xfce4-terminal (and others) crashes when dumping a lot of text
Submitted by Brian Warner
Link to original bug (#782715)
Description
downstream debian Sid bug is: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862591
I'm seeing xfce4-terminal, lilyterm, and other VTE-using terminal programs crash reliably on an arm64 ChromeOS laptop when I dump a lot of text to stdout all at once. Running "cat" on a 1MB file full of the letter "A" is enough to do it.
This is with a debian package named vte2.91-0.46.1 . That's the latest version in debian/sid; I haven't tried to reproduce this with any other version.
The stack trace looks like:
Thread 1 "xfce4-terminal" received signal SIGABRT, Aborted. __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 51 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
`#0` 0x0000007cb52229fc in __GI_raise (sig=sig@entry=6) at
../sysdeps/unix/sysv/linux/raise.c:51
`#1` 0x0000007cb5223df4 in __GI_abort () at abort.c:89
`#2` 0x0000007cb53dc59c in g_assertion_message
(domain=domain@entry=0x7cb5fa3bb8 "Vte", file=file@entry=0x7cb5fac250
"/home/warner/stuff/debian/vte2.91-0.46.1/./src/vtestream-file.h",
line=line@entry=790, func=func@entry=0x7cb5fac098
<_vte_boa_uncompress::__PRETTY_FUNCTION__> "unsigned int
_vte_boa_uncompress(char*, unsigned int, const char*, unsigned int)",
message=message@entry=0x5ccf97f720 "assertion failed (z_ret == Z_OK):
(4294967293 == 0)") at ././glib/gtestutils.c:2432
`#3` 0x0000007cb53dc96c in g_assertion_message_cmpnum
(domain=domain@entry=0x7cb5fa3bb8 "Vte", file=file@entry=0x7cb5fac250
"/home/warner/stuff/debian/vte2.91-0.46.1/./src/vtestream-file.h",
line=line@entry=790, func=func@entry=0x7cb5fac098
<_vte_boa_uncompress::__PRETTY_FUNCTION__> "unsigned int
_vte_boa_uncompress(char*, unsigned int, const char*, unsigned int)",
expr=expr@entry=0x7cb5fac3f8 "z_ret == Z_OK", arg1=<optimized out>,
cmp=cmp@entry=0x7cb5fa7420 "==", arg2=arg2@entry=0,
numtype=numtype@entry=105 'i')
at ././glib/gtestutils.c:2488
`#4` 0x0000007cb5fa0a94 in _vte_boa_uncompress (dstlen=65512,
srclen=6140, src=0x7fc82a4618 "", dst=<optimized out>) at
././src/vtestream-file.h:790
`#5` 0x0000007cb5fa0a94 in _vte_boa_read_with_overwrite_counter(VteBoa*,
gsize, char*, _vte_overwrite_counter_t*) (boa=0x5ccf75e420 [VteBoa],
offset=offset@entry=0, data=<optimized out>,
overwrite_counter=overwrite_counter@entry=0x7fc82b4714) at
././src/vtestream-file.h:911
`#6` 0x0000007cb5fa0e54 in _vte_boa_read (data=<optimized out>, offset=0,
boa=<optimized out>) at ././src/vtestream-file.h:922
`#7` 0x0000007cb5fa0e54 in _vte_file_stream_read(VteStream*, gsize,
char*, gsize) (astream=0x5ccf76dc50 [VteFileStream], offset=42288,
data=0x7fc82b4750 "", len=24)
at ././src/vtestream-file.h:1137
`#8` 0x0000007cb5f79dac in _vte_ring_read_row_record (ring=0x5ccf76e568,
position=<optimized out>, record=0x7fc82b4770) at ././src/ring.cc:124
`#9` 0x0000007cb5f79dac in _vte_ring_discard_one_row (ring=0x5ccf76e568)
at ././src/ring.cc:417
`#10` 0x0000007cb5f79dac in _vte_ring_maybe_discard_one_row
(ring=0x5ccf76e568) at ././src/ring.cc:439
`#11` 0x0000007cb5f79dac in _vte_ring_insert(VteRing*, gulong)
(ring=ring@entry=0x5ccf76e568, position=position@entry=2761) at
././src/ring.cc:551
`#12` 0x0000007cb5f7c604 in VteTerminalPrivate::ring_insert(long, bool)
(this=this@entry=0x5ccf76e490, position=2761, fill=fill@entry=false) at
././src/vte.cc:247
`#13` 0x0000007cb5f7e694 in VteTerminalPrivate::ring_append(bool)
(fill=false, this=0x5ccf76e490) at ././src/vte.cc:257
`#14` 0x0000007cb5f7e694 in VteTerminalPrivate::insert_rows(unsigned int)
(cnt=1, this=<optimized out>) at ././src/vte.cc:2188
`#15` 0x0000007cb5f7e694 in VteTerminalPrivate::update_insert_delta()
(this=0x5ccf76e490) at ././src/vte.cc:2234
`#16` 0x0000007cb5f7f9e0 in VteTerminalPrivate::insert_char(unsigned int,
bool, bool) (this=this@entry=0x5ccf76e490, c=97,
insert=insert@entry=false, invalidate_now=invalidate_now@entry=false) at
././src/vte.cc:2964
`#17` 0x0000007cb5f8b248 in VteTerminalPrivate::process_incoming()
(this=this@entry=0x5ccf76e490) at ././src/vte.cc:3686
`#18` 0x0000007cb5f8bf08 in VteTerminalPrivate::time_process_incoming()
(this=this@entry=0x5ccf76e490) at ././src/vte.cc:10428
`#19` 0x0000007cb5f8bfe8 in VteTerminalPrivate::process(bool)
(this=this@entry=0x5ccf76e490,
emit_adj_changed=emit_adj_changed@entry=true) at ././src/vte.cc:10452
`#20` 0x0000007cb5f8c244 in update_timeout(gpointer) (data=<error reading
variable: value has been optimized out>) at ././src/vte.cc:10679
`#21` 0x0000007cb53b5484 in g_timeout_dispatch (source=0x5ccf575f80,
callback=<optimized out>, user_data=<optimized out>) at
././glib/gmain.c:4674
`#22` 0x0000007cb53b4898 in g_main_dispatch (context=0x5ccf446770) at
././glib/gmain.c:3203
`#23` 0x0000007cb53b4898 in g_main_context_dispatch
(context=context@entry=0x5ccf446770) at ././glib/gmain.c:3856
`#24` 0x0000007cb53b4c40 in g_main_context_iterate (context=0x5ccf446770,
block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at
././glib/gmain.c:3929
`#25` 0x0000007cb53b4ff0 in g_main_loop_run (loop=0x5ccf441450) at
././glib/gmain.c:4125
`#26` 0x0000007cb5b30934 in gtk_main () at
/usr/lib/aarch64-linux-gnu/libgtk-3.so.0
`#27` 0x0000005ccef2d5b0 in main (argc=<optimized out>, argv=<optimized
out>) at main.c:330
and the parent's stderr sees the following assertion:
Vte:ERROR:/home/warner/stuff/debian/vte2.91-0.46.1/./src/vtestream-file.h:790:unsigned int _vte_boa_uncompress(char*, unsigned int, const char*, unsigned int): assertion failed (z_ret == Z_OK): (4294967293 == 0)
I can get you a coredump, if that helps.
I don't know what exactly VTE is decompressing here, but I suspect it has to do with the scrollback buffer, since dumping a MB of output will cause a lot of data to get written into the buffer very quickly.
When I get some time, I'll try to track down in the source what sort of error that return code is referring to.
thanks! -Brian
Version: 0.46.x