Bug#863804: rhythmbox:Segmentation fault in Recently added > Playlist > Edit

Valentin Lorentz progval at progval.net
Wed May 31 12:12:08 UTC 2017 

Package: rhythmbox
Version: 3.4.1-2+b1


Dear maintainer,

When displaying the “Recently added” playlist (which is empty at the
moment), clicked “Playlist” and then “Edit” results in a segmentation fault.

The attached file contains valgrind's output just before the crash.


Valentin
-------------- next part --------------
(rhythmbox:22829): libpeas-WARNING **: The 'python' plugin loader has not been enabled

(rhythmbox:22829): Rhythmbox-WARNING **: Unable to grab media player keys: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SettingsDaemon was not provided by any .service files
libva info: VA-API version 0.39.4
libva info: va_getDriverName() returns -1
libva error: va_getDriverName() failed with unknown libva error,driver_name=(null)
libva info: VA-API version 0.39.4
libva info: va_getDriverName() returns -1
libva error: va_getDriverName() failed with unknown libva error,driver_name=(null)
libva info: VA-API version 0.39.4
libva info: va_getDriverName() returns 0
libva info: Trying to open /usr/lib/x86_64-linux-gnu/dri/i965_drv_video.so
libva info: Found init function __vaDriverInit_0_39
libva info: va_openDriver() returns 0
==22956== 
==22956== HEAP SUMMARY:
==22956==     in use at exit: 36,519,991 bytes in 381,591 blocks
==22956==   total heap usage: 2,618,729 allocs, 2,237,138 frees, 387,681,478 bytes allocated
==22956== 
==22956== LEAK SUMMARY:
==22956==    definitely lost: 105,621 bytes in 446 blocks
==22956==    indirectly lost: 135,146 bytes in 2,879 blocks
==22956==      possibly lost: 87,758 bytes in 281 blocks
==22956==    still reachable: 30,850,730 bytes in 340,326 blocks
==22956==                       of which reachable via heuristic:
==22956==                         length64           : 17,792 bytes in 251 blocks
==22956==                         newarray           : 2,608 bytes in 83 blocks
==22956==                         multipleinheritance: 496 bytes in 1 blocks
==22956==         suppressed: 0 bytes in 0 blocks
==22956== Rerun with --leak-check=full to see details of leaked memory
==22956== 
==22956== For counts of detected and suppressed errors, rerun with: -v
==22956== Use --track-origins=yes to see where uninitialised values come from
==22956== ERROR SUMMARY: 1182 errors from 95 contexts (suppressed: 0 from 0)
==23018== 
==23018== HEAP SUMMARY:
==23018==     in use at exit: 34,123,746 bytes in 344,552 blocks
==23018==   total heap usage: 5,549,058 allocs, 5,204,506 frees, 823,053,998 bytes allocated
==23018== 
==23018== LEAK SUMMARY:
==23018==    definitely lost: 96,432 bytes in 629 blocks
==23018==    indirectly lost: 184,003 bytes in 4,478 blocks
==23018==      possibly lost: 87,870 bytes in 283 blocks
==23018==    still reachable: 28,415,705 bytes in 301,510 blocks
==23018==                       of which reachable via heuristic:
==23018==                         length64           : 17,792 bytes in 251 blocks
==23018==                         newarray           : 2,608 bytes in 83 blocks
==23018==                         multipleinheritance: 496 bytes in 1 blocks
==23018==         suppressed: 0 bytes in 0 blocks
==23018== Rerun with --leak-check=full to see details of leaked memory
==23018== 
==23018== For counts of detected and suppressed errors, rerun with: -v
==23018== Use --track-origins=yes to see where uninitialised values come from
==23018== ERROR SUMMARY: 1182 errors from 95 contexts (suppressed: 0 from 0)
==22829== Conditional jump or move depends on uninitialised value(s)
==22829==    at 0x7F688CD: ??? (in /usr/lib/x86_64-linux-gnu/libcairo.so.2.11400.8)
==22829==    by 0x7F4F874: ??? (in /usr/lib/x86_64-linux-gnu/libcairo.so.2.11400.8)
==22829==    by 0x7F4FE7F: ??? (in /usr/lib/x86_64-linux-gnu/libcairo.so.2.11400.8)
==22829==    by 0x7F50F59: ??? (in /usr/lib/x86_64-linux-gnu/libcairo.so.2.11400.8)
==22829==    by 0x7F51311: ??? (in /usr/lib/x86_64-linux-gnu/libcairo.so.2.11400.8)
==22829==    by 0x7EF6950: ??? (in /usr/lib/x86_64-linux-gnu/libcairo.so.2.11400.8)
==22829==    by 0x7F3F5FB: ??? (in /usr/lib/x86_64-linux-gnu/libcairo.so.2.11400.8)
==22829==    by 0x7EFEBF3: ??? (in /usr/lib/x86_64-linux-gnu/libcairo.so.2.11400.8)
==22829==    by 0x7EF12E0: cairo_mask (in /usr/lib/x86_64-linux-gnu/libcairo.so.2.11400.8)
==22829==    by 0x5684841: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-3.so.0.2200.11)
==22829==    by 0x56824C8: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-3.so.0.2200.11)
==22829==    by 0x579C8B9: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-3.so.0.2200.11)
==22829== 
Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged.
==22829== Invalid read of size 1
==22829==    at 0x660CA60: __GI_strcmp (strcmp.S:144)
==22829==    by 0x65BAAC6: transcmp (dcigettext.c:288)
==22829==    by 0x667373F: tfind (tsearch.c:318)
==22829==    by 0x65BB903: __dcigettext (dcigettext.c:571)
==22829==    by 0x4EDD781: sort_option_menu_changed (rb-query-creator.c:945)
==22829==    by 0x5E19F74: g_closure_invoke (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==22829==    by 0x5E2BF81: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==22829==    by 0x5E34BDB: g_signal_emit_valist (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==22829==    by 0x5E34FBE: g_signal_emit (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==22829==    by 0x565115A: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-3.so.0.2200.11)
==22829==    by 0x5652F8F: gtk_combo_box_set_active (in /usr/lib/x86_64-linux-gnu/libgtk-3.so.0.2200.11)
==22829==    by 0x4EDEC26: rb_query_creator_set_sorting (rb-query-creator.c:474)
==22829==    by 0x4EDEC26: rb_query_creator_new_from_query (rb-query-creator.c:508)
==22829==  Address 0x800000000 is not stack'd, malloc'd or (recently) free'd
==22829== 
==22829== 
==22829== Process terminating with default action of signal 11 (SIGSEGV)
==22829==  Access not within mapped region at address 0x800000000
==22829==    at 0x660CA60: __GI_strcmp (strcmp.S:144)
==22829==    by 0x65BAAC6: transcmp (dcigettext.c:288)
==22829==    by 0x667373F: tfind (tsearch.c:318)
==22829==    by 0x65BB903: __dcigettext (dcigettext.c:571)
==22829==    by 0x4EDD781: sort_option_menu_changed (rb-query-creator.c:945)
==22829==    by 0x5E19F74: g_closure_invoke (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==22829==    by 0x5E2BF81: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==22829==    by 0x5E34BDB: g_signal_emit_valist (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==22829==    by 0x5E34FBE: g_signal_emit (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==22829==    by 0x565115A: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-3.so.0.2200.11)
==22829==    by 0x5652F8F: gtk_combo_box_set_active (in /usr/lib/x86_64-linux-gnu/libgtk-3.so.0.2200.11)
==22829==    by 0x4EDEC26: rb_query_creator_set_sorting (rb-query-creator.c:474)
==22829==    by 0x4EDEC26: rb_query_creator_new_from_query (rb-query-creator.c:508)
==22829==  If you believe this happened as a result of a stack
==22829==  overflow in your program's main thread (unlikely but
==22829==  possible), you can try to increase the size of the
==22829==  main thread stack using the --main-stacksize= flag.
==22829==  The main thread stack size used in this run was 8388608.
==22829== 
==22829== HEAP SUMMARY:
==22829==     in use at exit: 35,339,262 bytes in 360,002 blocks
==22829==   total heap usage: 6,026,085 allocs, 5,666,083 frees, 900,509,626 bytes allocated
==22829== 
==22829== LEAK SUMMARY:
==22829==    definitely lost: 92,152 bytes in 800 blocks
==22829==    indirectly lost: 233,657 bytes in 6,125 blocks
==22829==      possibly lost: 105,734 bytes in 581 blocks
==22829==    still reachable: 29,280,455 bytes in 312,779 blocks
==22829==                       of which reachable via heuristic:
==22829==                         length64           : 19,088 bytes in 266 blocks
==22829==                         newarray           : 2,608 bytes in 83 blocks
==22829==                         multipleinheritance: 496 bytes in 1 blocks
==22829==         suppressed: 0 bytes in 0 blocks
==22829== Rerun with --leak-check=full to see details of leaked memory
==22829== 
==22829== For counts of detected and suppressed errors, rerun with: -v
==22829== Use --track-origins=yes to see where uninitialised values come from
==22829== ERROR SUMMARY: 1189 errors from 97 contexts (suppressed: 0 from 0)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20170531/f955f869/attachment.sig>

More information about the pkg-gnome-maintainers mailing list