Opened 8 years ago

Closed 8 years ago

#4530 closed defect (fixed)

Sugar crashing on opening the pippy activity from journal

Reported by: suraj.gillespie Owned by:
Priority: Urgent Milestone: Unspecified
Component: Sugar Version: Unspecified
Severity: Major Keywords: journal
Cc: dnarvaez, walter Distribution/OS: Unspecified
Bug Status: New

Description

Sugar crashes when you do this:

1)Open pippy activity.
2)Change the activity title in the activity toolbar
3)Close pippy activity.
4)Open journal and run pippy from there.

Sugar crashes and you'd get something like this on your terminal:
http://fpaste.org/21626/37241794/

Change History (12)

comment:1 Changed 8 years ago by dnarvaez

  • Component changed from journal to sugar

comment:2 Changed 8 years ago by dnarvaez

  • Bug Status changed from New to Unconfirmed

comment:3 Changed 8 years ago by dnarvaez

  • Bug Status changed from Unconfirmed to New
  • Priority changed from Unspecified by Maintainer to Urgent

comment:4 Changed 8 years ago by walter

Observation: The same Pippy entry that crashes Sugar from resuming from the Journal opens fine when resumed from the Home View.

The fpaste.org link in the original ticket has expired. The relevant error is:

* Error in `python': double free or corruption (out): 0x0addcdf0 *

Also, if you try to open the detail view of the Pippy entry, you also crash Sugar:

* Error in `python': free(): invalid pointer: 0x09ae58f8 *

Further, I get the error just by putting the cursor over the Pippy icon in the list view, so it is probably related to the generation of the palette menus, not launch.

comment:5 Changed 8 years ago by walter

Digging a bit deeper, the crash happens when creating the icon palette (in ExpandedEntry.py, line 338)

icon.set_palette(ObjectPalette(self._journalactivity, self._metadata))

Probably also happens when setting the palette in the list view.

Now to determine why it crashes.

comment:6 Changed 8 years ago by walter

The problem is in mime.get_mime_parents

digging deeper

comment:7 Changed 8 years ago by dnarvaez

I cannot reproduce here but I suspect it's missing an annotation. Something like

http://pastebin.com/PhkciESD

If I read gobject introspection correctly this would by default be a transfer full. But the function seems to return cached values. So gi would try to free those and cause double frees.

comment:8 Changed 8 years ago by walter

Found this comment in a attachment to a freedesktop ticket.

/* xdg_mime_get_mime_parents() is deprecated since it does

  • not work correctly with caches. Use xdg_mime_list_parents()
  • instead, but notice that that function expects you to free
  • the array it returns. */

comment:9 Changed 8 years ago by dnarvaez

  • Cc walter added

Oh, it looks like mime.get_mime_parents() is actually already using list_parents(). I think the real problem is the annotation on xdg_mime_list_parents. It should be transfer container, not transfer full. In fact that function duplicates only the array, not the strings it contains. The following fixes the issue for me

 - * Return value: (array zero-terminated=1) (transfer full):
 + * Return value: (transfer container):

At least it fixes mime.get_mime_parents("text/xml"), which is crashing without that change for me (after running it a couple of times).

Last edited 8 years ago by dnarvaez (previous) (diff)

comment:10 Changed 8 years ago by walter

Switched the return value as per above and Pippy works. Again, no idea why this error was isolated to text/x-python mimetypes. But your solution seems to fix the problem. Do you want me to prepare the merge request?

Last edited 8 years ago by walter (previous) (diff)

comment:12 Changed 8 years ago by Walter Bender

  • Resolution set to fixed
  • Status changed from new to closed

Fix annotation for xdg_mime_list_parents

There is a fatal crash in Sugar when retrieving mimetypes for some Journal
entries when contructing the icon palette (for both the Journal list view
and detail view). We isolated the problem to xdgmime.c, the call to
xdg_get_mime_parents. Dnarvaez observed that the annotation for the
return argument was missing and that the annotation for the return for
mime_list_parents was wrong. This patch fixes these annotations.

Fixes #4530

Changeset: 7d931c845ebde4aa472835708e5c9ac4e66666b0

Note: See TracTickets for help on using tickets.