Bug 544520 - metacity: Crash in pa_memblock_unref()
Summary: metacity: Crash in pa_memblock_unref()
Alias: None
Product: Fedora
Classification: Fedora
Component: pulseaudio
Version: 13
Hardware: i686
OS: Linux
Target Milestone: ---
Assignee: Lennart Poettering
QA Contact: Fedora Extras Quality Assurance
Whiteboard: abrt_hash:700f726f57c98b401788ca7f491...
: 543221 545420 547890 548727 550726 551812 551977 555179 560199 568113 596504 603261 608315 (view as bug list)
Depends On:
TreeView+ depends on / blocked
Reported: 2009-12-05 07:04 UTC by manolisT29s2001
Modified: 2011-06-27 14:38 UTC (History)
23 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2011-06-27 14:38:59 UTC

Attachments (Terms of Use)
File: backtrace (19.28 KB, text/plain)
2009-12-05 07:04 UTC, manolisT29s2001
no flags Details
backtrace for metacity-2.30.0-3.fc13 and pulseaudio-0.9.21-6.fc13.i686 (45.46 KB, text/plain)
2010-09-09 21:07 UTC, Michal Jaegermann
no flags Details

Description manolisT29s2001 2009-12-05 07:04:30 UTC
abrt 1.0.0 detected a crash.

Attached file: backtrace
cmdline: metacity
component: metacity
executable: /usr/bin/metacity
package: metacity-2.28.0-9.fc12
rating: 4
reason: Process was terminated by signal 11

Comment 1 manolisT29s2001 2009-12-05 07:04:33 UTC
Created attachment 376280 [details]
File: backtrace

Comment 2 Owen Taylor 2009-12-05 13:22:50 UTC
Another memory corruption-looking bug, maybe a dup of 542011?

Unfortunately, the main thread backtrace is missing symbols while the other threads seem to have symbols, which is weird...

Comment 3 Matthias Clasen 2010-01-05 17:03:28 UTC
*** Bug 543221 has been marked as a duplicate of this bug. ***

Comment 4 Lennart Poettering 2010-01-08 23:05:26 UTC
*** Bug 545420 has been marked as a duplicate of this bug. ***

Comment 5 Lennart Poettering 2010-01-08 23:06:21 UTC
*** Bug 547890 has been marked as a duplicate of this bug. ***

Comment 6 Lennart Poettering 2010-01-08 23:09:52 UTC
*** Bug 548727 has been marked as a duplicate of this bug. ***

Comment 7 Lennart Poettering 2010-01-08 23:10:26 UTC
*** Bug 550726 has been marked as a duplicate of this bug. ***

Comment 8 Lennart Poettering 2010-01-08 23:10:49 UTC
*** Bug 551812 has been marked as a duplicate of this bug. ***

Comment 9 Lennart Poettering 2010-01-08 23:11:15 UTC
*** Bug 551977 has been marked as a duplicate of this bug. ***

Comment 10 Owen Taylor 2010-02-01 16:09:28 UTC
*** Bug 560199 has been marked as a duplicate of this bug. ***

Comment 11 Lennart Poettering 2010-02-12 15:27:29 UTC
*** Bug 555179 has been marked as a duplicate of this bug. ***

Comment 12 Lennart Poettering 2010-02-16 03:36:16 UTC
So, hmm, these all are memory corruption issues.

The big question, why does this happen in metacity and not in other applications? 

I have tried really hard to reproduce this without any luck. I have now begun running metacity constantly in valgrind in the hope i will eventually be able to reproduce this. However, since I never have been able my hopes are not high.

So, I'd like to ask everyone who ran into this to do the same as I do and run metacity during longer periods of time in valgrind, in the hope this spits something useful out eventually. Running metacity in valgrind will make window management slow, but I still find it mostly usable.

So, here's how I am running valgrind in metacity:

0) install all debug symbols ("debuginfo-install metacity pulseaudio")

1) log into gnome normally

2) log into another session, either the console or ssh. Run this line there: "PULSE_LOG=99 valgrind metacity --replace &> metacity.log"

3) Now switch back to your gnome session and use your machine normally, and hope that this will catch something, eventually.

I'd be very thankful if more folks would do something like this.

Comment 13 Lennart Poettering 2010-02-18 03:48:44 UTC
So I have been running metacity now for two continous days inside valgrind and generated a lot of sound events from it and found exactly nothing (except for some "Conditional jump or move depends on uninitialised value(s)" inside of some metacity code which is presumably borkage in metacity but I have no real clue about but should be unrelated to this issue).

The whole thing is rock solid here and generates no bad memory accesses, doesn't crash, nothing.

I'd be very thankful if someone who already ran into this problem could try to reproduce it inside of valgrind, as I explained in the previous comment.

(One small correction regarding item #2 in that list: add a DISPLAY=:0 in that command line, like this:

"PULSE_LOG=99 DISPLAY=:0 valgrind metacity --replace &> metacity.log")

Comment 14 Ricardo 2010-03-28 12:59:44 UTC

Have no idea what happened. Just came to check the bug reporting tool and ti was here

Comment 15 Owen Taylor 2010-07-08 18:27:06 UTC
*** Bug 603261 has been marked as a duplicate of this bug. ***

Comment 16 Owen Taylor 2010-07-08 18:27:56 UTC
*** Bug 596504 has been marked as a duplicate of this bug. ***

Comment 17 Owen Taylor 2010-07-08 18:32:19 UTC
*** Bug 608315 has been marked as a duplicate of this bug. ***

Comment 18 Michal Jaegermann 2010-09-09 20:51:55 UTC
I got the same one today with metacity-2.30.0-3.fc13.i686 and pulseaudio-libs-0.9.21-6.fc13.i686.  Although selinux prevented generation of a full bug report (cf. bug 600123) I got a core.  This is what gdb has to say:

Core was generated by `metacity'.
Program terminated with signal 11, Segmentation fault.
#0  0x07a7c72b in pa_memblock_unref () from /usr/lib/libpulsecommon-0.9.21.so
Missing separate debuginfos, use: debuginfo-install metacity-2.30.0-3.fc13.i686
(gdb) where
#0  0x07a7c72b in pa_memblock_unref () from /usr/lib/libpulsecommon-0.9.21.so
#1  0x07a88de3 in ?? () from /usr/lib/libpulsecommon-0.9.21.so
#2  0x07a8b45c in pa_queue_free () from /usr/lib/libpulsecommon-0.9.21.so
#3  0x07a88f75 in pa_pstream_unref () from /usr/lib/libpulsecommon-0.9.21.so
#4  0x07a89218 in ?? () from /usr/lib/libpulsecommon-0.9.21.so
#5  0x07a74d8f in ?? () from /usr/lib/libpulsecommon-0.9.21.so
#6  0x06401901 in pa_mainloop_dispatch () from /usr/lib/libpulse.so.0
#7  0x06401d62 in pa_mainloop_iterate () from /usr/lib/libpulse.so.0
#8  0x06401e34 in pa_mainloop_run () from /usr/lib/libpulse.so.0
#9  0x06413a84 in ?? () from /usr/lib/libpulse.so.0
#10 0x07a99863 in ?? () from /usr/lib/libpulsecommon-0.9.21.so
#11 0x00630919 in start_thread () from /lib/libpthread.so.0
#12 0x0054dcbe in clone () from /lib/libc.so.6

Comment 19 Michal Jaegermann 2010-09-09 21:07:25 UTC
Created attachment 446377 [details]
backtrace for metacity-2.30.0-3.fc13 and pulseaudio-0.9.21-6.fc13.i686

With abrt sicced on crash remains this trace was generated on Fedora release 13.

Comment 20 Hamidou Dia 2010-09-29 21:18:43 UTC
*** Bug 568113 has been marked as a duplicate of this bug. ***

Comment 21 Bug Zapper 2011-06-02 17:11:47 UTC
This message is a reminder that Fedora 13 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 13.  It is Fedora's policy to close all
bug reports from releases that are no longer maintained.  At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '13'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 13's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 13 is end of life.  If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora please change the 'version' of this 
bug to the applicable version.  If you are unable to change the version, 
please add a comment here and someone will do it for you.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events.  Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 

Comment 22 Bug Zapper 2011-06-27 14:38:59 UTC
Fedora 13 changed to end-of-life (EOL) status on 2011-06-25. Fedora 13 is 
no longer maintained, which means that it will not receive any further 
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of 
Fedora please feel free to reopen this bug against that version.

Thank you for reporting this bug and we are sorry it could not be fixed.

Note You need to log in before you can comment on or make changes to this bug.