Bug 412977 – Crash in vte_terminal_ensure_cursor

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 412977 - Crash in vte_terminal_ensure_cursor


Summary:	Crash in vte_terminal_ensure_cursor


Status:	RESOLVED DUPLICATE of bug 412717

Product:	vte
Classification:	Core
Component:	general
Version:	0.15.x
Hardware:	Other Linux

Importance:	Normal critical
Target Milestone:	---
Assigned To:	VTE Maintainers
QA Contact:	VTE Maintainers

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2007-02-28 07:46 UTC by Daniel Holbach
Modified:	2007-02-28 10:11 UTC

See Also:
GNOME target:	---
GNOME version:	2.17/2.18

Description Daniel Holbach 2007-02-28 07:46:18 UTC

Disassembly:
 0x2b1eef21b0d2 <_vte_terminal_ensure_cursor+178>:	mov    0x0(%rbp),%rdi
 0x2b1eef21b0d6 <_vte_terminal_ensure_cursor+182>:	mov    0x10(%r12),%rdx
 0x2b1eef21b0db <_vte_terminal_ensure_cursor+187>:	mov    0x8(%rdi),%eax
 0x2b1eef21b0de <_vte_terminal_ensure_cursor+190>:	add    $0x1,%rdx
 0x2b1eef21b0e2 <_vte_terminal_ensure_cursor+194>:	cmp    %rax,%rdx
 0x2b1eef21b0e5 <_vte_terminal_ensure_cursor+197>:	jle    0x2b1eef21b0fd <_vte_terminal_ensure_cursor+221>
 0x2b1eef21b0e7 <_vte_terminal_ensure_cursor+199>:	lea    0x60(%r12),%rsi
 0x2b1eef21b0ec <_vte_terminal_ensure_cursor+204>:	lea    0x70(%r12),%rax
 0x2b1eef21b0f1 <_vte_terminal_ensure_cursor+209>:	test   %r15d,%r15d
 0x2b1eef21b0f4 <_vte_terminal_ensure_cursor+212>:	cmove  %rax,%rsi
 0x2b1eef21b0f8 <_vte_terminal_ensure_cursor+216>:	callq  0x2b1eef20f880 <vte_g_array_fill>
 0x2b1eef21b0fd <_vte_terminal_ensure_cursor+221>:	add    $0x8,%rsp
 0x2b1eef21b101 <_vte_terminal_ensure_cursor+225>:	mov    %rbp,%rax
 0x2b1eef21b104 <_vte_terminal_ensure_cursor+228>:	pop    %rbx
 0x2b1eef21b105 <_vte_terminal_ensure_cursor+229>:	pop    %rbp
 0x2b1eef21b106 <_vte_terminal_ensure_cursor+230>:	pop    %r12



ThreadStacktrace:
 .
 Thread 2 (process 11668):
 #0  0x00002b1ef0b2efdb in ?? () from /lib/libpthread.so.0
 #1  0x00002b1ef11f5304 in child_watch_helper_thread (data=<value optimized out>) at gmain.c:3703
 	b = "BB", '\0' <repeats 14 times>, "@\000\230�"
 	list = (GSList *) 0x2b1ef0b2bd40
 #2  0x00002b1ef12108c4 in g_thread_create_proxy (data=0xb8f860) at gthread.c:591
 	__PRETTY_FUNCTION__ = "g_thread_create_proxy"
 #3  0x00002b1ef0b282a5 in start_thread () from /lib/libpthread.so.0
 #4  0x00002b1ef1a465dd in clone () from /lib/libc.so.6
 #5  0x0000000000000000 in ?? ()
 .
 Thread 1 (process 11661):
 #0  _vte_terminal_ensure_cursor (terminal=0xa8ab40, current=0) at /build/buildd/vte-0.15.4/./src/vte.c:1892
 	row = (VteRowData *) 0x0
 	screen = (VteScreen *) 0xa8ace8
 	delta = 11054312
 	v = -1
 #1  0x00002b1eef21b1df in _vte_terminal_insert_char (terminal=0xa8ab40, c=<value optimized out>, force_insert_mode=0, invalidate_now=0, paint_cells=1, forced_width=0)
     at /build/buildd/vte-0.15.4/./src/vte.c:2430
 	row = <value optimized out>
 	cell = <value optimized out>
 	columns = 1
 	i = <value optimized out>
 	col = 0
 	screen = (VteScreen *) 0xa8ace8
 	insert = 0
 #2  0x00002b1eef21f75f in vte_terminal_process_incoming (terminal=0xa8ab40) at /build/buildd/vte-0.15.4/./src/vte.c:3278
 	tnext = (const gunichar *) 0xfffffffffffffff5
 	tquark = 11053888
 	i = <value optimized out>
 	tmatch = 0x0
 	ctrl = <value optimized out>
 	screen = (VteScreen *) 0xa8ace8
 	cursor_visible = 1
 	wbuf = (gunichar *) 0xa3d900
 	c = 48
 	wcount = 44
 	start = 6
 	delta = 0
 	leftovers = 0
 	modified = 1
 	again = 0
 	invalidated_text = 0
 	unichars = <value optimized out>
 	chunk = <value optimized out>
 	next_chunk = <value optimized out>
 	achunk = <value optimized out>
 #3  0x00002b1eef21f9c8 in time_process_incoming (terminal=0xa8ab40) at /build/buildd/vte-0.15.4/./src/vte.c:11919
 	again = <value optimized out>
 #4  0x00002b1eef22031a in process_timeout (data=<value optimized out>) at /build/buildd/vte-0.15.4/./src/vte.c:11964
 	terminal = (VteTerminal *) 0xa8ab40
 	l = (GList *) 0x1
 	again = <value optimized out>
 #5  0x00002b1ef11f4c9b in g_timeout_dispatch (source=0xcdc170, callback=0, user_data=0xa8abf0) at gmain.c:3422
 No locals.
 #6  0x00002b1ef11f4794 in IA__g_main_context_dispatch (context=0x692a70) at gmain.c:2045
 No locals.
 #7  0x00002b1ef11f75dd in g_main_context_iterate (context=0x692a70, block=1, dispatch=1, self=<value optimized out>) at gmain.c:2677
 	got_ownership = <value optimized out>
 	max_priority = 2147483647
 	timeout = 9
 	some_ready = 1
 	nfds = <value optimized out>
 	allocated_nfds = <value optimized out>
 	fds = (GPollFD *) 0xcd6a00
 	__PRETTY_FUNCTION__ = "g_main_context_iterate"
 #8  0x00002b1ef11f78ea in IA__g_main_loop_run (loop=0x693f80) at gmain.c:2881
 	got_ownership = <value optimized out>
 	self = (GThread *) 0x693940
 	__PRETTY_FUNCTION__ = "IA__g_main_loop_run"
 #9  0x00002b1eef65ffa3 in IA__gtk_main () at gtkmain.c:1171
 	tmp_list = (GList *) 0x7fffbcc585a0
 	functions = (GList *) 0x0
 	init = (GtkInitFunction *) 0x6e20b0
 	loop = (GMainLoop *) 0x693f80
 #10 0x000000000041fec6 in main (argc=1, argv=0x7fffbcc58788) at terminal.c:1773
 	cwd = <value optimized out>
 	err = (GError *) 0x0
 	ctx = (poptContext) 0x6a21f0
 	i = <value optimized out>
 	argc_copy = 7
 	argv_copy = <value optimized out>
 	args = <value optimized out>
 	startup_id = <value optimized out>
 	display_name = <value optimized out>
 	display = <value optimized out>
 	reqs = {{required_version = 0x43de32 "2.0.0", module_info = 0x2b1eee728320}, {required_version = 0x0, module_info = 0x0}}
 	sm_client = (GnomeClient *) 0x6a1000
 	results = (OptionParsingResults *) 0x662950
 	program = <value optimized out>
 	__PRETTY_FUNCTION__ = "main"


This is with 0.15.4 + fix for Bug 412562.

Comment 1 Chris Wilson 2007-02-28 09:48:39 UTC

Daniel, do you have a reliable method of reproducing this?

*** This bug has been marked as a duplicate of 412717 ***

Comment 2 Martin Pitt 2007-02-28 10:04:33 UTC

I have now, I'll followup in bug 412717.

Comment 3 Daniel Holbach 2007-02-28 10:11:39 UTC

<pitti> dholbach: it crashed twice immediately after logging in, and didn't crash any more since then; let me play around with that
<pitti> dholbach: I didn't maximize it, but crashing on new tab sounds familiar