tmux segfault in 5.2 with join-pane

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

tmux segfault in 5.2 with join-pane

Lévai, Dániel
Hi!

I've just noticed this crash with tmux(1):
Just start tmux(1), open a second window, enter command mode, type
'join-pane -s 1' from window no. 0 -> crash.

I've recompiled and installed tmux and libevent with symbols and without
stripping, and I could get this backtrace from the coredump (hope it's
useful):

GNU gdb 6.3
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-unknown-openbsd5.2"...
Core was generated by `tmux'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/lib/libutil.so.11.3...done.
Loaded symbols for /usr/lib/libutil.so.11.3
Reading symbols from /usr/lib/libcurses.so.12.1...done.
Loaded symbols for /usr/lib/libcurses.so.12.1
Reading symbols from /usr/lib/libevent.so.3.0...done.
Loaded symbols for /usr/lib/libevent.so.3.0
Reading symbols from /usr/lib/libc.so.65.0...done.
Loaded symbols for /usr/lib/libc.so.65.0
Reading symbols from /usr/libexec/ld.so...done.
Loaded symbols for /usr/libexec/ld.so
#0  0x1c01d676 in window_name_callback (fd=-1, events=1, data=0x86a53000) at /usr/src/usr.bin/tmux/names.c:60
60 if (w->active->screen != &w->active->base)
(gdb) bt full
#0  0x1c01d676 in window_name_callback (fd=-1, events=1, data=0x86a53000) at /usr/src/usr.bin/tmux/names.c:60
        name = Variable "name" is not available.
(gdb) frame
#0  0x1c01d676 in window_name_callback (fd=-1, events=1, data=0x86a53000) at /usr/src/usr.bin/tmux/names.c:60
60 if (w->active->screen != &w->active->base)
(gdb) list
55 event_del(&w->name_timer);
56 return;
57 }
58 queue_window_name(w);
59
60 if (w->active->screen != &w->active->base)
61 name = NULL;
62 else
63 name = get_proc_name(w->active->fd, w->active->tty);
64 if (name == NULL)
(gdb) bt
#0  0x1c01d676 in window_name_callback (fd=-1, events=1, data=0x86a53000) at /usr/src/usr.bin/tmux/names.c:60
#1  0x0c7d30a2 in event_base_loop (base=0x804bd000, flags=1) at /usr/src/lib/libevent/event.c:402
#2  0x0c7d3359 in event_loop (flags=1) at /usr/src/lib/libevent/event.c:478
#3  0x1c026274 in server_loop () at /usr/src/usr.bin/tmux/server.c:211
#4  0x1c0267ec in server_start (lockfd=4, lockfile=0x80f14aa0 "S") at /usr/src/usr.bin/tmux/server.c:202
#5  0x1c004640 in client_connect (path=0x3c0223c0 "/tmp/tmux-1000/default", start_server=1)
    at /usr/src/usr.bin/tmux/client.c:124
#6  0x1c004731 in client_main (argc=0, argv=0xcfbdb700, flags=1) at /usr/src/usr.bin/tmux/client.c:220
#7  0x1c02cb7e in main (argc=0, argv=0xcfbdb6fc) at /usr/src/usr.bin/tmux/tmux.c:396
(gdb)


Daniel

--
LÉVAI Dániel
PGP key ID = 0x83B63A8F
Key fingerprint = DBEC C66B A47A DFA2 792D  650C C69B BE4C 83B6 3A8F

Reply | Threaded
Open this post in threaded view
|

Re: tmux segfault in 5.2 with join-pane

Rafael Neves
Hi,

This problem seems to be solved with the nicm@ commit:
<http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/tmux/names.c.diff?r1=1.16;r2=1.17;f=h>.
I hope it helps.

On Sat, Nov 17, 2012 at 6:04 PM, LEVAI Daniel <[hidden email]> wrote:

>
> Hi!
>
> I've just noticed this crash with tmux(1):
> Just start tmux(1), open a second window, enter command mode, type
> 'join-pane -s 1' from window no. 0 -> crash.
>
> I've recompiled and installed tmux and libevent with symbols and without
> stripping, and I could get this backtrace from the coredump (hope it's
> useful):
>
> GNU gdb 6.3
> Copyright 2004 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public License, and you are
> welcome to change it and/or distribute copies of it under certain conditions.
> Type "show copying" to see the conditions.
> There is absolutely no warranty for GDB.  Type "show warranty" for details.
> This GDB was configured as "i386-unknown-openbsd5.2"...
> Core was generated by `tmux'.
> Program terminated with signal 11, Segmentation fault.
> Reading symbols from /usr/lib/libutil.so.11.3...done.
> Loaded symbols for /usr/lib/libutil.so.11.3
> Reading symbols from /usr/lib/libcurses.so.12.1...done.
> Loaded symbols for /usr/lib/libcurses.so.12.1
> Reading symbols from /usr/lib/libevent.so.3.0...done.
> Loaded symbols for /usr/lib/libevent.so.3.0
> Reading symbols from /usr/lib/libc.so.65.0...done.
> Loaded symbols for /usr/lib/libc.so.65.0
> Reading symbols from /usr/libexec/ld.so...done.
> Loaded symbols for /usr/libexec/ld.so
> #0  0x1c01d676 in window_name_callback (fd=-1, events=1, data=0x86a53000) at /usr/src/usr.bin/tmux/names.c:60
> 60              if (w->active->screen != &w->active->base)
> (gdb) bt full
> #0  0x1c01d676 in window_name_callback (fd=-1, events=1, data=0x86a53000) at /usr/src/usr.bin/tmux/names.c:60
>         name = Variable "name" is not available.
> (gdb) frame
> #0  0x1c01d676 in window_name_callback (fd=-1, events=1, data=0x86a53000) at /usr/src/usr.bin/tmux/names.c:60
> 60              if (w->active->screen != &w->active->base)
> (gdb) list
> 55                              event_del(&w->name_timer);
> 56                      return;
> 57              }
> 58              queue_window_name(w);
> 59
> 60              if (w->active->screen != &w->active->base)
> 61                      name = NULL;
> 62              else
> 63                      name = get_proc_name(w->active->fd, w->active->tty);
> 64              if (name == NULL)
> (gdb) bt
> #0  0x1c01d676 in window_name_callback (fd=-1, events=1, data=0x86a53000) at /usr/src/usr.bin/tmux/names.c:60
> #1  0x0c7d30a2 in event_base_loop (base=0x804bd000, flags=1) at /usr/src/lib/libevent/event.c:402
> #2  0x0c7d3359 in event_loop (flags=1) at /usr/src/lib/libevent/event.c:478
> #3  0x1c026274 in server_loop () at /usr/src/usr.bin/tmux/server.c:211
> #4  0x1c0267ec in server_start (lockfd=4, lockfile=0x80f14aa0 "S") at /usr/src/usr.bin/tmux/server.c:202
> #5  0x1c004640 in client_connect (path=0x3c0223c0 "/tmp/tmux-1000/default", start_server=1)
>     at /usr/src/usr.bin/tmux/client.c:124
> #6  0x1c004731 in client_main (argc=0, argv=0xcfbdb700, flags=1) at /usr/src/usr.bin/tmux/client.c:220
> #7  0x1c02cb7e in main (argc=0, argv=0xcfbdb6fc) at /usr/src/usr.bin/tmux/tmux.c:396
> (gdb)
>
>
> Daniel
>
> --
> LÉVAI Dániel
> PGP key ID = 0x83B63A8F
> Key fingerprint = DBEC C66B A47A DFA2 792D  650C C69B BE4C 83B6 3A8F

Reply | Threaded
Open this post in threaded view
|

Re: tmux segfault in 5.2 with join-pane

Lévai, Dániel
On v, nov 18, 2012 at 08:53:26 -0200, Rafael Ferreira Neves wrote:
> Hi,
>
> This problem seems to be solved with the nicm@ commit:
> <http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/tmux/names.c.diff?r1=1.16;r2=1.17;f=h>.
> I hope it helps.
[...]

Ah, thanks, I've missed that.

I just wonder if it is worth giving an OPENBSD_5_2 tag, giving that it
is a fairly commonly used feature.


Daniel

--
LÉVAI Dániel
PGP key ID = 0x83B63A8F
Key fingerprint = DBEC C66B A47A DFA2 792D  650C C69B BE4C 83B6 3A8F

Reply | Threaded
Open this post in threaded view
|

Re: tmux segfault in 5.2 with join-pane

Rafael Neves
You should contact Nicholas Marriott about this. If possible, verify
if that commit (full message and files involved in
<http://marc.info/?l=openbsd-cvs&m=134554327203377&w=2>) actually
solves you problem.

You could checkout the OPENBSD_5_2 tree, apply that commit changes,
and verify if the problem persists. If you get rid of the problem,
your message with an attached patch against OPENBSD_5_2 should save
him some time and effort.

In the case problem persists, you'll have to find on the another
commits. What I can say is that in -current that crash doesn't occur.

On Sun, Nov 18, 2012 at 9:28 AM, LEVAI Daniel <[hidden email]> wrote:

> On v, nov 18, 2012 at 08:53:26 -0200, Rafael Ferreira Neves wrote:
>> Hi,
>>
>> This problem seems to be solved with the nicm@ commit:
>> <http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/tmux/names.c.diff?r1=1.16;r2=1.17;f=h>.
>> I hope it helps.
> [...]
>
> Ah, thanks, I've missed that.
>
> I just wonder if it is worth giving an OPENBSD_5_2 tag, giving that it
> is a fairly commonly used feature.
>
>
> Daniel
>
> --
> LÉVAI Dániel
> PGP key ID = 0x83B63A8F
> Key fingerprint = DBEC C66B A47A DFA2 792D  650C C69B BE4C 83B6 3A8F

Reply | Threaded
Open this post in threaded view
|

Re: tmux segfault in 5.2 with join-pane

Lévai, Dániel
On v, nov 18, 2012 at 10:41:43 -0200, Rafael Ferreira Neves wrote:
> You should contact Nicholas Marriott about this. If possible, verify
> if that commit (full message and files involved in
> <http://marc.info/?l=openbsd-cvs&m=134554327203377&w=2>) actually
> solves you problem.

Yes it does; I thought that thanking for the pointer to the patch
implied this :)

> You could checkout the OPENBSD_5_2 tree, apply that commit changes,
> and verify if the problem persists. If you get rid of the problem,
> your message with an attached patch against OPENBSD_5_2 should save
> him some time and effort.

I've already stated that I've recompiled the 5.2 tmux source (not sure
what do mean under "apply that commit changes", but of course, it was
not _BASE), so it must have been with an OPENBSD_5_2 tree.
Furthermore, the diff in question applies to 5.2.

> In the case problem persists, you'll have to find on the another
> commits. What I can say is that in -current that crash doesn't occur.

Yes I know that, that's why I reported this against 5.2.

Daniel

--
LÉVAI Dániel
PGP key ID = 0x83B63A8F
Key fingerprint = DBEC C66B A47A DFA2 792D  650C C69B BE4C 83B6 3A8F

Reply | Threaded
Open this post in threaded view
|

Re: tmux segfault in 5.2 with join-pane

Rafael Neves
On Sun, Nov 18, 2012 at 10:58 AM, LEVAI Daniel <[hidden email]> wrote:

> On v, nov 18, 2012 at 10:41:43 -0200, Rafael Ferreira Neves wrote:
>> You should contact Nicholas Marriott about this. If possible, verify
>> if that commit (full message and files involved in
>> <http://marc.info/?l=openbsd-cvs&m=134554327203377&w=2>) actually
>> solves you problem.
>
> Yes it does; I thought that thanking for the pointer to the patch
> implied this :)
>
>> You could checkout the OPENBSD_5_2 tree, apply that commit changes,
>> and verify if the problem persists. If you get rid of the problem,
>> your message with an attached patch against OPENBSD_5_2 should save
>> him some time and effort.
>
> I've already stated that I've recompiled the 5.2 tmux source (not sure
> what do mean under "apply that commit changes", but of course, it was
> not _BASE), so it must have been with an OPENBSD_5_2 tree.

Sorry, "those changes" should mean all the four files changed by nicm commit.

> Furthermore, the diff in question applies to 5.2.
>
>> In the case problem persists, you'll have to find on the another
>> commits. What I can say is that in -current that crash doesn't occur.
>
> Yes I know that, that's why I reported this against 5.2.
>

Sorry, I coudn't know that you're accustomed to run -current. :)

> Daniel
>
> --
> LÉVAI Dániel
> PGP key ID = 0x83B63A8F
> Key fingerprint = DBEC C66B A47A DFA2 792D  650C C69B BE4C 83B6 3A8F