Bug 155432 – segv when presenting save as dialog [ia64]

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 155432 - segv when presenting save as dialog [ia64]


Summary:	segv when presenting save as dialog [ia64]


Status:	VERIFIED DUPLICATE of bug 138986

Product:	galeon
Classification:	Deprecated
Component:	general
Version:	1.3.17
Hardware:	Other Linux

Importance:	Normal critical
Target Milestone:	---
Assigned To:	galeon-maint
QA Contact:	galeon-maint

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2004-10-14 22:41 UTC by dann frazier
Modified:	2004-12-22 21:47 UTC

See Also:
GNOME target:	---
GNOME version:	---

Description dann frazier 2004-10-14 22:41:09 UTC

Reproducing:
Start galeon
Enter the url of a file not natively handled by galeon
 (http://dannf.org/to-backports.org/dpatch/dpatch_2.0.8_all.deb, for example)
Click "Save As" button
<SIGSEGV>

(gdb) run
Starting program: /usr/bin/galeon
[Thread debugging using libthread_db enabled]
[New Thread 16384 (LWP 21810)]
[New Thread 32769 (LWP 21813)]
[New Thread 16386 (LWP 21814)]
[New Thread 32771 (LWP 21815)]
[New Thread 49156 (LWP 21816)]
[New Thread 65541 (LWP 21817)]
[Thread 49156 (LWP 21816) exited]
[New Thread 81924 (LWP 21818)]
[Thread 65541 (LWP 21817) exited]
[Thread 81924 (LWP 21818) exited]

[New Thread 98308 (LWP 21819)]
[New Thread 114693 (LWP 21820)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 21810)]
ORBit_free_T (mem=0x300000002) at allocators.c:167
167             how = *(((ORBitMemHow *) mem) - 1);

Comment 1 Tommi Komulainen 2004-10-15 08:42:02 UTC

Which ORBit2 version do you have?  Bug 138986 looks similar and it appears to be
fixed in 2.10.2

Otherwise unfortunately, that stack trace is not very useful in determining the
cause of the crash. Please make sure that the package was compiled with
debugging symbols and see http://bugzilla.gnome.org/getting-traces.cgi for more
information about useful stack traces.

Comment 2 dann frazier 2004-10-15 17:26:50 UTC

$ dpkg -l | grep liborbit
ii  liborbit-dev   0.5.17-9       Dev libraries for ORBit - a CORBA ORB
ii  liborbit0      0.5.17-9       Libraries for ORBit - a CORBA ORB
ii  liborbit2      2.10.2-1.1     libraries for ORBit2 - a CORBA ORB
ii  liborbit2-dev  2.10.2-1.1     development files for ORBit2 - a CORBA ORB

I looked at the getting-traces doc; I'd already rebuilt my galeon & liborbit
debs w/ DEB_BUILD_OPTIONS=nostrip,debug (which should leave -g debug symbols in
the binaries) - however, i didn't use thread apply all bt:

$ LD_LIBRARY_PATH=/usr/lib/debug gdb /usr/bin/galeon
GNU gdb 6.1-debian
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "ia64-linux"...Using host libthread_db library
"/usr/lib/debug/libthread_db.so.1".

(gdb) run
Starting program: /usr/bin/galeon
[Thread debugging using libthread_db enabled]
[New Thread 16384 (LWP 842)]
[New Thread 32769 (LWP 845)]
[New Thread 16386 (LWP 846)]
[New Thread 32771 (LWP 847)]
[New Thread 49156 (LWP 848)]
[New Thread 65541 (LWP 849)]
[Thread 49156 (LWP 848) exited]
[New Thread 81924 (LWP 850)]
[New Thread 98310 (LWP 851)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 842)]
ORBit_free_T (mem=0x300000002) at allocators.c:167
167             how = *(((ORBitMemHow *) mem) - 1);
(gdb) thread apply all bt

+ Trace 51068

Thread 8 (Thread 98310 (LWP 851))

#0 *__GI___poll
at ../sysdeps/unix/sysv/linux/poll.c line 86
#1 g_main_context_poll
at gmain.c line 2854
#2 g_main_context_iterate
at gmain.c line 2568
#3 g_main_loop_run
at gmain.c line 2718
#4 link_io_thread_fn
at linc.c line 343
#5 g_thread_create_proxy
at gthread.c line 543
#6 pthread_start_thread
at manager.c line 256
#7 pthread_start_thread_event
at manager.c line 333
#8 __clone2
from /usr/lib/debug/libc.so.6.1
#9 ??

Comment 3 dann frazier 2004-10-27 20:32:38 UTC

What further information can I provide to help debug this problem?

Comment 4 Crispin Flowerday (not receiving bugmail) 2004-10-28 09:23:21 UTC

Hmm, that stacktrace doesn't actually look complete, the trace from the thread
ends at poll() which is where I expect a working thread to end. The actual crash
happened in a completely different thread, so I wonder why the "thread apply all
bt" didn't look at the other threads.

Can you try running under gdb, and when it crashes just type "bt" to see if that
gives us better info about the actual thread that crashed.

Comment 5 dann frazier 2004-10-28 17:34:46 UTC

Sure, here you go:

dannf@krebs:~$ LD_LIBRARY_PATH=/usr/lib/debug gdb /usr/bin/galeon
GNU gdb 6.1-debian
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "ia64-linux"...Using host libthread_db library
"/usr/lib/debug/libthread_db.so.1".

(gdb) run
Starting program: /usr/bin/galeon
[Thread debugging using libthread_db enabled]
[New Thread 16384 (LWP 22203)]
[New Thread 32769 (LWP 22206)]
[New Thread 16386 (LWP 22207)]
[New Thread 32771 (LWP 22209)]
[New Thread 49156 (LWP 22210)]
[Thread 49156 (LWP 22210) exited]
[New Thread 65541 (LWP 22211)]
Detaching after fork from child process 22212.
mplayer(22214): unaligned access to 0x600000000018468c, ip=0x40000000000eb6b0
mplayer(22214): unaligned access to 0x600000000018477c, ip=0x40000000000eaed0
mplayer(22214): unaligned access to 0x600000000018477c, ip=0x40000000000eaf10
mplayer(22214): unaligned access to 0x600000000018479c, ip=0x40000000000eaed0
[New Thread 81924 (LWP 22216)]
[New Thread 98310 (LWP 22217)]
[New Thread 114695 (LWP 22218)]
[New Thread 131080 (LWP 22219)]

Program received signal SIGSEGV, Segmentation fault.

+ Trace 51425

Thread 16384 (LWP 22203)

#0 ORBit_free_T
from /usr/lib/libORBit-2.so.0
#1 ORBit_freekids_via_TypeCode_T
from /usr/lib/libORBit-2.so.0
#2 ORBit_freekids_via_TypeCode_T
from /usr/lib/libORBit-2.so.0
#3 ORBit_free_T
from /usr/lib/libORBit-2.so.0
#4 ORBit_freekids_via_TypeCode_T
from /usr/lib/libORBit-2.so.0
#5 ORBit_free_T
from /usr/lib/libORBit-2.so.0
#6 ORBit_free
from /usr/lib/libORBit-2.so.0
#7 CORBA_free
from /usr/lib/libORBit-2.so.0
#8 gnome_vfs_volume_monitor_client_class_init
from /usr/lib/libgnomevfs-2.so.0
#9 ??

Comment 6 dann frazier 2004-10-28 23:36:50 UTC

i built libgnomevfs w/ debug enabled & got the following backtrace:
dannf@krebs:~$ LD_LIBRARY_PATH=/usr/lib/debug gdb /usr/bin/galeon
GNU gdb 6.1-debian
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "ia64-linux"...(no debugging symbols found)...Using
host libthread_db library "/usr/lib/debug/libthread_db.so.1".

(gdb) run
Starting program: /usr/bin/galeon
(no debugging symbols found)...(no debugging symbols found)...(no debugging
symbols found)...(no debugging symbols found)...(no debugging symbols
found)...(no debugging symbols found)...(no debugging symbols found)...[Thread
debugging using libthread_db enabled]
[New Thread 16384 (LWP 14437)]
[New Thread 32769 (LWP 14440)]
[New Thread 16386 (LWP 14441)]
[New Thread 32771 (LWP 14442)]
[New Thread 49156 (LWP 14443)]
[Thread 49156 (LWP 14443) exited]
[New Thread 65541 (LWP 14444)]
Detaching after fork from child process 14445.
mplayer(14447): unaligned access to 0x600000000018468c, ip=0x40000000000eb6b0
mplayer(14447): unaligned access to 0x600000000018477c, ip=0x40000000000eaed0
mplayer(14447): unaligned access to 0x600000000018477c, ip=0x40000000000eaf10
mplayer(14447): unaligned access to 0x600000000018479c, ip=0x40000000000eaed0
[New Thread 81924 (LWP 14449)]
[New Thread 98310 (LWP 14450)]

Program received signal SIGSEGV, Segmentation fault.

+ Trace 51434

Thread 16384 (LWP 14437)

#0 ORBit_free_T
from /usr/lib/libORBit-2.so.0
#1 ORBit_freekids_via_TypeCode_T
from /usr/lib/libORBit-2.so.0
#2 ORBit_freekids_via_TypeCode_T
from /usr/lib/libORBit-2.so.0
#3 ORBit_free_T
from /usr/lib/libORBit-2.so.0
#4 ORBit_freekids_via_TypeCode_T
from /usr/lib/libORBit-2.so.0
#5 ORBit_free_T
from /usr/lib/libORBit-2.so.0
#6 ORBit_free
from /usr/lib/libORBit-2.so.0
#7 CORBA_free
from /usr/lib/libORBit-2.so.0
#8 read_drives_from_daemon
at gnome-vfs-volume-monitor-client.c line 103
#9 gnome_vfs_volume_monitor_client_init
at gnome-vfs-volume-monitor-client.c line 182
#10 g_type_create_instance
at gtype.c line 1524
#11 g_object_constructor
at gobject.c line 1044
#12 g_object_newv
at gobject.c line 842
#13 g_object_new_valist
at gobject.c line 974
#14 g_object_new
at gobject.c line 815
#15 _gnome_vfs_get_volume_monitor_internal
at gnome-vfs-volume-monitor.c line 218
#16 gnome_vfs_get_volume_monitor
at gnome-vfs-volume-monitor.c line 239
#17 gtk_file_system_gnome_vfs_init
from /usr/lib/gtk-2.0/2.4.0/filesystems/libgnome-vfs.so
#18 g_type_create_instance
at gtype.c line 1524
#19 g_object_constructor
at gobject.c line 1044
#20 g_object_newv
at gobject.c line 842
#21 g_object_new_valist
at gobject.c line 974
#22 g_object_new
at gobject.c line 815
#23 gtk_file_system_gnome_vfs_new
from /usr/lib/gtk-2.0/2.4.0/filesystems/libgnome-vfs.so
#24 fs_module_create
from /usr/lib/gtk-2.0/2.4.0/filesystems/libgnome-vfs.so
#25 _gtk_file_system_module_create
at gtkfilesystem.c line 1101
#26 _gtk_file_system_create
at gtkfilesystem.c line 1140
#27 set_file_system_backend
at gtkfilechooserdefault.c line 3313
#28 g_object_constructor
at gobject.c line 1040
#29 gtk_file_chooser_default_constructor
at gtkfilechooserdefault.c line 3188
#30 g_object_newv
#31 g_object_new_valist
at gobject.c line 1025
#32 g_object_new
at gobject.c line 815
#33 _gtk_file_chooser_default_new
at gtkfilechooserdefault.c line 5386
#34 gtk_file_chooser_widget_constructor
at gtkfilechooserwidget.c line 155
#35 g_object_newv
at gobject.c line 842
#36 g_object_new_valist
at gobject.c line 974
#37 g_object_new
at gobject.c line 815
#38 gtk_file_chooser_dialog_constructor
at gtkfilechooserdialog.c line 369
#39 g_object_newv
at gobject.c line 842
#40 g_object_new_valist
at gobject.c line 1025
#41 g_object_new
at gobject.c line 815
#42 gul_file_chooser_new
#43 GContentHandler::~GContentHandler
#44 ??

Comment 7 Crispin Flowerday (not receiving bugmail) 2004-10-29 20:14:19 UTC

Excellent, thanks for that, I have finally had time to track this down, it
appears to be a bug in liborbit2, which was reported as bug 138986.

It seems that the fix is to upgrade liborbit2 to version 2.10.3, which
unfortunatly isn't packaged for debian :-( http://bugs.debian.org/273956 is the
relevant bug report, on debian.

*** This bug has been marked as a duplicate of 138986 ***

Comment 8 dann frazier 2004-10-29 21:27:44 UTC

Thanks!  I upgraded my deb to 2.10.5 and it does indeed fix this problem.