Sorry, that's meant to read that the data is NOT pasted to the destination directory, nor lost.

Comment 2 Benedikt Meurer 2006-09-24 21:23:59 CEST

A backtrace of the crash with debug information would be helpful (i.e. compile Thunar with --enable-debug=full and be sure to set G_SLICE=always-malloc prior to starting it). See http://gaim.sourceforge.net/gdb.php for a quick gdb intro.

I'm not sure what I'm doing wrong, but I don't think this is what you wanted. What am I doing wrong?

config.log
----------
configure:31895: checking whether to enable debugging support
configure:31898: result: full


[stonecrest@machine ~]$ export G_SLICE=always-malloc
[stonecrest@machine ~]$ echo $G_SLICE
always-malloc
[stonecrest@machine ~]$ gdb thunar
GNU gdb 6.5
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i686-pc-linux-gnu"...(no debugging symbols found)
Using host libthread_db library "/lib/libthread_db.so.1".

(gdb) handle SIGPIPE nostop
Signal        Stop	Print	Pass to program	Description
SIGPIPE       No	Yes	Yes		Broken pipe
(gdb) run
Starting program: /opt/xfce4/bin/thunar 
Failed to read a valid object file image from memory.
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
[Thread debugging using libthread_db enabled]
[New Thread -1220577616 (LWP 9094)]
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
---Type <return> to continue, or q <return> to quit---
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
---Type <return> to continue, or q <return> to quit---
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
[New Thread -1223398496 (LWP 9097)]
(no debugging symbols found)
(no debugging symbols found)
thunar-sbr-Message: Initializing ThunarSbr extension
(no debugging symbols found)
thunar-uca-Message: Initializing ThunarUca extension
(no debugging symbols found)
(no debugging symbols found)
thunar-apr-Message: Initializing ThunarApr extension
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
thunar-apr-Message: Shutting down ThunarApr extension
thunar-sbr-Message: Shutting down ThunarSbr extension
[Thread -1223398496 (LWP 9097) exited]
(no debugging symbols found)
[New Thread -1223398496 (LWP 9098)]
[Thread -1223398496 (LWP 9098) exited]
[New Thread -1223398496 (LWP 9099)]
[Thread -1223398496 (LWP 9099) exited]
*** glibc detected *** /opt/xfce4/bin/thunar: free(): invalid next size (normal): 0x08413cd8 ***
======= Backtrace: =========
/lib/libc.so.6[0xb784c750]
/lib/libc.so.6(__libc_free+0x84)[0xb784dda4]
/usr/lib/libglib-2.0.so.0(g_free+0x31)[0xb794fbe1]
/usr/lib/libgtk-x11-2.0.so.0[0xb7e034bf]
/usr/lib/libgtk-x11-2.0.so.0[0xb7cd97b6]
/usr/lib/libgobject-2.0.so.0(g_closure_invoke+0x13b)[0xb7a1b12b]
/usr/lib/libgobject-2.0.so.0[0xb7a2b599]
/usr/lib/libgobject-2.0.so.0(g_signal_emit_valist+0x899)[0xb7a2ca59]
/usr/lib/libgobject-2.0.so.0(g_signal_emit_by_name+0xee)[0xb7a2f80e]
/usr/lib/libgtk-x11-2.0.so.0[0xb7d36234]
/usr/lib/libgtk-x11-2.0.so.0(gtk_selection_convert+0x145)[0xb7d370b5]
/usr/lib/libgtk-x11-2.0.so.0(gtk_clipboard_request_contents+0x9f)[0xb7e03aef]
/opt/xfce4/bin/thunar[0x80ac2fd]
/usr/lib/libgobject-2.0.so.0(g_cclosure_marshal_VOID__VOID+0x4b)[0xb7a284cb]
/usr/lib/libgobject-2.0.so.0(g_closure_invoke+0x13b)[0xb7a1b12b]
/usr/lib/libgobject-2.0.so.0[0xb7a2b599]
/usr/lib/libgobject-2.0.so.0(g_signal_emit_valist+0x899)[0xb7a2ca59]
/usr/lib/libgobject-2.0.so.0(g_signal_emit+0x29)[0xb7a2cc09]
/usr/lib/libgtk-x11-2.0.so.0[0xb7bfbd13]
/usr/lib/libgtk-x11-2.0.so.0[0xb7bfe0d4]
/usr/lib/libgobject-2.0.so.0(g_closure_invoke+0x13b)[0xb7a1b12b]
/usr/lib/libgobject-2.0.so.0[0xb7a2b599]
/usr/lib/libgobject-2.0.so.0(g_signal_emit_valist+0x678)[0xb7a2c838]
/usr/lib/libgobject-2.0.so.0(g_signal_emit+0x29)[0xb7a2cc09]
/usr/lib/libgtk-x11-2.0.so.0(gtk_accel_group_activate+0xd9)[0xb7bf7c09]
/usr/lib/libgtk-x11-2.0.so.0(gtk_accel_groups_activate+0xfa)[0xb7bf7d0a]
/usr/lib/libgtk-x11-2.0.so.0(gtk_window_activate_key+0xda)[0xb7dfedba]
/usr/lib/libgtk-x11-2.0.so.0[0xb7dfee3c]
/usr/lib/libgtk-x11-2.0.so.0[0xb7cdb4b2]
/usr/lib/libgobject-2.0.so.0[0xb7a196e9]
/usr/lib/libgobject-2.0.so.0(g_closure_invoke+0x13b)[0xb7a1b12b]
/usr/lib/libgobject-2.0.so.0[0xb7a2bbcd]
/usr/lib/libgobject-2.0.so.0(g_signal_emit_valist+0x678)[0xb7a2c838]
/usr/lib/libgobject-2.0.so.0(g_signal_emit+0x29)[0xb7a2cc09]
/usr/lib/libgtk-x11-2.0.so.0[0xb7debd44]
/usr/lib/libgtk-x11-2.0.so.0(gtk_propagate_event+0x1ca)[0xb7cd492a]
/usr/lib/libgtk-x11-2.0.so.0(gtk_main_do_event+0x327)[0xb7cd5ad7]
/usr/lib/libgdk-x11-2.0.so.0[0xb7b5bb0a]
/usr/lib/libglib-2.0.so.0(g_main_context_dispatch+0x181)[0xb7948801]
/usr/lib/libglib-2.0.so.0[0xb794b85f]
/usr/lib/libglib-2.0.so.0(g_main_loop_run+0x1b7)[0xb794bc17]
/usr/lib/libgtk-x11-2.0.so.0(gtk_main+0xc1)[0xb7cd5f51]
/opt/xfce4/bin/thunar[0x805f320]
/lib/libc.so.6(__libc_start_main+0xd8)[0xb77fe808]
/opt/xfce4/bin/thunar[0x805ce61]
======= Memory map: ========
08048000-080f0000 r-xp 00000000 03:01 289504     /opt/xfce4/bin/Thunar
080f0000-080f2000 rwxp 000a7000 03:01 289504     /opt/xfce4/bin/Thunar
080f2000-084b1000 rwxp 080f2000 00:00 0          [heap]
b6700000-b6721000 rwxp b6700000 00:00 0 
b6721000-b6800000 ---p b6721000 00:00 0 
b68dc000-b68ed000 r-xp 00000000 03:01 319090     /opt/xfce4/lib/thunarx-1/thunar-uca.so
b68ed000-b68ee000 rwxp 00011000 03:01 319090     /opt/xfce4/lib/thunarx-1/thunar-uca.so
b68f3000-b6923000 rwxs 00000000 00:07 27394061   /SYSV00000000 (deleted)
b6923000-b6924000 rwxs 00000000 03:03 2540607    /home/stonecrest/.cache/Thunar/metafile.tdb
b6924000-b6946000 r-xp 00000000 03:01 319999     /usr/share/fonts/TTF/verdanab.ttf
b6946000-b6947000 ---p b6946000 00:00 0 
b6947000-b7147000 rwxp b6947000 00:00 0 
b7147000-b71a7000 rwxs 00000000 00:07 27361291   /SYSV00000000 (deleted)
b71a7000-b71ab000 r-xp 00000000 03:01 302933     /usr/lib/gtk-2.0/2.10.0/loaders/libpixbufloader-png.so
b71ab000-b71ac000 rwxp 00003000 03:01 302933     /usr/lib/gtk-2.0/2.10.0/loaders/libpixbufloader-png.so
b71ac000-b71cf000 r-xp 00000000 03:01 319998     /usr/share/fonts/TTF/verdana.ttf
b71cf000-b71df000 r-xp 00000000 03:01 303313     /usr/lib/gtk-2.0/2.10.0/engines/libmurrine.so
b71df000-b71e0000 rwxp 0000f000 03:01 303313     /usr/lib/gtk-2.0/2.10.0/engines/libmurrine.so
b71e0000-b71ed000 r-xs 00000000 03:01 573        /usr/share/mime/mime.cache
b71ed000-b71f5000 r-xp 
Program received signal SIGABRT, Aborted.
[Switching to Thread -1220577616 (LWP 9094)]
0xb7f74410 in ?? ()
(gdb) bt full
#0  0xb7f74410 in ?? ()
No symbol table info available.
#1  0xbfb29418 in ?? ()
No symbol table info available.
#2  0x00000006 in ?? ()
No symbol table info available.
#3  0x00002386 in ?? ()
No symbol table info available.
#4  0xb7811731 in raise () from /lib/libc.so.6
No symbol table info available.
#5  0xb7812e29 in abort () from /lib/libc.so.6
No symbol table info available.
#6  0xb7846cfb in __libc_message () from /lib/libc.so.6
No symbol table info available.
#7  0xb784c750 in malloc_printerr () from /lib/libc.so.6
No symbol table info available.
#8  0xb784dda4 in free () from /lib/libc.so.6
No symbol table info available.
#9  0xb794fbe1 in g_free () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#10 0xb7e034bf in selection_get_cb () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#11 0xb7cd97b6 in _gtk_marshal_VOID__BOXED_UINT_UINT ()
   from /usr/lib/libgtk-x11-2.0.so.0
---Type <return> to continue, or q <return> to quit---
No symbol table info available.
#12 0xb7a1b12b in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#13 0xb7a2b599 in signal_emit_unlocked_R () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#14 0xb7a2ca59 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#15 0xb7a2f80e in g_signal_emit_by_name () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#16 0xb7d36234 in gtk_selection_invoke_handler ()
   from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#17 0xb7d370b5 in gtk_selection_convert () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#18 0xb7e03aef in gtk_clipboard_request_contents ()
   from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#19 0x080ac2fd in ?? ()
No symbol table info available.
#20 0x08415970 in ?? ()
No symbol table info available.
#21 0x0000006c in ?? ()
No symbol table info available.
#22 0x0806a370 in ?? ()
---Type <return> to continue, or q <return> to quit---
No symbol table info available.
#23 0x084536f0 in ?? ()
No symbol table info available.
#24 0x08141920 in ?? ()
No symbol table info available.
#25 0x0838e4d8 in ?? ()
No symbol table info available.
#26 0x0845ed18 in ?? ()
No symbol table info available.
#27 0xb7a4a6f0 in ?? () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#28 0x080ac1e0 in ?? ()
No symbol table info available.
#29 0x0838e548 in ?? ()
No symbol table info available.
#30 0xbfb2a1c8 in ?? ()
No symbol table info available.
#31 0xb7a284cb in g_cclosure_marshal_VOID__VOID ()
   from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#32 0xb7a284cb in g_cclosure_marshal_VOID__VOID ()
   from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#33 0xb7a1b12b in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
---Type <return> to continue, or q <return> to quit---
No symbol table info available.
#34 0xb7a2b599 in signal_emit_unlocked_R () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#35 0xb7a2ca59 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#36 0xb7a2cc09 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#37 0xb7bfbd13 in _gtk_action_emit_activate () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#38 0xb7bfe0d4 in closure_accel_activate () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#39 0xb7a1b12b in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#40 0xb7a2b599 in signal_emit_unlocked_R () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#41 0xb7a2c838 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#42 0xb7a2cc09 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#43 0xb7bf7c09 in gtk_accel_group_activate () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#44 0xb7bf7d0a in gtk_accel_groups_activate () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#45 0xb7dfedba in gtk_window_activate_key () from /usr/lib/libgtk-x11-2.0.so.0
---Type <return> to continue, or q <return> to quit---
No symbol table info available.
#46 0xb7dfee3c in gtk_window_key_press_event () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#47 0xb7cdb4b2 in _gtk_marshal_BOOLEAN__BOXED ()
   from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#48 0xb7a196e9 in g_type_class_meta_marshal () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#49 0xb7a1b12b in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#50 0xb7a2bbcd in signal_emit_unlocked_R () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#51 0xb7a2c838 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#52 0xb7a2cc09 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#53 0xb7debd44 in gtk_widget_event_internal () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#54 0xb7cd492a in gtk_propagate_event () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#55 0xb7cd5ad7 in gtk_main_do_event () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#56 0xb7b5bb0a in gdk_event_dispatch () from /usr/lib/libgdk-x11-2.0.so.0
No symbol table info available.
---Type <return> to continue, or q <return> to quit---
#57 0xb7948801 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#58 0xb794b85f in g_main_context_iterate () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#59 0xb794bc17 in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#60 0xb7cd5f51 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#61 0x0805f320 in ?? ()
No symbol table info available.
#62 0x08411bd8 in ?? ()
No symbol table info available.
#63 0x00000000 in ?? ()
No symbol table info available.
(gdb) exit
Undefined command: "exit".  Try "help".
(gdb) quit
The program is running.  Exit anyway? (y or n) y

Comment 4 Benedikt Meurer 2006-09-25 07:32:37 CEST

No, it's ok, it's a backtrace. Unfortunately, it seems that the crash in somewhere deep in GTK+, and the corruption happened before that. Do you have $MALLOC_CHECK_ set? If not, try setting it to 2 and run again.

Here you go.

(gdb) bt full
#0  0xb7f72410 in ?? ()
No symbol table info available.
#1  0xbf99a7a0 in ?? ()
No symbol table info available.
#2  0x00000006 in ?? ()
No symbol table info available.
#3  0x00000a5f in ?? ()
No symbol table info available.
#4  0xb780f731 in raise () from /lib/libc.so.6
No symbol table info available.
#5  0xb7810e29 in abort () from /lib/libc.so.6
No symbol table info available.
#6  0xb784a778 in malloc_printerr () from /lib/libc.so.6
No symbol table info available.
#7  0xb784c778 in _int_malloc () from /lib/libc.so.6
No symbol table info available.
#8  0xb784d55f in malloc_check () from /lib/libc.so.6
No symbol table info available.
#9  0xb784e0e5 in malloc () from /lib/libc.so.6
No symbol table info available.
#10 0xb794dd76 in g_malloc () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#11 0xb7961be0 in g_strconcat () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
---Type <return> to continue, or q <return> to quit---
#12 0x08069d8c in ?? ()
No symbol table info available.
#13 0x080ca293 in _IO_stdin_used ()
No symbol table info available.
#14 0x08496f60 in ?? ()
No symbol table info available.
#15 0x00000000 in ?? ()
No symbol table info available.
(gdb)

Comment 6 Benedikt Meurer 2006-10-01 11:13:50 CEST

Uff, not really useful. Did you try with a different GTK+ theme?

I just switched to the default xfce gtk+ theme and it still happens. :/

Comment 8 Benedikt Meurer 2006-10-28 12:50:49 CEST

*** Bug 2459 has been marked as a duplicate of this bug. ***

Comment 9 Benedikt Meurer 2006-10-28 12:52:03 CEST

Does it work if you use the mouse to drag and drop the files?

Well that's interesting. I tried to DND and as soon as I started to drag (with my cursor still over the highlighted files in fact, I hadn't even made it to the destination thunar), both thunars crashed. Even stranger is that if I select a smaller subset of my files (i.e. 1/3 of my files at a time), thunar won't crash on any of the selected thirds; it only crashes when I select all of the files.

I tried to get a backtrace but when thunar crashed via gdb, X would freeze for some reason :/

(In reply to comment #10)
> Well that's interesting. I tried to DND and as soon as I started to drag (with
> my cursor still over the highlighted files in fact, I hadn't even made it to
> the destination thunar), both thunars crashed. Even stranger is that if I
> select a smaller subset of my files (i.e. 1/3 of my files at a time), thunar
> won't crash on any of the selected thirds; it only crashes when I select all of
> the files.
> 
> I tried to get a backtrace but when thunar crashed via gdb, X would freeze for
> some reason :/
> 

I had this problem with thunar and xarchiver before. a possible solution is running gdb in screen and then connect to this screen session in a tty when x is frozen. you can save the output to a file then to save the backtrace.

Comment 12 Benedikt Meurer 2006-11-04 19:48:33 CET

Moving to 1.0.0final.

Comment 13 Benedikt Meurer 2006-11-06 19:41:05 CET

I cannot reproduce that. Looking at the backtrace, not a single Thunar/Xfce function seems to be involved. Please build Thunar with --enable-debug=full.

i rebuilt with --enable-debug=full and did

thunar -q
export G_SLICE=always-malloc
export MALLOC_CHECK_=2

and disabled thumbnails
i get crashes all the time when i expect them.

i run thunar/.libs/Thunar in gdb, not the installed binary.

when i select 880 image files and start dragging them, i get:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1220389200 (LWP 15139)]
0xb785d7f9 in _int_malloc () from /lib/libc.so.6
#0  0xb785d7f9 in _int_malloc () from /lib/libc.so.6
#1  0xb785f136 in malloc () from /lib/libc.so.6
#2  0xb795fcd6 in g_malloc () from /usr/lib/libglib-2.0.so.0
#3  0xb796f6b0 in g_slice_alloc () from /usr/lib/libglib-2.0.so.0
#4  0xb7956536 in g_list_prepend () from /usr/lib/libglib-2.0.so.0
#5  0xb7f88a94 in _thunar_vfs_path_new_relative ()
   from /opt/xfce4/lib/libthunar-vfs-1.so.2
#6  0xb7f89d19 in thunar_vfs_path_new ()
   from /opt/xfce4/lib/libthunar-vfs-1.so.2
#7  0xb7f8a154 in thunar_vfs_path_list_from_string ()
   from /opt/xfce4/lib/libthunar-vfs-1.so.2
#8  0x080aff74 in ?? ()



when i cut those files and paste them into another folder, i get:

Program received signal SIGABRT, Aborted.
[Switching to Thread -1221171536 (LWP 15211)]
0xb7eed410 in ?? ()
(gdb) bt
#0  0xb7eed410 in ?? ()
#1  0xbfdb23e0 in ?? ()
#2  0x00000006 in ?? ()
#3  0x00003b6b in ?? ()
#4  0xb7761731 in raise () from /lib/libc.so.6
#5  0xb7762e29 in abort () from /lib/libc.so.6
#6  0xb779c778 in malloc_printerr () from /lib/libc.so.6
#7  0xb779e778 in _int_malloc () from /lib/libc.so.6
#8  0xb779f55f in malloc_check () from /lib/libc.so.6
#9  0xb77a00e5 in malloc () from /lib/libc.so.6
#10 0xb78a0cd6 in g_malloc () from /usr/lib/libglib-2.0.so.0
#11 0xb78b4b60 in g_strconcat () from /usr/lib/libglib-2.0.so.0
#12 0x0806a0fc in thunar_clipboard_manager_get_callback (clipboard=0x8326e70, selection_data=0xbfdb2bbc, target_info=0, user_data=0x82d4078) at thunar-clipboard-manager.c:441
#13 0xb7d77a4f in selection_get_cb () from /usr/lib/libgtk-x11-2.0.so.0
#14 0xb7c4d9c6 in _gtk_marshal_VOID__BOXED_UINT_UINT () from /usr/lib/libgtk-x11-2.0.so.0
#15 0xb799307b in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
#16 0xb79a34e9 in signal_emit_unlocked_R () from /usr/lib/libgobject-2.0.so.0
#17 0xb79a49a9 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
#18 0xb79a775e in g_signal_emit_by_name () from /usr/lib/libgobject-2.0.so.0
#19 0xb7caa6e4 in gtk_selection_invoke_handler () from /usr/lib/libgtk-x11-2.0.so.0
#20 0xb7cab565 in gtk_selection_convert () from /usr/lib/libgtk-x11-2.0.so.0
#21 0xb7d7807f in gtk_clipboard_request_contents () from /usr/lib/libgtk-x11-2.0.so.0
#22 0x080ad46d in thunar_standard_view_action_paste (action=0x82d1f98, standard_view=0x8326e70) at thunar-standard-view.c:1987
#23 0xb79a041b in g_cclosure_marshal_VOID__VOID () from /usr/lib/libgobject-2.0.so.0
#24 0xb799307b in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
#25 0xb79a34e9 in signal_emit_unlocked_R () from /usr/lib/libgobject-2.0.so.0
#26 0xb79a49a9 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
#27 0xb79a4b59 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
#28 0xb7b6f5d3 in _gtk_action_emit_activate () from /usr/lib/libgtk-x11-2.0.so.0
#29 0xb7b71994 in closure_accel_activate () from /usr/lib/libgtk-x11-2.0.so.0
#30 0xb799307b in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
#31 0xb79a34e9 in signal_emit_unlocked_R () from /usr/lib/libgobject-2.0.so.0
#32 0xb79a4788 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
#33 0xb79a4b59 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
#34 0xb7b6b4c9 in gtk_accel_group_activate () from /usr/lib/libgtk-x11-2.0.so.0
#35 0xb7b6b5ca in gtk_accel_groups_activate () from /usr/lib/libgtk-x11-2.0.so.0
#36 0xb7d7334a in gtk_window_activate_key () from /usr/lib/libgtk-x11-2.0.so.0
#37 0xb7d733cc in gtk_window_key_press_event () from /usr/lib/libgtk-x11-2.0.so.0
#38 0xb7c4f6c2 in _gtk_marshal_BOOLEAN__BOXED () from /usr/lib/libgtk-x11-2.0.so.0
#39 0xb7991639 in g_type_class_meta_marshal () from /usr/lib/libgobject-2.0.so.0
#40 0xb799307b in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
#41 0xb79a3b1d in signal_emit_unlocked_R () from /usr/lib/libgobject-2.0.so.0
#42 0xb79a4788 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
#43 0xb79a4b59 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
#44 0xb7d602e4 in gtk_widget_event_internal () from /usr/lib/libgtk-x11-2.0.so.0
#45 0xb7c48b2a in gtk_propagate_event () from /usr/lib/libgtk-x11-2.0.so.0
#46 0xb7c49cd7 in gtk_main_do_event () from /usr/lib/libgtk-x11-2.0.so.0
#47 0xb7acfa1a in gdk_event_dispatch () from /usr/lib/libgdk-x11-2.0.so.0
#48 0xb7899781 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#49 0xb789c7df in g_main_context_iterate () from /usr/lib/libglib-2.0.so.0
#50 0xb789cb97 in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
#51 0xb7c4a151 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
#52 0x0805f630 in main (argc=137592936, argv=0x1) at main.c:239

I think I have solved this bug. Problem is line 1062 in thunar-vfs-path.c:

n = thunar_vfs_path_to_uni (lp->data, buffer + bufpos, bufsize - (bufpos + 2), NULL);

The (bufpos + 2) should be changed to (bufpos + 3), that way the buffer has always enough room for the line break characters. The condition for the bug is when n > 0 but there isn't enough room for the '\r' '\n' characters. When this happens, the program wont try to realloc even if there isn't enough room in the buffer.

I hope this is what is causing the bug, this is my first attempt at solving any real world bugs, so take with grain of salt. Also the reason why I submit this "patch" this way. I don't know how to properly create one...

i tried your suggestion, but with (bufpos + 3) thunar still crashes on pasting and dragging.

Now I know what is really happening, in line 1062 in thunar-vfs-path.c:

n = thunar_vfs_path_to_uri (lp->data, buffer + bufpos, bufsize - (bufpos + 2), NULL);

The type of the third argument to this function is of type gsize, which is unsigned, and if it happens so that (bufsize - (bufpos + 2)) < 0 then the function will be called with a negative value -> thunar_vfs_path_to_uri thinks it has plenty of room -> buffer overflow.

It should be possible to fix this with adding a check like this around the call:

gint bufleft = (bufsize - (bufpos + 2));
if (G_UNLIKELY (bufleft < 0))
  {
    n = -1;
  }
else 
  {
    n = thunar_vfs_path_to_uri (lp->data, buffer + bufpos, bufleft, NULL);
  }

But there is probably a more correct way to do this...

Comment 18 Benedikt Meurer 2006-11-10 19:02:26 CET

(In reply to comment #15)
> I hope this is what is causing the bug, this is my first attempt at solving any
> real world bugs, so take with grain of salt. Also the reason why I submit this
> "patch" this way. I don't know how to properly create one...

If you are editing in an SVN sandbox, you can use svn diff to generate a patch, preferably from the toplevel source folder.

Comment 19 Benedikt Meurer 2006-11-10 19:04:08 CET

Created attachment 865 
Possible fix

Oki doki, please try this patch then.

Seems to work. As seen from what I suggested first, this doesn't mean it actually works ;)

If it is of any help, to reproduce:

1. Select a lot of files and cut them.
2. Paste files to another folder.

Every time the buffer is resized, you have 1 in 256 chance of actually triggering the bug, so better have a lot of those files...

yes, no crashes with the patch anymore, but the gui is unresponsive for some seconds, especially when you move the files by dnd.

Comment 22 Benedikt Meurer 2006-11-11 10:31:54 CET

I guess the unresponsiveness is a different issue. But to be sure, try increasing the buffer increment from 512 to 4096 or an even larger value.

moving my 880 festfiles keeps the gui unresponsive (i check by shading and unshading the window and waiting for the content to show up again) for about 6 seconds, with both 512 and 4096. perhaps a minimal difference, but noth that much.

Comment 24 Benedikt Meurer 2006-11-11 11:42:33 CET

Ok, that's a different issue then, please file a separate bug report.

Comment 25 Benedikt Meurer 2006-11-11 11:57:16 CET

Fixed with revision 23821.

2006-11-11	Benedikt Meurer <benny@xfce.org>

	* thunar-vfs/thunar-vfs-path.c(thunar_vfs_path_list_to_string): Fix
	  crash when transfering a lot of files via DnD or clipbord. Bug #2356.

Awesome, it works :D