Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 2066393 - [abrt] tmux: __memmove_evex_unaligned_erms(): tmux killed by SIGSEGV
Summary: [abrt] tmux: __memmove_evex_unaligned_erms(): tmux killed by SIGSEGV
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: tmux
Version: 36
Hardware: x86_64
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Filipe Rosset
QA Contact: Fedora Extras Quality Assurance
URL: https://retrace.fedoraproject.org/faf...
Whiteboard: abrt_hash:a3edb7e3c12e78bf94787d08ef6...
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2022-03-21 16:35 UTC by David Auer (2nd Account)
Modified: 2022-08-24 20:30 UTC (History)
4 users (show)

Fixed In Version: tmux-3.3a-1.fc36
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-08-24 20:30:59 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)
File: core_backtrace (deleted)
2022-03-21 16:35 UTC, David Auer (2nd Account)
no flags Details
File: cpuinfo (deleted)
2022-03-21 16:35 UTC, David Auer (2nd Account)
no flags Details
File: dso_list (deleted)
2022-03-21 16:35 UTC, David Auer (2nd Account)
no flags Details
File: exploitable (deleted)
2022-03-21 16:35 UTC, David Auer (2nd Account)
no flags Details
File: limits (deleted)
2022-03-21 16:35 UTC, David Auer (2nd Account)
no flags Details
File: maps (deleted)
2022-03-21 16:35 UTC, David Auer (2nd Account)
no flags Details
File: mountinfo (deleted)
2022-03-21 16:35 UTC, David Auer (2nd Account)
no flags Details
File: open_fds (deleted)
2022-03-21 16:35 UTC, David Auer (2nd Account)
no flags Details
File: proc_pid_status (deleted)
2022-03-21 16:35 UTC, David Auer (2nd Account)
no flags Details

Description David Auer (2nd Account) 2022-03-21 16:35:43 UTC
Description of problem:
Steps to reproduce:
1. Run tmux
2. Enter command mode (Ctrl+b, ':')
3. Hold Ctrl and hit Up-Arrow 3 times (the other 3 arrow directions work, too)

Tmux will crash printing [server exited unexpectedly] and leaving a garbled terminal.

This is always reproducible on Fedora 35 with versions tmux-3.2a-2.fc35 and tmux-3.2a-3.fc36.

It is not reproducible on Debian 11 with tmux-3.1c-1+deb11u1.

Thanks for looking into it!

I believe this should be easy to reproduce, therefore I removed backtrace and environ to be on the save side regarding leaking any sensitive data. Let me know if this is not reproducible or in case you need the backtrace for any other reason I can't think of.
The gist is also in this abrt report: https://retrace.fedoraproject.org/faf/reports/270639/

Version-Release number of selected component:
tmux-3.2a-2.fc35

Additional info:
reporter:       libreport-2.15.2
backtrace:      
backtrace_rating: 3
cgroup:         0::/user.slice/user-1000.slice/user/app.slice/app-org.gnome.Terminal.slice/vte-spawn-0ee08f6f-2e75-4593-96b2-e824d0b225c8.scope
cmdline:        tmux
crash_function: __memmove_evex_unaligned_erms
environ:        
executable:     /usr/bin/tmux
journald_cursor: s=f19da6e7cb6f46f381b6a6d89d87f298;i=31196;b=c5c19681399a4d069e2592ca867e20e1;m=5965c4deb;t=5dabb79e8433e;x=cefde090f7f4d0e1
kernel:         5.16.14-200.fc35.x86_64
rootdir:        /
runlevel:       N 5
type:           CCpp
uid:            1000

Truncated backtrace:

Comment 1 David Auer (2nd Account) 2022-03-21 16:35:46 UTC
Created attachment 1867261 [details]
File: core_backtrace

Comment 2 David Auer (2nd Account) 2022-03-21 16:35:47 UTC
Created attachment 1867262 [details]
File: cpuinfo

Comment 3 David Auer (2nd Account) 2022-03-21 16:35:49 UTC
Created attachment 1867263 [details]
File: dso_list

Comment 4 David Auer (2nd Account) 2022-03-21 16:35:50 UTC
Created attachment 1867264 [details]
File: exploitable

Comment 5 David Auer (2nd Account) 2022-03-21 16:35:51 UTC
Created attachment 1867265 [details]
File: limits

Comment 6 David Auer (2nd Account) 2022-03-21 16:35:53 UTC
Created attachment 1867266 [details]
File: maps

Comment 7 David Auer (2nd Account) 2022-03-21 16:35:54 UTC
Created attachment 1867267 [details]
File: mountinfo

Comment 8 David Auer (2nd Account) 2022-03-21 16:35:55 UTC
Created attachment 1867268 [details]
File: open_fds

Comment 9 David Auer (2nd Account) 2022-03-21 16:35:56 UTC
Created attachment 1867269 [details]
File: proc_pid_status

Comment 10 David Auer (2nd Account) 2022-03-22 15:27:24 UTC
A colleague just told me that 3.4 compiled from source works fine.

Comment 11 Filipe Rosset 2022-03-22 21:28:30 UTC
(In reply to David Auer (2nd Account) from comment #10)
> A colleague just told me that 3.4 compiled from source works fine.

Hi David, thanks for your report.
For while, the 3.3 release is still an Release Candidate version, so for now I prefer to wait for a final 3.3 release to proceed with the update.
https://github.com/tmux/tmux/releases/tag/3.3-rc

Comment 12 Fedora Update System 2022-08-19 04:01:57 UTC
FEDORA-2022-8985737e34 has been submitted as an update to Fedora 36. https://bodhi.fedoraproject.org/updates/FEDORA-2022-8985737e34

Comment 13 Fedora Update System 2022-08-20 02:23:42 UTC
FEDORA-2022-8985737e34 has been pushed to the Fedora 36 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-8985737e34`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-8985737e34

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 14 Fedora Update System 2022-08-24 20:30:59 UTC
FEDORA-2022-8985737e34 has been pushed to the Fedora 36 stable repository.
If problem still persists, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.