GNOME Bugzilla – Bug 739034
GLib-GObject-WARNING **: g_object_set_valist: object class 'GstPlayBin' has no property named '\xd8{ʸ\u0002'
Last modified: 2016-01-08 14:46:53 UTC
Using Debian Sid/unstable with Totem 3.14.0-2, the following warning is printed to the terminal. GLib-GObject-WARNING **: g_object_set_valist: object class 'GstPlayBin' has no property named '\xd8{ʸ\u0002' This is the backtrace captured by running `G_DEBUG=fatal-warnings gdb totem`.
+ Trace 234250
Thread 1 (Thread 0xb55578c0 (LWP 23871))
There's something utterly broken on your system if this fails: g_object_set (bvw->priv->play, "connection-speed", MAX_NETWORK_SPEED, NULL); Best run it under valgrind.
Created attachment 289341 [details] Compressed Valgrind log Please find the compressed Valgrind log attached. Valgrind 3.10.0 is used with the following command for capturing. $ G_SLICE=always-malloc G_DEBUG=gc-friendly valgrind -v --tool=memcheck --leak-check=full --num-callers=40 --log-file=/tmp/20141026--totem--valgrind.txt totem /tmp/sample.wav (totem:29681): GLib-GObject-WARNING **: g_object_set_valist: object class 'GstPlayBin' has no property named '\xe8\xcfh\u000e\u0002' (totem:29681): Gtk-WARNING **: Calling Inhibit failed: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files Compressed with the following command. 7z a -t7z -m0=lzma -mx=9 -mfb=64 -md=32m -ms=on 20141026--totem--valgrind.txt{.7z,}
Looks like a bug in cogl or the GL library. ==29681== Invalid read of size 1 ==29681== at 0x482D54A: strcmp (vg_replace_strmem.c:755) ==29681== by 0x656D1EE: stub_find_dynamic (in /usr/lib/i386-linux-gnu/libglapi.so.0.0.0) ==29681== by 0x656CD59: ??? (in /usr/lib/i386-linux-gnu/libglapi.so.0.0.0) ==29681== by 0x656D02C: _glapi_get_proc_address (in /usr/lib/i386-linux-gnu/libglapi.so.0.0.0) ==29681== by 0x9EF55AF: glXGetProcAddress (in /usr/lib/i386-linux-gnu/libGL.so.1.2.0) ==29681== by 0x4DE0EEF: _cogl_winsys_renderer_get_proc_address (in /usr/lib/i386-linux-gnu/libcogl.so.20.2.0) ==29681== by 0x4D95491: _cogl_renderer_get_proc_address (in /usr/lib/i386-linux-gnu/libcogl.so.20.2.0) ==29681== by 0x4D9F983: _cogl_feature_check (in /usr/lib/i386-linux-gnu/libcogl.so.20.2.0) ==29681== by 0x4D9FA80: _cogl_feature_check_ext_functions (in /usr/lib/i386-linux-gnu/libcogl.so.20.2.0) ==29681== by 0x4D8FED4: _cogl_driver_update_features (in /usr/lib/i386-linux-gnu/libcogl.so.20.2.0) ==29681== by 0x4D94158: _cogl_context_update_features (in /usr/lib/i386-linux-gnu/libcogl.so.20.2.0) ==29681== by 0x4DE1FD8: update_winsys_features (in /usr/lib/i386-linux-gnu/libcogl.so.20.2.0) ==29681== by 0x4DE2CEE: _cogl_winsys_context_init (in /usr/lib/i386-linux-gnu/libcogl.so.20.2.0) ==29681== by 0x4D932C2: cogl_context_new (in /usr/lib/i386-linux-gnu/libcogl.so.20.2.0) ==29681== by 0x4C21371: clutter_backend_real_create_context (clutter-backend.c:345) ==29681== by 0x4C21920: _clutter_backend_create_context (clutter-backend.c:803) ==29681== by 0x4C3B0BC: _clutter_feature_init (clutter-feature.c:107) ==29681== by 0x4C4DA70: clutter_init_real (clutter-main.c:1536) ==29681== by 0x4C4DC90: post_parse_hook (clutter-main.c:1749) ==29681== by 0x606D241: g_option_context_parse (in /lib/i386-linux-gnu/libglib-2.0.so.0.4200.0) ==29681== by 0x4C4EA30: clutter_parse_args (clutter-main.c:1985) ==29681== by 0x4C4EA30: clutter_init (clutter-main.c:2047) ==29681== by 0x4BBE541: gtk_clutter_init (gtk-clutter-util.c:216) ==29681== by 0x109FA1: app_init (totem.c:76) ==29681== by 0x109FA1: app_command_line (totem.c:213) ==29681== by 0x65D3949: ffi_call_SYSV (in /usr/lib/i386-linux-gnu/libffi.so.6.0.2) ==29681== by 0x65D33D8: ffi_call (in /usr/lib/i386-linux-gnu/libffi.so.6.0.2) ==29681== by 0x5FCB06E: g_cclosure_marshal_generic (in /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.0) ==29681== by 0x5FCA83A: g_closure_invoke (in /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.0) ==29681== by 0x5FDC854: signal_emit_unlocked_R (in /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.0) ==29681== by 0x5FE4A51: g_signal_emit_valist (in /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.0) ==29681== by 0x5FE50D4: g_signal_emit (in /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.0) ==29681== by 0x5EA3D63: g_application_call_command_line (in /usr/lib/i386-linux-gnu/libgio-2.0.so.0.4200.0) ==29681== by 0x5EA6069: g_application_run (in /usr/lib/i386-linux-gnu/libgio-2.0.so.0.4200.0) ==29681== by 0x109C3E: main (totem.c:266) ==29681== Address 0xd77ee8a is 2 bytes inside a block of size 17 free'd ==29681== at 0x482A3A8: free (vg_replace_malloc.c:473) ==29681== by 0x6067810: g_free (in /lib/i386-linux-gnu/libglib-2.0.so.0.4200.0) ==29681== by 0x4D9F994: _cogl_feature_check (in /usr/lib/i386-linux-gnu/libcogl.so.20.2.0) ==29681== by 0x4D9FA80: _cogl_feature_check_ext_functions (in /usr/lib/i386-linux-gnu/libcogl.so.20.2.0) ==29681== by 0x4D8FED4: _cogl_driver_update_features (in /usr/lib/i386-linux-gnu/libcogl.so.20.2.0) ==29681== by 0x4D94158: _cogl_context_update_features (in /usr/lib/i386-linux-gnu/libcogl.so.20.2.0) ==29681== by 0x4DE1FD8: update_winsys_features (in /usr/lib/i386-linux-gnu/libcogl.so.20.2.0) ==29681== by 0x4DE2CEE: _cogl_winsys_context_init (in /usr/lib/i386-linux-gnu/libcogl.so.20.2.0) ==29681== by 0x4D932C2: cogl_context_new (in /usr/lib/i386-linux-gnu/libcogl.so.20.2.0) ==29681== by 0x4C21371: clutter_backend_real_create_context (clutter-backend.c:345) ==29681== by 0x4C21920: _clutter_backend_create_context (clutter-backend.c:803) ==29681== by 0x4C3B0BC: _clutter_feature_init (clutter-feature.c:107) ==29681== by 0x4C4DA70: clutter_init_real (clutter-main.c:1536) ==29681== by 0x4C4DC90: post_parse_hook (clutter-main.c:1749) ==29681== by 0x606D241: g_option_context_parse (in /lib/i386-linux-gnu/libglib-2.0.so.0.4200.0) ==29681== by 0x4C4EA30: clutter_parse_args (clutter-main.c:1985) ==29681== by 0x4C4EA30: clutter_init (clutter-main.c:2047) ==29681== by 0x4BBE541: gtk_clutter_init (gtk-clutter-util.c:216) ==29681== by 0x109FA1: app_init (totem.c:76) ==29681== by 0x109FA1: app_command_line (totem.c:213) ==29681== by 0x65D3949: ffi_call_SYSV (in /usr/lib/i386-linux-gnu/libffi.so.6.0.2) ==29681== by 0x65D33D8: ffi_call (in /usr/lib/i386-linux-gnu/libffi.so.6.0.2) ==29681== by 0x5FCB06E: g_cclosure_marshal_generic (in /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.0) ==29681== by 0x5FCA83A: g_closure_invoke (in /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.0) ==29681== by 0x5FDC854: signal_emit_unlocked_R (in /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.0) ==29681== by 0x5FE4A51: g_signal_emit_valist (in /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.0) ==29681== by 0x5FE50D4: g_signal_emit (in /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.0) ==29681== by 0x5EA3D63: g_application_call_command_line (in /usr/lib/i386-linux-gnu/libgio-2.0.so.0.4200.0) ==29681== by 0x5EA6069: g_application_run (in /usr/lib/i386-linux-gnu/libgio-2.0.so.0.4200.0) ==29681== by 0x109C3E: main (totem.c:266)
This bug is now in Ubuntu 15.04 for me, and makes totem spectacularly useless there :(
Seems like a 32 bit issue, which I have no way to test. Looking at: > g_object_set (bvw->priv->play, "connection-speed", MAX_NETWORK_SPEED, NULL); I think I saw it already on Endless... Is MAX_NETWORK_SPEED a 64 bit constant that hasn't been cast correctly, and va_arg is trying to read outside of the memory boundaries?
Yep, remembered it correctly: bug 749993. The invalid read is a red herring.
*** This bug has been marked as a duplicate of bug 749993 ***
Good catch. Seems this isn't actually the bug making my totem not work then though. I'll keep digging.