Bug 1638784
| Summary: | gnome software crash involving strchr and g_param_spec_pool_lookup error: Cannot access memory at address 0xa at gparam.c:1071 in libgobject-2.0.so.0 | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Matt Fagnani <matt.fagnani> | ||||||||
| Component: | gnome-software | Assignee: | Richard Hughes <rhughes> | ||||||||
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||||
| Severity: | unspecified | Docs Contact: | |||||||||
| Priority: | unspecified | ||||||||||
| Version: | 29 | CC: | klember, kparal, lruzicka, rhughes | ||||||||
| Target Milestone: | --- | ||||||||||
| Target Release: | --- | ||||||||||
| Hardware: | Unspecified | ||||||||||
| OS: | Unspecified | ||||||||||
| Whiteboard: | |||||||||||
| Fixed In Version: | gnome-software-3.30.3-1.fc29 | Doc Type: | If docs needed, set a value | ||||||||
| Doc Text: | Story Points: | --- | |||||||||
| Clone Of: | Environment: | ||||||||||
| Last Closed: | 2018-10-21 15:47:08 UTC | Type: | Bug | ||||||||
| Regression: | --- | Mount Type: | --- | ||||||||
| Documentation: | --- | CRM: | |||||||||
| Verified Versions: | Category: | --- | |||||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||||
| Embargoed: | |||||||||||
| Bug Depends On: | |||||||||||
| Bug Blocks: | 1517014 | ||||||||||
| Attachments: |
|
||||||||||
|
Description
Matt Fagnani
2018-10-12 12:51:29 UTC
This crash still occurred after I downgraded to appstream-data-29-6 so it is unrelated to the update to appstream-data-29-7. The full trace had the error: Cannot access memory at address 0xa also in the #2 g_object_new_valist function so that might be where the problem started.
(gdb) bt full
#0 0xb6be905b in strchr () at ../sysdeps/i386/strchr.S:61
#1 0xb7e987f2 in g_param_spec_pool_lookup
(pool=0x21a2680, param_name=0xa <error: Cannot access memory at address 0xa>, owner_type=0x22c55c0 [GsPluginJob], walk_ancestors=1) at gparam.c:1071
pspec = <optimized out>
delim = <optimized out>
__func__ = "g_param_spec_pool_lookup"
#2 0xb7e935a7 in g_object_new_valist
(object_type=<optimized out>, first_property_name=<optimized out>, var_args=0xbf8b425c "") at gobject.c:2097
error = 0x0
pspec = <optimized out>
stack_params =
{{pspec = 0x236ad20 [GParamUInt], value = 0xbf8b40e0}, {pspec = 0x2222120 [GParamUInt64], value = 0xbf8b40c0}, {pspec = 0xb7b43914, value = 0x3d749a0}, {pspec = 0x4c33c7, value = 0xbf8b4218}, {pspec = 0xb7464da5, value = 0xb6d0b7a0 <main_arena>}, {pspec = 0x41, value = 0x0}, {pspec = 0x3f, value = 0xb7464d05 <gtk_css_node_set_property+261>}, {pspec = 0xb7b43914, value = 0x3ed0ad8}, {pspec = 0x978fb500, value = 0x3d749a0}, {pspec = 0x44d, value = 0xb7e916cb <g_object_new_internal+11>}, {pspec = 0xb7ee0cb8, value = 0x0}, {pspec = 0x0, value = 0xbf8b4228}, {pspec = 0xb7e930ec, value = 0x2e9b060}, {pspec = 0x0, value = 0x21e5a30}, {pspec = 0xb7d95055, value = 0x2e9b060}, {pspec = 0x3d68338 [GsUpdatesPage], value = 0x0}}
params = 0xbf8b417c
name = 0xa <error: Cannot access memory at address 0xa>
n_params = 2
class = <optimized out>
unref_class = <optimized out>
--Type <RET> for more, q to quit, c to continue without paging--c
object = <optimized out>
__func__ = "g_object_new_valist"
#3 0xb7e93a8d in g_object_new (object_type=0x22c55c0 [GsPluginJob], first_property_name=0x4ba01a "action") at gobject.c:1648
object = <optimized out>
var_args = 0xbf8b4248 "\037"
#4 0x00490a25 in gs_updates_page_get_new_updates (self=0x3d68338 [GsUpdatesPage]) at ../src/gs-updates-page.c:810
plugin_job = 0x0
#5 0xb7e8c34c in _g_closure_invoke_va (closure=0x3f30540, return_value=0x0, instance=0x3f17900, args=0xbf8b445c "\341z@\267\313z@\267\024\071\264\267", n_params=0, param_types=0x0) at gclosure.c:873
marshal = 0xb7e8e340 <g_cclosure_marshal_VOID__VOIDv>
marshal_data = 0x0
in_marshal = 0
real_closure = 0x3f30530
__func__ = "_g_closure_invoke_va"
#6 0xb7ea8a6e in g_signal_emit_valist (instance=0x3f17900, signal_id=272, detail=0, var_args=0xbf8b445c "\341z@\267\313z@\267\024\071\264\267") at gsignal.c:3300
return_accu = 0x0
accu = {g_type = 0x0, data = {{v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}, {v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}}}
accumulator = <optimized out>
emission = {next = 0xbf8b45d8, instance = 0x3f17900, ihint = {signal_id = 272, detail = 0, run_type = G_SIGNAL_RUN_FIRST}, state = EMISSION_RUN, chain_type = 0x2cc9df0 [GtkButton/GtkBin/GtkContainer/GtkWidget/GInitiallyUnowned]}
signal_id = 272
instance_type = 0x2cc9df0 [GtkButton/GtkBin/GtkContainer/GtkWidget/GInitiallyUnowned]
emission_return = {g_type = 0x0, data = {{v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}, {v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}}}
rtype = <optimized out>
static_scope = <optimized out>
fastpath_handler = <optimized out>
closure = <optimized out>
run_type = <optimized out>
hlist = <optimized out>
l = <optimized out>
fastpath = 1
instance_and_params = <optimized out>
signal_return_type = <optimized out>
param_values = <optimized out>
node = 0x3cf3070
i = <optimized out>
n_params = <optimized out>
__func__ = "g_signal_emit_valist"
#7 0xb7ea90e9 in g_signal_emit (instance=0x3f17900, signal_id=272, detail=0) at gsignal.c:3447
var_args = 0xbf8b445c "\341z@\267\313z@\267\024\071\264\267"
#8 0xb7407b0d in gtk_button_clicked (button=0x3f17900 [GtkButton]) at gtkbutton.c:1541
__func__ = "gtk_button_clicked"
#9 0xb7407bad in gtk_button_do_release (button=0x3f17900 [GtkButton], emit_clicked=<optimized out>) at gtkbutton.c:1845
emit_clicked = <optimized out>
button = 0x3f17900 [GtkButton]
priv = 0x3f17800
#10 0xb7407c1a in gtk_real_button_released (button=0x3f17900 [GtkButton]) at gtkbutton.c:1963
#11 0xb7e8c34c in _g_closure_invoke_va (closure=0x3cf2fa0, return_value=0x0, instance=0x3f17900, args=0xbf8b46ac "\220y\f\267", n_params=0, param_types=0x0) at gclosure.c:873
marshal = 0xb7e8a760 <g_type_class_meta_marshalv>
marshal_data = 0x1fc
in_marshal = 0
real_closure = 0x3cf2f90
__func__ = "_g_closure_invoke_va"
#12 0xb7ea8a6e in g_signal_emit_valist (instance=0x3f17900, signal_id=271, detail=0, var_args=0xbf8b46ac "\220y\f\267") at gsignal.c:3300
return_accu = 0x0
accu = {g_type = 0x0, data = {{v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}, {v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}}}
accumulator = <optimized out>
emission = {next = 0xbf8b4988, instance = 0x3f17900, ihint = {signal_id = 271, detail = 0, run_type = G_SIGNAL_RUN_FIRST}, state = EMISSION_RUN, chain_type = 0x2cc9df0 [GtkButton/GtkBin/GtkContainer/GtkWidget/GInitiallyUnowned]}
signal_id = 271
instance_type = 0x2cc9df0 [GtkButton/GtkBin/GtkContainer/GtkWidget/GInitiallyUnowned]
emission_return = {g_type = 0x0, data = {{v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}, {v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}}}
rtype = <optimized out>
static_scope = <optimized out>
fastpath_handler = <optimized out>
closure = <optimized out>
run_type = <optimized out>
hlist = <optimized out>
l = <optimized out>
fastpath = 1
instance_and_params = <optimized out>
signal_return_type = <optimized out>
param_values = <optimized out>
node = 0x3cf2fe0
i = <optimized out>
n_params = <optimized out>
__func__ = "g_signal_emit_valist"
#13 0xb7ea90e9 in g_signal_emit (instance=0x3f17900, signal_id=271, detail=0) at gsignal.c:3447
var_args = 0xbf8b46ac "\220y\f\267"
#14 0xb7405e9f in multipress_released_cb (gesture=0x3e8fe30 [GtkGestureMultiPress], n_press=1, x=19, y=16, widget=0x3f17900 [GtkButton]) at gtkbutton.c:666
button = 0x3f17900 [GtkButton]
priv = 0x3f17800
sequence = <optimized out>
#15 0xb698cf1e in ffi_call_SYSV () at ../src/x86/sysv.S:65
#16 0xb698c94e in ffi_call (cif=0xbf8b4864, fn=0xb7405e70 <multipress_released_cb>, rvalue=0xbf8b47f0, avalue=0xbf8b47b0) at ../src/x86/ffi.c:382
ecif = {cif = 0xbf8b4864, rvalue = 0xbf8b47f0, avalue = 0xbf8b47b0}
#17 0xb7e8cf4f in g_cclosure_marshal_generic_va (closure=<optimized out>, return_value=<optimized out>, instance=<optimized out>, args_list=<optimized out>, marshal_data=<optimized out>, n_params=<optimized out>, param_types=<optimized out>) at gclosure.c:1610
rtype = <optimized out>
rvalue = 0xbf8b47f0
n_args = <optimized out>
atypes = <optimized out>
args = <optimized out>
storage = <optimized out>
i = <optimized out>
cif = {abi = FFI_SYSV, nargs = 5, arg_types = 0xbf8b47d0, rtype = 0xb698e090 <ffi_type_void>, bytes = 32, flags = 0}
cc = <optimized out>
enum_tmpval = <optimized out>
tmpval_used = 0
args_copy = 0xbf8b4a70 "ȘS\257\002"
#18 0xb7e8c34c in _g_closure_invoke_va (closure=0x3f2e580, return_value=0x0, instance=0x3e8fe30, args=0xbf8b4a5c "\001", n_params=3, param_types=0x325f8f0) at gclosure.c:873
marshal = 0xb7e8cbc0 <g_cclosure_marshal_generic_va>
marshal_data = 0x0
in_marshal = 0
real_closure = 0x3f2e570
__func__ = "_g_closure_invoke_va"
#19 0xb7ea8a6e in g_signal_emit_valist (instance=0x3e8fe30, signal_id=265, detail=0, var_args=0xbf8b4a5c "\001") at gsignal.c:3300
return_accu = 0x0
accu = {g_type = 0x0, data = {{v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}, {v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}}}
accumulator = <optimized out>
emission = {next = 0xbf8b4bd8, instance = 0x3e8fe30, ihint = {signal_id = 265, detail = 0, run_type = G_SIGNAL_RUN_FIRST}, state = EMISSION_RUN, chain_type = 0x28b0110 [GtkGestureMultiPress/GtkGestureSingle/GtkGesture/GtkEventController]}
signal_id = 265
instance_type = 0x28b0110 [GtkGestureMultiPress/GtkGestureSingle/GtkGesture/GtkEventController]
emission_return = {g_type = 0x0, data = {{v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}, {v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}}}
rtype = <optimized out>
static_scope = <optimized out>
fastpath_handler = <optimized out>
closure = <optimized out>
run_type = <optimized out>
hlist = <optimized out>
l = <optimized out>
fastpath = 1
instance_and_params = <optimized out>
signal_return_type = <optimized out>
param_values = <optimized out>
node = 0x3296370
i = <optimized out>
n_params = <optimized out>
__func__ = "g_signal_emit_valist"
#20 0xb7ea90e9 in g_signal_emit (instance=0x3e8fe30, signal_id=265, detail=0) at gsignal.c:3447
var_args = 0xbf8b4a5c "\001"
#21 0xb74dae89 in gtk_gesture_multi_press_end (gesture=0x3e8fe30 [GtkGestureMultiPress], sequence=0x0) at gtkgesturemultipress.c:286
multi_press = 0x3e8fe30 [GtkGestureMultiPress]
priv = 0x3e8fdb8
current = 0x0
x = 19
y = 16
interpreted = <optimized out>
state = <optimized out>
#22 0xb7e8f1e9 in g_cclosure_marshal_VOID__BOXEDv (closure=<optimized out>, return_value=0x0, instance=<optimized out>, args=0xbf8b4cac "", marshal_data=0xb74dade0 <gtk_gesture_multi_press_end>, n_params=1, param_types=0x28c4360) at gmarshal.c:1950
cc = 0x3ce2d90
data1 = 0x3e8fe30
data2 = <optimized out>
callback = 0xb74dade0 <gtk_gesture_multi_press_end>
arg0 = 0x0
args_copy = 0xbf8b4cb0 "{~M\267\024\071\264\267\r|M\267\024\071\264\267\060\376\350\003`\237ȳ"
#23 0xb7e8c34c in _g_closure_invoke_va (closure=0x3ce2d90, return_value=0x0, instance=0x3e8fe30, args=0xbf8b4cac "", n_params=1, param_types=0x28c4360) at gclosure.c:873
marshal = 0xb7e8a760 <g_type_class_meta_marshalv>
marshal_data = 0x84
in_marshal = 0
real_closure = 0x3ce2d80
__func__ = "_g_closure_invoke_va"
#24 0xb7ea8a6e in g_signal_emit_valist (instance=0x3e8fe30, signal_id=260, detail=0, var_args=0xbf8b4cac "") at gsignal.c:3300
return_accu = 0x0
accu = {g_type = 0x0, data = {{v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}, {v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}}}
accumulator = <optimized out>
emission = {next = 0xbf8b4ed8, instance = 0x3e8fe30, ihint = {signal_id = 260, detail = 0, run_type = G_SIGNAL_RUN_LAST}, state = EMISSION_RUN, chain_type = 0x28b0110 [GtkGestureMultiPress/GtkGestureSingle/GtkGesture/GtkEventController]}
signal_id = 260
instance_type = 0x28b0110 [GtkGestureMultiPress/GtkGestureSingle/GtkGesture/GtkEventController]
emission_return = {g_type = 0x0, data = {{v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}, {v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}}}
rtype = <optimized out>
static_scope = <optimized out>
fastpath_handler = <optimized out>
closure = <optimized out>
run_type = <optimized out>
hlist = <optimized out>
l = <optimized out>
fastpath = 1
instance_and_params = <optimized out>
signal_return_type = <optimized out>
param_values = <optimized out>
node = 0x3b8af40
i = <optimized out>
n_params = <optimized out>
__func__ = "g_signal_emit_valist"
#25 0xb7ea90e9 in g_signal_emit (instance=0x3e8fe30, signal_id=260, detail=0) at gsignal.c:3447
var_args = 0xbf8b4cac ""
#26 0xb74d7c89 in _gtk_gesture_set_recognized (sequence=0x0, recognized=0, gesture=0x3e8fe30 [GtkGestureMultiPress]) at gtkgesture.c:345
priv = <optimized out>
priv = 0x3e8fe00
has_matching_touchpoints = <optimized out>
#27 0xb74d7c89 in _gtk_gesture_check_recognized (gesture=gesture@entry=0x3e8fe30 [GtkGestureMultiPress], sequence=sequence@entry=0x0) at gtkgesture.c:386
priv = 0x3e8fe00
has_matching_touchpoints = <optimized out>
#28 0xb74d93f9 in gtk_gesture_handle_event (controller=0x3e8fe30 [GtkGestureMultiPress], event=0xb3c89f60) at gtkgesture.c:814
was_recognized = 1
sequence = 0x0
priv = <optimized out>
controller = 0x3e8fe30 [GtkGestureMultiPress]
event = 0xb3c89f60
gesture = 0x3e8fe30 [GtkGestureMultiPress]
source_device = <optimized out>
#29 0xb74dc778 in gtk_gesture_single_handle_event (controller=0x3e8fe30 [GtkGestureMultiPress], event=0xb3c89f60) at gtkgesturesingle.c:222
sequence = <optimized out>
source_device = <optimized out>
source = <optimized out>
button = <optimized out>
i = <optimized out>
retval = <optimized out>
test_touchscreen = <optimized out>
#30 0xb74a0e4f in gtk_event_controller_handle_event (controller=0x3e8fe30 [GtkGestureMultiPress], event=0xb3c89f60) at gtkeventcontroller.c:230
controller_class = 0x3c9bc50
retval = 0
__func__ = "gtk_event_controller_handle_event"
#31 0xb767bdde in _gtk_widget_run_controllers (widget=0x3f17900 [GtkButton], event=0xb3c89f60, phase=GTK_PHASE_BUBBLE) at gtkwidget.c:7379
controller_phase = <optimized out>
next = 0x0
data = 0x3f2ae10
handled = 0
priv = 0x3f17850
l = <optimized out>
#32 0xb76d744c in _gtk_marshal_BOOLEAN__BOXEDv (closure=0x21db3e0, return_value=0xbf8b4ef4, instance=<optimized out>, args=0xbf8b4fac "`\237ȳ\330O\213\277`\237ȳ", marshal_data=0xb767be30 <gtk_widget_real_button_event>, n_params=1, param_types=0x21db400) at gtkmarshalers.c:129
cc = 0x21db3e0
data1 = 0x3f17900
data2 = <optimized out>
callback = 0xb767be30 <gtk_widget_real_button_event>
v_return = <optimized out>
arg0 = 0xb3c89f60
args_copy = 0xbf8b4fb0 "\330O\213\277`\237ȳ"
__func__ = "_gtk_marshal_BOOLEAN__BOXEDv"
#33 0xb7e8c34c in _g_closure_invoke_va (closure=0x21db3e0, return_value=0xbf8b4ef4, instance=0x3f17900, args=0xbf8b4fac "`\237ȳ\330O\213\277`\237ȳ", n_params=1, param_types=0x21db400) at gclosure.c:873
marshal = 0xb7e8a760 <g_type_class_meta_marshalv>
marshal_data = 0xc4
in_marshal = 0
real_closure = 0x21db3d0
__func__ = "_g_closure_invoke_va"
#34 0xb7ea86d4 in g_signal_emit_valist (instance=0x3f17900, signal_id=88, detail=0, var_args=0xbf8b4fac "`\237ȳ\330O\213\277`\237ȳ") at gsignal.c:3300
return_accu = 0xbf8b4ef4
accu = {g_type = 0x14 [gboolean], data = {{v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}, {v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}}}
accumulator = <optimized out>
emission = {next = 0x0, instance = 0x3f17900, ihint = {signal_id = 88, detail = 0, run_type = G_SIGNAL_RUN_LAST}, state = EMISSION_RUN, chain_type = 0x2cc9df0 [GtkButton/GtkBin/GtkContainer/GtkWidget/GInitiallyUnowned]}
signal_id = 88
instance_type = 0x2cc9df0 [GtkButton/GtkBin/GtkContainer/GtkWidget/GInitiallyUnowned]
emission_return = {g_type = 0x14 [gboolean], data = {{v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}, {v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}}}
rtype = <optimized out>
static_scope = <optimized out>
fastpath_handler = <optimized out>
closure = <optimized out>
run_type = <optimized out>
hlist = <optimized out>
l = <optimized out>
fastpath = 1
instance_and_params = <optimized out>
signal_return_type = <optimized out>
param_values = <optimized out>
node = 0x21db410
i = <optimized out>
n_params = <optimized out>
__func__ = "g_signal_emit_valist"
#35 0xb7ea90e9 in g_signal_emit (instance=0x3f17900, signal_id=88, detail=0) at gsignal.c:3447
var_args = 0xbf8b4fac "`\237ȳ\330O\213\277`\237ȳ"
#36 0xb767e3cf in gtk_widget_event_internal (widget=widget@entry=0x3f17900 [GtkButton], event=event@entry=0xb3c89f60) at gtkwidget.c:7744
signal_num = <optimized out>
return_val = <optimized out>
handled = 0
__func__ = "gtk_widget_event_internal"
#37 0xb7680661 in gtk_widget_event (widget=0x3f17900 [GtkButton], event=0xb3c89f60) at gtkwidget.c:7314
__func__ = "gtk_widget_event"
#38 0xb7526d50 in propagate_event_up (topmost=<optimized out>, event=<optimized out>, widget=0x3f17900 [GtkButton]) at gtkmain.c:2582
tmp = <optimized out>
handled_event = <optimized out>
handled_event = 0
#39 0xb7526d50 in propagate_event (widget=<optimized out>, event=0xb3c89f60, captured=<optimized out>, topmost=0x0) at gtkmain.c:2685
handled_event = 0
#40 0xb75292ca in gtk_main_do_event (event=0xb3c89f60) at gtkmain.c:1915
grab_widget = 0x3f17900 [GtkButton]
window_group = <optimized out>
rewritten_event = <optimized out>
device = 0x2221818 [GdkX11DeviceCore]
tmp_list = <optimized out>
event_widget = <optimized out>
topmost_widget = <optimized out>
event = <optimized out>
__func__ = "gtk_main_do_event"
__func__ = "gtk_main_do_event"
#41 0xb71fdb9b in _gdk_event_emit (event=0xb3c89f60) at gdkevents.c:73
#42 0xb723263b in gdk_event_source_dispatch (source=0x21bc890, callback=0x0, user_data=0x0) at gdkeventsource.c:367
display = <optimized out>
event = 0xb3c89f60
#43 0xb7d8f5c5 in g_main_dispatch (context=0x21d0c70) at gmain.c:3182
dispatch = <optimized out>
prev_source = 0x0
was_in_call = 0
user_data = 0x0
callback = 0x0
cb_funcs = 0x0
cb_data = 0x0
need_destroy = <optimized out>
source = 0x21bc890
current = 0x21bdba8
i = 0
__func__ = "g_main_dispatch"
#44 0xb7d8f5c5 in g_main_context_dispatch (context=0x21d0c70) at gmain.c:3847
#45 0xb7d8f9a9 in g_main_context_iterate (context=context@entry=0x21d0c70, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3920
max_priority = 2147483647
timeout = 16
some_ready = 1
nfds = 4
allocated_nfds = <optimized out>
fds = <optimized out>
#46 0xb7d8fa5b in g_main_context_iteration (context=0x21d0c70, may_block=1) at gmain.c:3981
retval = <optimized out>
#47 0xb7bf08b3 in g_application_run (application=0x21ac8d8 [GsApplication], argc=1, argv=0xbf8b52e4) at gapplication.c:2470
arguments = 0x21dd1e0
status = 0
context = 0x21d0c70
acquired_context = <optimized out>
__func__ = "g_application_run"
#48 0x00449cd6 in main (argc=1, argv=0xbf8b52e4) at ../src/gs-main.c:53
status = 0
appinfo = 0x21d4c28
application = 0x21ac8d8
debug = 0x21a2800
Hm, both this and the other crash may be memory corruption. I can't see how else they could happen. Any chance you could run gnome-software under valgrind and see if it reports any invalid reads or writes? I see you're running a 32 bit Fedora, which I suspect may be behind this somehow. We've only been testing gnome-software on 64 bits lately and something may have regressed on 32 bits. Created attachment 1495019 [details]
valgrind log output running on gnome-software
The 0xa address in the error: Cannot access memory at address 0xa seems too short to be valid. The lowest I could see that error in the full trace was at #2 g_object_new_valist at gobject.c:2097 in libgobject-2.0.so.0 of glib so the source of the error might have been glib. I hadn't run valgrind before tonight. I ran valgrind --leak-check=yes --log-file=valgrind-gnome-software-1.txt gnome-software based on reading the Valgrind Quick Start Guide and man valgrind. I reproduced the crash by clicking on the refresh button in the Updates screen. The error is an invalid read of size 1 byte 0xA. The part of the valgrind log occurring when the crash happened was ==3912== Invalid read of size 1 ==3912== at 0x483843E: index (vg_replace_strmem.c:251) ==3912== by 0x49367F1: g_param_spec_pool_lookup (gparam.c:1071) ==3912== by 0x49315A6: g_object_new_valist (gobject.c:2097) ==3912== by 0x4931A8C: g_object_new (gobject.c:1648) ==3912== by 0x173A24: gs_updates_page_get_new_updates (gs-updates-page.c:810) ==3912== by 0x492A34B: _g_closure_invoke_va (gclosure.c:873) ==3912== by 0x4946A6D: g_signal_emit_valist (gsignal.c:3300) ==3912== by 0x49470E8: g_signal_emit (gsignal.c:3447) ==3912== by 0x4DD8B0C: gtk_button_clicked (gtkbutton.c:1541) ==3912== by 0x4DD8BAC: gtk_button_do_release (gtkbutton.c:1845) ==3912== by 0x4DD8C19: gtk_real_button_released (gtkbutton.c:1963) ==3912== by 0x492A34B: _g_closure_invoke_va (gclosure.c:873) ==3912== Address 0xa is not stack'd, malloc'd or (recently) free'd ==3912== ==3912== ==3912== Process terminating with default action of signal 11 (SIGSEGV): dumping core ==3912== Access not within mapped region at address 0xA ==3912== at 0x483843E: index (vg_replace_strmem.c:251) ==3912== by 0x49367F1: g_param_spec_pool_lookup (gparam.c:1071) ==3912== by 0x49315A6: g_object_new_valist (gobject.c:2097) ==3912== by 0x4931A8C: g_object_new (gobject.c:1648) ==3912== by 0x173A24: gs_updates_page_get_new_updates (gs-updates-page.c:810) ==3912== by 0x492A34B: _g_closure_invoke_va (gclosure.c:873) ==3912== by 0x4946A6D: g_signal_emit_valist (gsignal.c:3300) ==3912== by 0x49470E8: g_signal_emit (gsignal.c:3447) ==3912== by 0x4DD8B0C: gtk_button_clicked (gtkbutton.c:1541) ==3912== by 0x4DD8BAC: gtk_button_do_release (gtkbutton.c:1845) ==3912== by 0x4DD8C19: gtk_real_button_released (gtkbutton.c:1963) ==3912== by 0x492A34B: _g_closure_invoke_va (gclosure.c:873) ==3912== If you believe this happened as a result of a stack ==3912== overflow in your program's main thread (unlikely but ==3912== possible), you can try to increase the size of the ==3912== main thread stack using the --main-stacksize= flag. ==3912== The main thread stack size used in this run was 8388608. Memory leaks were found as shown in the log file I'll attach. There were some additional error messages from gnome software output which I'll attach in another file. I can run valgrind with different options you might suggest if that would help. I'm running the i686 builds because my computer has a 32-bit Pentium 4 CPU. The error might have been 32-bit specific. I also have some additional flatpak repositories added some of which I added several months ago, and I'm not sure if they are all still working. flatpak remotes Name Options flathub user gnome user gnome-apps user gnome-apps-nightly user gnome-nightly user kdeapps user kderuntime user org.mozilla.FirefoxRepo user org.mozilla.FirefoxDevEdition-origin user,no-enumerate Created attachment 1495020 [details]
valgrind output of gnome-software error messages
I suspect https://gitlab.gnome.org/GNOME/gnome-software/merge_requests/126 fixes this, let me do a test build for you Can you try if https://koji.fedoraproject.org/koji/taskinfo?taskID=30304350 helps? (And thanks so much for all the help with debugging this!) Proposing as a Final Freeze Exception for F29 as gnome-software is super crashy right now on i386. This would be a blocker, except that i386 is no longer a blocking arch. +1 FE Kalev, can you please submit a new build to Bodhi ASAP? Thanks. gnome-software-3.30.3-1.fc29 has been submitted as an update to Fedora 29. https://bodhi.fedoraproject.org/updates/FEDORA-2018-447d45de07 I ran sudo dnf upgrade https://kojipkgs.fedoraproject.org//work/tasks/4354/30304354/gnome-software-3.30.2-1.fc29.mr125.i686.rpm https://kojipkgs.fedoraproject.org//work/tasks/4354/30304354/gnome-software-debuginfo-3.30.2-1.fc29.mr125.i686.rpm https://kojipkgs.fedoraproject.org//work/tasks/4354/30304354/gnome-software-debugsource-3.30.2-1.fc29.mr125.i686.rpm After that upgrade, I clicked on the refresh button in the updates screen, and the crash didn't happen. "Looking for new updates... (this might take a while)" alternating with "Downloading new updates... (this might take a while)" was shown with a spinning circle, followed by "Unable to get list of updates: failed to get updates for refresh: Timeout was reached" in a pop-up box. "Software is up to date" was shown after a few minutes. The second time I clicked refresh the above happened and OS Updates and Problem Reporting showed up. So the crash was resolved in gnome-software-3.30.2-1.fc29.mr125.i686.rpm The crashes I noted in #1638767 didn't occur with the test build when I clicked on the Audio & Video and Productivity categories or more... buttons on the main screen and those screens showed up correctly. I clicked on Communication & News Graphics & Photography, and Add-ons, but those screens were not loaded. I ran sudo dnf upgrade https://kojipkgs.fedoraproject.org//packages/gnome-software/3.30.3/1.fc29/i686/gnome-software-3.30.3-1.fc29.i686.rpm https://kojipkgs.fedoraproject.org//packages/gnome-software/3.30.3/1.fc29/i686/gnome-software-debuginfo-3.30.3-1.fc29.i686.rpm https://kojipkgs.fedoraproject.org//packages/gnome-software/3.30.3/1.fc29/i686/gnome-software-debugsource-3.30.3-1.fc29.i686.rpm 3.30.3 first showed "No application data found" and a pop-up box stating that it needed to be restarted to use new plugins which I did. When I clicked on the refresh button in the updates screen in 3.30.3, it showed checking... and "Downloading new updates... (this might take a while)" with no crashes. The OS Update and Problem reporting updates showed the versions involved and the update sizes which I didn't see with the test build. Clicking on all of the categories and the more... button showed those screens correctly. I didn't get any crashes of 3.30.3. Thanks for your help and the updates. No problem! The update received enough Karma in Bodhi and according to Bodhi users messages, it solves the problem and works fine. I believe, we can verify this bug. gnome-software-3.30.3-1.fc29 has been pushed to the Fedora 29 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2018-447d45de07 gnome-software-3.30.3-1.fc29 has been pushed to the Fedora 29 stable repository. If problems still persist, please make note of it in this bug report. |