Created attachment 926548 [details] Full valgrind trace with LOTS of memory leaks Description of problem: While trying to create valgrind report for bug 1128766 valgrind spoted read from already released memory (while using VPN plugin to access VPN for the second time) Here is short cut&paste Invalid read of size 8 at 0x41A529: applet_agent_cancel_secrets_cb (applet.c:3246) by 0x842903B: g_cclosure_marshal_VOID__POINTERv (gmarshal.c:1236) by 0x8426103: _g_closure_invoke_va (gclosure.c:831) by 0x8440A8F: g_signal_emit_valist (gsignal.c:3218) by 0x84412DE: g_signal_emit (gsignal.c:3365) by 0x41D758: cancel_get_secrets (applet-agent.c:549) by 0x70CB69E: impl_secret_agent_cancel_get_secrets (nm-secret-agent.c:451) by 0x777594E: object_registration_message (dbus-gobject.c:1899) by 0x79AE51E: _dbus_object_tree_dispatch_and_unlock (dbus-object-tree.c:1018) by 0x79A0173: dbus_connection_dispatch (dbus-connection.c:4691) by 0x7772D44: message_queue_dispatch (dbus-gmain.c:90) by 0x86B1B1A: g_main_context_dispatch (gmain.c:3064) by 0x86B1EB7: g_main_context_iterate.isra.29 (gmain.c:3734) by 0x86B21E1: g_main_loop_run (gmain.c:3928) by 0x413175: main (main.c:106) Address 0x125171e8 is 8 bytes inside a block of size 16 free'd at 0x4C2CCE9: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) by 0x86B77BE: g_free (gmem.c:190) by 0x86CEBE3: g_slice_free1 (gslice.c:1112) by 0x86CF7FF: g_slist_remove (gslist.c:414) by 0x41A48E: applet_secrets_request_free (applet.c:3116) by 0x41A544: applet_agent_cancel_secrets_cb (applet.c:3251) by 0x842903B: g_cclosure_marshal_VOID__POINTERv (gmarshal.c:1236) by 0x8426103: _g_closure_invoke_va (gclosure.c:831) by 0x8440A8F: g_signal_emit_valist (gsignal.c:3218) by 0x84412DE: g_signal_emit (gsignal.c:3365) by 0x41D758: cancel_get_secrets (applet-agent.c:549) by 0x70CB69E: impl_secret_agent_cancel_get_secrets (nm-secret-agent.c:451) by 0x777594E: object_registration_message (dbus-gobject.c:1899) by 0x79AE51E: _dbus_object_tree_dispatch_and_unlock (dbus-object-tree.c:1018) by 0x79A0173: dbus_connection_dispatch (dbus-connection.c:4691) by 0x7772D44: message_queue_dispatch (dbus-gmain.c:90) by 0x86B1B1A: g_main_context_dispatch (gmain.c:3064) by 0x86B1EB7: g_main_context_iterate.isra.29 (gmain.c:3734) by 0x86B21E1: g_main_loop_run (gmain.c:3928) by 0x413175: main (main.c:106) Invalid read of size 8 at 0x41A520: applet_agent_cancel_secrets_cb (applet.c:3247) by 0x842903B: g_cclosure_marshal_VOID__POINTERv (gmarshal.c:1236) by 0x8426103: _g_closure_invoke_va (gclosure.c:831) by 0x8440A8F: g_signal_emit_valist (gsignal.c:3218) by 0x84412DE: g_signal_emit (gsignal.c:3365) by 0x41D758: cancel_get_secrets (applet-agent.c:549) by 0x70CB69E: impl_secret_agent_cancel_get_secrets (nm-secret-agent.c:451) by 0x777594E: object_registration_message (dbus-gobject.c:1899) by 0x79AE51E: _dbus_object_tree_dispatch_and_unlock (dbus-object-tree.c:1018) by 0x79A0173: dbus_connection_dispatch (dbus-connection.c:4691) by 0x7772D44: message_queue_dispatch (dbus-gmain.c:90) by 0x86B1B1A: g_main_context_dispatch (gmain.c:3064) by 0x86B1EB7: g_main_context_iterate.isra.29 (gmain.c:3734) by 0x86B21E1: g_main_loop_run (gmain.c:3928) by 0x413175: main (main.c:106) Address 0xeeeeeeeeeeeeeeee is not stack'd, malloc'd or (recently) free'd Process terminating with default action of signal 11 (SIGSEGV): dumping core General Protection Fault at 0x41A520: applet_agent_cancel_secrets_cb (applet.c:3247) by 0x842903B: g_cclosure_marshal_VOID__POINTERv (gmarshal.c:1236) by 0x8426103: _g_closure_invoke_va (gclosure.c:831) by 0x8440A8F: g_signal_emit_valist (gsignal.c:3218) by 0x84412DE: g_signal_emit (gsignal.c:3365) by 0x41D758: cancel_get_secrets (applet-agent.c:549) by 0x70CB69E: impl_secret_agent_cancel_get_secrets (nm-secret-agent.c:451) by 0x777594E: object_registration_message (dbus-gobject.c:1899) by 0x79AE51E: _dbus_object_tree_dispatch_and_unlock (dbus-object-tree.c:1018) by 0x79A0173: dbus_connection_dispatch (dbus-connection.c:4691) by 0x7772D44: message_queue_dispatch (dbus-gmain.c:90) by 0x86B1B1A: g_main_context_dispatch (gmain.c:3064) by 0x86B1EB7: g_main_context_iterate.isra.29 (gmain.c:3734) by 0x86B21E1: g_main_loop_run (gmain.c:3928) by 0x413175: main (main.c:106) Version-Release number of selected component (if applicable): network-manager-applet-0.9.9.0-13.git20140424.fc22.x86_64 How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
This bug appears to have been reported against 'rawhide' during the Fedora 22 development cycle. Changing version to '22'. More information and reason for this action is here: https://fedoraproject.org/wiki/Fedora_Program_Management/HouseKeeping/Fedora22
This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component.
Created attachment 1106724 [details] [PATCH] applet: fix accessing freed memory (rh #1129818)
(In reply to Jirka Klimes from comment #3) > Created attachment 1106724 [details] > [PATCH] applet: fix accessing freed memory (rh #1129818) Looks right.
LGTM too.
Upstream commits: master: 10c78cb applet: fix accessing freed memory (rh #1129818) nma-1-0: 597c688 applet: fix accessing freed memory (rh #1129818)
Wondering if the but is already fixed in rawhide package? network-manager-applet-1.2.0-0.2.beta1.fc24.x86_64 From debug package source it seems so - yet I've still get new nm-applet crash: (gdb) bt #0 0x00007fe12d5a7618 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54 #1 0x00007fe12d5a921a in __GI_abort () at abort.c:89 #2 0x00007fe12dbc7ee5 in g_assertion_message (domain=domain@entry=0x55f7a34ce85c "nm-applet", file=file@entry=0x55f7a34ce5e8 "applet.c", line=line@entry=1227, func=func@entry=0x55f7a34d0080 <__FUNCTION__.69388> "applet_get_first_active_vpn_connection", message=message@entry=0x55f7a3c2fec0 "assertion failed: (s_con)") at gtestutils.c:2429 #3 0x00007fe12dbc7f7a in g_assertion_message_expr (domain=domain@entry=0x55f7a34ce85c "nm-applet", file=file@entry=0x55f7a34ce5e8 "applet.c", line=line@entry=1227, func=func@entry=0x55f7a34d0080 <__FUNCTION__.69388> "applet_get_first_active_vpn_connection", expr=expr@entry=0x55f7a34ce5e2 "s_con") at gtestutils.c:2452 #4 0x000055f7a34ad046 in applet_get_first_active_vpn_connection (applet=applet@entry=0x55f7a399c090 [NMApplet], out_state=out_state@entry=0x7ffd51e54a54) at applet.c:1227 #5 0x000055f7a34b33b2 in applet_update_icon (user_data=<optimized out>) at applet.c:2769 #6 0x00007fe12dba1f9a in g_main_context_dispatch (context=0x55f7a395a200) at gmain.c:3154 #7 0x00007fe12dba1f9a in g_main_context_dispatch (context=context@entry=0x55f7a395a200) at gmain.c:3769 #8 0x00007fe12dba2330 in g_main_context_iterate (context=0x55f7a395a200, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3840 #9 0x00007fe12dba2652 in g_main_loop_run (loop=0x55f7a3934d40) at gmain.c:4034 #10 0x000055f7a34ac58d in main (argc=1, argv=0x7ffd51e54ce8) at main.c:84 Which looks like reincarnation of the same issue?
Still failing with network-manager-applet-1.2.0-0.3.beta1.fc24.x86_64: (gdb) bt #0 0x00007f314c973f88 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54 #1 0x00007f314c975b9a in __GI_abort () at abort.c:89 #2 0x00007f314cfa0675 in g_assertion_message (domain=domain@entry=0x561a7ab933dc "nm-applet", file=file@entry=0x561a7ab93168 "applet.c", line=line@entry=1227, func=func@entry=0x561a7ab94c00 <__FUNCTION__.69562> "applet_get_first_active_vpn_connection", message=message@entry=0x561a7cd3a1a0 "assertion failed: (s_con)") at gtestutils.c:2429 #3 0x00007f314cfa070a in g_assertion_message_expr (domain=domain@entry=0x561a7ab933dc "nm-applet", file=file@entry=0x561a7ab93168 "applet.c", line=line@entry=1227, func=func@entry=0x561a7ab94c00 <__FUNCTION__.69562> "applet_get_first_active_vpn_connection", expr=expr@entry=0x561a7ab93162 "s_con") at gtestutils.c:2452 #4 0x0000561a7ab71a9e in applet_get_first_active_vpn_connection (applet=applet@entry=0x561a7c8b4090 [NMApplet], out_state=out_state@entry=0x7ffc32ab5354) at applet.c:1227 #5 0x0000561a7ab77d92 in applet_update_icon (user_data=<optimized out>) at applet.c:2769 #6 0x00007f314cf7aab3 in g_main_context_dispatch (context=0x561a7c874700) at gmain.c:3154 #7 0x00007f314cf7aab3 in g_main_context_dispatch (context=context@entry=0x561a7c874700) at gmain.c:3769 #8 0x00007f314cf7ae60 in g_main_context_iterate (context=0x561a7c874700, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3840 #9 0x00007f314cf7b182 in g_main_loop_run (loop=0x561a7c76dda0) at gmain.c:4034 #10 0x0000561a7ab70fdd in main (argc=<optimized out>, argv=<optimized out>) at main.c:84 with very simple use-case scenario: Disconnect in office wired network via docking station in suspend, resume at home & connect to wireless and fire 'OpenVPN' connnection. As a 'bonus' for version 0.3 I'm getting 'black' background for nm-applet on my otherwise light colored xfce4 panel... Switching back to new as still not resolved.
Here goes revisited valgrind trace when opening VPN: Invalid read of size 1 at 0x4C35324: strstr (vg_replace_strmem.c:1613) by 0x11E81D: activate_vpn_cb (applet.c:1119) by 0x7ED7A0C: g_simple_async_result_complete (gsimpleasyncresult.c:801) by 0x7B21F35: activate_cb (nm-client.c:871) by 0x7ED7A0C: g_simple_async_result_complete (gsimpleasyncresult.c:801) by 0x7B37A04: activate_info_complete (nm-manager.c:778) by 0x7B37FB8: object_creation_failed (nm-manager.c:1104) by 0x7B3D206: object_created (nm-object.c:797) by 0x7B3AD80: create_async_complete (nm-object.c:473) by 0x7B3BA2F: create_async_got_property (nm-object.c:566) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EEA465: g_task_return (gtask.c:1165) by 0x7F47908: reply_cb (gdbusproxy.c:2570) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EEA465: g_task_return (gtask.c:1165) by 0x7F3C82E: g_dbus_connection_call_done (gdbusconnection.c:5702) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EE9C58: complete_in_idle_cb (gtask.c:1121) by 0x8691AB2: g_main_dispatch (gmain.c:3154) by 0x8691AB2: g_main_context_dispatch (gmain.c:3769) by 0x8691E5F: g_main_context_iterate.isra.29 (gmain.c:3840) by 0x8692181: g_main_loop_run (gmain.c:4034) by 0x118FDC: main (main.c:84) Address 0x1d37f1e4 is 0 bytes after a block of size 52 alloc'd at 0x4C2DBAD: malloc (vg_replace_malloc.c:299) by 0x8697208: g_malloc (gmem.c:94) by 0x86AFFFE: g_strdup (gstrfuncs.c:363) by 0x867D123: g_error_copy (gerror.c:521) by 0x7ED7332: g_simple_async_result_set_from_error (gsimpleasyncresult.c:675) by 0x7B37A7B: activate_info_complete (nm-manager.c:777) by 0x7B37FB8: object_creation_failed (nm-manager.c:1104) by 0x7B3D206: object_created (nm-object.c:797) by 0x7B3AD80: create_async_complete (nm-object.c:473) by 0x7B3BA2F: create_async_got_property (nm-object.c:566) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EEA465: g_task_return (gtask.c:1165) by 0x7F47908: reply_cb (gdbusproxy.c:2570) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EEA465: g_task_return (gtask.c:1165) by 0x7F3C82E: g_dbus_connection_call_done (gdbusconnection.c:5702) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EE9C58: complete_in_idle_cb (gtask.c:1121) by 0x8691AB2: g_main_dispatch (gmain.c:3154) by 0x8691AB2: g_main_context_dispatch (gmain.c:3769) by 0x8691E5F: g_main_context_iterate.isra.29 (gmain.c:3840) by 0x8692181: g_main_loop_run (gmain.c:4034) by 0x118FDC: main (main.c:84) Invalid read of size 1 at 0x4C30BC2: strlen (vg_replace_strmem.c:454) by 0x8BC773A: vfprintf (vfprintf.c:1632) by 0x8C96B74: __vasprintf_chk (vasprintf_chk.c:66) by 0x86D54D8: vasprintf (stdio2.h:210) by 0x86D54D8: g_vasprintf (gprintf.c:316) by 0x86B016C: g_strdup_vprintf (gstrfuncs.c:514) by 0x8698311: g_logv (gmessages.c:986) by 0x86986BE: g_log (gmessages.c:1118) by 0x11E891: activate_vpn_cb (applet.c:1129) by 0x7ED7A0C: g_simple_async_result_complete (gsimpleasyncresult.c:801) by 0x7B21F35: activate_cb (nm-client.c:871) by 0x7ED7A0C: g_simple_async_result_complete (gsimpleasyncresult.c:801) by 0x7B37A04: activate_info_complete (nm-manager.c:778) by 0x7B37FB8: object_creation_failed (nm-manager.c:1104) by 0x7B3D206: object_created (nm-object.c:797) by 0x7B3AD80: create_async_complete (nm-object.c:473) by 0x7B3BA2F: create_async_got_property (nm-object.c:566) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EEA465: g_task_return (gtask.c:1165) by 0x7F47908: reply_cb (gdbusproxy.c:2570) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EEA465: g_task_return (gtask.c:1165) by 0x7F3C82E: g_dbus_connection_call_done (gdbusconnection.c:5702) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EE9C58: complete_in_idle_cb (gtask.c:1121) by 0x8691AB2: g_main_dispatch (gmain.c:3154) by 0x8691AB2: g_main_context_dispatch (gmain.c:3769) by 0x8691E5F: g_main_context_iterate.isra.29 (gmain.c:3840) by 0x8692181: g_main_loop_run (gmain.c:4034) by 0x118FDC: main (main.c:84) Address 0x1d37f1e4 is 0 bytes after a block of size 52 alloc'd at 0x4C2DBAD: malloc (vg_replace_malloc.c:299) by 0x8697208: g_malloc (gmem.c:94) by 0x86AFFFE: g_strdup (gstrfuncs.c:363) by 0x867D123: g_error_copy (gerror.c:521) by 0x7ED7332: g_simple_async_result_set_from_error (gsimpleasyncresult.c:675) by 0x7B37A7B: activate_info_complete (nm-manager.c:777) by 0x7B37FB8: object_creation_failed (nm-manager.c:1104) by 0x7B3D206: object_created (nm-object.c:797) by 0x7B3AD80: create_async_complete (nm-object.c:473) by 0x7B3BA2F: create_async_got_property (nm-object.c:566) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EEA465: g_task_return (gtask.c:1165) by 0x7F47908: reply_cb (gdbusproxy.c:2570) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EEA465: g_task_return (gtask.c:1165) by 0x7F3C82E: g_dbus_connection_call_done (gdbusconnection.c:5702) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EE9C58: complete_in_idle_cb (gtask.c:1121) by 0x8691AB2: g_main_dispatch (gmain.c:3154) by 0x8691AB2: g_main_context_dispatch (gmain.c:3769) by 0x8691E5F: g_main_context_iterate.isra.29 (gmain.c:3840) by 0x8692181: g_main_loop_run (gmain.c:4034) by 0x118FDC: main (main.c:84) Invalid read of size 1 at 0x4C30BD4: strlen (vg_replace_strmem.c:454) by 0x8BC773A: vfprintf (vfprintf.c:1632) by 0x8C96B74: __vasprintf_chk (vasprintf_chk.c:66) by 0x86D54D8: vasprintf (stdio2.h:210) by 0x86D54D8: g_vasprintf (gprintf.c:316) by 0x86B016C: g_strdup_vprintf (gstrfuncs.c:514) by 0x8698311: g_logv (gmessages.c:986) by 0x86986BE: g_log (gmessages.c:1118) by 0x11E891: activate_vpn_cb (applet.c:1129) by 0x7ED7A0C: g_simple_async_result_complete (gsimpleasyncresult.c:801) by 0x7B21F35: activate_cb (nm-client.c:871) by 0x7ED7A0C: g_simple_async_result_complete (gsimpleasyncresult.c:801) by 0x7B37A04: activate_info_complete (nm-manager.c:778) by 0x7B37FB8: object_creation_failed (nm-manager.c:1104) by 0x7B3D206: object_created (nm-object.c:797) by 0x7B3AD80: create_async_complete (nm-object.c:473) by 0x7B3BA2F: create_async_got_property (nm-object.c:566) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EEA465: g_task_return (gtask.c:1165) by 0x7F47908: reply_cb (gdbusproxy.c:2570) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EEA465: g_task_return (gtask.c:1165) by 0x7F3C82E: g_dbus_connection_call_done (gdbusconnection.c:5702) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EE9C58: complete_in_idle_cb (gtask.c:1121) by 0x8691AB2: g_main_dispatch (gmain.c:3154) by 0x8691AB2: g_main_context_dispatch (gmain.c:3769) by 0x8691E5F: g_main_context_iterate.isra.29 (gmain.c:3840) by 0x8692181: g_main_loop_run (gmain.c:4034) by 0x118FDC: main (main.c:84) Address 0x1d37f1e5 is 1 bytes after a block of size 52 alloc'd at 0x4C2DBAD: malloc (vg_replace_malloc.c:299) by 0x8697208: g_malloc (gmem.c:94) by 0x86AFFFE: g_strdup (gstrfuncs.c:363) by 0x867D123: g_error_copy (gerror.c:521) by 0x7ED7332: g_simple_async_result_set_from_error (gsimpleasyncresult.c:675) by 0x7B37A7B: activate_info_complete (nm-manager.c:777) by 0x7B37FB8: object_creation_failed (nm-manager.c:1104) by 0x7B3D206: object_created (nm-object.c:797) by 0x7B3AD80: create_async_complete (nm-object.c:473) by 0x7B3BA2F: create_async_got_property (nm-object.c:566) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EEA465: g_task_return (gtask.c:1165) by 0x7F47908: reply_cb (gdbusproxy.c:2570) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EEA465: g_task_return (gtask.c:1165) by 0x7F3C82E: g_dbus_connection_call_done (gdbusconnection.c:5702) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EE9C58: complete_in_idle_cb (gtask.c:1121) by 0x8691AB2: g_main_dispatch (gmain.c:3154) by 0x8691AB2: g_main_context_dispatch (gmain.c:3769) by 0x8691E5F: g_main_context_iterate.isra.29 (gmain.c:3840) by 0x8692181: g_main_loop_run (gmain.c:4034) by 0x118FDC: main (main.c:84) Invalid read of size 1 at 0x4C32AF0: __GI_memcpy (vg_replace_strmem.c:1020) by 0x8BF57B5: __mempcpy_inline (string.h:652) by 0x8BF57B5: _IO_default_xsputn (genops.c:438) by 0x8BC74B0: vfprintf (vfprintf.c:1632) by 0x8C96B74: __vasprintf_chk (vasprintf_chk.c:66) by 0x86D54D8: vasprintf (stdio2.h:210) by 0x86D54D8: g_vasprintf (gprintf.c:316) by 0x86B016C: g_strdup_vprintf (gstrfuncs.c:514) by 0x8698311: g_logv (gmessages.c:986) by 0x86986BE: g_log (gmessages.c:1118) by 0x11E891: activate_vpn_cb (applet.c:1129) by 0x7ED7A0C: g_simple_async_result_complete (gsimpleasyncresult.c:801) by 0x7B21F35: activate_cb (nm-client.c:871) by 0x7ED7A0C: g_simple_async_result_complete (gsimpleasyncresult.c:801) by 0x7B37A04: activate_info_complete (nm-manager.c:778) by 0x7B37FB8: object_creation_failed (nm-manager.c:1104) by 0x7B3D206: object_created (nm-object.c:797) by 0x7B3AD80: create_async_complete (nm-object.c:473) by 0x7B3BA2F: create_async_got_property (nm-object.c:566) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EEA465: g_task_return (gtask.c:1165) by 0x7F47908: reply_cb (gdbusproxy.c:2570) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EEA465: g_task_return (gtask.c:1165) by 0x7F3C82E: g_dbus_connection_call_done (gdbusconnection.c:5702) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EE9C58: complete_in_idle_cb (gtask.c:1121) by 0x8691AB2: g_main_dispatch (gmain.c:3154) by 0x8691AB2: g_main_context_dispatch (gmain.c:3769) by 0x8691E5F: g_main_context_iterate.isra.29 (gmain.c:3840) by 0x8692181: g_main_loop_run (gmain.c:4034) by 0x118FDC: main (main.c:84) Address 0x1d37f1e4 is 0 bytes after a block of size 52 alloc'd at 0x4C2DBAD: malloc (vg_replace_malloc.c:299) by 0x8697208: g_malloc (gmem.c:94) by 0x86AFFFE: g_strdup (gstrfuncs.c:363) by 0x867D123: g_error_copy (gerror.c:521) by 0x7ED7332: g_simple_async_result_set_from_error (gsimpleasyncresult.c:675) by 0x7B37A7B: activate_info_complete (nm-manager.c:777) by 0x7B37FB8: object_creation_failed (nm-manager.c:1104) by 0x7B3D206: object_created (nm-object.c:797) by 0x7B3AD80: create_async_complete (nm-object.c:473) by 0x7B3BA2F: create_async_got_property (nm-object.c:566) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EEA465: g_task_return (gtask.c:1165) by 0x7F47908: reply_cb (gdbusproxy.c:2570) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EEA465: g_task_return (gtask.c:1165) by 0x7F3C82E: g_dbus_connection_call_done (gdbusconnection.c:5702) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EE9C58: complete_in_idle_cb (gtask.c:1121) by 0x8691AB2: g_main_dispatch (gmain.c:3154) by 0x8691AB2: g_main_context_dispatch (gmain.c:3769) by 0x8691E5F: g_main_context_iterate.isra.29 (gmain.c:3840) by 0x8692181: g_main_loop_run (gmain.c:4034) by 0x118FDC: main (main.c:84) Invalid read of size 1 at 0x4C32AFE: __GI_memcpy (vg_replace_strmem.c:1020) by 0x8BF57B5: __mempcpy_inline (string.h:652) by 0x8BF57B5: _IO_default_xsputn (genops.c:438) by 0x8BC74B0: vfprintf (vfprintf.c:1632) by 0x8C96B74: __vasprintf_chk (vasprintf_chk.c:66) by 0x86D54D8: vasprintf (stdio2.h:210) by 0x86D54D8: g_vasprintf (gprintf.c:316) by 0x86B016C: g_strdup_vprintf (gstrfuncs.c:514) by 0x8698311: g_logv (gmessages.c:986) by 0x86986BE: g_log (gmessages.c:1118) by 0x11E891: activate_vpn_cb (applet.c:1129) by 0x7ED7A0C: g_simple_async_result_complete (gsimpleasyncresult.c:801) by 0x7B21F35: activate_cb (nm-client.c:871) by 0x7ED7A0C: g_simple_async_result_complete (gsimpleasyncresult.c:801) by 0x7B37A04: activate_info_complete (nm-manager.c:778) by 0x7B37FB8: object_creation_failed (nm-manager.c:1104) by 0x7B3D206: object_created (nm-object.c:797) by 0x7B3AD80: create_async_complete (nm-object.c:473) by 0x7B3BA2F: create_async_got_property (nm-object.c:566) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EEA465: g_task_return (gtask.c:1165) by 0x7F47908: reply_cb (gdbusproxy.c:2570) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EEA465: g_task_return (gtask.c:1165) by 0x7F3C82E: g_dbus_connection_call_done (gdbusconnection.c:5702) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EE9C58: complete_in_idle_cb (gtask.c:1121) by 0x8691AB2: g_main_dispatch (gmain.c:3154) by 0x8691AB2: g_main_context_dispatch (gmain.c:3769) by 0x8691E5F: g_main_context_iterate.isra.29 (gmain.c:3840) by 0x8692181: g_main_loop_run (gmain.c:4034) by 0x118FDC: main (main.c:84) Address 0x1d37f1e6 is 2 bytes after a block of size 52 alloc'd at 0x4C2DBAD: malloc (vg_replace_malloc.c:299) by 0x8697208: g_malloc (gmem.c:94) by 0x86AFFFE: g_strdup (gstrfuncs.c:363) by 0x867D123: g_error_copy (gerror.c:521) by 0x7ED7332: g_simple_async_result_set_from_error (gsimpleasyncresult.c:675) by 0x7B37A7B: activate_info_complete (nm-manager.c:777) by 0x7B37FB8: object_creation_failed (nm-manager.c:1104) by 0x7B3D206: object_created (nm-object.c:797) by 0x7B3AD80: create_async_complete (nm-object.c:473) by 0x7B3BA2F: create_async_got_property (nm-object.c:566) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EEA465: g_task_return (gtask.c:1165) by 0x7F47908: reply_cb (gdbusproxy.c:2570) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EEA465: g_task_return (gtask.c:1165) by 0x7F3C82E: g_dbus_connection_call_done (gdbusconnection.c:5702) by 0x7EE9C18: g_task_return_now (gtask.c:1107) by 0x7EE9C58: complete_in_idle_cb (gtask.c:1121) by 0x8691AB2: g_main_dispatch (gmain.c:3154) by 0x8691AB2: g_main_context_dispatch (gmain.c:3769) by 0x8691E5F: g_main_context_iterate.isra.29 (gmain.c:3840) by 0x8692181: g_main_loop_run (gmain.c:4034) by 0x118FDC: main (main.c:84) (The black background seems to be be 'enhancement' of gtk3 - so likely unrelated) I set '0xee' in valgrind to reset mem and this is also printed: (nm-openvpn-auth-dialog:1904): Gtk-WARNING **: Theme parsing error: gtk.css:6:17: The 'gtk-key-bindings' property has been renamed to '-gtk-key-bindings' Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged. (nm-applet:1455): nm-applet-WARNING **: VPN Connection activation failed: (\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee) Active connection removed before it was initialized (nm-applet:1455): nm-applet-WARNING **: VPN Connection activation failed: (\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee\xee) Active connection removed before it was initialized (nm-openvpn-auth-dialog:2109): Gtk-WARNING **: Theme parsing error: gtk.css:6:17: The 'gtk-key-bindings' property has been renamed to '-gtk-key-bindings' Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged.
NetworkManager-1.2.0-1.fc24 NetworkManager-fortisslvpn-1.2.0-1.fc24 NetworkManager-iodine-1.2.0-1.fc24 NetworkManager-l2tp-1.2.0-1.fc24 NetworkManager-libreswan-1.2.0-1.fc24 NetworkManager-openconnect-1.2.0-1.fc24 NetworkManager-openvpn-1.2.0-1.fc24 NetworkManager-pptp-1.2.0-1.fc24 NetworkManager-ssh-1.2.0-1.fc24 NetworkManager-vpnc-1.2.0-1.fc24 network-manager-applet-1.2.0-1.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-7e287fa1e6
NetworkManager-1.2.0-1.fc24, NetworkManager-fortisslvpn-1.2.0-1.fc24, NetworkManager-iodine-1.2.0-1.fc24, NetworkManager-l2tp-1.2.0-1.fc24, NetworkManager-libreswan-1.2.0-1.fc24, NetworkManager-openconnect-1.2.0-1.fc24, NetworkManager-openvpn-1.2.0-1.fc24, NetworkManager-pptp-1.2.0-1.fc24, NetworkManager-ssh-1.2.0-1.fc24, NetworkManager-vpnc-1.2.0-1.fc24, network-manager-applet-1.2.0-1.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-7e287fa1e6
NetworkManager-1.2.0-1.fc24, NetworkManager-fortisslvpn-1.2.0-1.fc24, NetworkManager-iodine-1.2.0-1.fc24, NetworkManager-l2tp-1.2.0-1.fc24, NetworkManager-libreswan-1.2.0-1.fc24, NetworkManager-openconnect-1.2.0-1.fc24, NetworkManager-openvpn-1.2.0-1.fc24, NetworkManager-pptp-1.2.0-1.fc24, NetworkManager-ssh-1.2.0-1.fc24, NetworkManager-vpnc-1.2.0-1.fc24, network-manager-applet-1.2.0-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.