Package: xterm Version: 340-1 Severity: important Dear Maintainer,
after updating from 337-1 to 338-1 in testing, xterm crashes with a segfault when certain Unicode characters appear in the buffer. This only happens when I have selected a font using the -fa option. It doesn't seem to matter which font it is. (I've randomly tried a few from my fc-list.) I've installed 340-1 from unstable, but the bug persists. As I came across this issue while reading mails in mutt, I've tried to identify the exact characters causing it. It turned out that these commands cause the crash: $ /usr/bin/printf "\U0001F384" # U+1F384 CHRISTMAS TREE $ /usr/bin/printf "\U0001F385" # U+1F385 FATHER CHRISTMAS $ /usr/bin/printf "\U0001F3E1" # U+1F3E1 HOUSE WITH GARDEN $ /usr/bin/printf "\U0001F644" # U+1F644 FACE WITH ROLLING EYES Whereas these commands work fine: $ /usr/bin/printf "\U0001F601" # U+1F601 GRINNING FACE WITH SMILING EYES $ /usr/bin/printf "\U0001F604" # U+1F604 SMILING FACE WITH OPEN MOUTH AND SMILING EYES To reproduce this bug, run one of the aforementioned commands after starting xterm with e.g. $ xterm -fa 'Noto Mono' When leaving out -fa, xterm doesn't crash. Please find below a backtrace. As the bug was introduced after updating xterm (libfontconfig1 remained untouched during that update), I'm filing this under xterm for the time being. xterm 337-1 doesn't crash. Interestingly, though, in 337-1 all six above-mentioned characters are not displayed at all when running with e.g. -fa 'Noto Mono'. I just see a two-glyph-wide blank space. Whereas in 338-1 and 340-1, the two non-crashing characters U+1F601 and U+1F604 are actually displayed. I've found a bug report from Arch Linux that looks similar: https://bugs.archlinux.org/task/61115 But the last comment there claims the bug disappeared in 340 which is not the case for me. I don't know a great deal about X font handling, so in case you need more info, please try to explain in detail what you need to know. Thanks in advance. Also, I don't care that much if those special glyphs are actually displayed correctly in my xterm or not, it's just that xterm shouldn't crash. Backtrace: Reading symbols from /usr/bin/xterm...Reading symbols from /usr/lib/debug/.build-id/e1/82f855c9d3aa8701e44c1fc1d41e81eb0b0bd6.debug...done. done. (gdb) run -fa 'Noto Mono' Starting program: /usr/bin/xterm -fa 'Noto Mono' [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Program received signal SIGSEGV, Segmentation fault. 0x00007ffff7d662d1 in FcConfigEvaluate (p=0x5555556fdfd0, p_pat=0x5555559ea680, kind=kind@entry=FcMatchFont, e=0x0) at fccfg.c:977 (gdb) bt full #0 0x00007ffff7d662d1 in FcConfigEvaluate (p=0x5555556fdfd0, p_pat=0x5555559ea680, kind=kind@entry=FcMatchFont, e=0x0) at fccfg.c:977 v = {type = FcTypeVoid, u = {s = 0x5555556fd670 "\300\326oUUU", i = 1433392752, b = 1433392752, d = 4.6355706243752135e-310, m = 0x5555556fd670, c = 0x5555556fd670, f = 0x5555556fd670, l = 0x5555556fd670, r = 0x5555556fd670}} vl = {type = 1433007920, u = {s = 0x0, i = 0, b = 0, d = 0, m = 0x0, c = 0x0, f = 0x0, l = 0x0, r = 0x0}} vr = {type = 1436460672, u = {s = 0x0, i = 0, b = 0, d = 0, m = 0x0, c = 0x0, f = 0x0, l = 0x0, r = 0x0}} vle = <optimized out> vre = <optimized out> m = <optimized out> str = <optimized out> op = <optimized out> buf1 = {u = {d = 0, i = 0, l = 0, c = "\000\000\000\000\000\000\000\000 \326oUUU\000\000H\367iUUU\000\000\000\000\000\000\000\000\000\000\200\246\236UUU", '\000' <repeats 18 times>, "\256m\326\367\377\177\000\000\000\000\000\000\000\000\000\000\320\325oUUU\000\000`\367iUUU\000\000\000\000\000\000\000\000\000\000\200\246\236UUU", '\000' <repeats 18 times>, "\256m\326\367\377\177\000\000\000\000\000\000\000\000\000\000\200\325oUUU\000\000x\367iUUU\000\000\000\000\000\000\000\000\000\000\200\246\236UUU", '\000' <repeats 18 times>, "\256m\326\367\377\177\000\000\000\000\000\000\000\000\000\000"...}} buf2 = {u = {d = 0, i = 0, l = 0, c = "\000\000\000\000\000\000\000\000\340\324oUUU\000\000\250\367iUUU\000\000\000\000\000\000\000\000\000\000\025", '\000' <repeats 15 times>, "\a\000\000\000\000\000\000\000 \000\000\000\000\000\000\000\002\000\000\000\000\000\000\000\020\300aUUU\000\000\017\000\000\000\000\000\000\000@\000\000\000\000\000\000\000\260\377\377\377\377\377\377\377\000\000\000\000\000\000\000\000\002\000\000\000\060", '\000' <repeats 19 times>, "[\000\000\000w", '\000' <repeats 11 times>, "n\000\000\000|\000\000\000\t\000\000\000\000\000\000\000\017\000\000\000\000\000\000\000\025", '\000' <repeats 15 times>, "\260\377\377\377\377\377\377\377"...}} #1 0x00007ffff7d66418 in FcConfigEvaluate (p=p@entry=0x5555556fdfd0, p_pat=p_pat@entry=0x5555559ea680, kind=kind@entry=FcMatchFont, e=e@entry=0x555555683b38) at fccfg.c:1003 m = {xx = 1.4821969375237396e-323, xy = 6.9533490418283141e-310, yx = 1.4821969375237396e-323, yy = 1} xx = <optimized out> yy = <optimized out> xy = <optimized out> yx = <optimized out> v = {type = FcTypeMatrix, u = { s = 0x3 <error: Cannot access memory at address 0x3>, i = 3, b = 3, d = 1.4821969375237396e-323, m = 0x3, c = 0x3, f = 0x3, l = 0x3, r = 0x3}} vl = {type = FcTypeVoid, u = {s = 0x5555556fe050 "Noto Color Emoji", i = 1433395280, b = 1433395280, d = 4.6355706245001133e-310, m = 0x5555556fe050, c = 0x5555556fe050, f = 0x5555556fe050, l = 0x5555556fe050, r = 0x5555556fe050}} vr = {type = FcTypeString, u = { s = 0x7ffff7d660a4 <FcConfigCompareValue+708> "\205\300\017\224\300\017\266\300\351\267\375\377\377L\211\346H\211\327\350\364=", i = -136945500, b = -136945500, d = 6.9533490418283141e-310, m = 0x7ffff7d660a4 <FcConfigCompareValue+708>, c = 0x7ffff7d660a4 <FcConfigCompareValue+708>, f = 0x7ffff7d660a4 <FcConfigCompareValue+708>, l = 0x7ffff7d660a4 <FcConfigCompareValue+708>, r = 0x7ffff7d660a4 <FcConfigCompareValue+708>}} vle = <optimized out> vre = <optimized out> m = <optimized out> str = <optimized out> op = FcOpMatrix buf1 = {u = {d = 4.6355706045501377e-310, i = 1432991488, l = 93824993572608, c = "\000\267iUUU\000\000\002\000\000\000\000\000\000\000\300\372iUUU\000\000\354c\326\367\377\177\000\000\000\000\000\000\000\000\000\000\003\000\000\000\000\000\000\000\003", '\000' <repeats 15 times>, "\a\000\000\000\000\000\000\000 \000\000\000\000\000\000\000\002\000\000\000UU\000\000\020\300aUUU\000\000\017\000\000\000\000\000\000\000@\000\000\000\000\000\000\000\260\377\377\377\377\377\377\377\000\000\000\000\000\000\000\000\002\000\000\000\060", '\000' <repeats 19 times>, "\f\341\327\367\377\177\000\000\000\000\000\000\257\060\000\000\000\355\374*\tLP\204\003\000\000\000\000\000\000\000\256\340\327\367\377\177\000\000\200\334\377\377\264\060\000\000\000"...}} buf2 = {u = {d = 4.6355706344588957e-310, i = 1433596848, l = 93824994177968, c = "\260\363rUUU\000\000\270\220B\365\377\177\000\000\000\000\000\000\000\000\000\000\362H\327\367\377\177\000\000 ", '\000' <repeats 15 times>, "\a\000\000\000\000\000\000\000\060\000\000\000\000\000\000\000\003\000\000\000\377\177\000\000\030\300aUUU\000\000\037\000\000\000\000\000\000\000P\000\000\000\000\000\000\000\260\377\377\377\377\377\377\377\000\000\000\000\000\000\000\000\003\000\000\000\060", '\000' <repeats 19 times>, "[\000\000\000w", '\000' <repeats 11 times>, "n\000\000\000|\000\000\000\a\000\000\000\000\000\000\000\037\000\000\000\000\000\000\000 \000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\260\377\377\377\377\377\377\377"...}} #2 0x00007ffff7d6755f in FcConfigMatchValueList (values=0x5555556fedb0, t=<optimized out>, kind=FcMatchFont, p_pat=0x5555559ea680, p=0x5555556fdfd0) at fccfg.c:1341 ret = 0x0 e = 0x555555683b38 value = {type = FcTypeString, u = {s = 0x5555556fe880 "", i = 1433397376, b = 1433397376, d = 4.6355706246036694e-310, m = 0x5555556fe880, c = 0x5555556fe880, f = 0x5555556fe880, l = 0x5555556fe880, r = 0x5555556fe880}} v = <optimized out> ret = <optimized out> e = <optimized out> value = <optimized out> v = <optimized out> #3 IA__FcConfigSubstituteWithPat (config=<optimized out>, config@entry=0x555555659f60, p=p@entry=0x5555556fdfd0, p_pat=p_pat@entry=0x5555559ea680, kind=kind@entry=FcMatchFont) at fccfg.c:1742 v = {type = FcTypeVoid, u = { s = 0x7ffff7d7a74c <FcPatternObjectInsertElt+236> "\203E", i = -136861876, b = -136861876, d = 6.9533490459598886e-310, m = 0x7ffff7d7a74c <FcPatternObjectInsertElt+236>, c = 0x7ffff7d7a74c <FcPatternObjectInsertElt+236>, f = 0x7ffff7d7a74c <FcPatternObjectInsertElt+236>, l = 0x7ffff7d7a74c <FcPatternObjectInsertElt+236>, r = 0x7ffff7d7a74c <FcPatternObjectInsertElt+236>}} s = 0x555555668c60 iter = {dummy1 = 0x555555668c60, dummy2 = 0x5555556b4830, dummy3 = 0x55555567d0a0} iter2 = {dummy1 = 0x55555568ee50, dummy2 = 0x5555556aade0, dummy3 = 0x0} r = 0x5555556aadc0 rs = <optimized out> l = <optimized out> value = 0x5555556927e0 vl = <optimized out> m = 0x5555556fdfd0 strs = <optimized out> object = <optimized out> elt = 0x5555556a6370 e = 0x5555556feb60 i = <optimized out> nobjs = 53 retval = 1 tst = 0x5555556925e0 #4 0x00007ffff7d779bd in IA__FcFontRenderPrepare (config=0x555555659f60, pat=pat@entry=0x5555559ea680, font=0x7ffff5428840) at fcmatch.c:719 new = 0x5555556fdfd0 i = <optimized out> fe = <optimized out> pe = <optimized out> v = {type = FcTypeBool, u = {s = 0x0, i = 0, b = 0, d = 0, m = 0x0, c = 0x0, f = 0x0, l = 0x0, r = 0x0}} result = FcResultMatch variable = 0 variations = {buf = 0x0, allocated = 0, failed = 0, len = -272072704, size = 1115635585, buf_static = "@\\\337\366\377\177", '\000' <repeats 63 times>, "@\217@", '\000' <repeats 13 times>, "@\237@\000\000\000\000\000P\217@", '\000' <repeats 31 times>} __PRETTY_FUNCTION__ = "IA__FcFontRenderPrepare" #5 0x00007ffff7d77d2b in IA__FcFontSetMatch (config=<optimized out>, sets=sets@entry=0x7fffffffe110, nsets=nsets@entry=1, p=p@entry=0x5555559ea680, result=result@entry=0x7fffffffe108) at fcmatch.c:863 best = <optimized out> __PRETTY_FUNCTION__ = "IA__FcFontSetMatch" #6 0x00005555555a69d3 in findXftGlyph (xw=xw@entry=0x55555564deb0, given=given@entry=0x5555556bbd00, wc=wc@entry=127876) at ../fontutils.c:3782 myReport = 0x0 matchedFont = <optimized out> myFontSets = {0x5555559ea640} myPattern = 0x5555559ea680 myCharSet = 0x55555572f620 check = <optimized out> screen = 0x55555564e058 which = 0x555555652c88 result = 0x0 fontnum = <optimized out> table = {19504, 21304, 23104, 24904, 26704, 28504} n = 0 status = FcResultMatch tag = 0x5555555e2640 "fNorm" #7 0x00005555555c73ec in drawXtermText (xw=xw@entry=0x55555564deb0, attr_flags=attr_flags@entry=0, draw_flags=<optimized out>, draw_flags@entry=0, gc=0x555555659d10, start_x=2, start_y=<optimized out>, chrset=0, text=0x555555674a50, len=1, on_wide=0) at ../util.c:3721 test = <optimized out> part = 127876 filler = 0 replace = 0 '\000' missing = 0 '\000' ch = 127876 needed = <optimized out> currFont = 0x5555556bbd00 tempFont = 0x0 last = 0 old_high = <optimized out> first = 0 old_wide = <optimized out> curX = 2 dpy = <optimized out> font0 = 0x5555556bbd00 values = {function = <optimized out>, plane_mask = <optimized out>, foreground = 15066597, background = <optimized out>, line_width = <optimized out>, line_style = <optimized out>, cap_style = <optimized out>, join_style = <optimized out>, fill_style = <optimized out>, fill_rule = <optimized out>, arc_mode = <optimized out>, tile = <optimized out>, stipple = <optimized out>, ts_x_origin = <optimized out>, ts_y_origin = <optimized out>, font = <optimized out>, subwindow_mode = <optimized out>, graphics_exposures = <optimized out>, clip_x_origin = <optimized out>, clip_y_origin = <optimized out>, clip_mask = <optimized out>, dash_offset = <optimized out>, dashes = <optimized out>} wfont0 = 0x0 currentWin = <optimized out> font = 0x5555556bbd00 wfont = 0x0 x = 2 y = 25 screen = 0x55555564e058 real_length = 1 underline_len = 0 font_width = <optimized out> did_ul = 0 curFont = <optimized out> need_clipping = 0 #8 0x00005555555cc54b in WriteText (xw=xw@entry=0x55555564deb0, str=str@entry=0x555555674a50, len=len@entry=1) at ../util.c:1172 test = 65536 screen = <optimized out> ld = <optimized out> attr_flags = 65536 fg_bg = {fg = 0, bg = 0} cells = 2 currentGC = <optimized out> #9 0x00005555555847f9 in dotext (xw=xw@entry=0x55555564deb0, charset=nrc_ASCII, buf=<optimized out>, len=1) at ../charproc.c:5584 right = <optimized out> width_available = <optimized out> need_wrap = 0 '\000' did_wrap = 0 '\000' width_here = <optimized out> last_chomp = <optimized out> force_wrap = 0 '\000' screen = 0x55555564e058 chars_chomped = <optimized out> next_col = 0 offset = <optimized out> rmargin = 79 #10 0x000055555558a965 in doparsing (xw=xw@entry=0x55555564deb0, c=127876, sp=0x555555611ea0 <myState>) at ../charproc.c:2414 single = <optimized out> this_is_wide = 1 screen = 0x55555564e058 item = 0 count = <optimized out> value = 0 laststate = 6 thischar = 127876 myRect = {top = 1432518496, left = 21845, bottom = 0, right = 0} #11 0x0000555555591265 in VTparse (xw=xw@entry=0x55555564deb0) at ../charproc.c:5377 No locals. #12 0x0000555555591479 in VTRun (xw=0x55555564deb0) at ../charproc.c:7726 screen = 0x55555564e058 #13 0x000055555557898a in main (argc=<optimized out>, argv=<optimized out>) at ../main.c:2826 tblFullscreen = {{name = 0x5555555d963e "Always", code = 2}, { name = 0x5555555d9638 "Never", code = 3}} form_top = 0x55555563db80 menu_top = 0x55555563db80 menu_high = 0 screen = <optimized out> mode = <optimized out> my_class = 0x55555561c260 "XTerm" line_speed = 15 winToEmbedInto = 0 (gdb) quit -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.18.0-3-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages xterm depends on: ii libc6 2.28-2 ii libfontconfig1 2.13.1-2 ii libfreetype6 2.9.1-3 ii libice6 2:1.0.9-2 ii libtinfo6 6.1+20181013-1 ii libutempter0 1.1.6-3 ii libx11-6 2:1.6.7-1 ii libxaw7 2:1.0.13-1+b2 ii libxft2 2.3.2-2 ii libxinerama1 2:1.1.4-1 ii libxmu6 2:1.1.2-2 ii libxpm4 1:3.5.12-1 ii libxt6 1:1.1.5-1 ii xbitmaps 1.1.1-2 Versions of packages xterm recommends: ii x11-utils 7.7+4 Versions of packages xterm suggests: pn xfonts-cyrillic <none> -- no debconf information
