Bug#1082936: libx11-6: segfault in _XomConvert, utf8tocs
Package: libx11-6
Version: 2:1.8.7-1+b1
Severity: normal
I recently switched from buster to trixie. In trixie, my window
manager, vtwm, occasionally segfaults. I don't know how to reproduce
the problem, but it seems to be soemthing to do with randomly mashing
some keys in emacs (emacs-lucid under X11).
I obtained the stacktrace below.
I looked at the code in vtwm, where util.c has this:
#ifndef NO_I18N_SUPPORT
int
MyFont_TextWidth(font, string, len)
MyFont *font;
char *string;
int len;
{
XRectangle ink_rect;
XRectangle logical_rect;
if (use_fontset) {
XmbTextExtents(font->fontset, string, len, &ink_rect, &logical_rect);
return logical_rect.width;
}
return XTextWidth(font->font, string, len);
}
I am the Debian maintainer of vtwm. The code has not changed
significantly in many years.
It doesn't seem likely that vtwm is passing a reference to an invalid
string. I conjecture that some UTF-8 thing is going wrong and that
the bug is in the X11 unicode libraries rather than vtwm (which has
very little relevant code, and simply calls functions like XLoadQueryFont
and XmbTextExtents.
I am going to experimentally recompile vtwm with i18n support disabled
and see if that helps, but it doesn't seem like it will be a good
solution even in the medium term.
Program received signal SIGSEGV, Segmentation fault.
utf8_mbtowc (conv=conv@entry=0x0, pwc=pwc@entry=0x7ffdd6cd7bfc, s=s@entry=0x55c6637c6000 <error: Cannot access memory at address 0x55c6637c6000>, n=n@entry=104) at ../../../src/xlibi18n/lcUniConv/utf8.h:11
warning: 11 ../../../src/xlibi18n/lcUniConv/utf8.h: No such file or directory
(gdb) bt
#0 utf8_mbtowc (conv=conv@entry=0x0, pwc=pwc@entry=0x7ffdd6cd7bfc, s=s@entry=0x55c6637c6000 <error: Cannot access memory at address 0x55c6637c6000>, n=n@entry=104) at ../../../src/xlibi18n/lcUniConv/utf8.h:11
#1 0x00007fbc98816738 in utf8tocs (conv=0x55c663696760, from=0x7ffdd6cd7d28, from_left=0x7ffdd6cd7d24, to=0x7ffdd6cd7c70, to_left=0x7ffdd6cd7c6c, args=0x7ffdd6cd7c80, num_args=1) at ../../../src/xlibi18n/lcUTF8.c:624
#2 0x00007fbc9883706a in _XomConvert (oc=oc@entry=0x55c6636a4050, conv=conv@entry=0x55c663696760, from=from@entry=0x7ffdd6cd7d28, from_left=from_left@entry=0x7ffdd6cd7d24, to=to@entry=0x7ffdd6cd7d50, to_left=to_left@entry=0x7ffdd6cd7d44, args=0x7ffdd6cd7d70, num_args=2)
at ../../../../modules/om/generic/omXChar.c:325
#3 0x00007fbc98836244 in _XomGenericTextExtents (oc=0x55c6636a4050, type=<optimized out>, text=<optimized out>, length=<optimized out>, overall_ink=0x7ffdd6cdbde0, overall_logical=<optimized out>) at ../../../../modules/om/generic/omTextExt.c:66
#4 0x000055c65f6d2694 in MyFont_TextWidth (font=<optimized out>, string=<optimized out>, len=616) at util.c:1299
#5 MyFont_TextWidth (font=<optimized out>, string=<optimized out>, len=616) at util.c:1290
#6 PaintTitle (tmp_win=0x55c663702e20) at util.c:3251
#7 0x000055c65f6c645a in HandleExpose () at events.c:1811
#8 0x000055c65f6c66ce in DispatchEvent () at events.c:362
#9 0x000055c65f6c6b4b in HandleEvents () at events.c:489
#10 0x000055c65f6abf9e in main (argc=<optimized out>, argv=<optimized out>, environ=<optimized out>) at twm.c:946
(gdb) up
#1 0x00007fbc98816738 in utf8tocs (conv=0x55c663696760, from=0x7ffdd6cd7d28, from_left=0x7ffdd6cd7d24, to=0x7ffdd6cd7c70, to_left=0x7ffdd6cd7c6c, args=0x7ffdd6cd7c80, num_args=1) at ../../../src/xlibi18n/lcUTF8.c:624
warning: 624 ../../../src/xlibi18n/lcUTF8.c: No such file or directory
(gdb)
#2 0x00007fbc9883706a in _XomConvert (oc=oc@entry=0x55c6636a4050, conv=conv@entry=0x55c663696760, from=from@entry=0x7ffdd6cd7d28, from_left=from_left@entry=0x7ffdd6cd7d24, to=to@entry=0x7ffdd6cd7d50, to_left=to_left@entry=0x7ffdd6cd7d44, args=0x7ffdd6cd7d70, num_args=2)
at ../../../../modules/om/generic/omXChar.c:325
warning: 325 ../../../../modules/om/generic/omXChar.c: No such file or directory
(gdb)
#3 0x00007fbc98836244 in _XomGenericTextExtents (oc=0x55c6636a4050, type=<optimized out>, text=<optimized out>, length=<optimized out>, overall_ink=0x7ffdd6cdbde0, overall_logical=<optimized out>) at ../../../../modules/om/generic/omTextExt.c:66
warning: 66 ../../../../modules/om/generic/omTextExt.c: No such file or directory
(gdb)
#4 0x000055c65f6d2694 in MyFont_TextWidth (font=<optimized out>, string=<optimized out>, len=616) at util.c:1299
warning: 1299 util.c: No such file or directory
(gdb)
#5 MyFont_TextWidth (font=<optimized out>, string=<optimized out>, len=616) at util.c:1290
1290 in util.c
(gdb) down
#4 0x000055c65f6d2694 in MyFont_TextWidth (font=<optimized out>, string=<optimized out>, len=616) at util.c:1299
1299 in util.c
(gdb)
-- System Information:
Debian Release: trixie/sid
APT prefers testing-debug
APT policy: (500, 'testing-debug'), (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 6.10.9-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled
Versions of packages libx11-6 depends on:
ii libc6 2.40-2
ii libx11-data 2:1.8.7-1
ii libxcb1 1.17.0-2
libx11-6 recommends no packages.
libx11-6 suggests no packages.
-- no debconf information
Reply to: