Adium

Ticket #7952 (new crash)

Opened 1 year ago

Last modified 7 months ago

Crash in libpurple at g_list_delete_link (XMPP caps code)

Reported by: beej Assigned to: am
Priority: high Milestone: Waiting on libpurple
Component: Jabber/XMPP Version: 1.1.3
Severity: normal Keywords:
Cc: Patch: None
Pending: 0

Description

adium 1.1.3b3 just crashed on me with the following stack: 

Thread 0 Crashed:
0   Libpurple                      	0x08040e50 g_list_delete_link + 45
1   Libpurple                      	0x07ffc241 jabber_caps_free_clientinfo + 73
2   Libpurple                      	0x07f52bde jabber_presence_set_capabilities + 42
3   Libpurple                      	0x07ffc47f jabber_caps_get_info_check_completion + 508
4   Libpurple                      	0x07f47a0b jabber_iq_parse + 275
5   Libpurple                      	0x07f523d9 jabber_parser_element_end_libxml + 81
6   libxml2.2.dylib                	0x91c05515 xmlParseNotationDecl + 3652
7   libxml2.2.dylib                	0x91bead86 xmlParseChunk + 4127
8   Libpurple                      	0x07f52503 jabber_parser_process + 131
9   Libpurple                      	0x07f480ed jabber_recv_cb_ssl + 151
10  com.apple.CoreFoundation       	0x90842faf __CFSocketDoCallback + 473
11  com.apple.CoreFoundation       	0x90842d24 __CFSocketPerformV0 + 392
12  com.apple.CoreFoundation       	0x9082cf92 CFRunLoopRunSpecific + 1213
13  com.apple.CoreFoundation       	0x9082cace CFRunLoopRunInMode + 61
14  com.apple.HIToolbox            	0x92de28d8 RunCurrentEventLoopInMode + 285
15  com.apple.HIToolbox            	0x92de1fe2 ReceiveNextEventCommon + 385
16  com.apple.HIToolbox            	0x92de1e39 BlockUntilNextEventMatchingListInMode + 81
17  com.apple.AppKit               	0x93288465 _DPSNextEvent + 572
18  com.apple.AppKit               	0x93288056 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 137
19  com.apple.AppKit               	0x93281ddb -[NSApplication run] + 512
20  com.apple.AppKit               	0x93275d2f NSApplicationMain + 573
21  com.adiumX.adiumX              	0x00002ef2 _start + 216
22  com.adiumX.adiumX              	0x00002e19 start + 41

attached is complete log from CrashReporter

Attachments

Adium.crash.log (26.9 kB) - added by beej on 09/20/2007 01:34:15 PM.
crash log

Change History

09/20/2007 01:34:15 PM changed by beej

  • attachment Adium.crash.log added.

crash log

09/20/2007 04:03:12 PM changed by edr1084

  • priority changed from normal to high.
  • milestone set to Adium X 1.1.3.

09/25/2007 10:51:28 PM changed by evands

Had you recently disconnected or put your computer to sleep?

09/25/2007 10:51:44 PM changed by evands

  • milestone changed from Adium X 1.1.3 to Adium X 1.1.4.

09/26/2007 05:00:09 PM changed by evands

Two the other reports of this: 63f32319b18164074670f01f3e5c12e127d33a67 22228dd014648a7c4dc722eaab700bd8fc34c53f

(disassembly shows that the address in jabber_caps_free_clientinfo() is indeed the first g_list_delete_link() in that function).

The first report of the crash is in trunk from 7/13/07: df40fc358f927ea9bfe7d362ec9d75dfa420bc16

The user was running, using that date for reference, the build of Libpurple.framework Andy committed in [20234] (although of course it may have been introduced as a crash earlier than that), which is:

im.pidgin.soc.2007.xmpp 8d594a500b09bd48f7ff600ef9e5c8586abc6813

In [20275], I committed a build of libpurple that was more easily retrieved from the Adium repository: libpurple.framework xmpp branch [465]

So that probably represents the first Libpurple.framework with the crash.

09/26/2007 05:03:16 PM changed by am

As far as I know, Sean already fixed this in libpurple trunk a few weeks ago. Adium is using an old version.

09/26/2007 05:12:58 PM changed by evands

Ah, excellent; this must have been after the Pidgin 2.2.0 release. Adium is using the 2.2.0 release of libpurple. I don't have a problem with cherry-picking the fix if you know what the revision on im.pidgin.pidgin was.

09/26/2007 05:17:35 PM changed by am

You should probably use the latest version, since 2.2 they fixed a lot of leaks and crashes... I guess it's not the best code I ever wrote...

http://developer.pidgin.im/viewmtn/revision/filechanges/0a36aea71847198e73c07cbef0be7e7a7db12c57/libpurple/protocols/jabber/caps.c

09/26/2007 05:31:32 PM changed by evands

Actually, we're not using a straight 2.2.0 release build. As per [21053], the last change to Libpurple.framework on adium-1.1, we cherry picked a MySpace fix and the various libpurple fixes. 1.1.3b3 is [21054] so includes this version of Libpurple.framework.

Diff verifies that the sources used for the xmpp prpl for 1.1.3b3 ([21053]'s framework) are identical to those as of 0a36aea71847198e73c07cbef0be7e7a7db12c57 (and include all other changes except the very recent attention API stuff).

This crash is therefore still present in im.pidgin.pidgin HEAD as best as I can tell.

10/01/2007 08:41:26 PM changed by jas8522

Should the fix for this crash be in 1.1.3 with libpurple 2.2.1 then?

10/02/2007 03:36:45 AM changed by am

No, it seems that this one wasn't fixed yet. The caps code (the offending code in question) has to be rewritten for the current version of the XEP anyways. This would also fix this bug (but probably cause others).

10/02/2007 09:15:00 AM changed by jas8522

  • version changed from 1.1.3b3 to 1.1.3.

10/18/2007 03:12:50 PM changed by evands

  • milestone changed from Adium X 1.1.4 to Waiting on libpurple.

Would someone please file this in pidgin trac and put the link to the ticket here?

10/22/2007 10:14:34 AM changed by jas8522

#p3643

02/25/2008 10:12:36 PM changed by Robby

  • pending set to 1.
  • milestone changed from Waiting on libpurple to Needs feedback from users.

Pidgin trac is f***ed up once again so I can't check that ticket.

Does Adium still crash on you?

03/09/2008 11:38:32 PM changed by Robby

  • pending deleted.

03/09/2008 11:42:39 PM changed by Robby

  • milestone changed from Needs feedback from users to Waiting on libpurple.

05/15/2008 08:37:56 AM changed by djmori

05/31/2008 03:22:43 PM changed by Robby

  • summary changed from crash in libpurple at g_list_delete_link (1.1.3b3) to Crash in libpurple at g_list_delete_link (XMPP caps code).

05/31/2008 03:26:25 PM changed by Robby

  • owner changed from nobody to am.
  • type changed from defect to crash.
  • component changed from libpurple to Jabber/XMPP.

05/31/2008 03:48:42 PM changed by am

That's part of the libpurple XMPP SoC-Project