[Pidgin] #4312: MSN crashes on fast messages
Pidgin
trac at pidgin.im
Fri Dec 7 17:35:56 EST 2007
#4312: MSN crashes on fast messages
-------------------+--------------------------------------------------------
Reporter: emilal | Owner: khc
Type: defect | Status: new
Priority: minor | Component: MSN
Version: 2.3.0 | Keywords: MSN crashes on fast messages
Pending: 0 |
-------------------+--------------------------------------------------------
Try to send about 10 sequential messages to/from MSN clieent. Result is
coredump - see these next examples:
{{{
#0 IA__g_markup_escape_text (text=0x8f89aa8 "�, length=-1) at
gmarkup.c:1910
1910 gmarkup.c: No such file or directory.
in gmarkup.c
(gdb) bt full
#0 IA__g_markup_escape_text (text=0x8f89aa8 "�, length=-1) at
gmarkup.c:1910
next = (const gchar *) 0x9053000 <Address 0x9053000 out of bounds>
str = (GString *) 0x8fccb60
__PRETTY_FUNCTION__ = "IA__g_markup_escape_text"
#1 0x00c04ff6 in msg_error_helper (cmdproc=0x8f9c670, msg=0x8fcd9a8,
error=MSN_MSG_ERROR_SB) at switchboard.c:444
str_reason = 0xca9a7c "Message could not be sent because a
connection error occurred:"
body_str = 0x8f89aa8 "�
pre = 0x8f5b700 "(\216"
post = 0x8f41760 "\230e\b8�b"
format = 0x8f6dcc8 "�\b(\216"
body_enc = 0x8f9e578 "x_�b\f\b\020"
swboard = (MsnSwitchBoard *) 0x8fe1590
__PRETTY_FUNCTION__ = "msg_error_helper"
#2 0x00c046f7 in msn_switchboard_destroy (swboard=0x8fe1590) at
switchboard.c:105
session = (MsnSession *) 0xcd4268
msg = (MsnMessage *) 0x0
l = (GList *) 0x8fcc320
__PRETTY_FUNCTION__ = "msn_switchboard_destroy"
#3 0x00c05ddc in disconnect_cb (servconn=0x8f9e290) at switchboard.c:1035
swboard = (MsnSwitchBoard *) 0x8fe1590
__PRETTY_FUNCTION__ = "disconnect_cb"
#4 0x00c018b9 in msn_servconn_disconnect (servconn=0x8f9e290) at
servconn.c:295
__PRETTY_FUNCTION__ = "msn_servconn_disconnect"
#5 0x00c0153c in msn_servconn_got_error (servconn=0x8f9e290,
error=MSN_SERVCONN_ERROR_READ) at servconn.c:161
tmp = 0x90166f0 "Connection error from Switchboard
server:\nReading error"
reason = 0xca8d47 "Reading error"
names = {0xca8d07 "Notification", 0xca8d14 "Switchboard"}
name = 0xca8d14 "Switchboard"
#6 0x00c01b4f in read_cb (data=0x8f9e290, source=13,
cond=PURPLE_INPUT_READ) at servconn.c:398
servconn = (MsnServConn *) 0x8f9e290
session = (MsnSession *) 0x8f553e8
buf = "ACK 7\r\n\000u at eqo.com\r\n\000com Kevin%20Lim 788\r\nMIME-
Version: 1.0\r\nContent-Type: application/x-msnmsgrp2p\r\nP2P-Dest:
eunrau at yahoo.ca\r\n\r\n\000\000\000\000\025\227R\000\000\000\000\000\000\000\000\000\210\002\000\000\000\000\000\000\210\002\000\000\000\000\000\000\224�201",
'\0' <repeats 13 times>, "INVITE MSNMSGR:eunrau at yaho"...
cur = 0x8f25af0 "\f\b8\225\b\020"
end = 0x8f25af7 "\b\020"
old_rx_buf = 0x8f25af0 "\f\b8\225\b\020"
len = 0
cur_len = 7
#7 0x08084b19 in purple_gnt_io_invoke (source=0x8f6e3c0,
condition=G_IO_IN, data=0x8f27378) at GaimWrapper.cpp:161
closure = (PurpleGntIOClosure *) 0x8f27378
purple_cond = PURPLE_INPUT_READ
#8 0x0035bacb in g_io_unix_dispatch (source=0x8f8b4a8, callback=0x8084988
<purple_gnt_io_invoke>, user_data=0x8f27378)
at giounix.c:162
buffer_condition = Variable "buffer_condition" is not available.
Current language: auto; currently c
(gdb)
(gdb)
(gdb)
(gdb)
(gdb)
(gdb) bt
#0 IA__g_markup_escape_text (text=0x8f89aa8 "�, length=-1) at
gmarkup.c:1910
#1 0x00c04ff6 in msg_error_helper (cmdproc=0x8f9c670, msg=0x8fcd9a8,
error=MSN_MSG_ERROR_SB) at switchboard.c:444
#2 0x00c046f7 in msn_switchboard_destroy (swboard=0x8fe1590) at
switchboard.c:105
#3 0x00c05ddc in disconnect_cb (servconn=0x8f9e290) at switchboard.c:1035
#4 0x00c018b9 in msn_servconn_disconnect (servconn=0x8f9e290) at
servconn.c:295
#5 0x00c0153c in msn_servconn_got_error (servconn=0x8f9e290,
error=MSN_SERVCONN_ERROR_READ) at servconn.c:161
#6 0x00c01b4f in read_cb (data=0x8f9e290, source=13,
cond=PURPLE_INPUT_READ) at servconn.c:398
#7 0x08084b19 in purple_gnt_io_invoke (source=0x8f6e3c0,
condition=G_IO_IN, data=0x8f27378) at GaimWrapper.cpp:161
#8 0x0035bacb in g_io_unix_dispatch (source=0x8f8b4a8, callback=0x8084988
<purple_gnt_io_invoke>, user_data=0x8f27378)
at giounix.c:162
#9 0x00337441 in IA__g_main_context_dispatch (context=0x8f0cf38) at
gmain.c:2045
#10 0x00338cf1 in g_main_context_iterate (context=0x8f0cf38, block=1,
dispatch=1, self=0x8f0fc00) at gmain.c:2677
#11 0x00338f48 in IA__g_main_loop_run (loop=0x8f0c2e0) at gmain.c:2881
#12 0x08086d06 in GaimWrapper::_run (this=0x8f0ac20) at
GaimWrapper.cpp:502
#13 0x08084936 in GaimWrapper::run () at GaimWrapper.cpp:116
#14 0x08069eee in main (argc=1, args=0xbfe933b4) at
proxyserversimple.cpp:47
(gdb)
}}}
{{{
(gdb)
(gdb) bt full
#0 IA__g_markup_escape_text (text=0x86486e8 "�, length=-1) at
gmarkup.c:1910
next = (const gchar *) 0x8763000 <Address 0x8763000 out of bounds>
str = (GString *) 0x8716e60
__PRETTY_FUNCTION__ = "IA__g_markup_escape_text"
#1 0x00319ff6 in msg_error_helper (cmdproc=0x86793e0, msg=0x86bb1e0,
error=MSN_MSG_ERROR_NAK) at switchboard.c:444
str_reason = 0x3bebe0 "Message may have not been sent because an
unknown error occurred:"
body_str = 0x86486e8 "�
pre = 0xcf5641 "\203�0201�205�017\225�215e[^�\211�\211�S�
post = 0xbfe2f288 "�1"
format = 0xce7ce7
"\203�020\205�\025\2136\203�b\213\006\205���215e�^_�\213\006�P\215\203\232\216P\215\203�214P\215\203�P�\001"
body_enc = 0x0
swboard = (MsnSwitchBoard *) 0x86799d0
__PRETTY_FUNCTION__ = "msg_error_helper"
#2 0x0031a7cc in nak_cmd (cmdproc=0x86793e0, cmd=0x86d2328) at
switchboard.c:759
msg = (MsnMessage *) 0x86bb1e0
__PRETTY_FUNCTION__ = "nak_cmd"
#3 0x0031f444 in msn_cmdproc_process_cmd (cmdproc=0x86793e0,
cmd=0x86d2328) at cmdproc.c:313
cb = 0x31a789 <nak_cmd>
trans = (MsnTransaction *) 0x865efa8
#4 0x0031f4df in msn_cmdproc_process_cmd_text (cmdproc=0x86793e0,
command=0x8638af0 "NAK 14") at cmdproc.c:335
No locals.
#5 0x00316cce in read_cb (data=0x86a8888, source=7,
cond=PURPLE_INPUT_READ) at servconn.c:448
servconn = (MsnServConn *) 0x86a8888
session = (MsnSession *) 0x8661830
buf = "NAK 14\r\n\000ng at yahoo.com Francis 623\r\nMIME-Version:
1.0\r\nContent-Type: application/x-msnmsgrp2p\r\nP2P-Dest:
eunrau at yahoo.ca\r\n\r\n\000\000\000\000�\033\000\000\000\000\000\000\000\000\000�001\000\000\000\000\000\000�001\000\000\000\000\000\000��017",
'\0' <repeats 12 times>, "ACK MSNMSGR:eunrau at yahoo.ca MSN"...
cur = 0x8638af0 "NAK 14"
end = 0x8638af8 ""
old_rx_buf = 0x8638af0 "NAK 14"
len = 8
cur_len = 8
#6 0x08084b19 in purple_gnt_io_invoke (source=0x865db00,
condition=G_IO_IN, data=0x863a4c0) at GaimWrapper.cpp:161
closure = (PurpleGntIOClosure *) 0x863a4c0
purple_cond = PURPLE_INPUT_READ
#7 0x00d17acb in g_io_unix_dispatch (source=0x8691db8, callback=0x8084988
<purple_gnt_io_invoke>, user_data=0x863a4c0)
at giounix.c:162
buffer_condition = Variable "buffer_condition" is not available.
(gdb)
(gdb) bt
#0 IA__g_markup_escape_text (text=0x86486e8 "�, length=-1) at
gmarkup.c:1910
#1 0x00319ff6 in msg_error_helper (cmdproc=0x86793e0, msg=0x86bb1e0,
error=MSN_MSG_ERROR_NAK) at switchboard.c:444
#2 0x0031a7cc in nak_cmd (cmdproc=0x86793e0, cmd=0x86d2328) at
switchboard.c:759
#3 0x0031f444 in msn_cmdproc_process_cmd (cmdproc=0x86793e0,
cmd=0x86d2328) at cmdproc.c:313
#4 0x0031f4df in msn_cmdproc_process_cmd_text (cmdproc=0x86793e0,
command=0x8638af0 "NAK 14") at cmdproc.c:335
#5 0x00316cce in read_cb (data=0x86a8888, source=7,
cond=PURPLE_INPUT_READ) at servconn.c:448
#6 0x08084b19 in purple_gnt_io_invoke (source=0x865db00,
condition=G_IO_IN, data=0x863a4c0) at GaimWrapper.cpp:161
#7 0x00d17acb in g_io_unix_dispatch (source=0x8691db8, callback=0x8084988
<purple_gnt_io_invoke>, user_data=0x863a4c0)
at giounix.c:162
#8 0x00cf3441 in IA__g_main_context_dispatch (context=0x861ff38) at
gmain.c:2045
#9 0x00cf4cf1 in g_main_context_iterate (context=0x861ff38, block=1,
dispatch=1, self=0x8622c00) at gmain.c:2677
#10 0x00cf4f48 in IA__g_main_loop_run (loop=0x861f2e0) at gmain.c:2881
#11 0x08086d06 in GaimWrapper::_run (this=0x861dc20) at
GaimWrapper.cpp:502
#12 0x08084936 in GaimWrapper::run () at GaimWrapper.cpp:116
#13 0x08069eee in main (argc=1, args=0xbfe31784) at
proxyserversimple.cpp:47
Current language: auto; currently c
(gdb)
}}}
{{{
(gdb)
(gdb)
(gdb)
(gdb)
(gdb) bt full
#0 0x00acbd58 in strcmp () from /lib/tls/libc.so.6
No symbol table info available.
#1 0x00435b95 in msn_session_find_slplink (session=0x8e56500,
who=0x8e82cc0 "jefflaporte_backup at hotmail.com") at slplink.c:138
slplink = (MsnSlpLink *) 0x8e4b0f8
l = (GList *) 0x8e8f520
#2 0x00435c1f in msn_session_get_slplink (session=0x8e56500,
username=0x8e82cc0 "jefflaporte_backup at hotmail.com") at slplink.c:153
slplink = (MsnSlpLink *) 0xa62790
__PRETTY_FUNCTION__ = "msn_session_get_slplink"
#3 0x00443bee in msn_p2p_msg (cmdproc=0x8e57768, msg=0x8eaef48) at
slp.c:745
session = (MsnSession *) 0x8e56500
slplink = (MsnSlpLink *) 0x8eaef48
#4 0x0043d289 in msn_cmdproc_process_msg (cmdproc=0x8e57768,
msg=0x8eaef48) at cmdproc.c:248
cb = 0x443bca <msn_p2p_msg>
#5 0x0043873b in msg_cmd_post (cmdproc=0x8e57768, cmd=0x8e57a20,
payload=0x8e46cad "MIME-Version: 1.0\r\nContent-Type:
application/x-msnmsgrp2p\r\nP2P-Dest: eunrau at yahoo.ca\r\n\r\n", len=140)
at switchboard.c:739
msg = (MsnMessage *) 0x8eaef48
#6 0x0043d1f2 in msn_cmdproc_process_payload (cmdproc=0x8e57768,
payload=0x8e46cad "MIME-Version: 1.0\r\nContent-Type:
application/x-msnmsgrp2p\r\nP2P-Dest: eunrau at yahoo.ca\r\n\r\n",
payload_len=140) at cmdproc.c:223
last = (MsnCommand *) 0x8e57a20
__PRETTY_FUNCTION__ = "msn_cmdproc_process_payload"
#7 0x00434cab in read_cb (data=0x8e56850, source=11,
cond=PURPLE_INPUT_READ) at servconn.c:443
servconn = (MsnServConn *) 0x8e56850
session = (MsnSession *) 0x8e56500
buf = "MSG jefflaporte_backup at hotmail.com Jeff 140\r\nMIME-
Version: 1.0\r\nContent-Type: application/x-msnmsgrp2p\r\nP2P-
Dest:eunrau at yahoo.ca\r\n\r\n\000\000\000\000O\022�\000\000\000\000\000\000\000\000\002\000\000\000\000\000\000\000\000\000\000\002\000\000\000>A��\f\002",
'\0' <repeats 11 times>, ".dat%22%20Frien"...
cur = 0x8e46cad "MIME-Version: 1.0\r\nContent-Type:
application/x-msnmsgrp2p\r\nP2P-Dest: eunrau at yahoo.ca\r\n\r\n"
end = 0x8e46d39 ""
old_rx_buf = 0x8e46c80 "MSG jefflaporte_backup at hotmail.com Jeff
140"
len = 185
cur_len = 140
#8 0x08084b19 in purple_gnt_io_invoke (source=0x8e7e430,
condition=G_IO_IN, data=0x8e25b60) at GaimWrapper.cpp:161
closure = (PurpleGntIOClosure *) 0x8e25b60
purple_cond = PURPLE_INPUT_READ
#9 0x00a25acb in g_io_unix_dispatch (source=0x8e6e9c8, callback=0x8084988
<purple_gnt_io_invoke>, user_data=0x8e25b60)
at giounix.c:162
buffer_condition = Variable "buffer_condition" is not available.
(gdb)
(gdb)
(gdb)
(gdb)
(gdb)
(gdb)
(gdb)
(gdb) bt
#0 0x00acbd58 in strcmp () from /lib/tls/libc.so.6
#1 0x00435b95 in msn_session_find_slplink (session=0x8e56500,
who=0x8e82cc0 "jefflaporte_backup at hotmail.com") at slplink.c:138
#2 0x00435c1f in msn_session_get_slplink (session=0x8e56500,
username=0x8e82cc0 "jefflaporte_backup at hotmail.com") at slplink.c:153
#3 0x00443bee in msn_p2p_msg (cmdproc=0x8e57768, msg=0x8eaef48) at
slp.c:745
#4 0x0043d289 in msn_cmdproc_process_msg (cmdproc=0x8e57768,
msg=0x8eaef48) at cmdproc.c:248
#5 0x0043873b in msg_cmd_post (cmdproc=0x8e57768, cmd=0x8e57a20,
payload=0x8e46cad "MIME-Version: 1.0\r\nContent-Type:
application/x-msnmsgrp2p\r\nP2P-Dest: eunrau at yahoo.ca\r\n\r\n", len=140)
at switchboard.c:739
#6 0x0043d1f2 in msn_cmdproc_process_payload (cmdproc=0x8e57768,
payload=0x8e46cad "MIME-Version: 1.0\r\nContent-Type:
application/x-msnmsgrp2p\r\nP2P-Dest: eunrau at yahoo.ca\r\n\r\n",
payload_len=140) at cmdproc.c:223
#7 0x00434cab in read_cb (data=0x8e56850, source=11,
cond=PURPLE_INPUT_READ) at servconn.c:443
#8 0x08084b19 in purple_gnt_io_invoke (source=0x8e7e430,
condition=G_IO_IN, data=0x8e25b60) at GaimWrapper.cpp:161
#9 0x00a25acb in g_io_unix_dispatch (source=0x8e6e9c8, callback=0x8084988
<purple_gnt_io_invoke>, user_data=0x8e25b60)
at giounix.c:162
#10 0x00a01441 in IA__g_main_context_dispatch (context=0x8e0af38) at
gmain.c:2045
#11 0x00a02cf1 in g_main_context_iterate (context=0x8e0af38, block=1,
dispatch=1, self=0x8e0dc00) at gmain.c:2677
#12 0x00a02f48 in IA__g_main_loop_run (loop=0x8e0a2e0) at gmain.c:2881
#13 0x08086d06 in GaimWrapper::_run (this=0x8e08c20) at
GaimWrapper.cpp:502
#14 0x08084936 in GaimWrapper::run () at GaimWrapper.cpp:116
#15 0x08069eee in main (argc=1, args=0xbfed0c14) at
proxyserversimple.cpp:47
(gdb)
(gdb)
(gdb)
}}}
--
Ticket URL: <http://developer.pidgin.im/ticket/4312>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list