After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 568422 - gvfsd-trash crashed with SIGSEGV in free()
gvfsd-trash crashed with SIGSEGV in free()
Status: RESOLVED DUPLICATE of bug 569480
Product: gvfs
Classification: Core
Component: trash backend
1.1.x
Other All
: Normal critical
: ---
Assigned To: Allison Karlitskaya (desrt)
gvfs-maint
Depends on:
Blocks:
 
 
Reported: 2009-01-20 13:06 UTC by Chris Coulson
Modified: 2009-02-18 21:43 UTC
See Also:
GNOME target: ---
GNOME version: 2.25/2.26


Description Chris Coulson 2009-01-20 13:06:03 UTC 
Steps to reproduce:
This was reported at https://bugs.edge.launchpad.net/ubuntu/+source/gvfs/+bug/318661. The reporter states that they triggered the crash by emptying the wastebasket.


Stack trace:

+ Trace 211704

Thread 1 (process 4464)

  • #0 _int_free
    from /lib/tls/i686/cmov/libc.so.6
  • #1 free
    from /lib/tls/i686/cmov/libc.so.6
  • #2 ??
    from /usr/lib/libglib-2.0.so.0
  • #3 g_source_unref_internal
    at /build/buildd/glib2.0-2.19.5/glib/gmain.c line 1168
  • #4 IA__g_main_context_dispatch
    at /build/buildd/glib2.0-2.19.5/glib/gmain.c line 1812
  • #5 g_main_context_iterate
    at /build/buildd/glib2.0-2.19.5/glib/gmain.c line 2454
  • #6 IA__g_main_loop_run
    at /build/buildd/glib2.0-2.19.5/glib/gmain.c line 2633
  • #7 daemon_main
    at daemon-main.c line 262
  • #8 main
    at daemon-main-generic.c line 32 

Other information:
Comment 1 Allison Karlitskaya (desrt) 2009-01-20 17:32:07 UTC 
I don't think this has much to do with the expunger thread.

A GSource is clearly being double-freed.

The only code that ever unrefs GSources in gvfs daemons is the dbus-gmain code, and it only looks like that happens quite rarely.  I guess there could be an very-rarely-triggered untested code path in there....
Comment 2 Allison Karlitskaya (desrt) 2009-01-30 22:39:54 UTC 
I think we found the source of this one:



*** This bug has been marked as a duplicate of 569480 ***
Comment 3 Allison Karlitskaya (desrt) 2009-02-18 21:43:07 UTC 
*** Bug 570663 has been marked as a duplicate of this bug. ***