(various) crashed with SIGSEGV in g_atomic_int_exchange_and_add()/g_variant_unref/?libappmenu.so/g_simple_async_result_complete

Bug #703988 reported by Jean-Baptiste Lallement on 2011-01-17
386
This bug affects 46 people
Affects Status Importance Assigned to Milestone
AppMenu GTK+
Fix Released
Undecided
Unassigned
appmenu-gtk (Ubuntu)
Medium
Unassigned
vim (Ubuntu)
Low
Unassigned

Bug Description

Binary package hint: vim

gvim crashes randomly, with no specific action from the user and no specific configuration.

Test Case
- Open a terminal and run:
  $ gvim some_file
- Wait until it crashes (usually less then a minute)

Result:
$ Vim: Caught deadly signal SEGV
Vim: Finished.

I can reproduce it on 2 different system (a netbook and a laptop) with an up to date Natty.

ProblemType: Crash
DistroRelease: Ubuntu 11.04
Package: vim-gnome 2:7.3.035+hg~8fdc12103333-1ubuntu2
ProcVersionSignature: Ubuntu 2.6.37-12.26-generic 2.6.37
Uname: Linux 2.6.37-12-generic i686
Architecture: i386
Date: Mon Jan 17 15:59:39 2011
EcryptfsInUse: Yes
ExecutablePath: /usr/bin/vim.gnome
ProcCmdline: gvim magomatic
ProcEnviron:
 SHELL=/bin/bash
 PATH=(custom, user)
 LC_MESSAGES=en_US.utf8
 LANG=en_US.utf8
 LANGUAGE=en_US:en
SegvAnalysis:
 Segfault happened at: 0xda7832: ret
 PC (0x00da7832) ok
 destination "(%esp)" (0xbfe6e8b8) ok
 SP (0xbfe6e8b8) ok
 Reason could not be automatically determined.
Signal: 11
SourcePackage: vim
StacktraceTop:
 g_atomic_int_exchange_and_add () from /lib/libglib-2.0.so.0
 g_variant_unref () from /lib/libglib-2.0.so.0
 ?? () from /usr/lib/gtk-2.0/2.10.0/menuproxies/libappmenu.so
 g_simple_async_result_complete () from /usr/lib/libgio-2.0.so.0
 ?? () from /usr/lib/libgio-2.0.so.0
Title: vim.gnome crashed with SIGSEGV in g_atomic_int_exchange_and_add()
UserGroups: adm admin audio cdrom dialout dip floppy fuse libvirtd lpadmin netdev plugdev scanner sudo video

Related branches

lp:~canonical-dx-team/appmenu-gtk/ubuntu
Ken VanDine: Pending requested 2011-09-29
lp:~ted/appmenu-gtk/unref-if-non-null
Conor Curran (community): Approve on 2011-02-07
Jean-Baptiste Lallement (jibel) wrote :
description: updated
tags: added: mago
description: updated
Michael Bienia (geser) wrote :

As you mentioned in your original bug description that you switched your font, does it only happen with that font or with other fonts too?

Jean-Baptiste Lallement (jibel) wrote :

No it happens with the default configuration too (no ~/.vimrc)
The only file in ~/.vim is a file named .netrwhist and there is also the file .viminfo in $HOME
So nothing fantastic.

The only steps to reproduce are:
- From the command line run:
  $ gvim some_file
- Wait until it crashes (usually less then a minute)

I can reproduce it on 2 different system (a netbook and a laptop) with an up to date Natty.

I'm sorry for this poor report, let me know if and how I can gather more useful informations.

description: updated
Jean-Baptiste Lallement (jibel) wrote :

While I am able to reproduce it repeatedly on Unity, I didn't had a single crash when running the Classic Desktop.

David Planella (dpm) wrote :

I can confirm the last comment. I've been using the classic desktop for a while and today I tested Unity again.

While vim does not crash in the classic desktop, I can reproduce the crash every time under Unity.

Jean-Baptiste Lallement (jibel) wrote :

bug 713192 looks like this one but for gnome-terminal.
I'm adding a task for dbusmenu because it seems involved somehow from the stacktrace.

Note that since the latest update update, I experience gnome-terminal crashes as well.

kyleabaker (kyleabaker) wrote :

bug 713419 looks like this one but for nautilus. I'm also seeing the gnome-terminal bug as well.

Dave Gilbert (ubuntu-treblig) wrote :

confirmed due to comment #5 saying he also had same problem.

Changed in libdbusmenu (Ubuntu):
status: New → Confirmed
Changed in libdbusmenu (Ubuntu):
importance: Undecided → Medium
status: Confirmed → Triaged
summary: - vim.gnome crashed with SIGSEGV in g_atomic_int_exchange_and_add()
+ (various) crashed with SIGSEGV in
+ g_atomic_int_exchange_and_add()/g_variant_unref/?libappmenu.so/g_simple_async_result_complete
Amit Kucheria (amitk) wrote :

My log is also littered with application crashes all over (evince, gnome-terminal, eog, gvfs-smb, banshee, etc.) that seem to link back to libglib. And I am using the Classic desktop since I'm using a nouveau driver. Should I file separate bugs for each of these?

e.g.
[ 9479.287320] gnome-terminal[1927]: segfault at 24 ip 00007f7c163220b2 sp 00007fff93701c78 error 6 in libglib-2.0.so.0.2793.0[7f7c16309000+ed000]
[ 9504.078613] gnome-terminal[8133]: segfault at 24 ip 00007fd10aa360b2 sp 00007fff24467bd8 error 6 in libglib-2.0.so.0.2793.0[7fd10aa1d000+ed000]

Just had this problem during automated desktop testing with the character map (gucharmap) application

same problem in a fresh an up to date Natty VM with simple-scan

Evan (ev) wrote :

You can work around this temporarily by not loading the dbus menu proxy (UBUNTU_MENUPROXY=).

Sebastien Bacher (seb128) wrote :

Could someone get a debug stacktrace?

Sebastien Bacher (seb128) wrote :

the issue is not a vim one

Changed in vim (Ubuntu):
importance: Undecided → Low
status: New → Invalid
Sebastien Bacher (seb128) wrote :

bug #713281 has a debug retracing

Sebastien Bacher (seb128) wrote :

debug stacktrace from the retracer:

"#0 0x00007f0c0196e0b2 in g_atomic_int_exchange_and_add (atomic=0x24, val=-1)
    at /build/buildd/glib2.0-2.27.93/glib/gatomic-gcc.c:29
No locals.
#1 0x00007f0c019d3cd2 in g_variant_unref (value=0x0)
    at /build/buildd/glib2.0-2.27.93/glib/gvariant-core.c:363
No locals.
#2 0x00007f0bf6e3c16d in register_application_window_cb (object=0x229c5c0,
    res=0x2497800, user_data=0x2355920) at bridge.c:324
 error = (GError *) 0x235bbc0
 context = (AppWindowContext *) 0x2355920
 variants = <value optimized out>
#3 0x00007f0c02cc22a2 in reply_cb (connection=0x2201120, res=0x248d8c0,
    user_data=<value optimized out>)
    at /build/buildd/glib2.0-2.27.93/gio/gdbusproxy.c:2109
 simple = (GSimpleAsyncResult *) 0x2497800
 value = <value optimized out>
 error = (GError *) 0x235bbc0
#4 0x00007f0c02cb7f54 in g_dbus_connection_call_done (
    source=<value optimized out>, result=<value optimized out>,
    user_data=0x25caac0)
    at /build/buildd/glib2.0-2.27.93/gio/gdbusconnection.c:3075
 connection = <value optimized out>
 state = (CallState *) 0x25caac0
 error = (GError *) 0x235bbc0
 reply = (GDBusMessage *) 0x0
 value = <value optimized out>
#5 0x00007f0c02c70fec in complete_in_idle_cb (data=0x24ae180)
    at /build/buildd/glib2.0-2.27.93/glib/gthread.h:347
 simple = <value optimized out>"

Ted Gould (ted) on 2011-02-07
affects: dbusmenu → indicator-appmenu
affects: libdbusmenu (Ubuntu) → appmenu-gtk (Ubuntu)
affects: indicator-appmenu → appmenu-gtk
Changed in appmenu-gtk:
status: New → Fix Committed
Changed in appmenu-gtk (Ubuntu):
status: Triaged → Fix Committed
Ted Gould (ted) on 2011-02-11
Changed in appmenu-gtk:
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package appmenu-gtk - 0.1.93-0ubuntu1

---------------
appmenu-gtk (0.1.93-0ubuntu1) natty; urgency=low

  * New upstream release.
    * Protect variant from being unref'd when NULL (LP: #703988)
    * Check to see if the item is already realized and parse
      immediately if it is.
 -- Ted Gould <email address hidden> Fri, 11 Feb 2011 09:40:27 -0600

Changed in appmenu-gtk (Ubuntu):
status: Fix Committed → Fix Released
Namlee85 (namlee85) wrote :

Well it happened when i tried to resize a picture

Matteo Rossi (teo-red90) wrote :

Still happens to me when using Lyx

Alistair Buxton (a-j-buxton) wrote :

This bug is still present with appmenu-gtk 0.2.1-0ubuntu1

To reproduce it, simply move around in any GTK application's menus as rapidly as you can.

The bug seems to be a race condition. It is harder to reproduce with light-themes because they render the menu so slowly.

Alistair Buxton (a-j-buxton) wrote :

Cannot reopen this bug so I opened bug 763633.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers