After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 315008 - Invalid read / crash in nautilus
Invalid read / crash in nautilus
Status: RESOLVED DUPLICATE of bug 314803
Product: totem
Classification: Core
Component: general
0.99.20
Other Linux
: Normal critical
: ---
Assigned To: General Totem maintainer(s)
General Totem maintainer(s)
Depends on:
Blocks:
 
 
Reported: 2005-09-01 08:10 UTC by Kjartan Maraas
Modified: 2005-09-13 19:31 UTC
See Also:
GNOME target: ---
GNOME version: 2.11/2.12


Attachments
blind shot of a patch (632 bytes, patch)
2005-09-01 08:13 UTC, Kjartan Maraas
none Details | Review

Description Kjartan Maraas 2005-09-01 08:10:38 UTC
Valgrind reported this when right clicking on an mpeg file and mucking around in
the different tabs there:

==4029== Invalid read of size 4
==4029==    at 0x1D999D4C: gst_element_get_factory (gstelement.c:3093)
==4029==    by 0x1D819228: bacon_video_widget_signal_idler
(bacon-video-widget-gst.c:839)
==4029==    by 0x1C88D8B7: g_idle_dispatch (gmain.c:3813)
==4029==    by 0x1C88B715: g_main_context_dispatch (gmain.c:1934)
==4029==    by 0x1C88E4E5: g_main_context_iterate (gmain.c:2565)
==4029==    by 0x1C88E9E6: g_main_loop_run (gmain.c:2769)
==4029==    by 0x1BEAEB38: gtk_main (gtkmain.c:976)
==4029==    by 0x8071F09: main (nautilus-main.c:435)
==4029==  Address 0x1E41F028 is 0 bytes inside a block of size 12 free'd
==4029==    at 0x1B90237F: free (vg_replace_malloc.c:235)
==4029==    by 0x1C891CED: g_free (gmem.c:187)
==4029==    by 0x1C2B2B79: gnome_vfs_uri_get_parent (gnome-vfs-uri.c:1333)
==4029==    by 0x1B9468A0: nautilus_file_get_internal (nautilus-file.c:375)
==4029==    by 0x1B9390E9: nautilus_directory_get_existing_corresponding_file
(nautilus-directory.c:461)
==4029==    by 0x1B939114: nautilus_directory_get_corresponding_file
(nautilus-directory.c:439)
==4029==    by 0x1B946EF4: nautilus_file_get_parent (nautilus-file.c:616)
==4029==    by 0x80AFB6A: fm_list_model_get_value (fm-list-model.c:315)
==4029==    by 0x1BF4F404: gtk_tree_model_get_value (gtktreemodel.c:1077)
==4029==    by 0x1BF75F7A: gtk_tree_view_column_cell_set_cell_data
(gtktreeviewcolumn.c:2548)
==4029==    by 0x1BF66EB3: gtk_tree_view_expose (gtktreeview.c:3617)
==4029==    by 0x1BEB0BAE: _gtk_marshal_BOOLEAN__BOXED (gtkmarshalers.c:83)
==4029==    by 0x1C81E34C: g_type_class_meta_marshal (gclosure.c:569)
==4029==    by 0x1C81E935: g_closure_invoke (gclosure.c:492)
==4029==    by 0x1C82CCEA: signal_emit_unlocked_R (gsignal.c:2523)
==4029==    by 0x1C82DBDF: g_signal_emit_valist (gsignal.c:2254)
==4029==    by 0x1C82E1B6: g_signal_emit (gsignal.c:2288)
==4029==    by 0x1BF8282D: gtk_widget_event_internal (gtkwidget.c:3735)
==4029==    by 0x1BEAF98B: gtk_main_do_event (gtkmain.c:1355)
==4029==    by 0x1C076DF5: gdk_window_process_updates_internal (gdkwindow.c:2215)
==4029==    by 0x1C076ED9: gdk_window_process_all_updates (gdkwindow.c:2268)
==4029==    by 0x1BE32FFA: gtk_container_idle_sizer (gtkcontainer.c:1117)
==4029==    by 0x1C88D8B7: g_idle_dispatch (gmain.c:3813)
==4029==    by 0x1C88B715: g_main_context_dispatch (gmain.c:1934)
==4029==    by 0x1C88E4E5: g_main_context_iterate (gmain.c:2565)
==4029==    by 0x1C88E9E6: g_main_loop_run (gmain.c:2769)
==4029==    by 0x1BEAEB38: gtk_main (gtkmain.c:976)
==4029==    by 0x8071F09: main (nautilus-main.c:435)
Comment 1 Kjartan Maraas 2005-09-01 08:13:35 UTC
Created attachment 51645 [details] [review]
blind shot of a patch

This *seems* to have cured the problem for me, but this is just a shot in the
dark...
Comment 2 Kjartan Maraas 2005-09-01 09:15:59 UTC
If you want to try to reproduce you can get the file in question here:
http://www.gnome.org/~kmaraas/poolshot.mpg
Comment 3 Alexander Larsson 2005-09-01 12:07:24 UTC
+			new_uri->text = NULL;
 			new_uri->text = new_uri_text;

How can this ever affect anything at all?

Furthermore, this seems like a bug in the video thumbnailer, not gnome-vfs. It
seems like its keeping around a reference to the string of a GnomeVFSUri it
doesn't own.
Comment 4 Kjartan Maraas 2005-09-01 12:28:18 UTC
It can't of course :-)

I'll look into it some more when I have time.
Comment 5 Bastien Nocera 2005-09-13 19:31:19 UTC
Looks the same problem as this later one.

*** This bug has been marked as a duplicate of 314803 ***