Menu
▾
▴
[Mlterm-dev-en] Reproducible crash with OTL
|
From: Ian D. L. <idl...@fa...> - 2016-04-05 06:04:02
|
Greetings, and thanks for your work on mlterm!
I'm currently testing out mlterm version 3.7.0 on NetBSD-current (on an
amd64 machine). My mlterm was built with cairo, fribidi, m17nlib, otl
and Xft but without gdk_pixbuf or any of the input methods. I can
reliably make it segfault by launching nvi(1) and inserting two
alphabetic characters and a space at the beginning of the buffer. That
is, if I try to create a file whose contents are "ab " (or in fact any
longer word followed by a space), then mlterm crashes when I hit the
spacebar. This doesn't happen with the default configuration. It
requires that (at least) the following two settings appear in
~/.mlterm/main:
use_ot_layout = true
termtype = mlterm
Right now I'm running with only those two settings in main, and no
other settings files in .mlterm (there are the usual msg.log and
challenge files). A backtrace collected after a crash of a binary
compiled with -g -O2 follows:
Core was generated by `mlterm'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 ml_char_copy (dst=dst@entry=0x7f7fffffda50, src=0x0) at ml_char.c:662
662 memcpy( dst , src , sizeof( ml_char_t)) ;
(gdb) bt
#0 ml_char_copy (dst=dst@entry=0x7f7fffffda50, src=0x0) at ml_char.c:662
#1 0x00000000004171b4 in draw_cursor (screen=screen@entry=0x7f7ff7b3d000)
at x_screen.c:606
#2 0x000000000041aba4 in highlight_cursor (screen=0x7f7ff7b3d000)
at x_screen.c:968
#3 update_window (win=0x7f7ff7b3d000, flag=<optimized out>) at x_screen.c:1597
#4 0x0000000000410b67 in x_window_update (win=0x7f7ff7b3d000,
flag=<optimized out>) at ../xwindow/xlib/x_window.c:2302
#5 0x00000000004423ef in ml_parse_vt100_sequence (vt100_parser=0x7f7ff7b38800)
at ml_vt100_parser.c:7371
#6 0x000000000040e784 in receive_next_event () at x_event_source.c:281
#7 x_event_source_process () at x_event_source.c:345
#8 0x000000000040cf2c in main_loop_start () at main_loop.c:485
#9 0x000000000044973c in main (argc=1, argv=0x7f7fffffdbd8) at main.c:181
So somehow mlterm ends up trying to memcpy NULL while redrawing the
cursor after I hit space.
What other tests can I run to help narrow down the root cause of the
problem?
Thanks for your help,
--
IDL
|
