Upstream gave some debugging hints 'So the only unref call has a matching ref call pair. This means it shouldn't lead to the object getting freed. But between those two calls the property notify handlers get run, etc. It's at least conceivable to me that one of those handlers is accidentally unrefing the object when it isn't supposed to.
If that is what's going on, how are we going to find out where the handler is? One idea, You could try putting g_object_unref (user); and the top of on_new_user_loaded. This is wrong and adding a bug, but it may also help valgrind to spot the aforementioned, theorized preexisting extraneously unref too. This is because it will make the user object get freed earlier, and valgrind should show where.' Could you give it a try? -- You received this bug notification because you are a member of DX Packages, which is subscribed to accountsservice in Ubuntu. Matching subscriptions: dx-packages https://bugs.launchpad.net/bugs/1966905 Title: Valgrind memory errors in gnome-shell 42 from accountsservice Status in accountsservice: Unknown Status in accountsservice package in Ubuntu: New Status in gnome-shell package in Ubuntu: New Bug description: Valgrind memory errors in gnome-shell 42 from accountsservice: ==60511== Invalid read of size 8 ==60511== at 0x4D207FA: g_type_check_instance_cast (gtype.c:4120) ==60511== by 0x1E421CA2: free_fetch_user_request (act-user-manager.c:1708) ==60511== by 0x1E4298E7: on_find_user_by_name_finished (act-user-manager.c:1187) ==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230) ==60511== by 0x4BC0E0A: UnknownInlinedFun (gtask.c:1300) ==60511== by 0x4BC0E0A: g_task_return (gtask.c:1256) ==60511== by 0x4C298BA: reply_cb (gdbusproxy.c:2576) ==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230) ==60511== by 0x4BC0E0A: UnknownInlinedFun (gtask.c:1300) ==60511== by 0x4BC0E0A: g_task_return (gtask.c:1256) ==60511== by 0x4C2107E: g_dbus_connection_call_done (gdbusconnection.c:5895) ==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230) ==60511== by 0x4BC0C4C: complete_in_idle_cb (gtask.c:1244) ==60511== by 0x4D9CC23: UnknownInlinedFun (gmain.c:3417) ==60511== by 0x4D9CC23: g_main_context_dispatch (gmain.c:4135) ==60511== Address 0x185b5110 is 0 bytes inside a block of size 64 free'd ==60511== at 0x484B27F: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==60511== by 0x4D1F7D4: g_type_free_instance (gtype.c:2008) ==60511== by 0x1E428ECA: UnknownInlinedFun (act-user.c:562) ==60511== by 0x1E428ECA: UnknownInlinedFun (act-user.c:557) ==60511== by 0x1E428ECA: _act_user_update_from_object_path (act-user.c:1346) ==60511== by 0x1E42966F: fetch_user_incrementally (act-user-manager.c:1789) ==60511== by 0x1E4298E7: on_find_user_by_name_finished (act-user-manager.c:1187) ==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230) ==60511== by 0x4BC0E0A: UnknownInlinedFun (gtask.c:1300) ==60511== by 0x4BC0E0A: g_task_return (gtask.c:1256) ==60511== by 0x4C298BA: reply_cb (gdbusproxy.c:2576) ==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230) ==60511== by 0x4BC0E0A: UnknownInlinedFun (gtask.c:1300) ==60511== by 0x4BC0E0A: g_task_return (gtask.c:1256) ==60511== by 0x4C2107E: g_dbus_connection_call_done (gdbusconnection.c:5895) ==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230) ==60511== Block was alloc'd at ==60511== at 0x4848899: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==60511== by 0x4DA5718: g_malloc (gmem.c:125) ==60511== by 0x4DBCB64: g_slice_alloc (gslice.c:1072) ==60511== by 0x4DBD1CD: g_slice_alloc0 (gslice.c:1098) ==60511== by 0x4D24E61: g_type_create_instance (gtype.c:1911) ==60511== by 0x4D0BF4C: g_object_new_internal (gobject.c:2011) ==60511== by 0x4D0D1AC: g_object_new_with_properties (gobject.c:2181) ==60511== by 0x4D0DCB0: g_object_new (gobject.c:1821) ==60511== by 0x1E422792: create_new_user (act-user-manager.c:706) ==60511== by 0x1E429BD8: act_user_manager_get_user (act-user-manager.c:1879) ==60511== by 0x68ADE2D: ??? (in /usr/lib/x86_64-linux-gnu/libffi.so.8.1.0) ==60511== by 0x68AA492: ??? (in /usr/lib/x86_64-linux-gnu/libffi.so.8.1.0) ==60511== ==60511== Invalid read of size 8 ==60511== at 0x4D206E9: g_type_check_instance_is_fundamentally_a (gtype.c:4091) ==60511== by 0x4D06E9A: g_object_set_data (gobject.c:3982) ==60511== by 0x1E421CB6: free_fetch_user_request (act-user-manager.c:1708) ==60511== by 0x1E4298E7: on_find_user_by_name_finished (act-user-manager.c:1187) ==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230) ==60511== by 0x4BC0E0A: UnknownInlinedFun (gtask.c:1300) ==60511== by 0x4BC0E0A: g_task_return (gtask.c:1256) ==60511== by 0x4C298BA: reply_cb (gdbusproxy.c:2576) ==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230) ==60511== by 0x4BC0E0A: UnknownInlinedFun (gtask.c:1300) ==60511== by 0x4BC0E0A: g_task_return (gtask.c:1256) ==60511== by 0x4C2107E: g_dbus_connection_call_done (gdbusconnection.c:5895) ==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230) ==60511== by 0x4BC0C4C: complete_in_idle_cb (gtask.c:1244) ==60511== Address 0x185b5110 is 0 bytes inside a block of size 64 free'd ==60511== at 0x484B27F: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==60511== by 0x4D1F7D4: g_type_free_instance (gtype.c:2008) ==60511== by 0x1E428ECA: UnknownInlinedFun (act-user.c:562) ==60511== by 0x1E428ECA: UnknownInlinedFun (act-user.c:557) ==60511== by 0x1E428ECA: _act_user_update_from_object_path (act-user.c:1346) ==60511== by 0x1E42966F: fetch_user_incrementally (act-user-manager.c:1789) ==60511== by 0x1E4298E7: on_find_user_by_name_finished (act-user-manager.c:1187) ==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230) ==60511== by 0x4BC0E0A: UnknownInlinedFun (gtask.c:1300) ==60511== by 0x4BC0E0A: g_task_return (gtask.c:1256) ==60511== by 0x4C298BA: reply_cb (gdbusproxy.c:2576) ==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230) ==60511== by 0x4BC0E0A: UnknownInlinedFun (gtask.c:1300) ==60511== by 0x4BC0E0A: g_task_return (gtask.c:1256) ==60511== by 0x4C2107E: g_dbus_connection_call_done (gdbusconnection.c:5895) ==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230) ==60511== Block was alloc'd at ==60511== at 0x4848899: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==60511== by 0x4DA5718: g_malloc (gmem.c:125) ==60511== by 0x4DBCB64: g_slice_alloc (gslice.c:1072) ==60511== by 0x4DBD1CD: g_slice_alloc0 (gslice.c:1098) ==60511== by 0x4D24E61: g_type_create_instance (gtype.c:1911) ==60511== by 0x4D0BF4C: g_object_new_internal (gobject.c:2011) ==60511== by 0x4D0D1AC: g_object_new_with_properties (gobject.c:2181) ==60511== by 0x4D0DCB0: g_object_new (gobject.c:1821) ==60511== by 0x1E422792: create_new_user (act-user-manager.c:706) ==60511== by 0x1E429BD8: act_user_manager_get_user (act-user-manager.c:1879) ==60511== by 0x68ADE2D: ??? (in /usr/lib/x86_64-linux-gnu/libffi.so.8.1.0) ==60511== by 0x68AA492: ??? (in /usr/lib/x86_64-linux-gnu/libffi.so.8.1.0) To manage notifications about this bug go to: https://bugs.launchpad.net/accountsservice/+bug/1966905/+subscriptions -- Mailing list: https://launchpad.net/~dx-packages Post to : dx-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~dx-packages More help : https://help.launchpad.net/ListHelp
