Package: libsoup2.4-1
Version: 2.28.1-3
Severity: important
Tags: patch
Liferea crashes inside libsoup library.
Functions that causes this problem are apparently called in this order:
dispose -> stop_idle_timer -> g_source_destroy
I think that sometimes g_source_destroy destroys source already
destroyed. To prevent this, I have made a small patch. It might be
useful, but I can't assure that it's correct. It's based on git
repository, but it applies cleanly on libsoup 2.28.1-3.
-- System Information:
Debian Release: squeeze/sid
APT prefers experimental
APT policy: (501, 'experimental'), (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.31-rc9 (SMP w/2 CPU cores)
Locale: LANG=pl_PL.utf8, LC_CTYPE=pl_PL.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages libsoup2.4-1 depends on:
ii libc6 2.10.1-7 GNU C Library: Shared libraries
ii libgcrypt11 1.4.4-5 LGPL Crypto library - runtime libr
ii libglib2.0-0 2.22.2-2 The GLib library of C routines
ii libgnutls26 2.8.5-2 the GNU TLS library - runtime libr
ii libxml2 2.7.6.dfsg-1 GNOME XML library
libsoup2.4-1 recommends no packages.
libsoup2.4-1 suggests no packages.
-- no debconf information
(gdb) bt full
#0 __pthread_mutex_lock (mutex=0x732f2f3a70747470) at pthread_mutex_lock.c:50
__PRETTY_FUNCTION__ = "__pthread_mutex_lock"
type = <value optimized out>
#1 0x00007fe96cd72e36 in g_source_destroy_internal (source=0x42914b0,
context=0x732f2f3a70747468, have_lock=0)
at /tmp/buildd/glib2.0-2.22.2/glib/gmain.c:837
No locals.
#2 0x00007fe96f36496a in stop_idle_timer (object=0x4127800) at
soup-connection.c:307
No locals.
#3 dispose (object=0x4127800) at soup-connection.c:113
conn = 0x4127800
priv = <value optimized out>
#4 0x00007fe96d00c332 in IA__g_object_unref (_object=<value optimized out>) at
/tmp/buildd/glib2.0-2.22.2/gobject/gobject.c:2441
object = 0x4127800
old_ref = <value optimized out>
__PRETTY_FUNCTION__ = "IA__g_object_unref"
#5 0x00007fe96f379987 in message_finished (msg=0x40d8040, user_data=<value
optimized out>) at soup-session.c:1234
item = 0x4142a40
session = 0x20ab8e0
host = <value optimized out>
#6 0x00007fe96d00a3ed in IA__g_closure_invoke (closure=0x41b97b0,
return_value=0x0, n_param_values=1, param_values=0x4134d60,
invocation_hint=0x7fffd0e37410) at
/tmp/buildd/glib2.0-2.22.2/gobject/gclosure.c:767
marshal = 0x41bb60 <g_cclosure_marshal_void__v...@plt>
marshal_data = 0x0
__PRETTY_FUNCTION__ = "IA__g_closure_invoke"
#7 0x00007fe96d01e24c in signal_emit_unlocked_R (node=0x24f4f00, detail=0,
instance=0x40d8040, emission_return=0x0,
instance_and_params=0x4134d60) at
/tmp/buildd/glib2.0-2.22.2/gobject/gsignal.c:3317
tmp = <value optimized out>
handler = 0x4076290
accumulator = 0x0
emission = {next = 0x0, instance = 0x40d8040, ihint = {signal_id = 348,
detail = 0, run_type = G_SIGNAL_RUN_LAST}, state = EMISSION_RUN,
chain_type = 4}
class_closure = 0x2577cf0
handler_list = 0x4076290
return_accu = 0x0
accu = {g_type = 0, data = {{v_int = 0, v_uint = 0, v_long = 0, v_ulong
= 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0,
v_pointer = 0x0}, {v_int = 0, v_uint = 0, v_long = 0, v_ulong =
0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0,
v_pointer = 0x0}}}
signal_id = 348
max_sequential_handler_number = 16851
return_value_altered = 1
#8 0x00007fe96d01f082 in IA__g_signal_emit_valist (instance=0x40d8040,
signal_id=<value optimized out>, detail=0, var_args=0x7fffd0e375f0)
at /tmp/buildd/glib2.0-2.22.2/gobject/gsignal.c:2980
signal_return_type = 4
param_values = 0x4134d78
node = 0x24f4f00
i = 0
n_params = 0
__PRETTY_FUNCTION__ = "IA__g_signal_emit_valist"
#9 0x00007fe96d01f553 in IA__g_signal_emit (instance=0x732f2f3a70747470,
signal_id=1886680168, detail=0)
at /tmp/buildd/glib2.0-2.22.2/gobject/gsignal.c:3037
var_args = {{gp_offset = 24, fp_offset = 48, overflow_arg_area =
0x7fffd0e376d0, reg_save_area = 0x7fffd0e37610}}
#10 0x00007fe96f379bf5 in soup_session_connection_failed (session=0x20ab8e0,
conn=<value optimized out>, status=4) at soup-session.c:1045
priv = 0x20ab900
host = 0x4133660
item = <value optimized out>
msg = 0x40d8040
#11 0x00007fe96f37b863 in got_connection (conn=0x40ee030, status=<value
optimized out>, session=0x20ab8e0) at soup-session-async.c:290
tunnel_addr = <value optimized out>
#12 0x00007fe96f36481c in socket_connect_result (sock=0x7fe95004c240, status=4,
user_data=<value optimized out>) at soup-connection.c:389
data = 0x4465e60
priv = 0x40ee050
#13 0x00007fe96f37e590 in idle_connect_result (user_data=<value optimized out>)
at soup-socket.c:588
sacd = 0x40da290
priv = 0x7fe95004c260
status = 1886680168
#14 0x00007fe96f37e747 in connect_watch (iochannel=<value optimized out>,
condition=24, data=<value optimized out>) at soup-socket.c:615
sacd = 0x40da290
priv = <value optimized out>
error = 0
len = 4
#15 0x00007fe96cd7312a in g_main_dispatch (context=0x209f610) at
/tmp/buildd/glib2.0-2.22.2/glib/gmain.c:1960
__PRETTY_FUNCTION__ = "g_main_dispatch"
#16 IA__g_main_context_dispatch (context=0x209f610) at
/tmp/buildd/glib2.0-2.22.2/glib/gmain.c:2513
No locals.
#17 0x00007fe96cd76988 in g_main_context_iterate (context=0x209f610, block=1,
dispatch=1, self=<value optimized out>)
at /tmp/buildd/glib2.0-2.22.2/glib/gmain.c:2591
max_priority = 2147483647
timeout = 500
some_ready = 1
nfds = 13
allocated_nfds = <value optimized out>
fds = 0x7fe9500649b0
__PRETTY_FUNCTION__ = "g_main_context_iterate"
#18 0x00007fe96cd76e5d in IA__g_main_loop_run (loop=0x4040ea0) at
/tmp/buildd/glib2.0-2.22.2/glib/gmain.c:2799
self = 0x2076040
__PRETTY_FUNCTION__ = "IA__g_main_loop_run"
#19 0x00007fe96ea4bca7 in IA__gtk_main () at
/tmp/buildd/gtk+2.0-2.18.3/gtk/gtkmain.c:1218
tmp_list = 0x210d640
functions = 0x0
init = 0x0
loop = <value optimized out>
#20 0x0000000000433fd8 in main (argc=1, argv=0x7fffd0e37e18) at main.c:344
error = 0x0
context = <value optimized out>
debug = <value optimized out>
debug_flags = 0
dbus = 0x210d640
initial_state = 0x469d64 "shown"
initialState = 0
opt_session_arg = 0x0
entries = {{long_name = 0x4612e0 "mainwindow-state", short_name = 119
'w', flags = 0, arg = G_OPTION_ARG_STRING,
arg_data = 0x7fffd0e37d08,
description = 0x4613f8 "Start Liferea with its main window in
STATE. STATE may be `shown', `iconified', or `hidden'",
arg_description = 0x4612f1 "STATE"}, {long_name = 0x469d40
"session", short_name = 0 '\000', flags = 1, arg = G_OPTION_ARG_STRING,
arg_data = 0x7fffd0e37d00, description = 0x0, arg_description =
0x0}, {long_name = 0x45c141 "version", short_name = 118 'v',
flags = 8, arg = G_OPTION_ARG_CALLBACK, arg_data = 0x434280,
description = 0x461458 "Show version information and exit",
arg_description = 0x0}, {long_name = 0x0, short_name = 0 '\000',
flags = 0, arg = G_OPTION_ARG_NONE, arg_data = 0x0,
description = 0x0, arg_description = 0x0}}
debug_entries = {{long_name = 0x46122a "debug-all", short_name = 0
'\000', flags = 8, arg = G_OPTION_ARG_CALLBACK, arg_data = 0x433770,
description = 0x461480 "Print debugging messages of all types",
arg_description = 0x0}, {long_name = 0x461236 "debug-cache",
short_name = 0 '\000', flags = 8, arg = G_OPTION_ARG_CALLBACK,
arg_data = 0x433770,
description = 0x4614a8 "Print debugging messages for the cache
handling", arg_description = 0x0}, {long_name = 0x461244 "debug-conf",
short_name = 0 '\000', flags = 8, arg = G_OPTION_ARG_CALLBACK,
arg_data = 0x433770,
description = 0x4614d8 "Print debugging messages of the
configuration handling", arg_description = 0x0}, {
long_name = 0x461251 "debug-db", short_name = 0 '\000', flags = 8,
arg = G_OPTION_ARG_CALLBACK, arg_data = 0x433770,
description = 0x461510 "Print debugging messages of the database
handling", arg_description = 0x0}, {
long_name = 0x46125c "debug-gui", short_name = 0 '\000', flags = 8,
arg = G_OPTION_ARG_CALLBACK, arg_data = 0x433770,
description = 0x461548 "Print debugging messages of all GUI
functions", arg_description = 0x0}, {long_name = 0x461268 "debug-html",
short_name = 0 '\000', flags = 8, arg = G_OPTION_ARG_CALLBACK,
arg_data = 0x433770,
description = 0x461578 "Enables HTML rendering debugging. Each time
Liferea renders HTML output it will also dump the generated HTML into
~/.liferea_1.6/output.xhtml", arg_description = 0x0}, {long_name = 0x461275
"debug-net", short_name = 0 '\000', flags = 8,
arg = G_OPTION_ARG_CALLBACK, arg_data = 0x433770, description =
0x461608 "Print debugging messages of all network activity",
arg_description = 0x0}, {long_name = 0x461281 "debug-parsing",
short_name = 0 '\000', flags = 8, arg = G_OPTION_ARG_CALLBACK,
arg_data = 0x433770, description = 0x461640 "Print debugging
messages of all parsing functions", arg_description = 0x0}, {
long_name = 0x461291 "debug-performance", short_name = 0 '\000',
flags = 8, arg = G_OPTION_ARG_CALLBACK, arg_data = 0x433770,
description = 0x461678 "Print debugging messages when a function
takes too long to process", arg_description = 0x0}, {
long_name = 0x4612a5 "debug-plugins", short_name = 0 '\000', flags
= 8, arg = G_OPTION_ARG_CALLBACK, arg_data = 0x433770,
description = 0x4616c0 "Print debugging messages for the plugin
loading", arg_description = 0x0}, {
long_name = 0x4612b5 "debug-trace", short_name = 0 '\000', flags =
8, arg = G_OPTION_ARG_CALLBACK, arg_data = 0x433770,
description = 0x4616f0 "Print debugging messages when
entering/leaving functions", arg_description = 0x0}, {
long_name = 0x4612c3 "debug-update", short_name = 0 '\000', flags =
8, arg = G_OPTION_ARG_CALLBACK, arg_data = 0x433770,
description = 0x461730 "Print debugging messages of the feed update
processing", arg_description = 0x0}, {
long_name = 0x4612d2 "debug-verbose", short_name = 0 '\000', flags
= 8, arg = G_OPTION_ARG_CALLBACK, arg_data = 0x433770,
description = 0x461768 "Print verbose debugging messages",
arg_description = 0x0}, {long_name = 0x0, short_name = 0 '\000',
flags = 0, arg = G_OPTION_ARG_NONE, arg_data = 0x0, description =
0x0, arg_description = 0x0}}
__PRETTY_FUNCTION__ = "main"
diff --git a/libsoup/soup-connection.c b/libsoup/soup-connection.c
index 9f59816..64798c4 100644
--- a/libsoup/soup-connection.c
+++ b/libsoup/soup-connection.c
@@ -110,14 +110,17 @@ dispose (GObject *object)
SoupConnection *conn = SOUP_CONNECTION (object);
SoupConnectionPrivate *priv = SOUP_CONNECTION_GET_PRIVATE (conn);
- stop_idle_timer (priv);
- /* Make sure clear_current_request doesn't re-establish the timeout */
- priv->idle_timeout = 0;
+ if (!g_source_is_destroyed (g_main_current_source ())) {
+ stop_idle_timer (priv);
+ /* Make sure clear_current_request doesn't re-establish the timeout */
+ priv->idle_timeout = 0;
+
+ clear_current_request (conn);
+ soup_connection_disconnect (conn);
- clear_current_request (conn);
- soup_connection_disconnect (conn);
+ G_OBJECT_CLASS (soup_connection_parent_class)->dispose (object);
+ }
- G_OBJECT_CLASS (soup_connection_parent_class)->dispose (object);
}
static void
