Bug#967082: grub-customizer: dmesg has error info:segfault at 50 ip 0000558a7f3024e1

Bernhard Übelacker Sun, 16 Aug 2020 13:39:58 -0700

Dear Maintainer,
I tried to have a look, but can just tell the location,
the dmesg output points to, is the following location.
And at this point the register rdi contains the value of "this",
at the submitters system 0x50, therefore causing the segfault.


Maybe install debug symbols and running at submitters system
inside valgrind could give some more pointers ... [1].

Kind regards,
Bernhard


Thread 1 "grub-customizer" hit Breakpoint 1, 
Trait_ActionLoggerAware::logActionBegin (action="update-timeout-setting", 
this=0x55f619eb7680) at 
./src/main/../Controller/Common/../../lib/Trait/ActionLoggerAware.hpp:42
42                              
this->logger->logActionBegin(this->_controllerName, action);
1: x/i $pc
=> 0x55f6199c94e1 <SettingsController::updateTimeoutSettingAction()+81>:        
mov    (%rdi),%rax
(gdb) bt
#0  0x000055f6199c94e1 in 
Trait_ActionLoggerAware::logActionBegin(std::__cxx11::basic_string<char, 
std::char_traits<char>, std::allocator<char> > const&) const 
(action="update-timeout-setting", this=0x55f619eb7680) at 
./src/main/../Controller/Common/../../lib/Trait/ActionLoggerAware.hpp:42
#1  0x000055f6199c94e1 in SettingsController::updateTimeoutSettingAction() 
(this=0x55f619eb7680) at ./src/main/../Controller/SettingsController.hpp:285
...

[1] https://wiki.debian.org/HowToGetABacktrace#Installing_the_debugging_symbols


# Buster/stable amd64 qemu VM 2020-08-16


apt update
apt dist-upgrade


apt install systemd-coredump sddm xserver-xorg openbox xterm mc gdb 
grub-customizer grub-customizer-dbgsym
apt build-dep grub-customizer



mkdir /home/benutzer/source/grub-customizer/orig -p
cd    /home/benutzer/source/grub-customizer/orig
apt source grub-customizer
cd



export DISPLAY=:0
export XAUTHORITY=/home/benutzer/.Xauthority
export LANG=zh_CN.utf8

grub-customizer




echo -n "find /b ..., ..., 0x" && \
echo "00 48 89 84 24 98 00 00 00 31 c0 48 8d 6c 24 40 48 8d 45 10 48 89 ef 48 
89 44 24 40 e8 e8 bb fa ff 48 8b 7b 08 48 85 ff 74 0d <48> 8b 07 48 8d 73 18 48 
89 ea ff 50 18 48 8b 7c 24 40 48 8d 45 10" \
 | sed 's/[<>]//g' | sed 's/ /, 0x/g'

find /b ..., ..., 0x00, 0x48, 0x89, 0x84, 0x24, 0x98, 0x00, 0x00, 0x00, 0x31, 
0xc0, 0x48, 0x8d, 0x6c, 0x24, 0x40, 0x48, 0x8d, 0x45, 0x10, 0x48, 0x89, 0xef, 
0x48, 0x89, 0x44, 0x24, 0x40, 0xe8, 0xe8, 0xbb, 0xfa, 0xff, 0x48, 0x8b, 0x7b, 
0x08, 0x48, 0x85, 0xff, 0x74, 0x0d, 0x48, 0x8b, 0x07, 0x48, 0x8d, 0x73, 0x18, 
0x48, 0x89, 0xea, 0xff, 0x50, 0x18, 0x48, 0x8b, 0x7c, 0x24, 0x40, 0x48, 0x8d, 
0x45, 0x10



gdb -q --pid $(pidof grub-customizer)

(gdb) directory /home/benutzer/source/grub-customizer/orig/grub-customizer-5.1.0

(gdb) info target
        Entry point: 0x560dab1723e0
        0x000055f6198a82a8 - 0x000055f6198a82c4 is .interp
...
        0x000055f619a9d0e0 - 0x000055f619a9d230 is .bss
        0x00007ffb4989d238 - 0x00007ffb4989d25c is .note.gnu.build-id in 
/lib/x86_64-linux-gnu/libgtkmm-3.0.so.1
...

(gdb) find /b 0x000055f6198a82a8, 0x000055f619a9d230, 0x00, 0x48, 0x89, 0x84, 
0x24, 0x98, 0x00, 0x00, 0x00, 0x31, 0xc0, 0x48, 0x8d, 0x6c, 0x24, 0x40, 0x48, 
0x8d, 0x45, 0x10, 0x48, 0x89, 0xef, 0x48, 0x89, 0x44, 0x24, 0x40, 0xe8, 0xe8, 
0xbb, 0xfa, 0xff, 0x48, 0x8b, 0x7b, 0x08, 0x48, 0x85, 0xff, 0x74, 0x0d, 0x48, 
0x8b, 0x07, 0x48, 0x8d, 0x73, 0x18, 0x48, 0x89, 0xea, 0xff, 0x50, 0x18, 0x48, 
0x8b, 0x7c, 0x24, 0x40, 0x48, 0x8d, 0x45, 0x10
0x55f6199c94b7 <SettingsController::updateTimeoutSettingAction()+39>
1 pattern found.

(gdb) b * (0x55f6199c94b7 + 42)
Breakpoint 2 at 0x560dab1ee4e1: file 
./src/main/../Controller/Common/../../lib/Trait/ActionLoggerAware.hpp, line 42.
(gdb) cont

(gdb) cont
Continuing.
[Thread 0x7ffb43244700 (LWP 19172) exited]
[New Thread 0x7ffb43244700 (LWP 19174)]

Thread 1 "grub-customizer" hit Breakpoint 1, 
Trait_ActionLoggerAware::logActionBegin (action="update-timeout-setting", 
this=0x55f619eb7680)
    at ./src/main/../Controller/Common/../../lib/Trait/ActionLoggerAware.hpp:42
42                              
this->logger->logActionBegin(this->_controllerName, action);
1: x/i $pc
=> 0x55f6199c94e1 <SettingsController::updateTimeoutSettingAction()+81>:        
mov    (%rdi),%rax
(gdb) set width 0
(gdb) set pagination off
(gdb) bt
#0  0x000055f6199c94e1 in 
Trait_ActionLoggerAware::logActionBegin(std::__cxx11::basic_string<char, 
std::char_traits<char>, std::allocator<char> > const&) const 
(action="update-timeout-setting", this=0x55f619eb7680) at 
./src/main/../Controller/Common/../../lib/Trait/ActionLoggerAware.hpp:42
#1  0x000055f6199c94e1 in SettingsController::updateTimeoutSettingAction() 
(this=0x55f619eb7680) at ./src/main/../Controller/SettingsController.hpp:285
#2  0x00007ffb49793dc8 in 
Glib::SignalProxyNormal::slot0_void_callback(_GObject*, void*) () at 
/lib/x86_64-linux-gnu/libglibmm-2.4.so.1
#3  0x00007ffb495bdc8d in g_closure_invoke () at 
/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#4  0x00007ffb495d0e64 in  () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#5  0x00007ffb495da2be in g_signal_emit_valist () at 
/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#6  0x00007ffb495da97f in g_signal_emit () at 
/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#7  0x00007ffb487a5fc0 in  () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#8  0x00007ffb495bdc8d in g_closure_invoke () at 
/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#9  0x00007ffb495d1365 in  () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#10 0x00007ffb495da2be in g_signal_emit_valist () at 
/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#11 0x00007ffb495da97f in g_signal_emit () at 
/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#12 0x00007ffb485da8e7 in  () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#13 0x00007ffb487a450e in  () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#14 0x00007ffb487a55a3 in  () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#15 0x00007ffb487a7e15 in  () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#16 0x00007ffb4889a274 in  () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#17 0x00007ffb495bdec6 in  () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#18 0x00007ffb495d9d74 in g_signal_emit_valist () at 
/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#19 0x00007ffb495da97f in g_signal_emit () at 
/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#20 0x00007ffb48848324 in  () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#21 0x00007ffb48708976 in  () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#22 0x00007ffb4870aa83 in gtk_main_do_event () at 
/lib/x86_64-linux-gnu/libgtk-3.so.0
#23 0x00007ffb49671465 in  () at /lib/x86_64-linux-gnu/libgdk-3.so.0
#24 0x00007ffb496a2112 in  () at /lib/x86_64-linux-gnu/libgdk-3.so.0
#25 0x00007ffb494dbf2e in g_main_context_dispatch () at 
/lib/x86_64-linux-gnu/libglib-2.0.so.0
#26 0x00007ffb494dc1c8 in  () at /lib/x86_64-linux-gnu/libglib-2.0.so.0
#27 0x00007ffb494dc4c2 in g_main_loop_run () at 
/lib/x86_64-linux-gnu/libglib-2.0.so.0
#28 0x00007ffb48709b15 in gtk_main () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#29 0x000055f61994ce31 in main(int, char**) (argc=<optimized out>, 
argv=<optimized out>) at /usr/include/c++/8/bits/shared_ptr_base.h:996
(gdb) disassemble SettingsController::updateTimeoutSettingAction
Dump of assembler code for function 
SettingsController::updateTimeoutSettingAction():
   0x000055f6199c9490 <+0>:     push   %r15
   0x000055f6199c9492 <+2>:     lea    0x7bf91(%rip),%rdx        # 
0x55f619a4542a
   0x000055f6199c9499 <+9>:     push   %r14
   0x000055f6199c949b <+11>:    lea    -0x16(%rdx),%rsi
   0x000055f6199c949f <+15>:    push   %r13
   0x000055f6199c94a1 <+17>:    push   %r12
   0x000055f6199c94a3 <+19>:    push   %rbp
   0x000055f6199c94a4 <+20>:    push   %rbx
   0x000055f6199c94a5 <+21>:    mov    %rdi,%rbx
   0x000055f6199c94a8 <+24>:    sub    $0xa8,%rsp
   0x000055f6199c94af <+31>:    mov    %fs:0x28,%rax
   0x000055f6199c94b8 <+40>:    mov    %rax,0x98(%rsp)
   0x000055f6199c94c0 <+48>:    xor    %eax,%eax
   0x000055f6199c94c2 <+50>:    lea    0x40(%rsp),%rbp
   0x000055f6199c94c7 <+55>:    lea    0x10(%rbp),%rax
   0x000055f6199c94cb <+59>:    mov    %rbp,%rdi
   0x000055f6199c94ce <+62>:    mov    %rax,0x40(%rsp)
   0x000055f6199c94d3 <+67>:    callq  0x55f6199750c0 
<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> 
>::_M_construct<char const*>(char const*, char const*, 
std::forward_iterator_tag)>
   0x000055f6199c94d8 <+72>:    mov    0x8(%rbx),%rdi
   0x000055f6199c94dc <+76>:    test   %rdi,%rdi
   0x000055f6199c94df <+79>:    je     0x55f6199c94ee 
<SettingsController::updateTimeoutSettingAction()+94>
=> 0x000055f6199c94e1 <+81>:    mov    (%rdi),%rax
   0x000055f6199c94e4 <+84>:    lea    0x18(%rbx),%rsi
   0x000055f6199c94e8 <+88>:    mov    %rbp,%rdx
   0x000055f6199c94eb <+91>:    callq  *0x18(%rax)
...
   0x000055f6199c9764 <+724>:   jmp    0x55f6199c9718 
<SettingsController::updateTimeoutSettingAction()+648>
End of assembler dump.
(gdb) print/x $rdi
$2 = 0x55f619e453c0
(gdb) print/x $rbx
$3 = 0x55f619eb7680
(gdb) print this
$4 = (const Trait_ActionLoggerAware * const) 0x55f619eb7680
(gdb) print/x this->logger
$5 = std::shared_ptr<Logger> (use count 101, weak count 0) = {get() = 
0x55f619e453c0}

Bug#967082: grub-customizer: dmesg has error info:segfault at 50 ip 0000558a7f3024e1

Reply via email to