|
Bugzilla – Full Text Bug Listing |
| Summary: | Stock ticker applet crashes when configuring the preferences. | ||
|---|---|---|---|
| Product: | [openSUSE] SUSE LINUX 10.0 | Reporter: | Joe Harmon <jharmon> |
| Component: | GNOME | Assignee: | Federico Mena Quintero <federico> |
| Status: | VERIFIED FIXED | QA Contact: | E-mail List <qa-bugs> |
| Severity: | Critical | ||
| Priority: | P5 - None | ||
| Version: | Beta 4 | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | All | ||
| Whiteboard: | |||
| Found By: | Other | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
| Attachments: |
stack trace of crash
back trace gnome-vfs2-94400-cancelation-rewrite-suse10.diff gnome-vfs2-2.12.0-4.x86_64.rpm gnome-vfs2-devel-2.12.0-4.x86_64.rpm gnome-vfs2-doc-2.12.0-4.x86_64.rpm |
||
|
Description
Joe Harmon
2005-09-01 13:56:25 UTC
Created attachment 48465 [details]
stack trace of crash
Can you give me any more details about what things you are configuring when it crashes? First time that it crashed I simply removed the default listed stocks. If you give that a try I bet it will crash right away. I could replicate this with the current package, but not with the display bug fixed package. I'll contact you to try. Created attachment 48643 [details]
back trace
I reinstalled the gnome-applets from beta4 and was able to get a back trace
with the debuginfo package
Worth noting that both Joe and I can replicate this only on SMP machines. Mine is x86_64 and his is x86. Ooooh, excellent. That's my patch for bug #94400, which has not been tested on SMP. It looks like _gnome_vfs_get_current_context() needs to lock the job, as it accesses job->op and that's a resource that needs the lock to be held. The crash happens here:
#7 0x402b3283 in _gnome_vfs_get_current_context (context=0x41316da0)
at gnome-vfs-job.c:1922
1922 *context = job->op->context;
(gdb) disassemble
Dump of assembler code for function _gnome_vfs_get_current_context:
0x402b3250 <_gnome_vfs_get_current_context+0>: push %ebp
0x402b3251 <_gnome_vfs_get_current_context+1>: mov %esp,%ebp
0x402b3253 <_gnome_vfs_get_current_context+3>: sub $0x18,%esp
0x402b3256 <_gnome_vfs_get_current_context+6>: mov %esi,0xfffffffc(%ebp)
0x402b3259 <_gnome_vfs_get_current_context+9>: mov 0x8(%ebp),%esi
0x402b325c <_gnome_vfs_get_current_context+12>: mov %ebx,0xfffffff8(%ebp)
0x402b325f <_gnome_vfs_get_current_context+15>: call 0x4029fc25
<__i686.get_pc_thunk.bx>
0x402b3264 <_gnome_vfs_get_current_context+20>: add $0x322c0,%ebx
0x402b326a <_gnome_vfs_get_current_context+26>: test %esi,%esi
0x402b326c <_gnome_vfs_get_current_context+28>: je 0x402b32a2
<_gnome_vfs_get_current_context+82>
0x402b326e <_gnome_vfs_get_current_context+30>: lea 0x3520(%ebx),%eax
0x402b3274 <_gnome_vfs_get_current_context+36>: mov %eax,(%esp)
0x402b3277 <_gnome_vfs_get_current_context+39>: call 0x4029eb48 <_init+7224>
0x402b327c <_gnome_vfs_get_current_context+44>: test %eax,%eax
0x402b327e <_gnome_vfs_get_current_context+46>: je 0x402b3292
<_gnome_vfs_get_current_context+66>
0x402b3280 <_gnome_vfs_get_current_context+48>: mov 0xc(%eax),%eax
0x402b3283 <_gnome_vfs_get_current_context+51>: mov 0x30(%eax),%eax
0x402b3286 <_gnome_vfs_get_current_context+54>: mov %eax,(%esi)
0x402b3288 <_gnome_vfs_get_current_context+56>: mov 0xfffffff8(%ebp),%ebx
---Type <return> to continue, or q <return> to quit---
0x402b328b <_gnome_vfs_get_current_context+59>: mov 0xfffffffc(%ebp),%esi
0x402b328e <_gnome_vfs_get_current_context+62>: mov %ebp,%esp
0x402b3290 <_gnome_vfs_get_current_context+64>: pop %ebp
0x402b3291 <_gnome_vfs_get_current_context+65>: ret
0x402b3292 <_gnome_vfs_get_current_context+66>: movl $0x0,(%esi)
0x402b32
(14:43:25) Federico: great
(14:43:29) Federico: now, "p $pc"
(14:43:54) Joe Harmon: $1 = (void *) 0x402b3283
(14:45:46) Federico: now, "info registers"
(14:46:04) Joe Harmon: (gdb) info registers
eax 0x0 0
ecx 0x6 6
edx 0x40b9cf59 1085919065
ebx 0x402e5524 1076778276
esp 0x41316d70 0x41316d70
ebp 0x41316d88 0x41316d88
esi 0x41316da0 1093758368
edi 0x2000 8192
eip 0x402b3283 0x402b3283
eflags 0x293 659
cs 0x73 115
ss 0x7b 123
ds 0x7b 123
es 0xc010007b -1072693125
fs 0x0 0
gs 0x33 51
Note that eax=0, and we crash in "mov 0x30(%eax),%eax". This is dereferencing
job->op to extract the job->op->context (op is null; we loaded it in eax in the
instruction before that).
Note to self: Does that function need to acquire the job->job_lock? If we are
in the worker thread, we acquired that lock in thread_routine(), right?
Is this fixed? Andreas: I'm working on it. I did an audit of the gnome-vfs cancelation code on Friday, and today I'm making the necessary fixes. Created attachment 48847 [details]
gnome-vfs2-94400-cancelation-rewrite-suse10.diff
I'll use this patch. This is an updated version of the patch for #94400, that
has some additional threading fixes.
Created attachment 48851 [details]
gnome-vfs2-2.12.0-4.x86_64.rpm
Created attachment 48852 [details]
gnome-vfs2-devel-2.12.0-4.x86_64.rpm
Created attachment 48853 [details]
gnome-vfs2-doc-2.12.0-4.x86_64.rpm
JP confirmed that the packages above work for him. I just submitted a new gnome-vfs2 package to autobuild. The fix will be available in gnome-vfs2-2.12.0-4 or later. |