[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Crash in recode_mline()

From: YONETANI Tomokazu
Subject: Crash in recode_mline()
Date: Tue, 22 Nov 2011 07:28:05 +0900
User-agent: Mutt/1.5.21 (2010-09-15)


The screen keeps crashing with SIGSEGV lately.  I started investigating
when I experienced it on a released version, but it still crashed with
Git version(d69bc26).  I'm using screen with UTF8 but I set the encoding
of the window I was operating on to euc and the $LANG was set to
ja_JP.eucJP.  I was backwards-searching the bash's history when the screen

#0  0x003aa7a2 in _dl_sysinfo_int80 () from /lib/
#1  0x003eb7a5 in raise () from /lib/tls/
#2  0x003ed209 in abort () from /lib/tls/
#3  0x0804ac11 in CoreDump (sigsig=11) at screen.c:1685
#4  <signal handler called>
#5  0x0808b200 in recode_mline (ml=0x50, w=80, from=1, to=8) at encoding.c:545
#6  0x08086763 in LInsChar (l=0x9dbb154, c=0x9dbd5a0, x=0, y=48, ol=0x0)
    at layer.c:278
#7  0x08086c3e in LWrapChar (l=0x9dbb154, c=0x9dbd5a0, y=47, top=0, bot=49, 
    ins=1) at layer.c:731
#8  0x080555c8 in WriteString (wp=0x9dbb148, 
    buf=0xbfffc315 "...(some japanese string)", ' ' <repeats 26 times>..., 
len=170) at ansi.c:873
#9  0x0806367e in win_readev_fn (ev=0x9dbb1c0, data=0x9dbb148 "\200\224?\t")
    at window.c:1932
#10 0x080892fe in sched () at sched.c:237
#11 0x0804f9e4 in main (ac=0, av=0xbfffea8c) at screen.c:1464

In frame 7, ins=1 at line 759, so LInsChar() gets called with the last
parameter as NULL.  Since it can call recode_mline() with ml == NULL
under some circumstances but there's no NULL check in recode_mline(),
it crashes on ml->font.

#5  0x0808b200 in recode_mline (ml=0x0, w=80, from=1, to=8) at encoding.c:545
545       if (ml->font == null && encodings[from].deffont == 0)
(gdb) l
540       static struct mline rml[2], *rl;
541       int i, c;
543       if (from == to || (from != UTF8 && to != UTF8) || w == 0)
544         return ml;
545       if (ml->font == null && encodings[from].deffont == 0)
546         return ml;

I added `ml == NULL' to the conditional on line 543 as a bandaid to this
problem.  Let me know if you need some more information or if you have
a patch for me to try.

Best Regards,
YONETANI Tomokazu.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]