xsrc/44344: xterm SIGSEGV in utf-8 mode

[dholland%eecs.harvard.edu@localhost]

>Number:         44344
>Category:       xsrc
>Synopsis:       xterm SIGSEGV in utf-8 mode
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    xsrc-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Jan 08 02:55:00 +0000 2011
>Originator:     David A. Holland
>Release:        NetBSD 5.99.41 (20101130)
>Organization:
>Environment:
System: NetBSD macaran 5.99.41 NetBSD 5.99.41 (MACARAN) #3: Tue Nov 30 21:52:01 
EST 2010 dholland@macaran:/usr/src/sys/arch/amd64/compile/MACARAN amd64
Architecture: x86_64
Machine: amd64
>Description:

When utf-8 mode is enabled, xterm dumps core on a fairly regular basis.

>How-To-Repeat:

Start xterm, turn on utf-8 mode with ctrl-rightbutton or resources, do
"find /usr/pkgsrc" or something else that generates a lot of output,
watch it core.

 #0  0x00007f7ff989982e in _malloc_prefork () from /usr/lib/libc.so.12
 #1  0x00007f7ff9899ac3 in free () from /usr/lib/libc.so.12
 #2  0x000000000042a945 in addScrollback ()
 #3  0x0000000000427017 in saveEditBufLines ()
 #4  0x0000000000429370 in ScrnDeleteLine ()
 #5  0x000000000043054a in xtermScroll ()

(That's not really _malloc_prefork, it's something gdb doesn't have
symbols for. AFAICT this is a garden-variety malloc crash arising from
corrupting the arena.)

You may need the resource setting
   XTerm*savelines: 1000
or the equivalent commandline option to see the same behavior I do.

It seems that if you set
   XTerm*combiningChars: 4
which changes the allocation behavior for the scroll buffer, it hangs
instead of crashing. I haven't yet gone to see where.

>Fix:

Dunno.