This is reasonably repeatable for me, with different backtraces always leading
to a malloc/calloc corruptions; here are some more backtraces; I can trigger it
normally by opening a VM and booting it; it normally dies just as it changes
resolution as it
goes from console to X; not every time but most.
I could believe this could be in the VNC code or glue related to it.
#0 0x00007f82190cdba5 in *__GI_raise (sig=<value optimised out>)
at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1 0x00007f82190d16b0 in *__GI_abort () at abort.c:92
#2 0x00007f821910743b in __libc_message (do_abort=<value optimised out>,
fmt=<value optimised out>) at ../sysdeps/unix/sysv/linux/libc_fatal.c:189
#3 0x00007f82191114b6 in malloc_printerr (action=3,
str=0x7f82191e1f4b "realloc(): invalid next size", ptr=<value optimised
out>)
at malloc.c:6283
#4 0x00007f8219117b96 in _int_realloc (av=0x7f8219418e40, oldp=0x28d25f0,
oldsize=<value optimised out>, nb=8208) at malloc.c:5238
#5 0x00007f8219117eb0 in *__GI___libc_realloc (oldmem=0x28d2600, bytes=8192)
at malloc.c:3821
#6 0x00007f82161c561f in g_realloc (mem=0x1d5f, n_bytes=8192)
at /build/buildd/glib2.0-2.25.15/glib/gmem.c:181
#7 0x00007f820a950491 in vnc_connection_buffered_write (conn=<value optimised
out>,
data=0x7fffbe8da5ac, size=<value optimised out>) at vncconnection.c:1361
#8 0x00007f820a95059c in vnc_connection_buffered_write_u16 (conn=0x1d5f,
value=8195)
at vncconnection.c:1384
#9 0x00007f820a950716 in vnc_connection_framebuffer_update_request
(conn=0x279d310,
incremental=1, x=0, y=0, width=800, height=<value optimised out>)
at vncconnection.c:1508
#10 0x00007f820ab6c2b7 in on_framebuffer_update (conn=<value optimised out>,
x=<value optimised out>, y=<value optimised out>, w=16, h=<value optimised
out>,
opaque=<value optimised out>) at vncdisplay.c:912
#11 0x00007f8216878afe in g_closure_invoke (closure=0x279ad10,
return_value=0x0,
n_param_values=5, param_values=0x287be80, invocation_hint=0x7fffbe8da800)
at /build/buildd/glib2.0-2.25.15/gobject/gclosure.c:766
#12 0x00007f8216891379 in signal_emit_unlocked_R (node=0x23d9880,
detail=<value optimised out>, instance=<value optimised out>,
emission_return=<value optimised out>, instance_and_params=<value optimised
out>)
at /build/buildd/glib2.0-2.25.15/gobject/gsignal.c:3252
#13 0x00007f8216892af6 in g_signal_emit_valist (instance=0x279d310,
signal_id=<value optimised out>, detail=0, var_args=0x7fffbe8da9f0)
at /build/buildd/glib2.0-2.25.15/gobject/gsignal.c:2983
#14 0x00007f8216893353 in g_signal_emit (instance=0x1d5f, signal_id=7519,
detail=6)
at /build/buildd/glib2.0-2.25.15/gobject/gsignal.c:3040
#15 0x00007f820a94e4e6 in do_vnc_connection_emit_main_context (
opaque=<value optimised out>) at vncconnection.c:450
#16 0x00007f82161bc7e2 in g_main_dispatch (context=0x16a42b0)
at /build/buildd/glib2.0-2.25.15/glib/gmain.c:2119
#17 g_main_context_dispatch (context=0x16a42b0)
at /build/buildd/glib2.0-2.25.15/glib/gmain.c:2672
#18 0x00007f82161c0748 in g_main_context_iterate (context=0x16a42b0,
block=<value optimised out>, dispatch=<value optimised out>,
self=<value optimised out>) at
/build/buildd/glib2.0-2.25.15/glib/gmain.c:2750
#19 0x00007f82161c0c55 in g_main_loop_run (loop=0x1d35470)
at /build/buildd/glib2.0-2.25.15/glib/gmain.c:2958
#20 0x00007f821516ba47 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
#21 0x00007f8215825852 in ?? () from
/usr/lib/pymodules/python2.6/gtk-2.0/gtk/_gtk.so
#22 0x00000000004a52e8 in PyEval_EvalFrameEx ()
#23 0x00000000004a5ab0 in PyEval_EvalFrameEx ()
#24 0x00000000004a6bd1 in PyEval_EvalCodeEx ()
#25 0x00000000004a6ca2 in PyEval_EvalCode ()
#26 0x00000000004c701e in PyRun_FileExFlags ()
#27 0x00000000004c7234 in PyRun_SimpleFileExFlags ()
#28 0x00000000004180c1 in Py_Main ()
#29 0x00007f82190b8d8e in __libc_start_main (main=<value optimised out>,
argc=<value optimised out>, ubp_av=<value optimised out>, init=<value
optimised out>,
fini=<value optimised out>, rtld_fini=<value optimised out>,
stack_end=0x7fffbe8db378)
at libc-start.c:226
#30 0x00000000004172c9 in _start ()
------------------------------------------------------------------------------------
Program received signal SIGABRT, Aborted.
[Switching to Thread 0x7f2644921710 (LWP 18268)]
0x00007f2654c64ba5 in *__GI_raise (sig=<value optimised out>)
at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
64 ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
in ../nptl/sysdeps/unix/sysv/linux/raise.c
(gdb) where
#0 0x00007f2654c64ba5 in *__GI_raise (sig=<value optimised out>)
at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1 0x00007f2654c686b0 in *__GI_abort () at abort.c:92
#2 0x00007f2654ca854a in __malloc_assert (assertion=<value optimised out>,
file=<value optimised out>, line=<value optimised out>,
function=<value optimised out>) at malloc.c:351
#3 0x00007f2654cacacb in _int_malloc (av=0x7f2654fafe40, bytes=120) at
malloc.c:4636
#4 0x00007f2654cad38e in *__GI___libc_malloc (bytes=120) at malloc.c:3660
#5 0x00007f2652f90b9e in xmlNewNode () from /usr/lib/libxml2.so.2
#6 0x00007f2652f94618 in xmlNewDocNode () from /usr/lib/libxml2.so.2
#7 0x00007f2653035b2c in xmlSAX2StartElementNs () from /usr/lib/libxml2.so.2
#8 0x00007f2652f83701 in ?? () from /usr/lib/libxml2.so.2
#9 0x00007f2652f8433c in xmlParseElement () from /usr/lib/libxml2.so.2
#10 0x00007f2652f8488a in xmlParseContent () from /usr/lib/libxml2.so.2
#11 0x00007f2652f843cb in xmlParseElement () from /usr/lib/libxml2.so.2
#12 0x00007f2652f8488a in xmlParseContent () from /usr/lib/libxml2.so.2
#13 0x00007f2652f843cb in xmlParseElement () from /usr/lib/libxml2.so.2
#14 0x00007f2652f8488a in xmlParseContent () from /usr/lib/libxml2.so.2
#15 0x00007f2652f843cb in xmlParseElement () from /usr/lib/libxml2.so.2
#16 0x00007f2652f8b57a in xmlParseDocument () from /usr/lib/libxml2.so.2
#17 0x00007f2652f8c056 in xmlSAXParseDoc () from /usr/lib/libxml2.so.2
#18 0x00007f26498ed41c in libxml_xmlParseDoc ()
from /usr/lib/pymodules/python2.6/libxml2mod.so
#19 0x00000000004a51ae in PyEval_EvalFrameEx ()
#20 0x00000000004a5ab0 in PyEval_EvalFrameEx ()
#21 0x00000000004a6bd1 in PyEval_EvalCodeEx ()
#22 0x00000000004a4d59 in PyEval_EvalFrameEx ()
#23 0x00000000004a6bd1 in PyEval_EvalCodeEx ()
#24 0x00000000004a4d59 in PyEval_EvalFrameEx ()
#25 0x00000000004a6bd1 in PyEval_EvalCodeEx ()
#26 0x00000000004a4d59 in PyEval_EvalFrameEx ()
---Type <return> to continue, or q <return> to quit---
#27 0x00000000004a5ab0 in PyEval_EvalFrameEx ()
#28 0x00000000004a5ab0 in PyEval_EvalFrameEx ()
#29 0x00000000004a6bd1 in PyEval_EvalCodeEx ()
#30 0x00000000004a4d59 in PyEval_EvalFrameEx ()
#31 0x00000000004a6bd1 in PyEval_EvalCodeEx ()
#32 0x0000000000535c3d in ?? ()
#33 0x000000000041c9d7 in PyObject_Call ()
#34 0x00000000004a38a1 in PyEval_EvalFrameEx ()
#35 0x00000000004a5ab0 in PyEval_EvalFrameEx ()
#36 0x00000000004a5ab0 in PyEval_EvalFrameEx ()
#37 0x00000000004a6bd1 in PyEval_EvalCodeEx ()
#38 0x0000000000535b40 in ?? ()
#39 0x000000000041c9d7 in PyObject_Call ()
#40 0x000000000042570f in ?? ()
#41 0x000000000041c9d7 in PyObject_Call ()
#42 0x000000000049f053 in PyEval_CallObjectWithKeywords ()
#43 0x00000000004d578a in ?? ()
#44 0x00007f2655e42971 in start_thread (arg=<value optimised out>) at
pthread_create.c:304
#45 0x00007f2654d1792d in clone () at
../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#46 0x0000000000000000 in ?? ()
(gdb) q
------------------------------------------------------------------------------------
--
virt-manager.py crashed with SIGSEGV in PyEval_EvalFrameEx()
https://bugs.launchpad.net/bugs/619559
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
