GNOME Bugzilla – Bug 666431
Totem crashes when run with args
Last modified: 2012-02-08 13:14:53 UTC
When you start totem with any parameter (--fullscreen, --pause, etc) it segfaults. I'm running 3.2.1-2 on a Debian sid/experimental i686 machine. The backtrace to the segfault is: Program received signal SIGSEGV, Segmentation fault. __libc_free (mem=0x2) at malloc.c:3709 3709 malloc.c: Arquivo ou diretório não encontrado. in malloc.c (gdb) bt
+ Trace 229292
Note the g_free on mem=0x2. This bt is for "totem --pause". Note that pause is the command number 0x2 in the TotemRemoteCommand enum. When running "totem --fullscreen" the g_free tries to free the address 0xb. Taking a look at the function totem_options_process_for_server (totem-options.c line 214) there's a g_list_foreach calling g_free on every list data. The problem is that list data are not pointers, but integers. This way, to free the GList totem should use only g_list_free and should not call g_free for each item on the list.
Thanks for taking the time to report this bug. Unfortunately, that stack trace is missing some elements that will help a lot to solve the problem, so it will be hard for the developers to fix that crash. Can you get us a stack trace with debugging symbols for totem? Please see http://live.gnome.org/GettingTraces for more information on how to do so and reopen this bug or report a new one. Thanks in advance!
Created attachment 203806 [details] Backtrace with debug symbols This is the backtrace with debugging symbols. Sorry for not sending it this way earlier.
Created attachment 203807 [details] [review] Patch for totem_options_process_for_server This patch fixes the problem.
Reopening the bug with more information about the problem. If you need anything, just ask! ;]
Cheers for the patch commit 71408a90d504b666c74e81260e8761387dc64ce5 Author: Estêvão Samuel Procópio <tevaum@gmail.com> Date: Sun Dec 18 19:29:41 2011 -0200 totem-options: Should not free commands list data. In totem_options_process_for_server the commands GList holds integers and freeing those integers leads to a segfault. Only the GList needs to be freed. Closes: bgo#666431
*** Bug 667630 has been marked as a duplicate of this bug. ***
Hello, any ideas on how can I get this fix, my install hasn't been updated by ubuntu and I still have to deal with this issue. thanks
The fix will be in version 3.2.2 (which might be released at some point, but I don't think an exact date has been chosen). Alternatively, you could file a bug against the Totem package on launchpad.net, and get the Ubuntu packagers to apply the patch from this bug report to their Totem package.
*** Bug 669400 has been marked as a duplicate of this bug. ***
*** Bug 668500 has been marked as a duplicate of this bug. ***