[Pidgin] #3470: crash with pidgin 2.5.1 using msn
Pidgin
trac at pidgin.im
Thu Sep 25 23:08:19 EDT 2008
#3470: crash with pidgin 2.5.1 using msn
--------------------------------+-------------------------------------------
Reporter: JosephHeenan | Owner: khc
Type: defect | Status: new
Milestone: | Component: MSN
Version: 2.5.1 | Resolution:
Keywords: msn crash valgrind |
--------------------------------+-------------------------------------------
Old description:
> I've been suffering crashes with recent pidgin versions on debian stable.
>
> There doesn't seem to be an obvious pattern to when the crashes happen.
>
> Here's a backtrace:
>
> {{{
> (gdb) run
> Starting program: /usr/local/bin/pidgin
> [Thread debugging using libthread_db enabled]
> [New Thread -1219705152 (LWP 19155)]
> *** glibc detected *** corrupted double-linked list: 0x08765ca0 ***
>
> Program received signal SIGABRT, Aborted.
> [Switching to Thread -1219705152 (LWP 19155)]
> 0xb754a947 in raise () from /lib/tls/libc.so.6
> (gdb) bt full
> #0 0xb754a947 in raise () from /lib/tls/libc.so.6
> No symbol table info available.
> #1 0xb754c0c9 in abort () from /lib/tls/libc.so.6
> No symbol table info available.
> #2 0xb758016a in __fsetlocking () from /lib/tls/libc.so.6
> No symbol table info available.
> #3 0xb75861ec in malloc_usable_size () from /lib/tls/libc.so.6
> No symbol table info available.
> #4 0xb7587807 in mallopt () from /lib/tls/libc.so.6
> No symbol table info available.
> #5 0xb7587ad2 in free () from /lib/tls/libc.so.6
> No symbol table info available.
> #6 0xb77f7b31 in g_free () from /usr/lib/libglib-2.0.so.0
> No symbol table info available.
> #7 0xb71f5f5b in msn_transaction_destroy (trans=0x8765d40) at
> transaction.c:60
> __PRETTY_FUNCTION__ = "msn_transaction_destroy"
> #8 0xb71e1920 in msn_history_destroy (history=0x8730728) at history.c:45
> No locals.
> #9 0xb71dffc5 in msn_cmdproc_destroy (cmdproc=0x8765db8) at cmdproc.c:51
> No locals.
> #10 0xb71ee773 in msn_servconn_destroy (servconn=0x87a21f0) at
> servconn.c:87
> __PRETTY_FUNCTION__ = "msn_servconn_destroy"
> #11 0xb71e2b73 in read_cb (data=0x87a2248, source=13,
> cond=PURPLE_INPUT_READ)
> at httpconn.c:395
> full_session_id = 0x87adef0 "\230:P\b323853.287713497"
> cur = (char **) 0x85b2818
> tokens = (char **) 0x87b3290
> httpconn = <value optimized out>
> buf = "HTTP/1.0 200 OK\r\nContent-Length: 200\r\nContent-Type:
> application/x-msn-messenger\r\nX-MSN-Messenger:
> SessionID=1969323853.287713497; GW-IP=64.4.36.21\r\nDate: Sat, 06 Oct
> 2007 21:18:08 GMT\r\nX-Cache: MISS f"...
> end = 0xb <Address 0xb out of bounds>
> len = <value optimized out>
> cur_len = <value optimized out>
> result_msg = 0x87ade00 "MSG xxxxx_at_work at ntlworld.com Frank 151"
> result_len = 200
> #12 0x080a0113 in pidgin_io_invoke (source=0x8796780, condition=G_IO_IN,
> data=0x85a45c0) at gtkeventloop.c:78
> purple_cond = PURPLE_INPUT_READ
> #13 0xb7819c7f in g_io_channel_unix_get_fd () from
> /usr/lib/libglib-2.0.so.0
> No symbol table info available.
> #14 0xb77f0731 in g_main_context_dispatch () from
> /usr/lib/libglib-2.0.so.0
> No symbol table info available.
> #15 0xb77f37a6 in g_main_context_check () from /usr/lib/libglib-2.0.so.0
> No symbol table info available.
> #16 0xb77f3b67 in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
> No symbol table info available.
> #17 0xb7da8281 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
> No symbol table info available.
> #18 0x080b747f in main (argc=Cannot access memory at address 0x6
> ) at gtkmain.c:853
> display = <value optimized out>
> opt_help = <value optimized out>
> opt_login = 0
> opt_nologin = 0
> opt_version = <value optimized out>
> opt_si = 1
> opt_config_dir_arg = 0x0
> opt_login_arg = 0x0
> opt_session_arg = 0x0
> accounts = (GList *) 0x0
> sig_indx = <value optimized out>
> sigset = {__val = {91143, 0 <repeats 31 times>}}
> prev_sig_disp = <value optimized out>
> errmsg = '\0' <repeats 508 times>, "Ðtf·H#£¿i
> û·\004ëL·Ütf·ô¿û·\220rf·@Qe·È%£¿\234Æú·\004ëL·\025We·", '\0' <repeats 16
> times>, "\004ëL·\000\000\000\000 Àû·", '\0' <repeats 12 times>, "\b3O·",
> '\0' <repeats 16 times>, "\025We·\000\000\000\000Ðtf·¼#£¿i
> û·~BM·Ütf·ô¿û·\220rf·@Qe·<&£¿\234Æú·~BM·\025We·", '\0' <repeats 16
> times>, "~BM·\000\000\000\000 Àû·", '\0' <repeats 13 times>, "0O·", '\0'
> <repeats 16 times>...
> segfault_message_tmp = <value optimized out>
> error = (GError *) 0x0
> opt = <value optimized out>
> gui_check = <value optimized out>
>
>
>
> debug_enabled = <value optimized out>
> migration_failed = <value optimized out>
> active_accounts = <value optimized out>
> long_options = {{name = 0x80f560d "config", has_arg = 1, flag =
> 0x0,
> val = 99}, {name = 0x80e6d3f "debug", has_arg = 0, flag = 0x0, val =
> 100},
> {name = 0x80e9968 "help", has_arg = 0, flag = 0x0, val = 104}, {
> name = 0x80e6ff7 "login", has_arg = 2, flag = 0x0, val = 108}, {
> name = 0x80f21b3 "multiple", has_arg = 0, flag = 0x0, val = 109}, {
> name = 0x80f21bc "nologin", has_arg = 0, flag = 0x0, val = 110}, {
> name = 0x80f5603 "session", has_arg = 1, flag = 0x0, val = 115}, {
> name = 0x80eb363 "version", has_arg = 0, flag = 0x0, val = 118}, {
> name = 0x0, has_arg = 0, flag = 0x0, val = 0}}
> }}}
>
> Here's some relevant looking output when run under valgrind:
>
> {{{
> ==21715== Invalid read of size 4
> ==21715== at 0x4FE1453: ack_cmd (switchboard.c:770)
> ==21715== by 0x4FCD91B: msn_cmdproc_process_cmd (cmdproc.c:313)
> ==21715== by 0x4FCDA83: msn_cmdproc_process_cmd_text (cmdproc.c:335)
> ==21715== by 0x4FD0A0E: read_cb (httpconn.c:380)
> ==21715== by 0x80A0112: pidgin_io_invoke (gtkeventloop.c:78)
> ==21715== by 0x47C2C7E: (within /usr/lib/libglib-2.0.so.0.1200.4)
> ==21715== by 0x4799730: g_main_context_dispatch (in
> /usr/lib/libglib-2.0.so.0.1200.4)
> ==21715== by 0x479C7A5: (within /usr/lib/libglib-2.0.so.0.1200.4)
> ==21715== by 0x479CB66: g_main_loop_run (in
> /usr/lib/libglib-2.0.so.0.1200.4)
> ==21715== by 0x4184280: gtk_main (in
> /usr/lib/libgtk-x11-2.0.so.0.800.20)
> ==21715== by 0x80B747E: main (gtkmain.c:853)
> ==21715== Address 0x510533C is 108 bytes inside a block of size 124
> free'd
> ==21715== at 0x401CFA5: free (vg_replace_malloc.c:233)
> ==21715== by 0x47A0B30: g_free (in /usr/lib/libglib-2.0.so.0.1200.4)
> ==21715== by 0x4FD1999: msn_message_destroy (msg.c:78)
> ==21715== by 0x4FD1A20: msn_message_unref (msg.c:109)
> ==21715== by 0x4FE1611: msg_error_helper (switchboard.c:468)
> ==21715== by 0x4FE24BE: msn_switchboard_destroy (switchboard.c:105)
> ==21715== by 0x4FE25E8: msn_switchboard_close (switchboard.c:1208)
> ==21715== by 0x4FE2656: msn_switchboard_release (switchboard.c:1230)
> ==21715== by 0x4FE015A: msn_slplink_remove_slpcall (slplink.c:199)
> ==21715== by 0x4FDEEFD: msn_slp_call_destroy (slpcall.c:118)
> ==21715== by 0x4FDFE38: msn_slplink_process_msg (slplink.c:653)
> ==21715== by 0x4FDDD8C: msn_p2p_msg (slp.c:762)
> ==21715==
> ==21715== Invalid read of size 4
> ==21715== at 0x4FE145A: ack_cmd (switchboard.c:771)
> ==21715== by 0x4FCD91B: msn_cmdproc_process_cmd (cmdproc.c:313)
> ==21715== by 0x4FCDA83: msn_cmdproc_process_cmd_text (cmdproc.c:335)
> ==21715== by 0x4FD0A0E: read_cb (httpconn.c:380)
> ==21715== by 0x80A0112: pidgin_io_invoke (gtkeventloop.c:78)
> ==21715== by 0x47C2C7E: (within /usr/lib/libglib-2.0.so.0.1200.4)
> ==21715== by 0x4799730: g_main_context_dispatch (in
> /usr/lib/libglib-2.0.so.0.1200.4)
> ==21715== by 0x479C7A5: (within /usr/lib/libglib-2.0.so.0.1200.4)
> ==21715== by 0x479CB66: g_main_loop_run (in
> /usr/lib/libglib-2.0.so.0.1200.4)
> ==21715== by 0x4184280: gtk_main (in
> /usr/lib/libgtk-x11-2.0.so.0.800.20)
> ==21715== by 0x80B747E: main (gtkmain.c:853)
> ==21715== Address 0x5105344 is 116 bytes inside a block of size 124
> free'd
> ==21715== at 0x401CFA5: free (vg_replace_malloc.c:233)
> ==21715== by 0x47A0B30: g_free (in /usr/lib/libglib-2.0.so.0.1200.4)
> ==21715== by 0x4FD1999: msn_message_destroy (msg.c:78)
> ==21715== by 0x4FD1A20: msn_message_unref (msg.c:109)
> ==21715== by 0x4FE1611: msg_error_helper (switchboard.c:468)
> ==21715== by 0x4FE24BE: msn_switchboard_destroy (switchboard.c:105)
> ==21715== by 0x4FE25E8: msn_switchboard_close (switchboard.c:1208)
> ==21715== by 0x4FE2656: msn_switchboard_release (switchboard.c:1230)
> ==21715== by 0x4FE015A: msn_slplink_remove_slpcall (slplink.c:199)
> ==21715== by 0x4FDEEFD: msn_slp_call_destroy (slpcall.c:118)
> ==21715== by 0x4FDFE38: msn_slplink_process_msg (slplink.c:653)
> ==21715== by 0x4FDDD8C: msn_p2p_msg (slp.c:762)
> ==21715==
> ==21715== Invalid read of size 4
> ==21715== at 0x4FDFF82: msg_ack (slplink.c:280)
> ==21715== by 0x4FE1465: ack_cmd (switchboard.c:771)
> ==21715== by 0x4FCD91B: msn_cmdproc_process_cmd (cmdproc.c:313)
> ==21715== by 0x4FCDA83: msn_cmdproc_process_cmd_text (cmdproc.c:335)
> ==21715== by 0x4FD0A0E: read_cb (httpconn.c:380)
> ==21715== by 0x80A0112: pidgin_io_invoke (gtkeventloop.c:78)
> ==21715== by 0x47C2C7E: (within /usr/lib/libglib-2.0.so.0.1200.4)
> ==21715== by 0x4799730: g_main_context_dispatch (in
> /usr/lib/libglib-2.0.so.0.1200.4)
> ==21715== by 0x479C7A5: (within /usr/lib/libglib-2.0.so.0.1200.4)
> ==21715== by 0x479CB66: g_main_loop_run (in
> /usr/lib/libglib-2.0.so.0.1200.4)
> ==21715== by 0x4184280: gtk_main (in
> /usr/lib/libgtk-x11-2.0.so.0.800.20)
> ==21715== by 0x80B747E: main (gtkmain.c:853)
> ==21715== Address 0x510530C is 60 bytes inside a block of size 124
> free'd
> ==21715== at 0x401CFA5: free (vg_replace_malloc.c:233)
> ==21715== by 0x47A0B30: g_free (in /usr/lib/libglib-2.0.so.0.1200.4)
> ==21715== by 0x4FD1999: msn_message_destroy (msg.c:78)
> ==21715== by 0x4FD1A20: msn_message_unref (msg.c:109)
> ==21715== by 0x4FE1611: msg_error_helper (switchboard.c:468)
> ==21715== by 0x4FE24BE: msn_switchboard_destroy (switchboard.c:105)
> ==21715== by 0x4FE25E8: msn_switchboard_close (switchboard.c:1208)
> ==21715== by 0x4FE2656: msn_switchboard_release (switchboard.c:1230)
> ==21715== by 0x4FE015A: msn_slplink_remove_slpcall (slplink.c:199)
> ==21715== by 0x4FDEEFD: msn_slp_call_destroy (slpcall.c:118)
> ==21715== by 0x4FDFE38: msn_slplink_process_msg (slplink.c:653)
> ==21715== by 0x4FDDD8C: msn_p2p_msg (slp.c:762)
> ==21715==
> ==21715== Invalid read of size 4
> ==21715== at 0x4FD19FE: msn_message_unref (msg.c:99)
> ==21715== by 0x4FE1489: ack_cmd (switchboard.c:776)
> ==21715== by 0x4FCD91B: msn_cmdproc_process_cmd (cmdproc.c:313)
> ==21715== by 0x4FCDA83: msn_cmdproc_process_cmd_text (cmdproc.c:335)
> ==21715== by 0x4FD0A0E: read_cb (httpconn.c:380)
> ==21715== by 0x80A0112: pidgin_io_invoke (gtkeventloop.c:78)
> ==21715== by 0x47C2C7E: (within /usr/lib/libglib-2.0.so.0.1200.4)
> ==21715== by 0x4799730: g_main_context_dispatch (in
> /usr/lib/libglib-2.0.so.0.1200.4)
> ==21715== by 0x479C7A5: (within /usr/lib/libglib-2.0.so.0.1200.4)
> ==21715== by 0x479CB66: g_main_loop_run (in
> /usr/lib/libglib-2.0.so.0.1200.4)
> ==21715== by 0x4184280: gtk_main (in
> /usr/lib/libgtk-x11-2.0.so.0.800.20)
> ==21715== by 0x80B747E: main (gtkmain.c:853)
> ==21715== Address 0x51052D0 is 0 bytes inside a block of size 124 free'd
> ==21715== at 0x401CFA5: free (vg_replace_malloc.c:233)
> ==21715== by 0x47A0B30: g_free (in /usr/lib/libglib-2.0.so.0.1200.4)
> ==21715== by 0x4FD1999: msn_message_destroy (msg.c:78)
> ==21715== by 0x4FD1A20: msn_message_unref (msg.c:109)
> ==21715== by 0x4FE1611: msg_error_helper (switchboard.c:468)
> ==21715== by 0x4FE24BE: msn_switchboard_destroy (switchboard.c:105)
> ==21715== by 0x4FE25E8: msn_switchboard_close (switchboard.c:1208)
> ==21715== by 0x4FE2656: msn_switchboard_release (switchboard.c:1230)
> ==21715== by 0x4FE015A: msn_slplink_remove_slpcall (slplink.c:199)
> ==21715== by 0x4FDEEFD: msn_slp_call_destroy (slpcall.c:118)
> ==21715== by 0x4FDFE38: msn_slplink_process_msg (slplink.c:653)
> ==21715== by 0x4FDDD8C: msn_p2p_msg (slp.c:762)
> }}}
New description:
I've been suffering crashes with recent pidgin versions on debian stable.
There doesn't seem to be an obvious pattern to when the crashes happen.
Here's a backtrace:
{{{
(gdb) run
Starting program: /usr/local/bin/pidgin
[Thread debugging using libthread_db enabled]
[New Thread -1219705152 (LWP 19155)]
*** glibc detected *** corrupted double-linked list: 0x08765ca0 ***
Program received signal SIGABRT, Aborted.
[Switching to Thread -1219705152 (LWP 19155)]
0xb754a947 in raise () from /lib/tls/libc.so.6
(gdb) bt full
#0 0xb754a947 in raise () from /lib/tls/libc.so.6
No symbol table info available.
#1 0xb754c0c9 in abort () from /lib/tls/libc.so.6
No symbol table info available.
#2 0xb758016a in __fsetlocking () from /lib/tls/libc.so.6
No symbol table info available.
#3 0xb75861ec in malloc_usable_size () from /lib/tls/libc.so.6
No symbol table info available.
#4 0xb7587807 in mallopt () from /lib/tls/libc.so.6
No symbol table info available.
#5 0xb7587ad2 in free () from /lib/tls/libc.so.6
No symbol table info available.
#6 0xb77f7b31 in g_free () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#7 0xb71f5f5b in msn_transaction_destroy (trans=0x8765d40) at
transaction.c:60
__PRETTY_FUNCTION__ = "msn_transaction_destroy"
#8 0xb71e1920 in msn_history_destroy (history=0x8730728) at history.c:45
No locals.
#9 0xb71dffc5 in msn_cmdproc_destroy (cmdproc=0x8765db8) at cmdproc.c:51
No locals.
#10 0xb71ee773 in msn_servconn_destroy (servconn=0x87a21f0) at
servconn.c:87
__PRETTY_FUNCTION__ = "msn_servconn_destroy"
#11 0xb71e2b73 in read_cb (data=0x87a2248, source=13,
cond=PURPLE_INPUT_READ)
at httpconn.c:395
full_session_id = 0x87adef0 "\230:P\b323853.287713497"
cur = (char **) 0x85b2818
tokens = (char **) 0x87b3290
httpconn = <value optimized out>
buf = "HTTP/1.0 200 OK\r\nContent-Length: 200\r\nContent-Type:
application/x-msn-messenger\r\nX-MSN-Messenger:
SessionID=1969323853.287713497; GW-IP=64.4.36.21\r\nDate: Sat, 06 Oct 2007
21:18:08 GMT\r\nX-Cache: MISS f"...
end = 0xb <Address 0xb out of bounds>
len = <value optimized out>
cur_len = <value optimized out>
result_msg = 0x87ade00 "MSG xxxxx_at_work at ntlworld.com Frank 151"
result_len = 200
#12 0x080a0113 in pidgin_io_invoke (source=0x8796780, condition=G_IO_IN,
data=0x85a45c0) at gtkeventloop.c:78
purple_cond = PURPLE_INPUT_READ
#13 0xb7819c7f in g_io_channel_unix_get_fd () from
/usr/lib/libglib-2.0.so.0
No symbol table info available.
#14 0xb77f0731 in g_main_context_dispatch () from
/usr/lib/libglib-2.0.so.0
No symbol table info available.
#15 0xb77f37a6 in g_main_context_check () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#16 0xb77f3b67 in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#17 0xb7da8281 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#18 0x080b747f in main (argc=Cannot access memory at address 0x6
) at gtkmain.c:853
display = <value optimized out>
opt_help = <value optimized out>
opt_login = 0
opt_nologin = 0
opt_version = <value optimized out>
opt_si = 1
opt_config_dir_arg = 0x0
opt_login_arg = 0x0
opt_session_arg = 0x0
accounts = (GList *) 0x0
sig_indx = <value optimized out>
sigset = {__val = {91143, 0 <repeats 31 times>}}
prev_sig_disp = <value optimized out>
errmsg = '\0' <repeats 508 times>, "Ðtf·H#£¿i
û·\004ëL·Ütf·ô¿û·\220rf·@Qe·È%£¿\234Æú·\004ëL·\025We·", '\0' <repeats 16
times>, "\004ëL·\000\000\000\000 Àû·", '\0' <repeats 12 times>, "\b3O·",
'\0' <repeats 16 times>, "\025We·\000\000\000\000Ðtf·¼#£¿i
û·~BM·Ütf·ô¿û·\220rf·@Qe·<&£¿\234Æú·~BM·\025We·", '\0' <repeats 16 times>,
"~BM·\000\000\000\000 Àû·", '\0' <repeats 13 times>, "0O·", '\0' <repeats
16 times>...
segfault_message_tmp = <value optimized out>
error = (GError *) 0x0
opt = <value optimized out>
gui_check = <value optimized out>
debug_enabled = <value optimized out>
migration_failed = <value optimized out>
active_accounts = <value optimized out>
long_options = {{name = 0x80f560d "config", has_arg = 1, flag =
0x0,
val = 99}, {name = 0x80e6d3f "debug", has_arg = 0, flag = 0x0, val =
100},
{name = 0x80e9968 "help", has_arg = 0, flag = 0x0, val = 104}, {
name = 0x80e6ff7 "login", has_arg = 2, flag = 0x0, val = 108}, {
name = 0x80f21b3 "multiple", has_arg = 0, flag = 0x0, val = 109}, {
name = 0x80f21bc "nologin", has_arg = 0, flag = 0x0, val = 110}, {
name = 0x80f5603 "session", has_arg = 1, flag = 0x0, val = 115}, {
name = 0x80eb363 "version", has_arg = 0, flag = 0x0, val = 118}, {
name = 0x0, has_arg = 0, flag = 0x0, val = 0}}
}}}
Here's some relevant looking output when run under valgrind:
{{{
==21715== Invalid read of size 4
==21715== at 0x4FE1453: ack_cmd (switchboard.c:770)
==21715== by 0x4FCD91B: msn_cmdproc_process_cmd (cmdproc.c:313)
==21715== by 0x4FCDA83: msn_cmdproc_process_cmd_text (cmdproc.c:335)
==21715== by 0x4FD0A0E: read_cb (httpconn.c:380)
==21715== by 0x80A0112: pidgin_io_invoke (gtkeventloop.c:78)
==21715== by 0x47C2C7E: (within /usr/lib/libglib-2.0.so.0.1200.4)
==21715== by 0x4799730: g_main_context_dispatch (in
/usr/lib/libglib-2.0.so.0.1200.4)
==21715== by 0x479C7A5: (within /usr/lib/libglib-2.0.so.0.1200.4)
==21715== by 0x479CB66: g_main_loop_run (in
/usr/lib/libglib-2.0.so.0.1200.4)
==21715== by 0x4184280: gtk_main (in
/usr/lib/libgtk-x11-2.0.so.0.800.20)
==21715== by 0x80B747E: main (gtkmain.c:853)
==21715== Address 0x510533C is 108 bytes inside a block of size 124
free'd
==21715== at 0x401CFA5: free (vg_replace_malloc.c:233)
==21715== by 0x47A0B30: g_free (in /usr/lib/libglib-2.0.so.0.1200.4)
==21715== by 0x4FD1999: msn_message_destroy (msg.c:78)
==21715== by 0x4FD1A20: msn_message_unref (msg.c:109)
==21715== by 0x4FE1611: msg_error_helper (switchboard.c:468)
==21715== by 0x4FE24BE: msn_switchboard_destroy (switchboard.c:105)
==21715== by 0x4FE25E8: msn_switchboard_close (switchboard.c:1208)
==21715== by 0x4FE2656: msn_switchboard_release (switchboard.c:1230)
==21715== by 0x4FE015A: msn_slplink_remove_slpcall (slplink.c:199)
==21715== by 0x4FDEEFD: msn_slp_call_destroy (slpcall.c:118)
==21715== by 0x4FDFE38: msn_slplink_process_msg (slplink.c:653)
==21715== by 0x4FDDD8C: msn_p2p_msg (slp.c:762)
==21715==
==21715== Invalid read of size 4
==21715== at 0x4FE145A: ack_cmd (switchboard.c:771)
==21715== by 0x4FCD91B: msn_cmdproc_process_cmd (cmdproc.c:313)
==21715== by 0x4FCDA83: msn_cmdproc_process_cmd_text (cmdproc.c:335)
==21715== by 0x4FD0A0E: read_cb (httpconn.c:380)
==21715== by 0x80A0112: pidgin_io_invoke (gtkeventloop.c:78)
==21715== by 0x47C2C7E: (within /usr/lib/libglib-2.0.so.0.1200.4)
==21715== by 0x4799730: g_main_context_dispatch (in
/usr/lib/libglib-2.0.so.0.1200.4)
==21715== by 0x479C7A5: (within /usr/lib/libglib-2.0.so.0.1200.4)
==21715== by 0x479CB66: g_main_loop_run (in
/usr/lib/libglib-2.0.so.0.1200.4)
==21715== by 0x4184280: gtk_main (in
/usr/lib/libgtk-x11-2.0.so.0.800.20)
==21715== by 0x80B747E: main (gtkmain.c:853)
==21715== Address 0x5105344 is 116 bytes inside a block of size 124
free'd
==21715== at 0x401CFA5: free (vg_replace_malloc.c:233)
==21715== by 0x47A0B30: g_free (in /usr/lib/libglib-2.0.so.0.1200.4)
==21715== by 0x4FD1999: msn_message_destroy (msg.c:78)
==21715== by 0x4FD1A20: msn_message_unref (msg.c:109)
==21715== by 0x4FE1611: msg_error_helper (switchboard.c:468)
==21715== by 0x4FE24BE: msn_switchboard_destroy (switchboard.c:105)
==21715== by 0x4FE25E8: msn_switchboard_close (switchboard.c:1208)
==21715== by 0x4FE2656: msn_switchboard_release (switchboard.c:1230)
==21715== by 0x4FE015A: msn_slplink_remove_slpcall (slplink.c:199)
==21715== by 0x4FDEEFD: msn_slp_call_destroy (slpcall.c:118)
==21715== by 0x4FDFE38: msn_slplink_process_msg (slplink.c:653)
==21715== by 0x4FDDD8C: msn_p2p_msg (slp.c:762)
==21715==
==21715== Invalid read of size 4
==21715== at 0x4FDFF82: msg_ack (slplink.c:280)
==21715== by 0x4FE1465: ack_cmd (switchboard.c:771)
==21715== by 0x4FCD91B: msn_cmdproc_process_cmd (cmdproc.c:313)
==21715== by 0x4FCDA83: msn_cmdproc_process_cmd_text (cmdproc.c:335)
==21715== by 0x4FD0A0E: read_cb (httpconn.c:380)
==21715== by 0x80A0112: pidgin_io_invoke (gtkeventloop.c:78)
==21715== by 0x47C2C7E: (within /usr/lib/libglib-2.0.so.0.1200.4)
==21715== by 0x4799730: g_main_context_dispatch (in
/usr/lib/libglib-2.0.so.0.1200.4)
==21715== by 0x479C7A5: (within /usr/lib/libglib-2.0.so.0.1200.4)
==21715== by 0x479CB66: g_main_loop_run (in
/usr/lib/libglib-2.0.so.0.1200.4)
==21715== by 0x4184280: gtk_main (in
/usr/lib/libgtk-x11-2.0.so.0.800.20)
==21715== by 0x80B747E: main (gtkmain.c:853)
==21715== Address 0x510530C is 60 bytes inside a block of size 124 free'd
==21715== at 0x401CFA5: free (vg_replace_malloc.c:233)
==21715== by 0x47A0B30: g_free (in /usr/lib/libglib-2.0.so.0.1200.4)
==21715== by 0x4FD1999: msn_message_destroy (msg.c:78)
==21715== by 0x4FD1A20: msn_message_unref (msg.c:109)
==21715== by 0x4FE1611: msg_error_helper (switchboard.c:468)
==21715== by 0x4FE24BE: msn_switchboard_destroy (switchboard.c:105)
==21715== by 0x4FE25E8: msn_switchboard_close (switchboard.c:1208)
==21715== by 0x4FE2656: msn_switchboard_release (switchboard.c:1230)
==21715== by 0x4FE015A: msn_slplink_remove_slpcall (slplink.c:199)
==21715== by 0x4FDEEFD: msn_slp_call_destroy (slpcall.c:118)
==21715== by 0x4FDFE38: msn_slplink_process_msg (slplink.c:653)
==21715== by 0x4FDDD8C: msn_p2p_msg (slp.c:762)
==21715==
==21715== Invalid read of size 4
==21715== at 0x4FD19FE: msn_message_unref (msg.c:99)
==21715== by 0x4FE1489: ack_cmd (switchboard.c:776)
==21715== by 0x4FCD91B: msn_cmdproc_process_cmd (cmdproc.c:313)
==21715== by 0x4FCDA83: msn_cmdproc_process_cmd_text (cmdproc.c:335)
==21715== by 0x4FD0A0E: read_cb (httpconn.c:380)
==21715== by 0x80A0112: pidgin_io_invoke (gtkeventloop.c:78)
==21715== by 0x47C2C7E: (within /usr/lib/libglib-2.0.so.0.1200.4)
==21715== by 0x4799730: g_main_context_dispatch (in
/usr/lib/libglib-2.0.so.0.1200.4)
==21715== by 0x479C7A5: (within /usr/lib/libglib-2.0.so.0.1200.4)
==21715== by 0x479CB66: g_main_loop_run (in
/usr/lib/libglib-2.0.so.0.1200.4)
==21715== by 0x4184280: gtk_main (in
/usr/lib/libgtk-x11-2.0.so.0.800.20)
==21715== by 0x80B747E: main (gtkmain.c:853)
==21715== Address 0x51052D0 is 0 bytes inside a block of size 124 free'd
==21715== at 0x401CFA5: free (vg_replace_malloc.c:233)
==21715== by 0x47A0B30: g_free (in /usr/lib/libglib-2.0.so.0.1200.4)
==21715== by 0x4FD1999: msn_message_destroy (msg.c:78)
==21715== by 0x4FD1A20: msn_message_unref (msg.c:109)
==21715== by 0x4FE1611: msg_error_helper (switchboard.c:468)
==21715== by 0x4FE24BE: msn_switchboard_destroy (switchboard.c:105)
==21715== by 0x4FE25E8: msn_switchboard_close (switchboard.c:1208)
==21715== by 0x4FE2656: msn_switchboard_release (switchboard.c:1230)
==21715== by 0x4FE015A: msn_slplink_remove_slpcall (slplink.c:199)
==21715== by 0x4FDEEFD: msn_slp_call_destroy (slpcall.c:118)
==21715== by 0x4FDFE38: msn_slplink_process_msg (slplink.c:653)
==21715== by 0x4FDDD8C: msn_p2p_msg (slp.c:762)
}}}
--
Comment(by khc):
ugh of course, the valgrind trace is really old, but I thought it's
updated because trac claims the description was modified
--
Ticket URL: <http://developer.pidgin.im/ticket/3470#comment:12>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list