Ticket #2657 (accepted defect)

Opened 8 years ago

Last modified 2 years ago

SEGV when loading directory hotlist during startup

Reported by: c0da Owned by: slavazanko
Priority: minor Milestone: Future Releases
Component: mc-core Version: master
Keywords: Cc:
Blocked By: Blocking:
Branch state: no branch Votes for changeset:

Description

during the startup of mc you can press ctrl+\ for the directory hotlist. when mc is not already 'in memory' eg filecache and not visible yet the application is closed with a SEGV signal.

reproduce:

type mc\n
press ctrl+\

received result:
Segmentation Fault

expected result:
started with the directory hotlist visible

workarround:
type mc again

so far i was not able to debug this problem because it seems like a race condition (keys are received before curses are loaded) and most of the time mc loads faster than i am able to press 'ctrl+\'. situations when this bug occurs are

  • a fresh reboot
  • memory swapped out
  • heavy load
  • io wait for nfs/sshfs shares

this problem has been persistent in the last years between 4.5 and 4.7, unless the startup sequence is changed it should be persistent in the current versions too

$ mc --version
GNU Midnight Commander 4.7.5.2
Built with GLib 2.28.8
Using the ncurses library
With builtin Editor
With subshell support as default
With support for background operations
With mouse support on xterm and Linux console
With support for X11 events
With internationalization support
With multiple codepages support
Virtual File Systems: cpiofs, tarfs, sfs, extfs, ext2undelfs, ftpfs, fish
Data types: char: 8; int: 32; long: 64; void *: 64; size_t: 64; off_t: 64;

Change History

comment:1 Changed 8 years ago by slavazanko

Well, we have fixed initialization order of some subsystems: #2601

Try to update to latest version and check if issue present, please.

comment:2 Changed 8 years ago by c0da

i admit, this is cheating:

$git diff  src/filemanager/midnight.c
diff --git a/src/filemanager/midnight.c b/src/filemanager/midnight.c
index c92fe53..ea1bbae 100644
--- a/src/filemanager/midnight.c
+++ b/src/filemanager/midnight.c
@@ -1336,6 +1336,7 @@ midnight_callback (Dlg_head * h, Widget * sender, dlg_msg_t msg, int parm, void
     switch (msg)
     {
     case DLG_INIT:
+        hotlist_cmd();
         panel_init ();
         setup_panels ();
         return MSG_HANDLED;

until now i just got this 3-10 times (with everyday 10+ instances) over the last years.
has nothing to do with hanging IO (tried that prior to patching)

from what i understand from the code DLG_KEY | DLG_ACTION can occur before DLG_INIT - but forgive my arrogance from reading about 10 minutes.

quick patch (output looks messy)
panel.c

+ if ( panel_history_prev_item_sign )
1087        tty_print_string (panel_history_prev_item_sign);

complex patch:
only midnight_execute_cmd when DLG_INIT was complete ( needs bit to store init )

LD_LIBRARY_PATH=lib gdb --args ./bin/mc

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff6de156f in ?? () from /lib64/libc.so.6
(gdb) bt
#0  0x00007ffff6de156f in ?? () from /lib64/libc.so.6
#1  0x00000000004347b9 in str_ascii_term_form (text=0x0) at strutilascii.c:201
#2  0x000000000043ab49 in tty_print_string (s=<value optimized out>) at tty-ncurses.c:481
#3  0x000000000047111e in show_dir (panel=0x81e1b0) at panel.c:1087
#4  0x00000000004751d6 in paint_frame (w=0x81e1b0, msg=<value optimized out>, parm=<value optimized out>) at panel.c:1318
#5  panel_callback (w=0x81e1b0, msg=<value optimized out>, parm=<value optimized out>) at panel.c:3039
#6  0x000000000043cb97 in send_message (h=0x7fc8d0, msg=WIDGET_DRAW, reverse=1, flags=0) at ../../lib/widget/widget-common.h:132
#7  dlg_broadcast_msg_to (h=0x7fc8d0, msg=WIDGET_DRAW, reverse=1, flags=0) at dialog.c:149
#8  0x000000000043d5fa in dlg_redraw (h=0x7fc8d0) at dialog.c:1063
#9  0x000000000043d68d in do_refresh () at dialog.c:894
#10 0x00000000004665b6 in init_hotlist (vfs_or_hotlist=2) at hotlist.c:762
#11 hotlist_show (vfs_or_hotlist=2) at hotlist.c:1730
#12 0x0000000000456908 in hotlist_cmd () at cmd.c:1182
#13 0x000000000046b775 in midnight_callback (h=<value optimized out>, sender=<value optimized out>, msg=<value optimized out>, 
    parm=<value optimized out>, data=<value optimized out>) at midnight.c:1339
#14 0x000000000043d8d8 in init_dlg (h=0x7fc8d0) at dialog.c:1093
#15 0x000000000043de6e in run_dlg (h=0x7fc8d0) at dialog.c:1157
#16 0x000000000046c81d in create_panels_and_run_mc () at midnight.c:903
#17 do_nc () at midnight.c:1660
#18 0x0000000000413f51 in main (argc=<value optimized out>, argv=<value optimized out>) at main.c:518
(gdb)

comment:3 Changed 8 years ago by slavazanko

Can you check on latest versions if this segfault present?

comment:4 Changed 8 years ago by s01ja

strutilascii.c:201 can still SEGV when str_ascii_term_form (const char
*text) is called with NULL

in gdb: segv still available:

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff6de156f in ?? () from /lib64/libc.so.6
(gdb) bt
#0  0x00007ffff6de156f in ?? () from /lib64/libc.so.6
#1  0x0000000000434869 in str_ascii_term_form (text=0x0) at 
strutilascii.c:201
#2  0x000000000043add9 in tty_print_string (s=<value optimized out>)
    at tty-ncurses.c:481
#3  0x000000000047136c in show_dir (panel=0x77f210) at panel.c:1087
#4  0x0000000000475a36 in paint_frame (w=0x77f210, msg=<value optimized 
out>,
    parm=<value optimized out>) at panel.c:1318
#5  panel_callback (w=0x77f210, msg=<value optimized out>, 
    parm=<value optimized out>) at panel.c:3039
#6  0x000000000043ce97 in send_message (h=0x75f660, msg=WIDGET_DRAW, 
    reverse=1, flags=0) at ../../lib/widget/widget-common.h:132
#7  dlg_broadcast_msg_to (h=0x75f660, msg=WIDGET_DRAW, reverse=1, 
flags=0)
    at dialog.c:149
#8  0x000000000043d8fa in dlg_redraw (h=0x75f660) at dialog.c:1063
#9  0x000000000043d98d in do_refresh () at dialog.c:894
#10 0x0000000000466c36 in init_hotlist (vfs_or_hotlist=2) at 
hotlist.c:762
#11 hotlist_show (vfs_or_hotlist=2) at hotlist.c:1730
#12 0x0000000000456dc8 in hotlist_cmd () at cmd.c:1194
#13 0x000000000046be85 in midnight_callback (h=<value optimized out>, 
    sender=<value optimized out>, msg=<value optimized out>, 
    parm=<value optimized out>, data=<value optimized out>) at 
midnight.c:1340
#14 0x000000000043dbd8 in init_dlg (h=0x75f660) at dialog.c:1093
#15 0x000000000043e15e in run_dlg (h=0x75f660) at dialog.c:1157
---Type <return> to continue, or q <return> to quit---
#16 0x000000000046cf45 in create_panels_and_run_mc () at midnight.c:904
#17 do_nc () at midnight.c:1661
#18 0x0000000000413e01 in main (argc=<value optimized out>, 
    argv=<value optimized out>) at main.c:516

reproducable with the 'patch' mentioned above (or a really slow
computer)

when you make sure that 'hotlist_cmd' (or the like) is not called
before 'panel_init' this bug should be fixed

Last edited 3 years ago by andrew_b (previous) (diff)

comment:5 Changed 7 years ago by slavazanko

I have applied your patch on current master (4.8.2) and no any segfaults was raised. Please, specify your build environment (eg, ncurses version, glib version).

comment:6 Changed 7 years ago by slavazanko

  • Owner set to slavazanko
  • Status changed from new to accepted

comment:7 Changed 2 years ago by andrew_b

  • Version changed from version not selected to master
  • Component changed from mc-key-bindings to mc-core
Note: See TracTickets for help on using tickets.