Menu
▾
▴
[Gaim-devel] Stack traces and notes for a number of Gaim HEAD crashes
|
From: Evan S. <ev...@ad...> - 2007-01-05 00:13:35
|
Gaim and Adium folk, I spent a while this evening going through the Adium Crash Reporter looking at crash logs generated with Adium 1.0b20, which uses libgaim at [18046]. I fixed a few crashes which had been reported, but many more are present. I hope the list of stack traces, with notes on some of them and an explanation above as to what the user reported as occurring when the crash happened, is helpful for anyone looking for a bug or three to hunt down and fix. For many of the stack traces, I included a link to a representative Adium crash report -- mostly just when the person had left contact information. This list is (obviously) not all crashes present in libgaim, but does represent a slice of crashes common enough to have been reported in the past 24 hours, most of them by multiple users. If you're a patch writer or coding-observer and would like contact information for someone regarding a crash, please let me know. If you're an Adium or Gaim developer and don't already have one, I'll be happy to hook you up with a login / password to the crash reporter. UPNP crash: Thread 0 Crashed: 0 <<00000000>> 0x436d6961 0 1131243873 1 Libgaim 0x051fb9d8 done_port_mapping_cb 152 (upnp.c:840) 2 Libgaim 0x051efc96 gaim_util_fetch_url_error 66 (util.c:3092) 3 Libgaim 0x051eff54 url_fetch_connect_cb 88 (util.c:3427) 4 Libgaim 0x05208c87 gaim_proxy_connect_data_disconnect 172 (proxy.c:346) 5 Libgaim 0x05208b8e try_connect 1338 (proxy.c: 1598) 6 Libgaim 0x052dccd5 host_resolved 416 (dnsquery.c:89) 7 com.apple.CoreFoundation 0x9083ffef __CFSocketDoCallback 473 Notes: The UPnPMappingAddRemove struct, ar, is most likely already freed at this point; ar->cb() is therefore not a valid function. --- Thread 0 Crashed: 0 <<00000000>> 0x61696d40 0 1634299200 1 Libgaim 0x05e8add8 done_port_mapping_cb 172 (upnp.c:848) 2 Libgaim 0x05e883d8 url_fetch_recv_cb 716 (util.c:3338) 3 com.apple.CoreFoundation 0x907f03b4 __CFSocketDoCallback 532 Notes: As above, The UPnPMappingAddRemove struct has been freed when we get here. Ryan and I determined this to be true but could not determine how it could have happened. --- Thread 0 Crashed: 0 <<00000000>> 0x00ffffff 0 16777215 1 Libgaim 0x07b1cf54 url_fetch_connect_cb 88 (util.c:3427) 2 Libgaim 0x07b35c87 gaim_proxy_connect_data_disconnect 172 (proxy.c:346) 3 Libgaim 0x07c0955f gaim_dnsquery_failed 73 (dnsquery.c:114) 4 Libgaim 0x07c09d82 host_resolved 589 (dnsquery.c:562) 5 com.apple.CoreFoundation 0x90840fef __CFSocketDoCallback 473 6 com.apple.CoreFoundation 0x90840d64 __CFSocketPerformV0 392 http://www.visualdistortion.org/crash/view.jsp?crash=250402 Notes: As above ------ Disconnecting from AIM: Thread 0 Crashed: 0 libSystem.B.dylib 0x900029c8 strlen 8 1 libSystem.B.dylib 0x9001181c __vfprintf 5768 2 libSystem.B.dylib 0x900613d4 vasprintf 244 3 Libgaim 0x073133bc g_vasprintf 64 (http.c:525) 4 Libgaim 0x07301500 g_strdup_vprintf 36 (http.c:525) 5 Libgaim 0x07301530 g_strdup_printf 28 (http.c:525) 6 Libgaim 0x07216dac gaim_xfer_cancel_local 140 (ft.c:1075) 7 Libgaim 0x0729e99c peer_connection_destroy_cb 104 (peer.c:224) 8 Libgaim 0x0729fdb4 oscar_data_destroy 228 (oscar_data.c:109) 9 Libgaim 0x072a2558 oscar_close 156 (oscar.c:1292) 10 Libgaim 0x0721d3ec gaim_connection_destroy 256 (connection.c:199) 11 Libgaim 0x0722c34c gaim_account_disconnect 148 (account.c:1017) 12 com.adiumX.AdiumLibgaim 0x03683fb4 -[CBGaimAccount disconnect] 164 13 com.adiumX.adiumX 0x0009e068 -[AIAccountController disconnectAllAccounts] 96 14 com.adiumX.adiumX 0x00003f0c -[AIAdium applicationWillTerminate:] 228 15 com.apple.Foundation 0x92960ad8 _nsnote_callback 180 Notes: Bunch of reports of this one. http://www.visualdistortion.org/crash/view.jsp?crash=250362 http://www.visualdistortion.org/crash/view.jsp?crash=250376 http://www.visualdistortion.org/crash/view.jsp?crash=250386 Thread 0 Crashed: 0 <<00000000>> 0x726f4362 0 1919894370 1 Libgaim 0x05aa0f40 peer_connection_destroy_cb 106 (peer.c:224) 2 Libgaim 0x05aa101c peer_connection_destroy 64 (peer.c:252) 3 Libgaim 0x05aa2536 oscar_data_destroy 205 (oscar_data.c:108) 4 Libgaim 0x05aa4110 oscar_close 109 (oscar.c:1292) 5 Libgaim 0x05a20aa6 gaim_connection_destroy 265 (connection.c:199) 6 Libgaim 0x05a2fb46 gaim_account_disconnect 119 (account.c:1017) 7 com.adiumX.AdiumLibgaim 0x03303cde -[CBGaimAccount disconnect] 170 http://www.visualdistortion.org/crash/view.jsp?crash=250416 Note: Possibly the same as the one above? ---- Chatting with Jabber: Thread 0 Crashed: 0 Libgaim 0x07946bf2 jabber_si_xfer_send_method_cb 389 (si.c:610) 1 Libgaim 0x0793b753 jabber_iq_parse 290 (iq.c:248) 2 Libgaim 0x0793dd02 jabber_process_packet 130 (jabber.c:179) 3 Libgaim 0x07942f5d jabber_parser_element_end_libxml 76 (parser.c:116) 4 libxml2.2.dylib 0x9292d515 xmlParseNotationDecl 3652 5 libxml2.2.dylib 0x92912d86 xmlParseChunk 4127 6 Libgaim 0x0794305f jabber_parser_process 126 (parser.c:191) 7 Libgaim 0x0793c84a jabber_recv_cb_ssl 141 (jabber.c:381) 8 com.apple.CoreFoundation 0x9083ffef __CFSocketDoCallback 473 http://www.visualdistortion.org/crash/view.jsp?crash=249947 Thread 0 Crashed: 0 Libgaim 0x07b5ee36 g_hash_table_remove 60 1 Libgaim 0x07a9f4bf jabber_iq_remove_callback_by_id 27 (iq.c:249) 2 Libgaim 0x07a99d8c jabber_buddy_get_info_timeout 29 (buddy.c:1079) 3 com.adiumX.AdiumLibgaim 0x08131e10 callTimerFunc 25 http://www.visualdistortion.org/crash/view.jsp?crash=249988 http://www.visualdistortion.org/crash/view.jsp?crash=250074 http://www.visualdistortion.org/crash/view.jsp?crash=250237 http://www.visualdistortion.org/crash/view.jsp?crash=250317 And possibly related, while waking from sleep: Thread 0 Crashed: 0 Libgaim 0x0fa359f2 jabber_buddy_info_show_if_ready 563 (buddy.c:651) 1 Libgaim 0x0fa36dbb jabber_buddy_get_info_timeout 76 (buddy.c:1088) 2 com.adiumX.AdiumLibgaim 0x0377ee10 callTimerFunc 25 3 com.apple.CoreFoundation 0x9082b822 CFRunLoopRunSpecific 3341 http://www.visualdistortion.org/crash/view.jsp?crash=250029 Thread 0 Crashed: 0 Libgaim 0x0870b083 gaim_strdup_withhtml 89 (util.c:2678) 1 Libgaim 0x08754a0a jabber_buddy_info_show_if_ready 587 (buddy.c:652) 2 Libgaim 0x08755dbb jabber_buddy_get_info_timeout 76 (buddy.c:1088) 3 com.adiumX.AdiumLibgaim 0x0840de10 callTimerFunc 25 http://www.visualdistortion.org/crash/view.jsp?crash=249748 Note: Again, on wake from sleep. Probably the same as above. ---- Sending a file via Jabber: Thread 0 Crashed: 0 Libgaim 0x07f3631e g_list_remove 30 1 Libgaim 0x07e66c76 jabber_si_xfer_free 31 (si.c:715) 2 Libgaim 0x07e66ce5 jabber_si_xfer_cancel_send 20 (si.c:733) 3 Libgaim 0x07e35121 gaim_xfer_cancel_local 231 (ft.c:1096) 4 com.adiumX.AdiumLibgaim 0x0379a206 -[ESGaimJabberAccount cancelFileTransfer:] 55 --- Connecting to MSN: Thread 0 Crashed: 0 Libgaim 0x0667dc98 msn_servconn_disconnect 84 (servconn.c:262) 1 Libgaim 0x0667d7f8 msn_servconn_destroy 124 (servconn.c:73) 2 Libgaim 0x066234bc gaim_proxy_connect_data_connected 44 (proxy.c:379) 3 Libgaim 0x06623590 socket_ready_cb 168 (proxy.c:422) 4 com.apple.CoreFoundation 0x907f0410 __CFSocketDoCallback 624 Notes: servconn.c:262 could crash if servconn->session were NULL... and nearby could crash if servconn->disconnect_cb() were an invalid pointer (perhaps because servconn itself is invalid). servconn- >session should not be able to be NULL so far as I can tell. --- Sending an MSN message: Thread 0 Crashed: 0 Libgaim 0x080022f0 ack_cmd 46 (switchboard.c: 763) 1 Libgaim 0x07ff17b1 msn_cmdproc_process_cmd 295 (cmdproc.c:313) 2 Libgaim 0x07ff389f read_cb 1911 (httpconn.c:382) 3 com.apple.CoreFoundation 0x90840fef __CFSocketDoCallback 473 Notes: will crash if (cmdproc == NULL) || (cmdproc->data == NULL) || (cmd == NULL) || (cmd->trans == NULL). It is assumed by the code that these are all non-NULL. Which assumption is wrong? --- Getting Contact Info: Thread 0 Crashed: 0 libSystem.B.dylib 0x9000c5f8 __vfprintf 6311 1 libSystem.B.dylib 0x90053b0b vasprintf 491 2 Libgaim 0x07bfc11f g_vasprintf 84 3 Libgaim 0x07c095f0 g_strdup_vprintf 38 4 Libgaim 0x07b17dda gaim_debug_vargs 122 (debug.c:59) 5 Libgaim 0x07b1806a gaim_debug_misc 75 (debug.c:114) 6 Libgaim 0x07aed0ad url_fetch_connect_cb 433 (util.c:3424) 7 Libgaim 0x07b05d28 gaim_proxy_connect_data_connected 33 (proxy.c:379) 8 Libgaim 0x07b05dcc socket_ready_cb 118 (proxy.c:421) 9 com.apple.CoreFoundation 0x9084103d __CFSocketDoCallback 551 Notes: g_strdup_vprintf() _would_ crash for us if gfud->request were NULL, but it can't be -- it is always set to a non-NULL value just above the call. How could this crash? ---- Unknown: Thread 0 Crashed: 0 Libgaim 0x0eafe559 g_markup_escape_text 78 1 Libgaim 0x0e9e792f xmlnode_to_str_helper 364 (xmlnode.c:376) 2 Libgaim 0x0e9e79ec xmlnode_to_str_helper 553 (xmlnode.c:394) 3 Libgaim 0x0e9e79ec xmlnode_to_str_helper 553 (xmlnode.c:394) 4 Libgaim 0x0e9e7b69 xmlnode_to_formatted_str 77 (xmlnode.c:434) 5 Libgaim 0x0ea2387b gaim_blist_sync 1264 (blist.c:350) 6 Libgaim 0x0ea238c3 save_cb 17 (blist.c: 360) 7 com.adiumX.AdiumLibgaim 0x036e5e10 callTimerFunc 25 http://www.visualdistortion.org/crash/view.jsp?crash=250509 --- Thread 0 Crashed: 0 <<00000000>> 0x00000000 0 0 1 Libgaim 0x067694bc gaim_proxy_connect_data_connected 44 (proxy.c:379) 2 Libgaim 0x06769590 socket_ready_cb 168 (proxy.c:422) 3 com.apple.CoreFoundation 0x907f0410 __CFSocketDoCallback 624 4 com.apple.CoreFoundation 0x907f00d8 __CFSocketPerformV0 288 http://www.visualdistortion.org/crash/view.jsp?crash=250044 --- Cheers, Evan |