GNOME Bugzilla – Bug 622409
crash with standard theme
Last modified: 2015-04-16 23:01:25 UTC
Original bug: http://bugs.gentoo.org/show_bug.cgi?id=325051 notification-daemon crashes when show notifications from rhythmbox or banshee. Other applications (mail-notification, notify-send) seem to be capable to display notifications unless notification-daemon freeze happens. If slider theme is used then the bug disappears. *** glibc detected *** /usr/local/libexec/notification-daemon: corrupted double-linked list: 0x080e6dd8 *** ======= Backtrace: ========= /lib/libc.so.6(+0x6c064)[0xb6a65064] /lib/libc.so.6(+0x6c5c2)[0xb6a655c2] /lib/libc.so.6(+0x6e5f6)[0xb6a675f6] /lib/libc.so.6(__libc_malloc+0x5e)[0xb6a6999e] //usr/lib/opengl/nvidia/lib/libGL.so.1(+0x32e80)[0xb6fdae80] ======= Memory map: ======== 08048000-08051000 r-xp 00000000 08:02 525597 /usr/local/libexec/notification-daemon 08051000-08052000 r--p 00008000 08:02 525597 /usr/local/libexec/notification-daemon 08052000-08053000 rw-p 00009000 08:02 525597 /usr/local/libexec/notification-daemon 08053000-0819b000 rw-p 00000000 00:00 0 [heap] b3d00000-b3d21000 rw-p 00000000 00:00 0 b3d21000-b3e00000 ---p 00000000 00:00 0 b3ebe000-b3ef1000 r--p 00000000 08:02 393051 /usr/share/fonts/corefonts/ariali.ttf b3ef1000-b3f51000 rw-s 00000000 00:04 241434816 /SYSV00000000 (deleted) b3f51000-b3f52000 r-xp 00000000 08:02 327852 /usr/lib/gconv/ISO8859-1.so b3f52000-b3f53000 r--p 00001000 08:02 327852 /usr/lib/gconv/ISO8859-1.so b3f53000-b3f54000 rw-p 00002000 08:02 327852 /usr/lib/gconv/ISO8859-1.so b3f54000-b3f5b000 r--s 00000000 08:02 327910 /usr/lib/gconv/gconv-modules.cache b3f5b000-b3f9f000 r--p 00000000 08:02 393060 /usr/share/fonts/corefonts/arial.ttf b3f9f000-b3fe5000 r--p 00000000 08:02 393067 /usr/share/fonts/corefonts/arialbd.ttf b3fe5000-b3fe7000 r-xp 00000000 08:02 1455442 /usr/lib/pango/1.6.0/modules/pango-basic-fc.so b3fe7000-b3fe8000 r--p 00001000 08:02 1455442 /usr/lib/pango/1.6.0/modules/pango-basic-fc.so b3fe8000-b3fe9000 rw-p 00002000 08:02 1455442 /usr/lib/pango/1.6.0/modules/pango-basic-fc.so b3fe9000-b411b000 r-xp 00000000 08:02 3597644 /usr/lib/libxml2.so.2.7.3 b411b000-b411c000 ---p 00132000 08:02 3597644 /usr/lib/libxml2.so.2.7.3 b411c000-b4120000 r--p 00132000 08:02 3597644 /usr/lib/libxml2.so.2.7.3 b4120000-b4121000 rw-p 00136000 08:02 3597644 /usr/lib/libxml2.so.2.7.3 b4121000-b4122000 rw-p 00000000 00:00 0 b4122000-b4156000 r-xp 00000000 08:02 3600771 /usr/lib/libcroco-0.6.so.3.0.1 b4156000-b4157000 r--p 00034000 08:02 3600771 /usr/lib/libcroco-0.6.so.3.0.1 b4157000-b4159000 rw-p 00035000 08:02 3600771 /usr/lib/libcroco-0.6.so.3.0.1 b4159000-b4168000 r-xp 00000000 08:02 1609221 /lib/libbz2.so.1.0.5 b4168000-b4169000 r--p 0000e000 08:02 1609221 /lib/libbz2.so.1.0.5 b4169000-b416a000 rw-p 0000f000 08:02 1609221 /lib/libbz2.so.1.0.5 b416a000-b419f000 r-xp 00000000 08:02 2045798 /usr/lib/libgsf-1.so.114.0.15 b419f000-b41a1000 r--p 00034000 08:02 2045798 /usr/lib/libgsf-1.so.114.0.15 b41a1000-b41a2000 rw-p 00036000 08:02 2045798 /usr/lib/libgsf-1.so.114.0.15 b41a2000-b41a3000 rw-p 00000000 00:00 0 b41a3000-b41d4000 r-xp 00000000 08:02 3598234 /usr/lib/librsvg-2.so.2.26.0 b41d4000-b41d5000 r--p 00030000 08:02 3598234 /usr/lib/librsvg-2.so.2.26.0 b41d5000-b41d6000 rw-p 00031000 08:02 3598234 /usr/lib/librsvg-2.so.2.26.0 b41d9000-b41e2000 r--s 00000000 08:05 5439521 /var/cache/fontconfig/87f5e051180a7a75f16eb6fe7dbd3749-le32d4.cache-3 b41e2000-b41e8000 r--s 00000000 08:05 5439532 /var/cache/fontconfig/acc285bc1956c3c4bc7afb41d537a85a-le32d4.cache-3 b41e8000-b41ef000 r--s 00000000 08:05 5439522 /var/cache/fontconfig/12b26b760a24f8b4feb03ad48a333a72-le32d4.cache-3 b41ef000-b4202000 r--s 00000000 08:05 5439518 /var/cache/fontconfig/4b5cf4386f1cde02a336ba961b4ac82d-le32d4.cache-3 b4202000-b4207000 r--s 00000000 08:05 5439517 /var/cache/fontconfig/d62e99ef547d1d24cdb1bd22ec1a2976-le32d4.cache-3 b4207000-b420a000 r--s 00000000 08:05 5439516 /var/cache/fontconfig/f6b893a7224233d96cb72fd88691c0b4-le32d4.cache-3 b420a000-b420b000 r-xp 00000000 08:02 858742 /usr/lib/gtk-2.0/2.10.0/loaders/svg_loader.so b420b000-b420c000 r--p 00001000 08:02 858742 /usr/lib/gtk-2.0/2.10.0/loaders/svg_loader.so b420c000-b420d000 rw-p 00002000 08:02 858742 /usr/lib/gtk-2.0/2.10.0/loaders/svg_loader.so b420d000-b4228000 r--s 00000000 08:02 429394 /usr/share/mime/mime.cache b4228000-b423d000 r-xp 00000000 08:02 3602885 /usr/lib/libgvfscommon.so.0.0.0 b423d000-b423e000 r--p 00014000 08:02 3602885 /usr/lib/libgvfscommon.so.0.0.0 b423e000-b423f000 rw-p 00015000 08:02 3602885 /usr/lib/libgvfscommon.so.0.0.0 b423f000-b4241000 r--s 00000000 08:05 5439530 /var/cache/fontconfig/76fa4b957c916922374347f144bde9da-le32d4.cache-3 b4241000-b4246000 r--s 00000000 08:05 5439514 /var/cache/fontconfig/f349e9996a5320f6dd491cedd2b1f964-le32d4.cache-3 b4246000-b424c000 r--s 00000000 08:05 5439535 /var/cache/fontconfig/4c599c202bc5c08e2d34565a40eac3b2-le32d4.cache-3 b424c000-b4271000 r-xp 00000000 08:02 1439182 /usr/lib/gio/modules/libgvfsdbus.so b4271000-b4272000 r--p 00024000 08:02 1439182 /usr/lib/gio/modules/libgvfsdbus.so b4272000-b4273000 rw-p 00025000 08:02 1439182 /usr/lib/gio/modules/libgvfsdbus.so b4273000-b48a1000 r--p 00000000 08:02 3605117 /usr/share/icons/hicolor/icon-theme.cache b48a1000-b4ee0000 r--p 00000000 08:02 465225 /usr/share/icons/gnome/icon-theme.cache b4ee0000-b4eec000 r-xp 00000000 08:02 185393 /usr/lib/gcc/i686-pc-linux-gnu/4.3.4/libgcc_s.so.1 b4eec000-b4eed000 r--p 0000b000 08:02 185393 /usr/lib/gcc/i686-pc-linux-gnu/4.3.4/libgcc_s.so.1 b4eed000-b4eee000 rw-p 0000c000 08:02 185393 /usr/lib/gcc/i686-pc-linux-gnu/4.3.4/libgcc_s.so.1 b4eee000-b4fd0000 r-xp 00000000 08:02 185391 /usr/lib/gcc/i686-pc-linux-gnu/4.3.4/libstdc++.so.6.0.10 b4fd0000-b4fd4000 r--p 000e1000 08:02 185391 /usr/lib/gcc/i686-pc-linux-gnu/4.3.4/libstdc++.so.6.0.10 b4fd4000-b4fd5000 rw-p 000e5000 08:02 185391 /usr/lib/gcc/i686-pc-linux-gnu/4.3.4/libstdc++.so.6.0.10 b4fd5000-b4fdb000 rw-p 00000000 00:00 0 b4fdb000-b4fee000 r-xp 00000000 08:02 3604566 /usr/lib/libelf-0.140.so b4fee000-b4fef000 r--p 00012000 08:02 3604566 /usr/lib/libelf-0.140.so b4fef000-b4ff0000 rw-p 00013000 08:02 3604566 /usr/lib/libelf-0.140.so b4ff1000-b4ff2000 r--s 00000000 08:05 5439529 /var/cache/fontconfig/4097204e61cf39c09f2e765b3486aa7f-le32d4.cache-3 b4ff2000-b4ffe000 r-xp 00000000 08:02 1609898 /lib/libudev.so.0.8.0 b4ffe000-b4fff000 r--p 0000b000 08:02 1609898 /lib/libudev.so.0.8.0 b4fff000-b5000000 rw-p 0000c000 08:02 1609898 /lib/libudev.so.0.8.0 b5000000-b5002000 r-xp 00000000 08:02 1610982 /lib/libutil-2.11.so b5002000-b5003000 r--p 00001000 08:02 1610982 /lib/libutil-2.11.so b5003000-b5004000 rw-p 00002000 08:02 1610982 /lib/libutil-2.11.so b5004000-b5016000 r-xp 00000000 08:02 1439290 /usr/lib/gio/modules/libgioremote-volume-monitor.so b5016000-b5017000 r--p 00011000 08:02 1439290 /usr/lib/gio/modules/libgioremote-volume-monitor.so
This bug could be related with #605505
I mean bug #605505
If you can actually reproduce the problem, could you please run notification-daemon under valgrind, with debug enabled so that we can get a good backtrace for the crash? valgrind /usr/local/libexec/notification-daemon should do, as long as you have the required debug information installed/setup.
valgrind /usr/libexec/notification-daemon ==5928== Memcheck, a memory error detector ==5928== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al. ==5928== Using Valgrind-3.5.0 and LibVEX; rerun with -h for copyright info ==5928== Command: /usr/libexec/notification-daemon ==5928== ** (notification-daemon:5928): DEBUG: Creating 1 stacks for screen 0 ==5928== Invalid write of size 4 ==5928== at 0x6CDD635: paint_window (theme.c:337) ==5928== by 0x435CBB5: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x4B2E221: g_closure_invoke (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B448F6: ??? (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B45E9C: g_signal_emit_valist (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B464C5: g_signal_emit (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x448B805: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42C9B27: gtk_container_propagate_expose (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42C9B50: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x4290D4C: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42CA6FB: gtk_container_forall (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42CBE9C: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== Address 0x7d6df98 is 0 bytes after a block of size 48 alloc'd ==5928== at 0x40254B5: calloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==5928== by 0x4BD61BC: g_malloc0 (in /usr/lib/libglib-2.0.so.0.2400.1) ==5928== by 0x6CDD4CC: paint_window (theme.c:302) ==5928== by 0x435CBB5: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x4B2E221: g_closure_invoke (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B448F6: ??? (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B45E9C: g_signal_emit_valist (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B464C5: g_signal_emit (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x448B805: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42C9B27: gtk_container_propagate_expose (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42C9B50: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x4290D4C: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== ==5928== Invalid write of size 4 ==5928== at 0x6CDD648: paint_window (theme.c:337) ==5928== by 0x435CBB5: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x4B2E221: g_closure_invoke (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B448F6: ??? (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B45E9C: g_signal_emit_valist (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B464C5: g_signal_emit (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x448B805: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42C9B27: gtk_container_propagate_expose (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42C9B50: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x4290D4C: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42CA6FB: gtk_container_forall (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42CBE9C: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== Address 0x7d6df9c is 4 bytes after a block of size 48 alloc'd ==5928== at 0x40254B5: calloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==5928== by 0x4BD61BC: g_malloc0 (in /usr/lib/libglib-2.0.so.0.2400.1) ==5928== by 0x6CDD4CC: paint_window (theme.c:302) ==5928== by 0x435CBB5: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x4B2E221: g_closure_invoke (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B448F6: ??? (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B45E9C: g_signal_emit_valist (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B464C5: g_signal_emit (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x448B805: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42C9B27: gtk_container_propagate_expose (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42C9B50: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x4290D4C: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== ==5928== Invalid write of size 4 ==5928== at 0x6CDD651: paint_window (theme.c:337) ==5928== by 0x435CBB5: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x4B2E221: g_closure_invoke (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B448F6: ??? (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B45E9C: g_signal_emit_valist (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B464C5: g_signal_emit (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x448B805: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42C9B27: gtk_container_propagate_expose (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42C9B50: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x4290D4C: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42CA6FB: gtk_container_forall (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42CBE9C: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== Address 0x7d6dff8 is 0 bytes after a block of size 48 alloc'd ==5928== at 0x40254B5: calloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==5928== by 0x4BD61BC: g_malloc0 (in /usr/lib/libglib-2.0.so.0.2400.1) ==5928== by 0x6CDD4E2: paint_window (theme.c:304) ==5928== by 0x435CBB5: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x4B2E221: g_closure_invoke (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B448F6: ??? (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B45E9C: g_signal_emit_valist (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B464C5: g_signal_emit (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x448B805: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42C9B27: gtk_container_propagate_expose (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42C9B50: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x4290D4C: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== ==5928== Invalid write of size 4 ==5928== at 0x6CDD657: paint_window (theme.c:337) ==5928== by 0x435CBB5: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x4B2E221: g_closure_invoke (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B448F6: ??? (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B45E9C: g_signal_emit_valist (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B464C5: g_signal_emit (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x448B805: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42C9B27: gtk_container_propagate_expose (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42C9B50: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x4290D4C: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42CA6FB: gtk_container_forall (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42CBE9C: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== Address 0x7d6dffc is 4 bytes after a block of size 48 alloc'd ==5928== at 0x40254B5: calloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==5928== by 0x4BD61BC: g_malloc0 (in /usr/lib/libglib-2.0.so.0.2400.1) ==5928== by 0x6CDD4E2: paint_window (theme.c:304) ==5928== by 0x435CBB5: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x4B2E221: g_closure_invoke (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B448F6: ??? (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B45E9C: g_signal_emit_valist (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x4B464C5: g_signal_emit (in /usr/lib/libgobject-2.0.so.0.2400.1) ==5928== by 0x448B805: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42C9B27: gtk_container_propagate_expose (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x42C9B50: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== by 0x4290D4C: ??? (in /usr/lib/libgtk-x11-2.0.so.0.2000.1) ==5928== ** (notification-daemon:5928): DEBUG: Exiting due to inactivity ==5928== ==5928== HEAP SUMMARY: ==5928== in use at exit: 1,019,652 bytes in 11,634 blocks ==5928== total heap usage: 42,716 allocs, 31,082 frees, 6,251,207 bytes allocated ==5928== ==5928== LEAK SUMMARY: ==5928== definitely lost: 4,260 bytes in 14 blocks ==5928== indirectly lost: 14,740 bytes in 733 blocks ==5928== possibly lost: 679,538 bytes in 6,326 blocks ==5928== still reachable: 321,114 bytes in 4,561 blocks ==5928== suppressed: 0 bytes in 0 blocks ==5928== Rerun with --leak-check=full to see details of leaked memory ==5928== ==5928== For counts of detected and suppressed errors, rerun with: -v ==5928== ERROR SUMMARY: 8 errors from 4 contexts (suppressed: 83 from 39)
Thanks for taking the time to report this bug. However, you are using a version that is too old and not supported anymore. GNOME developers are no longer working on that version, so unfortunately there will not be any bug fixes for the version that you use. By upgrading to a newer version of GNOME you could receive bug fixes and new functionality. You may need to upgrade your Linux distribution to obtain a newer version of GNOME. Please feel free to reopen this bug if the problem still occurs with a newer version of GNOME. Recent versions don't include the old standard theme.