Description of problem: When using gaim, (MSN protocol) after I login and try to unblock a buddy, gaim will crash with a huge trace (posted later on) Version-Release number of selected component (if applicable): gaim-1.5.0-15.fc5.1 How reproducible: Always Steps to Reproduce: 1. Login to a MSN account 2. [menu] Tools > Privacy 3. Remove a buddy from the block list or hit "clear" 4. It crashes, upon re-login the buddy is still blocked Actual results: Gaim crashes with: [user@host ~]$ gaim -- I click & unblock the user, then: -- *** glibc detected *** gaim: free(): invalid pointer: 0x09c609a0 *** ======= Backtrace: ========= /lib/libc.so.6[0x85af18] /lib/libc.so.6(__libc_free+0x79)[0x85e41d] /usr/lib/libglib-2.0.so.0(g_free+0x31)[0xa794d1] gaim(gaim_privacy_deny_remove+0xd8)[0x73df08] gaim[0x7b5084] /usr/lib/libgobject-2.0.so.0(g_cclosure_marshal_VOID__VOID+0x49)[0x3f31c9] /usr/lib/libgobject-2.0.so.0(g_closure_invoke+0x11d)[0x3e5f6d] /usr/lib/libgobject-2.0.so.0[0x3f6a3d] /usr/lib/libgobject-2.0.so.0(g_signal_emit_valist+0x8c7)[0x3f7f47] /usr/lib/libgobject-2.0.so.0(g_signal_emit+0x29)[0x3f8109] /usr/lib/libgtk-x11-2.0.so.0(gtk_button_clicked+0x53)[0xf633d3] /usr/lib/libgtk-x11-2.0.so.0[0xf64cae] /usr/lib/libgobject-2.0.so.0(g_cclosure_marshal_VOID__VOID+0x49)[0x3f31c9] /usr/lib/libgobject-2.0.so.0[0x3e47a9] /usr/lib/libgobject-2.0.so.0(g_closure_invoke+0x11d)[0x3e5f6d] /usr/lib/libgobject-2.0.so.0[0x3f6eca] /usr/lib/libgobject-2.0.so.0(g_signal_emit_valist+0x8c7)[0x3f7f47] /usr/lib/libgobject-2.0.so.0(g_signal_emit+0x29)[0x3f8109] /usr/lib/libgtk-x11-2.0.so.0(gtk_button_released+0x53)[0xf63463] /usr/lib/libgtk-x11-2.0.so.0[0xf634c1] /usr/lib/libgtk-x11-2.0.so.0[0x10304de] /usr/lib/libgobject-2.0.so.0[0x3e47a9] /usr/lib/libgobject-2.0.so.0(g_closure_invoke+0x11d)[0x3e5f6d] /usr/lib/libgobject-2.0.so.0[0x3f7083] /usr/lib/libgobject-2.0.so.0(g_signal_emit_valist+0x68f)[0x3f7d0f] /usr/lib/libgobject-2.0.so.0(g_signal_emit+0x29)[0x3f8109] /usr/lib/libgtk-x11-2.0.so.0[0x111afa8] /usr/lib/libgtk-x11-2.0.so.0(gtk_propagate_event+0x183)[0x1029ec3] /usr/lib/libgtk-x11-2.0.so.0(gtk_main_do_event+0x317)[0x102b117] /usr/lib/libgdk-x11-2.0.so.0[0x27993a] /usr/lib/libglib-2.0.so.0(g_main_context_dispatch+0x16d)[0xa7209d] /usr/lib/libglib-2.0.so.0[0xa7532f] /usr/lib/libglib-2.0.so.0(g_main_loop_run+0x1a9)[0xa756d9] /usr/lib/libgtk-x11-2.0.so.0(gtk_main+0xb4)[0x102b594] gaim(main+0xc65)[0x7c6365] /lib/libc.so.6(__libc_start_main+0xdc)[0x80c7e4] gaim[0x716bc1] ======= Memory map: ======== 00111000-00138000 r-xp 00000000 03:43 696336 /usr/lib/libaudiofile.so.0.0.2 00138000-0013c000 rwxp 00026000 03:43 696336 /usr/lib/libaudiofile.so.0.0.2 0013c000-00235000 r-xp 00000000 03:43 687310 /usr/lib/libX11.so.6.2.0 00235000-00239000 rwxp 000f9000 03:43 687310 /usr/lib/libX11.so.6.2.0 00239000-002c0000 r-xp 00000000 03:43 696109 /usr/lib/libgdk-x11-2.0.so.0.800.14 002c0000-002c3000 rwxp 00087000 03:43 696109 /usr/lib/libgdk-x11-2.0.so.0.800.14 002c3000-002dd000 r-xp 00000000 03:43 696111 /usr/lib/libatk-1.0.so.0.1112.0002dd000-002df000 rwxp 00019000 03:43 696111 /usr/lib/libatk-1.0.so.0.1112.0002df000-00302000 r-xp 00000000 03:43 172862 /lib/libm-2.4.so 00302000-00303000 r-xp 00022000 03:43 172862 /lib/libm-2.4.so 00303000-00304000 rwxp 00023000 03:43 172862 /lib/libm-2.4.so 00304000-0030c000 r-xp 00000000 03:43 696096 /usr/lib/libpangocairo-1.0.so.0.1199.0 0030c000-0030d000 rwxp 00007000 03:43 696096 /usr/lib/libpangocairo-1.0.so.0.1199.0 0030d000-00310000 r-xp 00000000 03:43 685648 /usr/lib/libgmodule-2.0.so.0.1000.1 00310000-00311000 rwxp 00002000 03:43 685648 /usr/lib/libgmodule-2.0.so.0.1000.1 00311000-00313000 r-xp 00000000 03:43 172864 /lib/libdl-2.4.so 00313000-00314000 r-xp 00001000 03:43 172864 /lib/libdl-2.4.so 00314000-00315000 rwxp 00002000 03:43 172864 /lib/libdl-2.4.so 00315000-00317000 r-xp 00000000 03:43 687065 /usr/lib/libXau.so.6.0.0 00317000-00318000 rwxp 00001000 03:43 687065 /usr/lib/libXau.so.6.0.0 00318000-0031a000 r-xp 00000000 03:43 696099 /usr/lib/libXinerama.so.1.0.0 0031a000-0031b000 rwxp 00001000 03:43 696099 /usr/lib/libXinerama.so.1.0.0 0031b000-00323000 r-xp 00000000 03:43 695424 /usr/lib/libSM.so.6.0.0 00323000-00324000 rwxp 00008000 03:43 695424 /usr/lib/libSM.so.6.0.0 00324000-0032d000 r-xp 00000000 03:43 696116 /usr/lib/libstartup-notification-1.so.0.0.0 0032d000-0032e000 rwxp 00008000 03:43 696116 /usr/lib/libstartup-notification-1.so.0.0.0 0032e000-00333000 r-xp Aborted Expected results: The buddy to be unblocked, and the gaim shouldn't crash Additional info: It seems https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=182622 is somewhat similar. This didn't happen in previous versions AKAIK, so it seems it's just a coding bug from this release. Firewing1
I see this problem with the AIM protocal as well.
Changed versions, as it's still happening in FC5 final. Any news on an update? Firewing1
And with blocking is happening the same issue, with MSN protocol, and identical version.
Forgot to comment, with blocking the crash is still present when trying to execute gaim again. A temporal fix is removing ~/.gaim, but the contact remains unblocked.
Could someone try with this CVS patch: http://cvs.sourceforge.net/viewcvs.py/gaim/gaim/src/privacy.c?r1=1.18&r2=1.16&diff_format=u I think this will apply to "oldstatus" (<2.0.0) gaim
*** Bug 186598 has been marked as a duplicate of this bug. ***
Comment on #5 - I've applied the patch to the current tar.bz2 from the gaim sight and all it does is attempt to generate a coredump after trying to load the buddies list
That's not the result I was hoping for :( Can you get a backtrace from the patched build? see http://gaim.sf.net/gdb.php I see your bug was closed as a duplicate of this one, but I'm not 100% sure it is - do other people see the same problem with the patch?
Nope. gdb is failing to start on this box (continually segfaults - probably something I've done rather than gdb itself). I'll try at work in the morning or on my laptop in the morning. I have a feeling the bugs are related which is why Warren marked it as a dup - I can certainly see the similarities and the throwback from both indicates libmsn is partially to blame (though I have a feeling it is something less pleasant)
Warren, we just had someone on #gaim report something that looks similar to this with FC5's Gaim - is there any chance you could build a test FC5 RPM with that patch included for us to point users to?
I tested the packaged suppled to me by warren http://people.redhat.com/wtogami/temp/gaim-1.5.0-15.fc5.2.i386.rpm I do not experience any more crashes when blocking, unblocking, sending or receiving messages to/from MSN protocol. I was not able to test this with AIM protocol. Verdict: Looks good to me.
That's right Gantry, looks like it is working fine now at least with the MSN protocol. Thanks.
Seems happy with Yahoo as well
I think this can be closed now - not getting any problems at all with gaim :-)
*** Bug 182622 has been marked as a duplicate of this bug. ***