Bug#932109: libglib2.0-0: Caja crash due buggy libglib2.0-0 in Buster

Simon McVittie smcv at debian.org
Wed Jul 17 22:59:57 BST 2019 

Control: reassign -1 caja 1.20.3-1

On Thu, 18 Jul 2019 at 04:28:00 +0700, Dio Putra wrote:
>                                                    Stack trace of thread
> 1413:
>                                                    #0 0x00007fa05c053673
> g_type_check_instance_cast (libgobject-2.0.so.0)
>                                                    #1 0x0000562d365df197
> caja_extensions_get_for_type (caja)
>                                                    #2 0x0000562d365f47f1
> caja_file_invalidate_extension_info_internal (caja)

This looks like it indicates a bug in caja: caja_extensions_get_for_type()
calls g_type_check_instance_cast() and passes an invalid object pointer
to it.

Looking at the code of caja_extensions_get_for_type(), that would
probably mean that one of the Extension structs in the caja_extensions
linked list has ext->state set to a true value and ext->module pointing
to something that is not a valid object, probably freed memory. My guess
would be a reference-counting bug somewhere. (The G_OBJECT() macro
actually calls g_type_check_instance_cast().)

If you don't know for sure that a crash is caused by a library, it's
usually best to report it as a bug in the application/executable that
crashed, and let the maintainer of the application reassign it to the
library if they find evidence that it's a library bug. That way, the
bug report has all the details of the application/executable and all
the libraries it depends on.

I'm assuming that you have the version of caja from buster.

Please tell the caja maintainers (via the bug address) whether there is
a way to reproduce this bug, like a particular sequence of actions that
makes caja crash: if there is, that will make it much more likely that
someone can find a solution.

It would also be useful to check the systemd journal for any log messages
that show warnings or errors from caja. If there aren't any, running caja
from a terminal might result in you seeing some warning messages from caja
before the crash - if so, those messages would be very useful information.

    smcv

More information about the pkg-gnome-maintainers mailing list