GNOME Bugzilla – Bug 507491
Open file and anjuta crashed with SIGSEGV
Last modified: 2017-07-30 16:01:38 UTC
Steps to reproduce: Open bug in: https://bugs.edge.launchpad.net/ubuntu/+source/anjuta/+bug/180575 "Clicked in Open->File, select folder "ssh" (User@server.cl), select file source and cpu many use, close anjuta and open apport." Stack trace: Stacktrace: #0 0xb73abd4a in ?? () from /lib/tls/i686/cmov/libc.so.6 #1 0xb762ab36 in ?? () from /usr/lib/libcairo.so.2 #2 0x00000001 in ?? () #3 0x00000000 in ?? () StacktraceTop: ?? () from /lib/tls/i686/cmov/libc.so.6 ?? () from /usr/lib/libcairo.so.2 ?? () ?? () Other information:
Thanks to: https://wiki.ubuntu.com/Backtrace GNU gdb 6.7.1-debian Copyright (C) 2007 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i486-linux-gnu"... Using host libthread_db library "/lib/tls/i686/cmov/libthread_db.so.1". (gdb) handle SIG33 pass nostop noprint Signal Stop Print Pass to program Description SIG33 No No Yes Real-time event 33 (gdb) set pagination 0 (gdb) run Starting program: /usr/bin/anjuta [Thread debugging using libthread_db enabled] [New Thread 0xb6d326b0 (LWP 11570)] [New Thread 0xb57dfb90 (LWP 11575)] [Thread 0xb57dfb90 (LWP 11575) exited] [New Thread 0xb57dfb90 (LWP 11577)] [New Thread 0xb4e4bb90 (LWP 11585)] [Thread 0xb4e4bb90 (LWP 11585) exited] [Thread 0xb57dfb90 (LWP 11577) exited] Program received signal SIGSEGV, Segmentation fault.
+ Trace 184179
The program is running. Exit anyway? (y or n)
Bug in pluggin "File Manager", I disable pluggin "File Manager" and work fine! : -D
Install package libgnomevfs2-0-dbg2.20.1-1ubuntu1_i386.deb and create new backtrace. GNU gdb 6.7.1-debian Copyright (C) 2007 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i486-linux-gnu"... Using host libthread_db library "/lib/tls/i686/cmov/libthread_db.so.1". (gdb) handle SIG33 pass nostop noprint Signal Stop Print Pass to program Description SIG33 No No Yes Real-time event 33 (gdb) set pagination 0 (gdb) run Starting program: /usr/bin/anjuta [Thread debugging using libthread_db enabled] [New Thread 0xb6d246b0 (LWP 14592)] [New Thread 0xb4d8db90 (LWP 14600)] [Thread 0xb4d8db90 (LWP 14600) exited] [New Thread 0xb4d8db90 (LWP 14602)] [New Thread 0xb458cb90 (LWP 14632)] [Thread 0xb458cb90 (LWP 14632) exited] [Thread 0xb4d8db90 (LWP 14602) exited] Program received signal SIGSEGV, Segmentation fault.
+ Trace 184187
Thread 3067233968 (LWP 14592)
(gdb) (gdb) quit The program is running. Exit anyway? (y or n)
thanks for the backtrace, looks like a scintilla bug!
Created attachment 102226 [details] Create strace: https://wiki.ubuntu.com/Strace
Created attachment 102237 [details] valgrind In guide [0]"Debugging Program Crash", tips "Program received signal SIGSEGV, Segmentation fault." use [1]Valgrid. Ok, I attach log of Valgrind. And *NOT* crash anjuta with _Vlagrind_. I new test and not use valgrind and idem *Crash*. [0] https://wiki.ubuntu.com/DebuggingProgramCrash [1] https://wiki.ubuntu.com/Valgrind
Created attachment 102239 [details] Full backtrace Install package -gdb for full backtrace.
It fails in malloc, so it looks like a memory corruption (not necessarily inside scintilla).
(In reply to comment #0) > > "Clicked in Open->File, select folder "ssh" (User@server.cl), select file > source and cpu many use, close anjuta and open apport." > Sorry, I can't reproduce the bug and I can't seem to follow your english. Could you please let someone translate you? Thanks.
After going through the valgrind log, I see two memory corruptions. One in anjuta (AnjutaStatus class) and other in gnome-vfs. Your crash could be due to one of either. I have fixed the anjuta one and committed (you may want to confirm svn head by running valgrind again and greping for 'anjuta_status_finalize' in it). For the gnome-vfs one, you will have to file a separate bug report targeting gnome-vfs component and attach the above same valgrind log. Here is relevent section in the log: ==2551== Invalid free() / delete / delete[] ==2551== at 0x402237F: free (vg_replace_malloc.c:233) ==2551== by 0x49EB240: g_free (in /usr/lib/libglib-2.0.so.0.1500.0) ==2551== by 0x7935718: update_mime_type_and_name_from_path (sftp-method.c:2510) ==2551== by 0x79358D4: get_file_info_for_path (sftp-method.c:2675) ==2551== by 0x7935BD3: do_get_file_info (sftp-method.c:2699) ==2551== by 0x418B969: gnome_vfs_get_file_info_uri_cancellable (gnome-vfs-cancellable-ops.c:202) ==2551== by 0x419EF02: gnome_vfs_get_file_info_uri (gnome-vfs-ops.c:332) ==2551== by 0xAA85A94: text_editor_load_file (text_editor.c:1323) ==2551== by 0xAA86BDC: text_editor_new (text_editor.c:464) ==2551== by 0xAA88D89: itext_editor_factory_new_editor (plugin.c:100) ==2551== by 0x4A99E24: ianjuta_editor_factory_new_editor (ianjuta-editor-factory.c:62) ==2551== by 0x7D009D3: anjuta_docman_add_editor (anjuta-docman.c:707) ==2551== by 0x7D00BD3: anjuta_docman_goto_file_line_mark (anjuta-docman.c:993) ==2551== by 0x7CFE712: ifile_open (plugin.c:1776) ==2551== by 0x4A9CCC5: ianjuta_file_open (ianjuta-file.c:84) ==2551== by 0x7223D64: iloader_load (plugin.c:1357) ==2551== by 0x4A9D058: ianjuta_file_loader_load (ianjuta-file-loader.c:63) ==2551== by 0x72220DE: open_file (plugin.c:341) ==2551== by 0x722294D: on_open_response_ok (plugin.c:398) ==2551== by 0x497D0B4: g_cclosure_marshal_VOID(i_xx_t) (in /usr/lib/libgobject-2.0.so.0.1500.0) ==2551== by 0x496E6F8: g_closure_invoke (in /usr/lib/libgobject-2.0.so.0.1500.0) ==2551== by 0x49847EC: (within /usr/lib/libgobject-2.0.so.0.1500.0) ==2551== by 0x4986526: g_signal_emit_valist (in /usr/lib/libgobject-2.0.so.0.1500.0) ==2551== by 0x4986878: g_signal_emit (in /usr/lib/libgobject-2.0.so.0.1500.0) ==2551== by 0x440D640: gtk_dialog_response (gtkdialog.c:876) ==2551== by 0x497C40E: g_cclosure_marshal_VOID__VOID (in /usr/lib/libgobject-2.0.so.0.1500.0) ==2551== by 0x496E6F8: g_closure_invoke (in /usr/lib/libgobject-2.0.so.0.1500.0) ==2551== by 0x49847EC: (within /usr/lib/libgobject-2.0.so.0.1500.0) ==2551== by 0x4986526: g_signal_emit_valist (in /usr/lib/libgobject-2.0.so.0.1500.0) ==2551== by 0x4986878: g_signal_emit (in /usr/lib/libgobject-2.0.so.0.1500.0) ==2551== by 0x43BFE39: gtk_button_clicked (gtkbutton.c:889) ==2551== by 0x43C199D: gtk_real_button_released (gtkbutton.c:1484) ==2551== by 0x497C40E: g_cclosure_marshal_VOID__VOID (in /usr/lib/libgobject-2.0.so.0.1500.0) ==2551== by 0x496D018: (within /usr/lib/libgobject-2.0.so.0.1500.0) ==2551== by 0x496E6F8: g_closure_invoke (in /usr/lib/libgobject-2.0.so.0.1500.0) ==2551== by 0x4984442: (within /usr/lib/libgobject-2.0.so.0.1500.0) ==2551== by 0x4986526: g_signal_emit_valist (in /usr/lib/libgobject-2.0.so.0.1500.0) ==2551== by 0x4986878: g_signal_emit (in /usr/lib/libgobject-2.0.so.0.1500.0) ==2551== by 0x43BFEC9: gtk_button_released (gtkbutton.c:881) ==2551== by 0x43BFEF0: gtk_button_button_release (gtkbutton.c:1377) ==2551== Address 0x4A5A248 is not stack'd, malloc'd or (recently) free'd ==2551==
(In reply to comment #10) > For the gnome-vfs one, you will have to file a separate bug report targeting > gnome-vfs component and attach the above same valgrind log. Here is relevent > section in the log: > I guess, we can just reassign this bug to gnome-vfs. Reassigning...
Has that ever been seen again? Is Anjuta still using gnome-vfs or can this be closed as OBSOLETE?
Closing this bug report as no further information has been provided. Please feel free to reopen this bug report if you can provide the information that was asked for in a previous comment. Thanks!