pan-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Pan-users] [git 9c148a3] Reproducible segfault from new crc32 code

From: Duncan
Subject: Re: [Pan-users] [git 9c148a3] Reproducible segfault from new crc32 code
Date: Mon, 4 Feb 2013 02:22:35 +0000 (UTC)
User-agent: Pan/0.140 (Chocolate Salty Balls; GIT 9c148a3 /usr/src/portage/src/egit-src/pan2) 
walt posted on Sun, 03 Feb 2013 11:58:59 -0800 as excerpted:

> Hi Heinrich.  I get a segfault (below) before pan even shows on my
> screen.
> I think I may have shut pan down with a jpeg displayed in the body pane,
> and now pan crashes while trying to reload that image during startup:
> 
> Program received signal SIGSEGV
> 
> Has anyone else tested the new crc32 code yet?  I'll try starting pan
> with a clean ~/.pan2 to see if I can make it crash again from a fresh
> start...

Something is indeed terribly wrong.  I'm seeing a similar segfault on 
simple face: headers such as the ones sci-fi uses right here on this 
list, on messages I read before the update just fine.

What's even more interesting, I did an strace, and get this immediately 
after I click on a triggering message.  Isn't that a USE-after-free, 
since the file was just closed, or does the kernel keep a reference to it 
due to the mmap?:

open("/path/to/messagefile.msg", O_RDONLY) = 6
fstat(6, {st_mode=S_IFREG|0640, st_size=4288, ...}) = 0
read(6, "Path: news.gmane.org!not-for-mai"..., 4288) = 4288
close(6)                                = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=327, ...}) = 0
stat("/usr/lib64/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so", 
{st_mode=S_IFREG|0755, st_size=22256, ...}) = 0
open("/usr/lib64/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so", 
O_RDONLY|O_CLOEXEC) = 6
read(6, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0`\35\0\0\0\0\0
\0"..., 832) = 832
fstat(6, {st_mode=S_IFREG|0755, st_size=22256, ...}) = 0
mmap(NULL, 2117752, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 6, 0) 
= 0x7f615a680000
mprotect(0x7f615a685000, 2093056, PROT_NONE) = 0
mmap(0x7f615a884000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|
MAP_DENYWRITE, 6, 0x4000) = 0x7f615a884000
close(6)                                = 0
mprotect(0x7f615a884000, 4096, PROT_READ) = 0
--- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x78000854b40} 
---
+++ killed by SIGSEGV +++
Segmentation fault


-- 
Duncan - List replies preferred.   No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master."  Richard Stallman
reply via email to
[Prev in Thread] Current Thread [Next in Thread]