GNOME Bugzilla – Bug 692444
Invalid read of size 4 in thumbnail_read_callback
Last modified: 2013-01-24 12:58:59 UTC
Using nautilus 3.6.3 (with http://git.gnome.org/browse/nautilus/commit/?h=gnome-3-6&id=6cde4c5a6d639c85df09b8992a307f91d6b056a6 backported) on Ubuntu raring, nautilus tends to segfault when open e.g /usr/share/backgrounds. The stacktrace is not very useful and looks like a corruption, valgrind shows that error ==21232== Invalid read of size 4 ==21232== at 0x80F2A96: thumbnail_read_callback (nautilus-directory-async.c:3968) ==21232== by 0x4B7DE01: g_task_return_now (gtask.c:1105) ==21232== by 0x4B7E7D5: g_task_return (gtask.c:1158) ==21232== by 0x4B39946: load_contents_close_callback (gfile.c:6477) ==21232== by 0x4B5787A: async_ready_close_callback_wrapper (ginputstream.c:544) ==21232== by 0x4B7DE01: g_task_return_now (gtask.c:1105) ==21232== by 0x4B7DE50: complete_in_idle_cb (gtask.c:1114) ==21232== by 0x4D04AAF: g_idle_dispatch (gmain.c:4887) ==21232== by 0x4D07972: g_main_context_dispatch (gmain.c:2784) ==21232== by 0x4D07D0F: g_main_context_iterate.isra.23 (gmain.c:3359) ==21232== by 0x4D07DF0: g_main_context_iteration (gmain.c:3420) ==21232== by 0x4BA41EB: g_application_run (gapplication.c:1620) ==21232== by 0x8067E97: main (nautilus-main.c:103) ==21232== Address 0x12f95560 is 0 bytes inside a block of size 20 free'd ==21232== at 0x402B1CC: free (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==21232== by 0x4D0DC5A: standard_free (gmem.c:98) ==21232== by 0x4D0DDCF: g_free (gmem.c:252) ==21232== by 0x80F2E0A: thumbnail_read_callback (nautilus-directory-async.c:3881) ==21232== by 0x4B7DE01: g_task_return_now (gtask.c:1105) ==21232== by 0x4B7E7D5: g_task_return (gtask.c:1158) ==21232== by 0x4B397D1: load_contents_read_callback (gfile.c:6518) ==21232== by 0x4B578F7: async_ready_callback_wrapper (ginputstream.c:530) ==21232== by 0x4B7DE01: g_task_return_now (gtask.c:1105) ==21232== by 0x4B7DE50: complete_in_idle_cb (gtask.c:1114) ==21232== by 0x4D04AAF: g_idle_dispatch (gmain.c:4887) ==21232== by 0x4D07972: g_main_context_dispatch (gmain.c:2784) ==21232== by 0x4D07D0F: g_main_context_iterate.isra.23 (gmain.c:3359) ==21232== by 0x4D07DF0: g_main_context_iteration (gmain.c:3420) ==21232== by 0x4BA41EB: g_application_run (gapplication.c:1620) ==21232== by 0x8067E97: main (nautilus-main.c:103) We got a bunch of report that seems like that issue on launchpad: https://bugs.launchpad.net/ubuntu/+source/nautilus/+bug/1101985 https://bugs.launchpad.net/ubuntu/+source/nautilus/+bug/1103006 https://bugs.launchpad.net/ubuntu/+source/nautilus/+bug/1103928
(that's using glib 2.35.4 in case that makes any difference)
in the log as well: ==21232== Invalid free() / delete / delete[] / realloc() ==21232== at 0x402B1CC: free (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==21232== by 0x4D0DC5A: standard_free (gmem.c:98) ==21232== by 0x4D0DDCF: g_free (gmem.c:252) ==21232== by 0x80F2E0A: thumbnail_read_callback (nautilus-directory-async.c:3881) ==21232== by 0x4B7DE01: g_task_return_now (gtask.c:1105) ==21232== by 0x4B7E7D5: g_task_return (gtask.c:1158) ==21232== by 0x4B39946: load_contents_close_callback (gfile.c:6477) ==21232== by 0x4B5787A: async_ready_close_callback_wrapper (ginputstream.c:544) ==21232== by 0x4B7DE01: g_task_return_now (gtask.c:1105) ==21232== by 0x4B7DE50: complete_in_idle_cb (gtask.c:1114) ==21232== by 0x4D04AAF: g_idle_dispatch (gmain.c:4887) ==21232== by 0x4D07972: g_main_context_dispatch (gmain.c:2784) ==21232== by 0x4D07D0F: g_main_context_iterate.isra.23 (gmain.c:3359) ==21232== by 0x4D07DF0: g_main_context_iteration (gmain.c:3420) ==21232== by 0x4BA41EB: g_application_run (gapplication.c:1620) ==21232== by 0x8067E97: main (nautilus-main.c:103) ==21232== Address 0x12f95560 is 0 bytes inside a block of size 20 free'd ==21232== at 0x402B1CC: free (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==21232== by 0x4D0DC5A: standard_free (gmem.c:98) ==21232== by 0x4D0DDCF: g_free (gmem.c:252) ==21232== by 0x80F2E0A: thumbnail_read_callback (nautilus-directory-async.c:3881) ==21232== by 0x4B7DE01: g_task_return_now (gtask.c:1105) ==21232== by 0x4B7E7D5: g_task_return (gtask.c:1158) ==21232== by 0x4B397D1: load_contents_read_callback (gfile.c:6518) ==21232== by 0x4B578F7: async_ready_callback_wrapper (ginputstream.c:530) ==21232== by 0x4B7DE01: g_task_return_now (gtask.c:1105) ==21232== by 0x4B7DE50: complete_in_idle_cb (gtask.c:1114) ==21232== by 0x4D04AAF: g_idle_dispatch (gmain.c:4887) ==21232== by 0x4D07972: g_main_context_dispatch (gmain.c:2784) ==21232== by 0x4D07D0F: g_main_context_iterate.isra.23 (gmain.c:3359) ==21232== by 0x4D07DF0: g_main_context_iteration (gmain.c:3420) ==21232== by 0x4BA41EB: g_application_run (gapplication.c:1620) ==21232== by 0x8067E97: main (nautilus-main.c:103)
This should be glib bug 692202 *** This bug has been marked as a duplicate of bug 692202 ***