[Xfce-bugs] [Bug 14764] New: Out of Bound when using input via Ibus-Unikey to search file
bugzilla-daemon at xfce.org
bugzilla-daemon at xfce.org
Tue Oct 16 09:36:35 CEST 2018
https://bugzilla.xfce.org/show_bug.cgi?id=14764
Bug ID: 14764
Summary: Out of Bound when using input via Ibus-Unikey to
search file
Classification: Xfce Core
Product: Thunar
Version: 1.6.15
Hardware: PC (x86_64)
OS: Linux
Status: NEW
Severity: normal
Priority: Medium
Component: Desktop
Assignee: xfce-bugs at xfce.org
Reporter: dinhbaouit at gmail.com
CC: benny at xfce.org, hjudt at xfce.org
Target Milestone: 1.8.3
Out of Bound when using input via Ibus-Unikey to search file
VirtualBox POC:
https://drive.google.com/open?id=1MMjgybKioy2evO8ywzderTT60MwjA11Z
Video POC: https://youtu.be/2Dw5Y3BMmgw
Core Dump: https://drive.google.com/open?id=1Vz3rezkQiOf_b-q6x3RZ7C4nSkje9GhU
Stack trace
gdb-peda$ run
Starting program: /tmp/thunar
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib/libthread_db.so.1".
[New Thread 0x7fffed6c9700 (LWP 3439)]
[New Thread 0x7fffecec8700 (LWP 3440)]
[New Thread 0x7fffe7b8f700 (LWP 3441)]
[New Thread 0x7fffe738e700 (LWP 3442)]
(thunar:3438): Gdk-WARNING **: gdk_window_set_icon_list: icons too large
[Thread 0x7fffe738e700 (LWP 3442) exited]
Thread 1 "thunar" received signal SIGSEGV, Segmentation fault.
[----------------------------------registers-----------------------------------]
RAX: 0x7400000061 ('a')
RBX: 0x0
RCX: 0x7fffffffce90 --> 0x5555558a41e0 --> 0x4
RDX: 0x555555892490 --> 0x55555589b9a0 --> 0x55555589b800 --> 0x2
RSI: 0x555555aebbf0 --> 0x555555aa0061 --> 0x0
RDI: 0x5555559d13f0 --> 0x5555558a2740 --> 0x5555558a41e0 --> 0x4
RBP: 0x555555aa19f0 --> 0x40000002
RSP: 0x7fffffffccc8 --> 0x7ffff4e06c5d (<g_closure_invoke+413>: mov
rax,QWORD PTR [rbp+0x0])
RIP: 0x7ffff79a1fb4 (mov edi,DWORD PTR [rax+0x154])
R8 : 0x7fffffffce10 --> 0x135
R9 : 0x0
R10: 0x555555804758 --> 0x700070 ('p')
R11: 0x7fffffffd060 --> 0x3000000020 (' ')
R12: 0x2
R13: 0x7fffffffce90 --> 0x5555558a41e0 --> 0x4
R14: 0x7fffffffce10 --> 0x135
R15: 0x7ffff6a32770 (<g_cclosure_marshal_VOID__STRING>: cmp edx,0x2)
EFLAGS: 0x10202 (carry parity adjust zero sign trap INTERRUPT direction
overflow)
[-------------------------------------code-------------------------------------]
0x7ffff79a1fa1: call QWORD PTR [rip+0x229919] # 0x7ffff7bcb8c0
0x7ffff79a1fa7: nop WORD PTR [rax+rax*1+0x0]
0x7ffff79a1fb0: mov rax,QWORD PTR [rsi+0x70]
=> 0x7ffff79a1fb4: mov edi,DWORD PTR [rax+0x154]
0x7ffff79a1fba: or BYTE PTR [rax+0x148],0x2
0x7ffff79a1fc1: test edi,edi
0x7ffff79a1fc3: jne 0x7ffff79a1fd0
0x7ffff79a1fc5: repz ret
[------------------------------------stack-------------------------------------]
0000| 0x7fffffffccc8 --> 0x7ffff4e06c5d (<g_closure_invoke+413>: mov
rax,QWORD PTR [rbp+0x0])
0008| 0x7fffffffccd0 --> 0x0
0016| 0x7fffffffccd8 --> 0x0
0024| 0x7fffffffcce0 --> 0x7fff40000002
0032| 0x7fffffffcce8 --> 0x7ffff4b1b294 (<g_hash_table_lookup+52>: mov
r8d,0x2)
0040| 0x7fffffffccf0 --> 0x1
0048| 0x7fffffffccf8 --> 0x5555559d13f0 --> 0x5555558a2740 --> 0x5555558a41e0
--> 0x4
0056| 0x7fffffffcd00 --> 0x7fffffffd2b4 --> 0x558f0d5000007fff
[------------------------------------------------------------------------------]
blue
Legend: code, data, rodata, value
Stopped reason: SIGSEGV
0x00007ffff79a1fb4 in ?? () from /usr/lib/libexo-1.so.0```
gdb-peda$ bt
#0 0x00007ffff79a1fb4 in () at /usr/lib/libexo-1.so.0
#1 0x00007ffff4e06c5d in g_closure_invoke () at /usr/lib/libgobject-2.0.so.0
#2 0x00007ffff4e1ab50 in () at /usr/lib/libgobject-2.0.so.0
#3 0x00007ffff4e23806 in g_signal_emit_valist ()
at /usr/lib/libgobject-2.0.so.0
#4 0x00007ffff4e24240 in g_signal_emit () at /usr/lib/libgobject-2.0.so.0
#5 0x00007ffff69b94e0 in () at /usr/lib/libgtk-x11-2.0.so.0
#6 0x00007ffff4e06c5d in g_closure_invoke () at /usr/lib/libgobject-2.0.so.0
#7 0x00007ffff4e1ab50 in () at /usr/lib/libgobject-2.0.so.0
#8 0x00007ffff4e23806 in g_signal_emit_valist ()
at /usr/lib/libgobject-2.0.so.0
#9 0x00007ffff4e2471c in g_signal_emit_by_name ()
at /usr/lib/libgobject-2.0.so.0
#10 0x00007ffff4e06c5d in g_closure_invoke () at /usr/lib/libgobject-2.0.so.0
#11 0x00007ffff4e1ab50 in () at /usr/lib/libgobject-2.0.so.0
#12 0x00007ffff4e23806 in g_signal_emit_valist ()
at /usr/lib/libgobject-2.0.so.0
#13 0x00007ffff4e24240 in g_signal_emit () at /usr/lib/libgobject-2.0.so.0
#14 0x00007ffff4e06c5d in g_closure_invoke () at /usr/lib/libgobject-2.0.so.0
#15 0x00007ffff4e1ab50 in () at /usr/lib/libgobject-2.0.so.0
#16 0x00007ffff4e23806 in g_signal_emit_valist ()
at /usr/lib/libgobject-2.0.so.0
#17 0x00007ffff4e24240 in g_signal_emit () at /usr/lib/libgobject-2.0.so.0
#18 0x00007fffe7bb9367 in () at /usr/lib/libibus-1.0.so.5
#19 0x00007fffefe9a1c8 in ffi_call_unix64 () at /usr/lib/libffi.so.6
#20 0x00007fffefe99c2a in ffi_call () at /usr/lib/libffi.so.6
#21 0x00007ffff4e07483 in g_cclosure_marshal_generic ()
at /usr/lib/libgobject-2.0.so.0
#22 0x00007ffff4e06c5d in g_closure_invoke () at /usr/lib/libgobject-2.0.so.0
#23 0x00007ffff4e1a5aa in () at /usr/lib/libgobject-2.0.so.0
#24 0x00007ffff4e23806 in g_signal_emit_valist ()
at /usr/lib/libgobject-2.0.so.0
#25 0x00007ffff4e24240 in g_signal_emit () at /usr/lib/libgobject-2.0.so.0
#26 0x00007ffff511d6e7 in () at /usr/lib/libgio-2.0.so.0
#27 0x00007ffff510c119 in () at /usr/lib/libgio-2.0.so.0
#28 0x00007ffff4b2ccd6 in g_main_context_dispatch ()
at /usr/lib/libglib-2.0.so.0
#29 0x00007ffff4b2d0b1 in () at /usr/lib/libglib-2.0.so.0
#30 0x00007ffff4b2d3e2 in g_main_loop_run () at /usr/lib/libglib-2.0.so.0
#31 0x00007ffff6a2cdf3 in gtk_main () at /usr/lib/libgtk-x11-2.0.so.0
#32 0x0000555555570f60 in ()
#33 0x00007ffff452df4a in __libc_start_main () at /usr/lib/libc.so.6
#34 0x00005555555710ba in ()
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Xfce-bugs
mailing list