From owner-freebsd-bugs@FreeBSD.ORG Tue Nov 8 11:10:17 2005 Return-Path: X-Original-To: freebsd-bugs@hub.freebsd.org Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EF6A116A41F for ; Tue, 8 Nov 2005 11:10:16 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7B0A843D55 for ; Tue, 8 Nov 2005 11:10:15 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id jA8BAFf3099347 for ; Tue, 8 Nov 2005 11:10:15 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id jA8BAFhI099346; Tue, 8 Nov 2005 11:10:15 GMT (envelope-from gnats) Resent-Date: Tue, 8 Nov 2005 11:10:15 GMT Resent-Message-Id: <200511081110.jA8BAFhI099346@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, TOMITA Yoshinori Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9F3AF16A41F for ; Tue, 8 Nov 2005 11:06:15 +0000 (GMT) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [216.136.204.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6458743D46 for ; Tue, 8 Nov 2005 11:06:15 +0000 (GMT) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.13.1/8.13.1) with ESMTP id jA8B6Fp0014725 for ; Tue, 8 Nov 2005 11:06:15 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.13.1/8.13.1/Submit) id jA8B6E6p014723; Tue, 8 Nov 2005 11:06:14 GMT (envelope-from nobody) Message-Id: <200511081106.jA8B6E6p014723@www.freebsd.org> Date: Tue, 8 Nov 2005 11:06:14 GMT From: TOMITA Yoshinori To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-2.3 Cc: Subject: bin/88655: /bin/tcsh ls-F : Floating exception (core dumped) X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Nov 2005 11:10:17 -0000 >Number: 88655 >Category: bin >Synopsis: /bin/tcsh ls-F : Floating exception (core dumped) >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Nov 08 11:10:14 GMT 2005 >Closed-Date: >Last-Modified: >Originator: TOMITA Yoshinori >Release: 6.0-STABLE >Organization: >Environment: FreeBSD ohinoki 6.0-STABLE FreeBSD 6.0-STABLE #5: Tue Nov 8 15:19:16 JST 2005 yoshin-t@ohinoki:/usr/obj/a/fahrenheit/export/fahrenheit/FreeBSD/RELENG_6/src/sys/GENERIC i386 >Description: tcsh 6.14.00 of FreeBSD 6-STABLE will crash by ls-F built-in command. If login shell is /bin/tcsh, this results in unintentional logout. GDB stack trace: ----------------------------------------------------- (gdb) where #0 0x0806e947 in print_by_column (dir=0x80b9b94, items=0x8167c08, count=331, no_file_suffix=1) at /usr/src/bin/csh/../../contrib/tcsh/tw.parse.c:2071 #1 0x0806d993 in tw_list_items (looking=4, numitems=331, list_max=0) at /usr/src/bin/csh/../../contrib/tcsh/tw.parse.c:1394 #2 0x0806e107 in t_search (word=0x80b9b94, wp=0x0, command=LIST, max_word_length=0, looking=4, list_max=80, pat=0x80b9b94, suf=0) at /usr/src/bin/csh/../../contrib/tcsh/tw.parse.c:1706 #3 0x0808119b in dolist (v=0x8135cbc, c=0x81677e8) at /usr/src/bin/csh/../../contrib/tcsh/tc.func.c:251 #4 0x08056a2d in func (t=0x81677e8, bp=0x80909e0) at /usr/src/bin/csh/../../contrib/tcsh/sh.func.c:152 #5 0x08065ab7 in execute (t=0x81677e8, wanttty=50551, pipein=0x0, pipeout=0x0, do_glob=1) at /usr/src/bin/csh/../../contrib/tcsh/sh.sem.c:650 #6 0x08065dd3 in execute (t=0x81652a8, wanttty=50551, pipein=0x0, pipeout=0x0, do_glob=1) at /usr/src/bin/csh/../../contrib/tcsh/sh.sem.c:721 #7 0x0804d081 in process (catch=1) at /usr/src/bin/csh/../../contrib/tcsh/sh.c:2180 #8 0x0804bd8b in main (argc=0, argv=0xbfbfeb74) at /usr/src/bin/csh/../../contrib/tcsh/sh.c:1362 ----------------------------------------------------- signal comes from tw.parse.c: columns = TermH / maxwidth; /* PWP: terminal size change */ ^^^^^^^^^^^ There are cases when maxwidth == 0 !!! maxwidth is computed by ... maxwidth = max(maxwidth, (unsigned int) NLSStringWidth(items[i])); and NLSStringWidth() is defined in tc.nls.c int NLSStringWidth(Char *s) { int w = 0; while (*s) w += wcwidth(*s++); return w; } wcwidth() returns -1 when char is not printable depending LANG. If LANG is not matched with coding set used as filenames, wcwidth() will return -1. So, int NLSStringWidth() might return negative value such as -1 or -2. As a result, the next sentence in tw.parse.c maxwidth += no_file_suffix ? 1 : 2; /* for the file tag and space */ makes maxwidth=0. >How-To-Repeat: % /bin/tcsh % cd /SOMEWHERE % ls-F Floating exception (core dumped) This problem occurs for example, 1. charset of filename is ja_JP.eucJP 2. LANG is not ja_JP.eucJP 3. run ls-F This is not only the case. >Fix: Here is a tiny patch. This worked for me so far. ----------------------------------------------------- --- tc.nls.c.org Tue Nov 8 14:13:22 2005 +++ tc.nls.c Tue Nov 8 14:04:54 2005 @@ -89,8 +89,10 @@ NLSStringWidth(Char *s) { int w = 0; - while (*s) - w += wcwidth(*s++); + while (*s) { + int tmp = wcwidth(*s++); + w += (tmp>0) ? tmp : 0; + } return w; } ----------------------------------------------------- there are some other places where wcwidth() seems to be used incorrectly. >Release-Note: >Audit-Trail: >Unformatted: