--- Begin Message ---
Subject: |
Bug#345739: Multiple segfaults when resizing the terminal |
Date: |
Mon, 2 Jan 2006 21:39:30 +0100 |
Package: info
Version: 4.8-2
Severity: normal
Tags: patch
Hi,
When resizing the terminal rapidly, info will segfault:
(gdb) bt
#0 0x0804a503 in display_update_one_window (win=0x80a3fd8) at display.c:301
#1 0x0804a02b in display_update_display (window=0x80a3fd8) at display.c:85
#2 0x08061578 in redisplay_after_signal () at signals.c:161
#3 0x08061609 in reset_info_window_sizes () at signals.c:176
#4 0x0806180f in info_signal_proc (sig=28) at signals.c:277
#5 <signal handler called>
#6 0xffffe40e in __kernel_vsyscall ()
#7 0xb7e4d193 in read () from /lib/tls/i686/cmov/libc.so.6
#8 0x080612a6 in info_get_input_char () at session.c:5002
#9 0x080595fd in info_read_and_dispatch () at session.c:217
#10 0x08059534 in info_session () at session.c:175
#11 0x0805950c in display_startup_message_and_start () at session.c:166
#12 0x080594c9 in begin_info_session (initial_node=0x8095e10) at session.c:153
#13 0x08051b58 in main (argc=2, argv=0xbf92c224) at info.c:507
(gdb) print entry
$1 = (DISPLAY_LINE *) 0x0
I easily reproduce this with "info autoconf" or "info automake" in a
xterm and rapidly resizing up and down, especially to a small size.
My first guess what at the second part of the if() condition, hence I
tried moving the entry != NULL test higher, but that wasn't enough
since entry is derefenced a couple of times afterwards.
Hence, I simply protected the following chunk, and the segfaults appear
less often now. The segfaults happening with entry == NULL are gone
for me, and I can resize info to a small size, however I still got an
occasional segfault when rapidly resizing, with a weird value of entry:
(gdb) bt
#0 0x0804a4f4 in display_update_one_window (win=0x80a3fd8) at display.c:303
#1 0x0804a02b in display_update_display (window=0x80a3fd8) at display.c:85
#2 0x0806157c in redisplay_after_signal () at signals.c:161
#3 0x0806160d in reset_info_window_sizes () at signals.c:176
#4 0x08061813 in info_signal_proc (sig=28) at signals.c:277
#5 <signal handler called>
#6 0xffffe40e in __kernel_vsyscall ()
#7 0xb7e7e193 in read () from /lib/tls/i686/cmov/libc.so.6
#8 0x080612aa in info_get_input_char () at session.c:5002
#9 0x08059601 in info_read_and_dispatch () at session.c:217
#10 0x08059538 in info_session () at session.c:175
#11 0x08059510 in display_startup_message_and_start () at session.c:166
#12 0x080594cd in begin_info_session (initial_node=0x8095e10) at session.c:153
#13 0x08051b5c in main (argc=2, argv=0xbfa5eba4) at info.c:507
(gdb) print entry
$1 = (DISPLAY_LINE *) 0x59
I'm afraid some corruption happens or unintialized memory is used, and
I suggest you run info in valgrind.
If you find them useful, please include the attached changes. (The
patch is large, but only a couple of lines were truly changed.)
-- System Information:
Debian Release: testing/unstable
APT prefers oldstable
APT policy: (500, 'oldstable'), (500, 'unstable'), (500, 'testing'), (500,
'stable'), (1, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-2-686
Locale: address@hidden, address@hidden (charmap=ISO-8859-15)
Versions of packages info depends on:
ii libc6 2.3.5-9 GNU C Library: Shared libraries an
ii libncurses5 5.5-1 Shared libraries for terminal hand
info recommends no packages.
-- no debconf information
--
Loïc Minier <address@hidden>
Current Earth status: NOT DESTROYED
texinfo_4.8-2_segfault-when-resizing-terminal.patch
Description: Text document
--- End Message ---