Description of problem: Rhythmbox was up and playing music for about 45 minutes. I inserted an F9 dvd and rhythmbox crashed (not 100% sure this is connected): Jul 11 06:46:40 localhost gnome-keyring-daemon[2954]: adding removable location: volume_label_Fedora_9_i386_DVD at /media/Fedora 9 i386 DVD Jul 11 06:46:40 localhost hald: mounted /dev/sr0 on behalf of uid 500 Jul 11 06:46:41 localhost console-kit-daemon[2288]: WARNING: Couldn't read /proc/5455/environ: Error reading file '/proc/5455/environ': No such process Jul 11 06:46:41 localhost kernel:<6>rhythmbox[5461]: segfault at ad25c3c ip 00664879 sp ae7fdf8c error 4 in libc-2.8.90.so[5f5000+16d000] Jul 11 06:46:42 localhost pulseaudio[3071]: pcm_hw.c: SNDRV_PCM_IOCTL_DRAIN failed Jul 11 06:46:42 localhost kernel:<4>ALSA sound/pci/hda/hda_codec.c:725: hda_codec_cleanup_stream: NID=0x3 Jul 11 06:46:42 localhost kernel:<4>ALSA sound/pci/hda/hda_codec.c:725: hda_codec_cleanup_stream: NID=0x2 Jul 11 06:46:42 localhost kernel:<4>ALSA sound/pci/hda/hda_codec.c:725: hda_codec_cleanup_stream: NID=0x3 Jul 11 06:47:25 localhost hald: unmounted /dev/sr0 from '/media/Fedora 9 i386 DVD' on behalf of uid 500 Jul 11 06:47:25 localhost gnome-keyring-daemon[2954]: removing removable location: volume_label_Fedora_9_i386_DVD Don't see any other messages. I'll try to reproduce with gdb. Version-Release number of selected component (if applicable): rhythmbox-0.11.5-15.fc10.i386 How reproducible: Don't know Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Got it: Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb45fdb90 (LWP 5922)] malloc_consolidate (av=<value optimized out>) at malloc.c:4846 4846 nextsize = chunksize(nextchunk); (gdb) where #0 malloc_consolidate (av=<value optimized out>) at malloc.c:4846 #1 0x0066662d in _int_malloc (av=<value optimized out>, bytes=<value optimized out>) at malloc.c:4184 #2 0x0066818f in __libc_calloc (n=<value optimized out>, elem_size=<value optimized out>) at malloc.c:3901 #3 0x008375dc in IA__g_malloc0 (n_bytes=<value optimized out>) at gmem.c:151 #4 0x0084d853 in thread_memory_from_self () at gslice.c:444 #5 IA__g_slice_free1 (mem_size=<value optimized out>, mem_block=<value optimized out>) at gslice.c:862 #6 0x0082d1d9 in IA__g_list_free_1 (list=Could not find the frame base for "IA__g_list_free_1". ) at glist.c:78 #7 0x00840c76 in IA__g_queue_pop_tail (queue=<value optimized out>) at gqueue.c:581 #8 0x00808b88 in g_async_queue_pop_intern_unlocked ( queue=<value optimized out>, try=<value optimized out>, end_time=<value optimized out>) at gasyncqueue.c:373 #9 0x0085b128 in g_thread_pool_wait_for_new_task () at gthreadpool.c:220 #10 g_thread_pool_thread_proxy (data=<value optimized out>) at gthreadpool.c:254 #11 0x00859a4f in g_thread_create_proxy (data=<value optimized out>) at gthread.c:635 #12 0x007a251f in start_thread (arg=<value optimized out>) at pthread_create.c:297 #13 0x006d899e in clone () from /lib/libc.so.6 (gdb)
Created attachment 311578 [details] valgrind output of rhythmbox crashing when inserting F9 DVD I captured a valgrind log from running rhythmbox when it SIGSEGV'ed on inserting F9 DVD. I had to insert DVD twice for the crash to occur.
This is a bug in totem-pl-parser, which I fixed about 2 weeks ago. I'm doing a new release now. ==6046== Invalid free() / delete / delete[] ==6046== at 0x400590A: free (vg_replace_malloc.c:323) ==6046== by 0x8374F5: g_free (gmem.c:190) ==6046== by 0x81F0F8: g_error_free (gerror.c:125) ==6046== by 0x896289A: rb_audiocd_is_volume_audiocd (rb-audiocd-source.c:739) ==6046== by 0x8961EB6: create_source_cb (rb-audiocd-plugin.c:449) ==6046== by 0x3FBDFD5: rb_marshal_OBJECT__OBJECT (rb-marshal.c:327) ==6046== by 0xC83152: g_closure_invoke (gclosure.c:767) ==6046== by 0xC9A1F4: signal_emit_unlocked_R (gsignal.c:3045) ==6046== by 0xC9B15A: g_signal_emit_valist (gsignal.c:2717) ==6046== by 0xC9B755: g_signal_emit (gsignal.c:2765) ==6046== by 0x807C2EC: rb_removable_media_manager_mount_volume (rb-removable-media-manager.c:438) ==6046== by 0xC911C9: g_cclosure_marshal_VOID__OBJECT (gmarshal.c:636) ==6046== Address 0x45f3af0 is 0 bytes inside a block of size 65 free'd ==6046== at 0x400590A: free (vg_replace_malloc.c:323) ==6046== by 0x8374F5: g_free (gmem.c:190) ==6046== by 0x81F0F8: g_error_free (gerror.c:125) ==6046== by 0x27DC9F: cd_cache_open_mountpoint (totem-disc.c:458) ==6046== by 0x27DD58: cd_cache_disc_is_vcd (totem-disc.c:645) ==6046== by 0x27DFFF: totem_cd_detect_type_with_url (totem-disc.c:861) ==6046== by 0x27E2CB: totem_cd_detect_type (totem-disc.c:936) ==6046== by 0x8962845: rb_audiocd_is_volume_audiocd (rb-audiocd-source.c:735) ==6046== by 0x8961EB6: create_source_cb (rb-audiocd-plugin.c:449) ==6046== by 0x3FBDFD5: rb_marshal_OBJECT__OBJECT (rb-marshal.c:327) ==6046== by 0xC83152: g_closure_invoke (gclosure.c:767) ==6046== by 0xC9A1F4: signal_emit_unlocked_R (gsignal.c:3045)
Building in rawhide. Please reopen if the problem still occurs.