x6f74
        ix = <value optimized out>
        chunk_size = <value optimized out>
        mem = <value optimized out>
#3  0x00007f8918370430 in g_slist_prepend (list=0x0, data=0x15a0780) at gslist.c:297
        new_list = 0x1bf8950
#4  0x000000000043417b in wocky_node_add_build_va (node=0x15a0780, ap=0x7fff892f9710) at wocky-node.c:1212
        stack = 0x0
        arg = 32767
        __PRETTY_FUNCTION__ = "wocky_node_add_build_va"
#5  0x00000000004532a5 in wocky_stanza_build_va (type=WOCKY_STANZA_TYPE_IQ, sub_type=WOCKY_STANZA_SUB_TYPE_ERROR, from=0x0, to=0x1564140 "thetester@gmail.com/3199799a", ap=0x7fff892f9710)
    at wocky-stanza.c:343
        stanza = 0x1bbc450
        __PRETTY_FUNCTION__ = "wocky_stanza_build_va"
#6  0x0000000000453197 in wocky_stanza_build (type=WOCKY_STANZA_TYPE_IQ, sub_type=WOCKY_STANZA_SUB_TYPE_ERROR, from=0x0, to=0x1564140 "thetester@gmail.com/3199799a") at wocky-stanza.c:313
        stanza = 0x1873e30
        ap = {{gp_offset = 32, fp_offset = 48, overflow_arg_area = 0x7fff892f9800, reg_save_area = 0x7fff892f9730}}
#7  0x0000000000461f20 in lm_message_new_with_sub_type (to=0x1564140 "thetester@gmail.com/3199799a", type=WOCKY_STANZA_TYPE_IQ, sub_type=WOCKY_STANZA_SUB_TYPE_ERROR) at lm-message.c:36
No locals.
#8  0x000000000047b313 in _gabble_connection_send_iq_error (conn=0x156c080, message=0x1a99800, error=XMPP_ERROR_JINGLE_UNKNOWN_SESSION, errmsg=0x1a651a0 "session 17207025 is unknown")
    at connection.c:2387
        to = 0x1564140 "thetester@gmail.com/3199799a"
        id = 0x1918510 "688737692536"
        msg = 0x15692d0
        iq_node = 0x15a7490
        __PRETTY_FUNCTION__ = "_gabble_connection_send_iq_error"
#9  0x000000000048bdb6 in jingle_cb (handler=0x15a0600, lmconn=0x156bdc0, msg=0x1a99800, user_data=0x154d220) at jingle-factory.c:837
        self = 0x154d220
        priv = 0x154d240
        error = 0x18819b0
        sid = 0x1b90be0 "17207025"
        from = 0x1564140 "thetester@gmail.com/3199799a"
        sess = 0x0
        new_session = 0
        action = JINGLE_ACTION_SESSION_TERMINATE
        dialect = JINGLE_DIALECT_GTALK3
        __PRETTY_FUNCTION__ = "jingle_cb"
#10 0x000000000046126e in stanza_cb (self=0x154d5e0, stanza=0x1a99800, user_data=0x15a0600) at lm-connection.c:32
---Type <return> to continue, or q <return> to quit---
        handler = 0x15a0600
        result = 32767
#11 0x000000000045b661 in handle_stanza (self=0x154d5e0, stanza=0x1a99800) at wocky-porter.c:1061
        handler = 0x15bc640
        priv = 0x154d600
        l = 0x1590a20
        from = 0x1564140 "thetester@gmail.com/3199799a"
        type = WOCKY_STANZA_TYPE_IQ
        sub_type = WOCKY_STANZA_SUB_TYPE_SET
        node = 0x1ae2760 "thetester"
        domain = 0x1a2c380 "gmail.com"
        resource = 0x19fb320 "3199799a"
        __PRETTY_FUNCTION__ = "handle_stanza"
#12 0x000000000045bc63 in stanza_received_cb (source=0x1873e30, res=0x1af1aa0, user_data=0x154d5e0) at wocky-porter.c:1256
        self = 0x154d5e0
        priv = 0x154d600
        stanza = 0x1a99800
        error = 0x0
        __PRETTY_FUNCTION__ = "stanza_received_cb"
#13 0x000000000045499a in _xmpp_connection_received_data (source=0x153f900, result=0x1a9cf60, user_data=0x1873e30) at wocky-xmpp-connection.c:561
        r = 0x1af1aa0
        self = 0x1873e30
        priv = 0x1873e50
        size = 235
        error = 0x0
#14 0x00007f8918f1203a in async_ready_callback_wrapper (source_object=<value optimized out>, res=0x1a9cf60, user_data=0x1873e30) at ginputstream.c:470
        stream = 0x153f900
#15 0x00000000004dd4e1 in wocky_tls_job_result_gssize (job=0x1558230, result=235) at wocky-tls.c:359
        simple = 0x1a9cf60
#16 0x00000000004dd7ce in wocky_tls_session_try_operation (session=0x15581a0, operation=WOCKY_TLS_OP_READ) at wocky-tls.c:429
        result = 235
        __PRETTY_FUNCTION__ = "wocky_tls_session_try_operation"
#17 0x00000000004df107 in wocky_tls_session_read_ready (object=0x1537150, result=0x1acd700, user_data=0x15581a0) at wocky-tls.c:1110
        session = 0x15581a0
        __PRETTY_FUNCTION__ = "wocky_tls_session_read_ready"
#18 0x00007f8918f1203a in async_ready_callback_wrapper (source_object=<value optimized out>, res=0x1acd700, user_data=0x15581a0) at ginputstream.c:470
        stream = 0x1537150
#19 0x00007f8918f2971b in g_socket_input_stream_read_ready (socket=<value optimized out>, condition=<value optimized out>, stream=0x1537150) at gsocketinputstream.c:155
        simple = 0x1acd700
        error = 0x0
        result = 256
#20 0x00007f89183516bb in g_main_dispatch (context=0x1544de0) at gmain.c:2440
        dispatch = 0x7f8918f224d0 <socket_source_dispatch>
---Type <return> to continue, or q <return> to quit---
        was_in_call = 0
        user_data = 0x1537150
        callback = 0x7f8918f29670 <g_socket_input_stream_read_ready>
        cb_funcs = 0x7f89186265f0
        cb_data = 0x1a34710
        current_source_link = {data = 0x1c0d2b0, next = 0x0}
        need_destroy = <value optimized out>
        source = 0x1c0d2b0
        current = 0x155bdc0
        i = <value optimized out>
#21 g_main_context_dispatch (context=0x1544de0) at gmain.c:3013
No locals.
#22 0x00007f8918351ec0 in g_main_context_iterate (context=0x1544de0, block=1, dispatch=1, self=<value optimized out>) at gmain.c:3091
        max_priority = 2147483647
        timeout = 30540
        some_ready = 1
        nfds = 5
        allocated_nfds = <value optimized out>
        fds = <value optimized out>
#23 0x00007f8918352532 in g_main_loop_run (loop=0x15515b0) at gmain.c:3299
        __PRETTY_FUNCTION__ = "g_main_loop_run"
#24 0x00007f89195531d3 in tp_run_connection_manager (prog_name=<value optimized out>, version=<value optimized out>, construct_cm=<value optimized out>, argc=<value optimized out>, 
    argv=<value optimized out>) at run.c:285
        connection = 0x1541f70
        bus_daemon = 0x15478f0
        error = 0x0
        ret = 1
        __PRETTY_FUNCTION__ = "tp_run_connection_manager"
#25 0x00000000004311c5 in gabble_main (argc=1, argv=0x7fff892f9f08) at gabble.c:149
        loader = 0x153eb20
        out = 32767
#26 0x0000000000430ec9 in main (argc=1, argv=0x7fff892f9f08) at main.c:28
No locals.
Comment 2 GitLab Migration User 2019-12-03 19:51:15 UTC 
-- GitLab Migration Automatic Message --

This bug has been migrated to freedesktop.org's GitLab instance and has been closed from further activity.

You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.freedesktop.org/telepathy/telepathy-gabble/issues/138.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.