Bug#1071996: marked as done (libx11-6: Segfault in libX11.so.6.4.0 when using GNOME apps (Nautilus/Tweaks))

[Debian Bug Tracking System]

Your message dated Fri, 1 Nov 2024 14:59:09 +0100
with message-id <ZyTerd860s0fDDbh@carotte>
and subject line Re: Bug#1071996: libx11-6: Segfault in libX11.so.6.4.0 when 
using GNOME apps (Nautilus/Tweaks)
has caused the Debian Bug report #1071996,
regarding libx11-6: Segfault in libX11.so.6.4.0 when using GNOME apps 
(Nautilus/Tweaks)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1071996: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071996
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: libx11-6
Version: 2:1.8.7-1+b1
Severity: important
X-Debbugs-Cc: j...@pictura.co.uk

When I perform certain actions on my GNOME desktop, such as using the Location
bar (Ctrl+L) in Nautilus, clicking on System Information in GNOME Control
Center, or click Fonts in GNOME Tweaks, the programs close with a segmentation
fault. Here is the output from dmesg.

[ 1659.826530] nautilus[19533]: segfault at 41 ip 00007f782c224d5d sp
00007fffa9cbf770 error 4 in libX11.so.6.4.0[7f782c216000+8d000] likely on CPU 7
(core 7, socket 0)
[ 1659.826554] Code: ff 66 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 41 54
49 89 d4 55 48 89 f5 53 48 8b 87 68 09 00 00 48 89 fb 48 85 c0 74 02 <ff> 10 48
89 ee 4c 89 e2 48 89 df e8 63 36 ff ff 89 c5 48 8b 83 68
[ 1666.674595] nautilus[19622]: segfault at ff0000 ip 00007fd182c0fd5d sp
00007fff51cb2fa0 error 4 in libX11.so.6.4.0[7fd182c01000+8d000] likely on CPU 2
(core 2, socket 0)
[ 1666.674608] Code: ff 66 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 41 54
49 89 d4 55 48 89 f5 53 48 8b 87 68 09 00 00 48 89 fb 48 85 c0 74 02 <ff> 10 48
89 ee 4c 89 e2 48 89 df e8 63 36 ff ff 89 c5 48 8b 83 68

Debian version: sid
Kernel: Linux debian 6.8.11-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.8.11-1
(2024-05-26) x86_64 GNU/Linux
glibc: 2.38-11

Using Wayland and GNOME 44.9.
CPU: AMD Ryzen 3700X
GPU: Intel Arc A770


-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.8.11-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libx11-6 depends on:
ii  libc6        2.38-11
ii  libx11-data  2:1.8.7-1
ii  libxcb1      1.17.0-2

libx11-6 recommends no packages.

libx11-6 suggests no packages.

-- no debconf information

--- End Message ---

--- Begin Message ---

Closing this bug, I agree with Bernhard there's no evidence of a libx11
bug here; feel free to reopen/reassign with more information if this is
still an issue.

Cheers,
Julien

On Tue, Jun 18, 2024 at 10:22:37 +0200, Bernhard Übelacker wrote:

> On Mon, 27 May 2024 11:22:02 +0100 Jack Beckitt-Marshall <j...@pictura.co.uk> 
> wrote:
> 
> > When I perform certain actions on my GNOME desktop, such as using the 
> > Location
> > bar (Ctrl+L) in Nautilus, clicking on System Information in GNOME Control
> > Center, or click Fonts in GNOME Tweaks, the programs close with a 
> > segmentation
> > fault. Here is the output from dmesg.
> > 
> > [ 1659.826530] nautilus[19533]: segfault at 41 ip 00007f782c224d5d sp
> > 00007fffa9cbf770 error 4 in libX11.so.6.4.0[7f782c216000+8d000] likely on 
> > CPU 7
> > (core 7, socket 0)
> > [ 1659.826554] Code: ff 66 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 41 
> > 54
> > 49 89 d4 55 48 89 f5 53 48 8b 87 68 09 00 00 48 89 fb 48 85 c0 74 02 <ff> 
> > 10 48
> > 89 ee 4c 89 e2 48 89 df e8 63 36 ff ff 89 c5 48 8b 83 68
> 
> > Using Wayland and GNOME 44.9.
> 
> > Debian Release: trixie/sid
> 
> 
> 
> Hello Jack,
> I am not maintainer of libx11-6, just tried to collect some more information.
> 
> From the "Code" line the crash happens in function XGetWindowAttributes.
> It looks strange this function gets called while using a Wayland session.
> 
> This gtk issue [1] shows similar calls into XGetWindowAttributes caused by
> some library libim-scim.so from package scim-gtk-immodule.
> 
> Please check if you have this installed.
> If it is needed it might be possbile to check if this still happens with
> a Gnome X11 session, if not needed does it happens when this package is 
> uninstalled?
> 
> 
> For exact results a backtrace of the crash would still be good.
> Maybe you can install the package systemd-coredump and retrieve from
> e.g. `journalctl -b0 --no-pager` of a crash with a few lines before and 
> afterwards. [2]
> 
> 
> [1] https://gitlab.gnome.org/GNOME/gtk/-/issues/5472
> [2] https://wiki.debian.org/HowToGetABacktrace
> 
> 
> Kind regards,
> Bernhard

> 
> 
> 
> [ 1659.826530] nautilus[19533]: segfault at 41 ip 00007f782c224d5d sp 
> 00007fffa9cbf770 error 4 in libX11.so.6.4.0[7f782c216000+8d000] likely on CPU 
> 7 (core 7, socket 0)
> [ 1659.826554] Code: ff 66 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 41 54 
> 49 89 d4 55 48 89 f5 53 48 8b 87 68 09 00 00 48 89 fb 48 85 c0 74 02 <ff> 10 
> 48 89 ee 4c 89 e2 48 89 df e8 63 36 ff ff 89 c5 48 8b 83 68
> [ 1666.674595] nautilus[19622]: segfault at ff0000 ip 00007fd182c0fd5d sp 
> 00007fff51cb2fa0 error 4 in libX11.so.6.4.0[7fd182c01000+8d000] likely on CPU 
> 2 (core 2, socket 0)
> [ 1666.674608] Code: ff 66 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 41 54 
> 49 89 d4 55 48 89 f5 53 48 8b 87 68 09 00 00 48 89 fb 48 85 c0 74 02 <ff> 10 
> 48 89 ee 4c 89 e2 48 89 df e8 63 36 ff ff 89 c5 48 8b 83 68
> 
> 
> https://wiki.debian.org/InterpretingKernelOutputAtProcessCrash
> 
> 
> error 4
> 0b00000100
>  *   bit 0 ==    0: no page found
>  *   bit 1 ==    0: read access
>  *   bit 2 ==    1: user-mode access
> .
> 
> 
> 
> echo -n "find /b ..., ..., 0x" && \
> echo "ff 66 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 41 54 49 89 d4 55 48 
> 89 f5 53 48 8b 87 68 09 00 00 48 89 fb 48 85 c0 74 02 <ff> 10 48 89 ee 4c 89 
> e2 48 89 df e8 63 36 ff ff 89 c5 48 8b 83 68" \
>  | sed 's/[<>]//g' | sed 's/ /, 0x/g'
> 
> 
> 
> 
> 
> # Trixie/testing amd64 qemu VM 2024-06-18
> 
> apt update
> apt dist-upgrade
> 
> apt install --no-install-recommends gnome
> apt install gdb
> 
> 
> 
> 
> gdb -q --pid $(pgrep nautilus)
> 
> pipe info share | grep -i x11
> find /b 0x00007fd8fcd4e970,  0x00007fd8fcdd881e, 0xff, 0x66, 0x66, 0x2e, 
> 0x0f, 0x1f, 0x84, 0x00, 0x00, 0x00, 0x00, 0x00, 0x90, 0xf3, 0x0f, 0x1e, 0xfa, 
> 0x41, 0x54, 0x49, 0x89, 0xd4, 0x55, 0x48, 0x89, 0xf5, 0x53, 0x48, 0x8b, 0x87, 
> 0x68, 0x09, 0x00, 0x00, 0x48, 0x89, 0xfb, 0x48, 0x85, 0xc0, 0x74, 0x02, 0xff, 
> 0x10, 0x48, 0x89, 0xee, 0x4c, 0x89, 0xe2, 0x48, 0x89, 0xdf, 0xe8, 0x63, 0x36, 
> 0xff, 0xff, 0x89, 0xc5, 0x48, 0x8b, 0x83, 0x68
> 
> 
> 
> 
> benutzer@debian:~$ gdb -q --pid $(pgrep nautilus)
> Attaching to process 2298
> [New LWP 2349]
> [New LWP 2351]
> [New LWP 2352]
> [New LWP 2373]
> [New LWP 2383]
> [New LWP 2384]
> [New LWP 2529]
> [Thread debugging using libthread_db enabled]
> Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
> 0x00007fd8fd40947f in __GI___poll (fds=0x5562fdf47790, nfds=2, timeout=24377) 
> at ../sysdeps/unix/sysv/linux/poll.c:29
> 29      ../sysdeps/unix/sysv/linux/poll.c: Datei oder Verzeichnis nicht 
> gefunden.
> (gdb) pipe info share | grep -i x11
> 0x00007fd8fcd4e970  0x00007fd8fcdd881e  Yes (*)     
> /lib/x86_64-linux-gnu/libX11.so.6
> 0x00007fd8f8002040  0x00007fd8f800211f  Yes (*)     
> /lib/x86_64-linux-gnu/libX11-xcb.so.1
> (gdb) find /b 0x00007fd8fcd4e970,  0x00007fd8fcdd881e, 0xff, 0x66, 0x66, 
> 0x2e, 0x0f, 0x1f, 0x84, 0x00, 0x00, 0x00, 0x00, 0x00, 0x90, 0xf3, 0x0f, 0x1e, 
> 0xfa, 0x41, 0x54, 0x49, 0x89, 0xd4, 0x55, 0x48, 0x89, 0xf5, 0x53, 0x48, 0x8b, 
> 0x87, 0x68, 0x09, 0x00, 0x00, 0x48, 0x89, 0xfb, 0x48, 0x85, 0xc0, 0x74, 0x02, 
> 0xff, 0x10, 0x48, 0x89, 0xee, 0x4c, 0x89, 0xe2, 0x48, 0x89, 0xdf, 0xe8, 0x63, 
> 0x36, 0xff, 0xff, 0x89, 0xc5, 0x48, 0x8b, 0x83, 0x68
> 0x7fd8fcd5ad33 <_XGetWindowAttributes+483>
> 1 pattern found.
> (gdb) b * (0x7fd8fcd5ad33 + 42)
> Breakpoint 1 at 0x7fd8fcd5ad5d
> (gdb) info b
> Num     Type           Disp Enb Address            What
> 1       breakpoint     keep y   0x00007fd8fcd5ad5d <XGetWindowAttributes+29>
> (gdb) disassemble /r 0x7fd8fcd5ad33, 0x7fd8fcd5ad33+62
> Dump of assembler code from 0x7fd8fcd5ad33 to 0x7fd8fcd5ad71:
>    0x00007fd8fcd5ad33 <_XGetWindowAttributes+483>:      ff 66 66              
>           jmp    *0x66(%rsi)
>    0x00007fd8fcd5ad36:                                  2e 0f 1f 84 00 00 00 
> 00 00      cs nopl 0x0(%rax,%rax,1)
>    0x00007fd8fcd5ad3f:                                  90                    
>           nop
>    0x00007fd8fcd5ad40 <XGetWindowAttributes+0>:         f3 0f 1e fa           
>           endbr64
>    0x00007fd8fcd5ad44 <XGetWindowAttributes+4>:         41 54                 
>           push   %r12
>    0x00007fd8fcd5ad46 <XGetWindowAttributes+6>:         49 89 d4              
>           mov    %rdx,%r12
>    0x00007fd8fcd5ad49 <XGetWindowAttributes+9>:         55                    
>           push   %rbp
>    0x00007fd8fcd5ad4a <XGetWindowAttributes+10>:        48 89 f5              
>           mov    %rsi,%rbp
>    0x00007fd8fcd5ad4d <XGetWindowAttributes+13>:        53                    
>           push   %rbx
>    0x00007fd8fcd5ad4e <XGetWindowAttributes+14>:        48 8b 87 68 09 00 00  
>           mov    0x968(%rdi),%rax
>    0x00007fd8fcd5ad55 <XGetWindowAttributes+21>:        48 89 fb              
>           mov    %rdi,%rbx
>    0x00007fd8fcd5ad58 <XGetWindowAttributes+24>:        48 85 c0              
>           test   %rax,%rax
>    0x00007fd8fcd5ad5b <XGetWindowAttributes+27>:        74 02                 
>           je     0x7fd8fcd5ad5f <XGetWindowAttributes+31>
>    0x00007fd8fcd5ad5d <XGetWindowAttributes+29>:        ff 10                 
>           call   *(%rax)                                    <<<<<<<<
>    0x00007fd8fcd5ad5f <XGetWindowAttributes+31>:        48 89 ee              
>           mov    %rbp,%rsi
>    0x00007fd8fcd5ad62 <XGetWindowAttributes+34>:        4c 89 e2              
>           mov    %r12,%rdx
>    0x00007fd8fcd5ad65 <XGetWindowAttributes+37>:        48 89 df              
>           mov    %rbx,%rdi
>    0x00007fd8fcd5ad68 <XGetWindowAttributes+40>:        e8 63 36 ff ff        
>           call   0x7fd8fcd4e3d0 <_XGetWindowAttributes@plt>
>    0x00007fd8fcd5ad6d <XGetWindowAttributes+45>:        89 c5                 
>           mov    %eax,%ebp
>    0x00007fd8fcd5ad6f <XGetWindowAttributes+47>:        48 8b 83 68 09 00 00  
>           mov    0x968(%rbx),%rax
> End of assembler dump.
> (gdb)
> 
> 
> 
> 
> https://gitlab.gnome.org/GNOME/gtk/-/issues/5472
> 

--- End Message ---