Dear Maintainer,
I tried to have a look at the core file.
If a dbgsym package would be available I would be more
confident about the following information.
Please consider to build the dbgsym package.
The crash seems to happen in the stack below.
It seems the function mc_clear_window_simple gets called with
parameter w being a null pointer, which gets dereferenced in line 1498.
This null pointer seems to originate from the static variable us_alternate.
Kind regards,
Bernhard
(gdb) bt
#0 0x0000...11b in mc_clear_window_simple at window.c:1498
https://sources.debian.org/src/minicom/2.7.2%7E20200725-3/src/window.c/#L1498
#1 0x0000...3a8 in dec_mode at vt100.c:735
https://sources.debian.org/src/minicom/2.7.2%7E20200725-3/src/vt100.c/#L735
#2 0x0000...e21 in state3 at vt100.c:783
https://sources.debian.org/src/minicom/2.7.2%7E20200725-3/src/vt100.c/#L783
#3 0x0000...d4a in do_terminal at main.c:964
https://sources.debian.org/src/minicom/2.7.2%7E20200725-3/src/main.c/#L964
#4 0x0000...a55 in main at minicom.c:1622
https://sources.debian.org/src/minicom/2.7.2%7E20200725-3/src/minicom.c/#L1622
#5 0x0000...cca in __libc_start_main (main=0x5639900c08b0, argc=7, argv=0x7fff270d9178,
init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>,
stack_end=0x7fff270d9168) at ../csu/libc-start.c:308
#6 0x0000...64a in ?? ()
# Bullseye/testing amd64 qemu VM 2020-11-10
apt update
apt dist-upgrade
apt install systemd-coredump mc fakeroot gdb minicom
# no minicom-dbgsym available ???
apt build-dep minicom
mkdir /home/benutzer/source/minicom/orig -p
cd /home/benutzer/source/minicom/orig
apt source minicom
cd
wget
"https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=972949;filename=core-minicom.3018805.transient.1603721766.gz;msg=10";
-O core-minicom.3018805.transient.1603721766.gz
gunzip core-minicom.3018805.transient.1603721766.gz
gdb -q /usr/bin/minicom --core core-minicom.3018805.transient.1603721766
benutzer@debian:~$ gdb -q /usr/bin/minicom --core
core-minicom.3018805.transient.1603721766
Reading symbols from /usr/bin/minicom...
(No debugging symbols found in /usr/bin/minicom)
[New LWP 3018805]
Core was generated by `minicom -c on -b 115200 -D /dev/ttyUSB0'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00005639900d611b in ?? ()
(gdb) set width 0
(gdb) set pagination off
(gdb) bt
#0 0x00005639900d611b in ?? ()
#1 0x00005639900c43a8 in ?? ()
#2 0x00005639900c4e21 in ?? ()
#3 0x00005639900dbd4a in ?? ()
#4 0x00005639900c1a55 in ?? ()
#5 0x00007faa497facca in __libc_start_main (main=0x5639900c08b0, argc=7,
argv=0x7fff270d9178, init=<optimized out>, fini=<optimized out>,
rtld_fini=<optimized out>, stack_end=0x7fff270d9168) at ../csu/libc-start.c:308
#6 0x00005639900c364a in ?? ()
(gdb) disassemble 0x00005639900d60f7,0x00005639900d6124
Dump of assembler code from 0x5639900d60f7 to 0x5639900d6124:
0x00005639900d60f7: callq 0x5639900c0850 <__sprintf_chk@plt>
0x00005639900d60fc: mov %rbp,%rdi
0x00005639900d60ff: mov $0x1,%esi
0x00005639900d6104: xor %ebp,%ebp
0x00005639900d6106: lea -0x2c1d(%rip),%rdx # 0x5639900d34f0
0x00005639900d610d: callq 0x5639900c0090 <tputs@plt>
0x00005639900d6112: xor %esi,%esi
0x00005639900d6114: xor %edi,%edi
0x00005639900d6116: callq 0x5639900d31f0
=> 0x00005639900d611b: mov 0x1c(%r12),%eax
0x00005639900d6120: test %eax,%eax
0x00005639900d6122: jns 0x5639900d6155
End of assembler dump.
(gdb) print/x $r12
$1 = 0x0
Comparing with a local rebuild with debugging information:
(gdb) disassemble 0x000055555556f0f7,0x000055555556f124
Dump of assembler code from 0x55555556f0f7 to 0x55555556f124:
0x000055555556f0f7 <mc_clear_window_simple+103>: callq 0x555555559850
<__sprintf_chk@plt>
0x000055555556f0fc <mc_clear_window_simple+108>: mov %rbp,%rdi
0x000055555556f0ff <mc_clear_window_simple+111>: mov $0x1,%esi
0x000055555556f104 <mc_clear_window_simple+116>: xor %ebp,%ebp
0x000055555556f106 <mc_clear_window_simple+118>: lea
-0x2c1d(%rip),%rdx # 0x55555556c4f0 <outchar>
0x000055555556f10d <mc_clear_window_simple+125>: callq 0x555555559090
<tputs@plt>
0x000055555556f112 <mc_clear_window_simple+130>: xor %esi,%esi
0x000055555556f114 <mc_clear_window_simple+132>: xor %edi,%edi
0x000055555556f116 <mc_clear_window_simple+134>: callq 0x55555556c1f0
<_gotoxy>
0x000055555556f11b <mc_clear_window_simple+139>: mov 0x1c(%r12),%eax
0x000055555556f120 <mc_clear_window_simple+144>: test %eax,%eax
0x000055555556f122 <mc_clear_window_simple+146>: jns 0x55555556f155
<mc_clear_window_simple+197>
End of assembler dump.
(gdb) print 0x1c
$1 = 28
(gdb) ptype /o WIN
type = struct _win {
/* 0 | 4 */ int x1;
/* 4 | 4 */ int y1;
/* 8 | 4 */ int x2;
/* 12 | 4 */ int y2;
/* 16 | 4 */ int sy1;
/* 20 | 4 */ int sy2;
/* 24 | 4 */ int xs;
/* 28 | 4 */ int ys;
/* 32 | 1 */ char border;
...
(gdb) list window.c:1492,1503
1492
1493 void mc_clear_window_simple(WIN *w)
1494 {
1495 int x = 0, y = 0;
1496 _colson(us->color);
1497 _gotoxy(0, 0);
1498 for (; y <= w->ys; ++y)
1499 for (; x <= w->xs; ++x)
1500 _write(' ', 1, x, y, XA_NORMAL, us->color);
1501 _gotoxy(0, 0);
1502 }
1503
(gdb) bt
#0 0x0000...11b in ?? () 0x000055555556f11b in mc_clear_window_simple
at window.c:1498
#1 0x0000...3a8 in ?? () 0x000055555555d3a8 in dec_mode at vt100.c:735
#2 0x0000...e21 in ?? () 0x000055555555de21 in state3 at vt100.c:783
#3 0x0000...d4a in ?? () 0x0000555555574d4a in do_terminal at
main.c:964
#4 0x0000...a55 in ?? () 0x000055555555aa55 in main at minicom.c:1622
#5 0x0000...cca in __libc_start_main (main=0x5639900c08b0, argc=7,
argv=0x7fff270d9178, init=<optimized out>, fini=<optimized out>,
rtld_fini=<optimized out>, stack_end=0x7fff270d9168) at ../csu/libc-start.c:308
#6 0x0000...64a in ?? ()
https://sources.debian.org/src/minicom/2.7.2%7E20200725-3/src/window.c/#L1498
https://sources.debian.org/src/minicom/2.7.2%7E20200725-3/src/vt100.c/#L735
https://sources.debian.org/src/minicom/2.7.2%7E20200725-3/src/vt100.c/#L783
https://sources.debian.org/src/minicom/2.7.2%7E20200725-3/src/main.c/#L964
https://sources.debian.org/src/minicom/2.7.2%7E20200725-3/src/minicom.c/#L1622
