Bug#1056555: thunar: segfault when ejecting drive
Hello ng,
On Wed, 22 Nov 2023 22:47:01 -0300 ng <konoha02@yahoo.com> wrote:
[18950.426861] Thunar[3027]: segfault at 0 ip 00005615a96c98cc sp 00007ffd2dbd7320 error 4 in thunar[5615a9640000+92000] likely on CPU 7 (core 3, socket 0)
[18950.426895] Code: f3 48 83 ec 38 64 48 8b 04 25 28 00 00 00 48 89 44 24 28 31 c0 48 c7 44 24 20 00 00 00 00 48 85 f6 0f 84 77 02 00 00 48 8b 06 <48> 39 10 0f 84 f1 01 00 00 4c 8b bf 28 01 00 00 4c 39 fe 0f 84 cb
This lines point to following source location:
thunar/thunar-window.c, line 4000
https://sources.debian.org/src/thunar/4.18.4-1/thunar/thunar-window.c/#L4000
3999 /* if the view already has the correct type then just return */
4000 if (view != NULL && G_TYPE_FROM_INSTANCE (view) == view_type)
4001 return;
Unfortunately this might yet not be enough for the maintainer to fix the issue.
Following link contains a few pointers how to get a backtrace of a crash:
https://wiki.debian.org/HowToGetABacktrace
Kind regards,
Bernhard
https://wiki.debian.org/InterpretingKernelOutputAtProcessCrash
[18950.426861] Thunar[3027]: segfault at 0 ip 00005615a96c98cc sp 00007ffd2dbd7320 error 4 in thunar[5615a9640000+92000] likely on CPU 7 (core 3, socket 0)
[18950.426895] Code: f3 48 83 ec 38 64 48 8b 04 25 28 00 00 00 48 89 44 24 28 31 c0 48 c7 44 24 20 00 00 00 00 48 85 f6 0f 84 77 02 00 00 48 8b 06 <48> 39 10 0f 84 f1 01 00 00 4c 8b bf 28 01 00 00 4c 39 fe 0f 84 cb
error 4 == 0b00000100:
* bit 0 == 0: no page found
* bit 1 == 0: read access
* bit 2 == 1: user-mode access
.
echo -n "find /b ..., ..., 0x" && \
echo "f3 48 83 ec 38 64 48 8b 04 25 28 00 00 00 48 89 44 24 28 31 c0 48 c7 44 24 20 00 00 00 00 48 85 f6 0f 84 77 02 00 00 48 8b 06 <48> 39 10 0f 84 f1 01 00 00 4c 8b bf 28 01 00 00 4c 39 fe 0f 84 cb" \
| sed 's/[<>]//g' | sed 's/ /, 0x/g'
# Bookworm/stable amd64 qemu VM 2024-04-09
apt update
apt install gdb thunar thunar-dbgsym
gdb -q
set width 0
set pagination off
file /usr/bin/thunar
tb main
run
pipe info target | grep "\.text"
find /b 0x000055555557fdb0, 0x000055555560bad9, 0xf3, 0x48, 0x83, 0xec, 0x38, 0x64, 0x48, 0x8b, 0x04, 0x25, 0x28, 0x00, 0x00, 0x00, 0x48, 0x89, 0x44, 0x24, 0x28, 0x31, 0xc0, 0x48, 0xc7, 0x44, 0x24, 0x20, 0x00, 0x00, 0x00, 0x00, 0x48, 0x85, 0xf6, 0x0f, 0x84, 0x77, 0x02, 0x00, 0x00, 0x48, 0x8b, 0x06, 0x48, 0x39, 0x10, 0x0f, 0x84, 0xf1, 0x01, 0x00, 0x00, 0x4c, 0x8b, 0xbf, 0x28, 0x01, 0x00, 0x00, 0x4c, 0x39, 0xfe, 0x0f, 0x84, 0xcb
b * (0x5555556038a2 + 42)
info b
disassemble /r 0x5555556038a2, 0x5555556038a2 + 62
benutzer@debian:~$ gdb -q
(gdb) set width 0
(gdb) set pagination off
(gdb) file /usr/bin/thunar
Reading symbols from /usr/bin/thunar...
Reading symbols from /usr/lib/debug/.build-id/1c/0053bee14d3fb731923319e68ac183a810d9db.debug...
(gdb) tb main
Temporary breakpoint 1 at 0x2bdd0: file ./thunar/main.c, line 49.
(gdb) run
Starting program: /usr/bin/thunar
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Temporary breakpoint 1, main (argc=1, argv=0x7fffffffe4d8) at ./thunar/main.c:49
49 ./thunar/main.c: Datei oder Verzeichnis nicht gefunden.
(gdb) pipe info target | grep "\.text"
0x000055555557fdb0 - 0x000055555560bad9 is .text
...
(gdb) find /b 0x000055555557fdb0, 0x000055555560bad9, 0xf3, 0x48, 0x83, 0xec, 0x38, 0x64, 0x48, 0x8b, 0x04, 0x25, 0x28, 0x00, 0x00, 0x00, 0x48, 0x89, 0x44, 0x24, 0x28, 0x31, 0xc0, 0x48, 0xc7, 0x44, 0x24, 0x20, 0x00, 0x00, 0x00, 0x00, 0x48, 0x85, 0xf6, 0x0f, 0x84, 0x77, 0x02, 0x00, 0x00, 0x48, 0x8b, 0x06, 0x48, 0x39, 0x10, 0x0f, 0x84, 0xf1, 0x01, 0x00, 0x00, 0x4c, 0x8b, 0xbf, 0x28, 0x01, 0x00, 0x00, 0x4c, 0x39, 0xfe, 0x0f, 0x84, 0xcb
0x5555556038a2 <thunar_window_replace_view+18>
1 pattern found.
(gdb) b * (0x5555556038a2 + 42)
Breakpoint 2 at 0x5555556038cc: file ./thunar/thunar-window.c, line 4000.
(gdb) info b
Num Type Disp Enb Address What
2 breakpoint keep y 0x00005555556038cc in thunar_window_replace_view at ./thunar/thunar-window.c:4000
(gdb) disassemble /r 0x5555556038a2, 0x5555556038a2 + 62
Dump of assembler code from 0x5555556038a2 to 0x5555556038e0:
0x00005555556038a2 <thunar_window_replace_view+18>: f3 48 83 ec 38 repz sub $0x38,%rsp
0x00005555556038a7 <thunar_window_replace_view+23>: 64 48 8b 04 25 28 00 00 00 mov %fs:0x28,%rax
0x00005555556038b0 <thunar_window_replace_view+32>: 48 89 44 24 28 mov %rax,0x28(%rsp)
0x00005555556038b5 <thunar_window_replace_view+37>: 31 c0 xor %eax,%eax
0x00005555556038b7 <thunar_window_replace_view+39>: 48 c7 44 24 20 00 00 00 00 movq $0x0,0x20(%rsp)
0x00005555556038c0 <thunar_window_replace_view+48>: 48 85 f6 test %rsi,%rsi
0x00005555556038c3 <thunar_window_replace_view+51>: 0f 84 77 02 00 00 je 0x555555603b40 <thunar_window_replace_view+688>
0x00005555556038c9 <thunar_window_replace_view+57>: 48 8b 06 mov (%rsi),%rax
0x00005555556038cc <thunar_window_replace_view+60>: 48 39 10 cmp %rdx,(%rax) <<<
0x00005555556038cf <thunar_window_replace_view+63>: 0f 84 f1 01 00 00 je 0x555555603ac6 <thunar_window_replace_view+566>
0x00005555556038d5 <thunar_window_replace_view+69>: 4c 8b bf 28 01 00 00 mov 0x128(%rdi),%r15
0x00005555556038dc <thunar_window_replace_view+76>: 4c 39 fe cmp %r15,%rsi
0x00005555556038df <thunar_window_replace_view+79>: 0f 84 cb 02 00 00 je 0x555555603bb0 <thunar_window_replace_view+800>
End of assembler dump.
(gdb)
https://sources.debian.org/src/thunar/4.18.4-1/thunar/thunar-window.c/#L4000
3999 /* if the view already has the correct type then just return */
4000 if (view != NULL && G_TYPE_FROM_INSTANCE (view) == view_type)
4001 return;
https://gitlab.xfce.org/xfce/thunar/-/blob/master/thunar/thunar-window.c#L4084
Reply to: