Bug#862591: libvte-2.91-0: xfce4-terminal crashes when dumping a lot of text

Brian Warner warner at lothar.com
Sun May 14 20:57:32 UTC 2017 

Package: libvte-2.91-0
Version: 0.46.1-1
Severity: grave

There seems to be a bug in sid's libvte, such that dumping a large
amount of text to stdout in a short period of time causes the terminal
program to crash. "cat" of a file with 1MB of the letter "a" is
sufficient to reproduce it.

I'm assigning this to libvte because I was able to crash xfce4-terminal,
lilyterm, and termit this way, so it's clearly not specific to any one
terminal program. I'm marking it "grave" because losing a terminal is
pretty harsh.. any programs you've spawned from there (emacs, web
browsers) abruptly exit too.

I'm running this on an ARM64 chromebook (an Acer R13), which might be an
unusual platform, just in case that makes a difference.

I was able to get a stack trace by building vte2.91-0.46.1 and
xfce4-terminal-0.8.4 locally with debug symbols turned on. It looks like
this:

Thread 1 "xfce4-terminal" received signal SIGABRT, Aborted.
__GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
51	../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
#0  0x0000007cb52229fc in __GI_raise (sig=sig at entry=6) at
../sysdeps/unix/sysv/linux/raise.c:51
#1  0x0000007cb5223df4 in __GI_abort () at abort.c:89
#2  0x0000007cb53dc59c in g_assertion_message
(domain=domain at entry=0x7cb5fa3bb8 "Vte", file=file at entry=0x7cb5fac250
"/home/warner/stuff/debian/vte2.91-0.46.1/./src/vtestream-file.h",
line=line at entry=790, func=func at entry=0x7cb5fac098
<_vte_boa_uncompress::__PRETTY_FUNCTION__> "unsigned int
_vte_boa_uncompress(char*, unsigned int, const char*, unsigned int)",
message=message at entry=0x5ccf97f720 "assertion failed (z_ret == Z_OK):
(4294967293 == 0)") at ././glib/gtestutils.c:2432
#3  0x0000007cb53dc96c in g_assertion_message_cmpnum
(domain=domain at entry=0x7cb5fa3bb8 "Vte", file=file at entry=0x7cb5fac250
"/home/warner/stuff/debian/vte2.91-0.46.1/./src/vtestream-file.h",
line=line at entry=790, func=func at entry=0x7cb5fac098
<_vte_boa_uncompress::__PRETTY_FUNCTION__> "unsigned int
_vte_boa_uncompress(char*, unsigned int, const char*, unsigned int)",
expr=expr at entry=0x7cb5fac3f8 "z_ret == Z_OK", arg1=<optimized out>,
cmp=cmp at entry=0x7cb5fa7420 "==", arg2=arg2 at entry=0,
numtype=numtype at entry=105 'i')
    at ././glib/gtestutils.c:2488
#4  0x0000007cb5fa0a94 in _vte_boa_uncompress (dstlen=65512,
srclen=6140, src=0x7fc82a4618 "", dst=<optimized out>) at
././src/vtestream-file.h:790
#5  0x0000007cb5fa0a94 in _vte_boa_read_with_overwrite_counter(VteBoa*,
gsize, char*, _vte_overwrite_counter_t*) (boa=0x5ccf75e420 [VteBoa],
offset=offset at entry=0, data=<optimized out>,
overwrite_counter=overwrite_counter at entry=0x7fc82b4714) at
././src/vtestream-file.h:911
#6  0x0000007cb5fa0e54 in _vte_boa_read (data=<optimized out>, offset=0,
boa=<optimized out>) at ././src/vtestream-file.h:922
#7  0x0000007cb5fa0e54 in _vte_file_stream_read(VteStream*, gsize,
char*, gsize) (astream=0x5ccf76dc50 [VteFileStream], offset=42288,
data=0x7fc82b4750 "", len=24)
    at ././src/vtestream-file.h:1137
#8  0x0000007cb5f79dac in _vte_ring_read_row_record (ring=0x5ccf76e568,
position=<optimized out>, record=0x7fc82b4770) at ././src/ring.cc:124
#9  0x0000007cb5f79dac in _vte_ring_discard_one_row (ring=0x5ccf76e568)
at ././src/ring.cc:417
#10 0x0000007cb5f79dac in _vte_ring_maybe_discard_one_row
(ring=0x5ccf76e568) at ././src/ring.cc:439
#11 0x0000007cb5f79dac in _vte_ring_insert(VteRing*, gulong)
(ring=ring at entry=0x5ccf76e568, position=position at entry=2761) at
././src/ring.cc:551
#12 0x0000007cb5f7c604 in VteTerminalPrivate::ring_insert(long, bool)
(this=this at entry=0x5ccf76e490, position=2761, fill=fill at entry=false) at
././src/vte.cc:247
#13 0x0000007cb5f7e694 in VteTerminalPrivate::ring_append(bool)
(fill=false, this=0x5ccf76e490) at ././src/vte.cc:257
#14 0x0000007cb5f7e694 in VteTerminalPrivate::insert_rows(unsigned int)
(cnt=1, this=<optimized out>) at ././src/vte.cc:2188
#15 0x0000007cb5f7e694 in VteTerminalPrivate::update_insert_delta()
(this=0x5ccf76e490) at ././src/vte.cc:2234
#16 0x0000007cb5f7f9e0 in VteTerminalPrivate::insert_char(unsigned int,
bool, bool) (this=this at entry=0x5ccf76e490, c=97,
insert=insert at entry=false, invalidate_now=invalidate_now at entry=false) at
././src/vte.cc:2964
#17 0x0000007cb5f8b248 in VteTerminalPrivate::process_incoming()
(this=this at entry=0x5ccf76e490) at ././src/vte.cc:3686
#18 0x0000007cb5f8bf08 in VteTerminalPrivate::time_process_incoming()
(this=this at entry=0x5ccf76e490) at ././src/vte.cc:10428
#19 0x0000007cb5f8bfe8 in VteTerminalPrivate::process(bool)
(this=this at entry=0x5ccf76e490,
emit_adj_changed=emit_adj_changed at entry=true) at ././src/vte.cc:10452
#20 0x0000007cb5f8c244 in update_timeout(gpointer) (data=<error reading
variable: value has been optimized out>) at ././src/vte.cc:10679
#21 0x0000007cb53b5484 in g_timeout_dispatch (source=0x5ccf575f80,
callback=<optimized out>, user_data=<optimized out>) at
././glib/gmain.c:4674
#22 0x0000007cb53b4898 in g_main_dispatch (context=0x5ccf446770) at
././glib/gmain.c:3203
#23 0x0000007cb53b4898 in g_main_context_dispatch
(context=context at entry=0x5ccf446770) at ././glib/gmain.c:3856
#24 0x0000007cb53b4c40 in g_main_context_iterate (context=0x5ccf446770,
block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>) at
././glib/gmain.c:3929
#25 0x0000007cb53b4ff0 in g_main_loop_run (loop=0x5ccf441450) at
././glib/gmain.c:4125
#26 0x0000007cb5b30934 in gtk_main () at
/usr/lib/aarch64-linux-gnu/libgtk-3.so.0
#27 0x0000005ccef2d5b0 in main (argc=<optimized out>, argv=<optimized
out>) at main.c:330

I can probably get you a coredump, if that helps.

thanks!
 -Brian


-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: arm64
 (aarch64)

Kernel: Linux 3.18.0-13759-g98e7e0e (SMP w/4 CPU cores; PREEMPT)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
Init: unable to detect

Versions of packages libvte-2.91-0 depends on:
ii  libatk1.0-0          2.22.0-1
ii  libc6                2.24-10
ii  libcairo2            1.14.8-1
ii  libgcc1              1:6.3.0-17
ii  libglib2.0-0         2.50.3-2
ii  libgnutls30          3.5.8-5
ii  libgtk-3-0           3.22.12-1
ii  libpango-1.0-0       1.40.5-1
ii  libpangocairo-1.0-0  1.40.5-1
ii  libpcre2-8-0         10.22-3
ii  libstdc++6           6.3.0-17
ii  libvte-2.91-common   0.46.1-1
ii  zlib1g               1:1.2.8.dfsg-5

libvte-2.91-0 recommends no packages.

libvte-2.91-0 suggests no packages.

-- no debconf information

More information about the pkg-gnome-maintainers mailing list