Ubuntu
indicator-messages package

indicator-messages-service crashed with SIGSEGV in g_dbus_proxy_call_internal()

Bug #944900 reported by Matthew Paul Thomas on 2012-03-02

10

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Messaging Menu	Invalid	Medium	Unassigned
	libindicate	Triaged	Low	Unassigned
	indicator-messages (Ubuntu)	Invalid	Medium	Unassigned

Bug Description

I don't remember anything crashing, but the menu does now contain two "X-Chat" application items when it should contain only one.

ProblemType: Crash
DistroRelease: Ubuntu 12.04
Package: indicator-messages 0.5.92-0ubuntu1
ProcVersionSignature: Ubuntu 3.2.0-17.27-generic 3.2.6
Uname: Linux 3.2.0-17-generic i686
NonfreeKernelModules: wl
ApportVersion: 1.93-0ubuntu2
Architecture: i386
Date: Fri Mar 2 15:26:35 2012
ExecutablePath: /usr/lib/indicator-messages/indicator-messages-service
InstallationMedia: Ubuntu 10.10 "Maverick Meerkat" - Release i386 (20101007)
ProcCmdline: /usr/lib/indicator-messages/indicator-messages-service
SegvAnalysis:
Segfault happened at: 0x33ab40: mov (%esi),%edx
PC (0x0033ab40) ok
source "(%esi)" (0x20362072) not located in a known VMA region (needed readable region)!
destination "%edx" ok
SegvReason: reading unknown VMA
Signal: 11
SourcePackage: indicator-messages
StacktraceTop:
?? () from /usr/lib/i386-linux-gnu/libgio-2.0.so.0
g_dbus_proxy_call () from /usr/lib/i386-linux-gnu/libgio-2.0.so.0
indicate_listener_display () from /usr/lib/libindicate.so.5
?? ()
g_cclosure_marshal_VOID(unsigned int0_t) () from /usr/lib/i386-linux-gnu/libgobject-2.0.so.0
Title: indicator-messages-service crashed with SIGSEGV in g_dbus_proxy_call()
UpgradeStatus: Upgraded to precise on 2012-02-27 (3 days ago)
UserGroups: adm admin cdrom dialout dip fax floppy fuse lpadmin plugdev sambashare tape video

Tags:

Revision history for this message

Matthew Paul Thomas (mpt) wrote on 2012-03-02:

#1

Dependencies.txt Edit (2.3 KiB, text/plain; charset="utf-8")
Disassembly.txt Edit (561 bytes, text/plain; charset="utf-8")
ProcEnviron.txt Edit (138 bytes, text/plain; charset="utf-8")
ProcMaps.txt Edit (19.0 KiB, text/plain; charset="utf-8")
ProcStatus.txt Edit (823 bytes, text/plain; charset="utf-8")
Registers.txt Edit (466 bytes, text/plain; charset="utf-8")
Stacktrace.txt Edit (1.9 KiB, text/plain; charset="utf-8")
ThreadStacktrace.txt Edit (2.9 KiB, text/plain; charset="utf-8")

Revision history for this message

Apport retracing service (apport) wrote on 2012-03-02:

#2

StacktraceTop:
g_dbus_proxy_call_internal (proxy=0x20362072, method_name=0x1579b7 "ShowIndicatorToUser", parameters=0xb5b44968, flags=G_DBUS_CALL_FLAGS_NONE, timeout_msec=-1, fd_list=0x0, cancellable=0x0, callback=0x152230 <listener_display_cb>, user_data=0x0) at /build/buildd/glib2.0-2.31.18/./gio/gdbusproxy.c:2684
g_dbus_proxy_call (proxy=0x20362072, method_name=0x1579b7 "ShowIndicatorToUser", parameters=0xb5b44968, flags=G_DBUS_CALL_FLAGS_NONE, timeout_msec=-1, cancellable=0x0, callback=0x152230 <listener_display_cb>, user_data=0x0) at /build/buildd/glib2.0-2.31.18/./gio/gdbusproxy.c:2974
indicate_listener_display (listener=0x93c5180, server=0x941ee44, indicator=0x0, timestamp=110141921) at /build/buildd/libindicate-0.6.90/./libindicate/listener.c:1200
activate_cb (self=0x941f1b8, timestamp=110141921, data=0x0) at /build/buildd/indicator-messages-0.5.92/./src/app-menu-item.c:528
g_cclosure_marshal_VOID__UINT (closure=0x93d6110, return_value=0x0, n_param_values=2, param_values=0x93c4940, invocation_hint=0xbfc24b30, marshal_data=0x0) at /build/buildd/glib2.0-2.31.18/./gobject/gmarshal.c:259

Revision history for this message

Apport retracing service (apport) wrote on 2012-03-02: Stacktrace.txt

#3

Stacktrace.txt Edit (6.3 KiB, text/plain)

Revision history for this message

Apport retracing service (apport) wrote on 2012-03-02: ThreadStacktrace.txt

#4

ThreadStacktrace.txt Edit (8.6 KiB, text/plain)

Changed in indicator-messages (Ubuntu):
importance:	Undecided → Medium
summary:	- indicator-messages-service crashed with SIGSEGV in g_dbus_proxy_call() + indicator-messages-service crashed with SIGSEGV in + g_dbus_proxy_call_internal()
tags:	removed: need-i386-retrace

Charles Kerr (charlesk) on 2012-04-13

Changed in indicator-messages:
importance:	Undecided → Medium
visibility:	private → public

Revision history for this message

Bilal Akhtar (bilalakhtar) wrote on 2012-04-13:

#5

The Xchat issue seems like an Xchat issue. The crash, however, seems Indicator-messages related.

Revision history for this message

Bilal Akhtar (bilalakhtar) wrote on 2012-04-13:

#6

Could you file a separate bug on the xchat package about that?

Changed in indicator-messages:
status:	New → Confirmed
Changed in indicator-messages (Ubuntu):
status:	New → Confirmed

Revision history for this message

Charles Kerr (charlesk) wrote on 2012-04-15:

#7

In our patched version of glib2.0-2.31.18, that crash occurs on the first line of g_dbus_proxy_call_internal():

> g_return_if_fail (G_IS_DBUS_PROXY (proxy));

so it looks like we're passing a broken pointer in as the proxy argument there. Following the trace back one step, this proxy pointer is the same one that libindicate/listener.c's indicator_listener_display() passes to g_dbus_proxy_call(). So it looks like the IndicateListenerServer.proxy pointer passed into that function is bad.

My guess is that priv->server.proxy isn't getting updated when the proxy is destroyed. proxy_destroyed() updates its "priv->proxies" array but does nothing for "priv->server.proxy".

Changed in libindicate:
status:	New → Confirmed
Changed in indicator-messages:
status:	Confirmed → Invalid
Changed in libindicate:
importance:	Undecided → Medium
status:	Confirmed → Triaged

Charles Kerr (charlesk) on 2012-09-06

Changed in libindicate:
importance:	Medium → Low

Sebastien Bacher (seb128) on 2013-10-30

Changed in indicator-messages (Ubuntu):
status:	Confirmed → Invalid

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.