GNU bug report logs - #42943
28.0.50; Emacsclient crashes in ftcrfont_glyph_extents

Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.

Package: emacs; Reported by: "Basil L. Contovounesios" <contovob@HIDDEN>; dated Thu, 20 Aug 2020 00:48:01 UTC; Maintainer for emacs is bug-gnu-emacs@HIDDEN.

Message received at 42943 <at> debbugs.gnu.org:


Received: (at 42943) by debbugs.gnu.org; 21 Aug 2020 14:05:56 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Aug 21 10:05:56 2020
Received: from localhost ([127.0.0.1]:47901 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1k97g4-00031B-38
	for submit <at> debbugs.gnu.org; Fri, 21 Aug 2020 10:05:56 -0400
Received: from quimby.gnus.org ([95.216.78.240]:43800)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1k97g2-00030m-Dd
 for 42943 <at> debbugs.gnu.org; Fri, 21 Aug 2020 10:05:54 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnus.org;
 s=20200322; h=Content-Type:MIME-Version:Message-ID:In-Reply-To:Date:
 References:Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=dg+v2hV+Zb+i4uSLy4+NpY/ZLPkivNRXQKhjrVpzIJU=; b=JN6/f1sp1781mJ38+q71wl7cUD
 ZkmwklmReWKjvwAPqyvj5v8RMq8ny3et/vw6J0a6TIBGVKlGajZao6O797U3mKDHyJZcLkfU/CZMd
 QlcMq6rO/9pbJGJYpJdyP2SarNuNagmBWFlG/J5fGfNlvxAaanmB0xohlIMbkkWooRC4=;
Received: from cm-84.212.202.86.getinternet.no ([84.212.202.86] helo=xo)
 by quimby with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.92) (envelope-from <larsi@HIDDEN>)
 id 1k97ft-00051B-7z; Fri, 21 Aug 2020 16:05:47 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: "Basil L. Contovounesios" <contovob@HIDDEN>
Subject: Re: bug#42943: 28.0.50; Emacsclient crashes in ftcrfont_glyph_extents
References: <877dtuta6z.fsf@HIDDEN>
X-Now-Playing: Boris's _Evol_: "Love"
Date: Fri, 21 Aug 2020 16:05:43 +0200
In-Reply-To: <877dtuta6z.fsf@HIDDEN> (Basil L. Contovounesios's message of
 "Thu, 20 Aug 2020 01:47:32 +0100")
Message-ID: <87y2m82ix4.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Report: Spam detection software, running on the system "quimby.gnus.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 @@CONTACT_ADDRESS@@ for details.
 Content preview:  I wonder if this is somehow related to bug#42897. Probably
 not, but two ftcrfont-related crashes are reported within a few days, so
 perhaps there's a connection... -- (domestic pets only,
 the antidote for overdose, 
 milk.) bloggy blog: http://lars.ingebrigtsen.no 
 Content analysis details:   (-2.9 points, 5.0 required)
 pts rule name              description
 ---- ---------------------- --------------------------------------------------
 -1.0 ALL_TRUSTED            Passed through trusted hosts only via SMTP
 -1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
 [score: 0.0000]
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 42943
Cc: 42943 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

I wonder if this is somehow related to bug#42897.  Probably not, but two
ftcrfont-related crashes are reported within a few days, so perhaps
there's a connection...

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no





Information forwarded to bug-gnu-emacs@HIDDEN:
bug#42943; Package emacs. Full text available.

Message received at 42943 <at> debbugs.gnu.org:


Received: (at 42943) by debbugs.gnu.org; 20 Aug 2020 14:29:03 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Aug 20 10:29:03 2020
Received: from localhost ([127.0.0.1]:43314 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1k8lYt-0006kt-1c
	for submit <at> debbugs.gnu.org; Thu, 20 Aug 2020 10:29:03 -0400
Received: from eggs.gnu.org ([209.51.188.92]:42874)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eliz@HIDDEN>) id 1k8lYo-0006kG-MA
 for 42943 <at> debbugs.gnu.org; Thu, 20 Aug 2020 10:29:01 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:41878)
 by eggs.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <eliz@HIDDEN>)
 id 1k8lYj-00016m-8R; Thu, 20 Aug 2020 10:28:53 -0400
Received: from [176.228.60.248] (port=1339 helo=home-c4e4a596f7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <eliz@HIDDEN>)
 id 1k8lYi-0003GF-49; Thu, 20 Aug 2020 10:28:52 -0400
Date: Thu, 20 Aug 2020 17:28:44 +0300
Message-Id: <83blj5crxf.fsf@HIDDEN>
From: Eli Zaretskii <eliz@HIDDEN>
To: "Basil L. Contovounesios" <contovob@HIDDEN>
In-Reply-To: <877dtuta6z.fsf@HIDDEN> (contovob@HIDDEN)
Subject: Re: bug#42943: 28.0.50; Emacsclient crashes in ftcrfont_glyph_extents
References: <877dtuta6z.fsf@HIDDEN>
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 42943
Cc: 42943 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

> From: "Basil L. Contovounesios" <contovob@HIDDEN>
> Date: Thu, 20 Aug 2020 01:47:32 +0100
> 
> --8<---------------cut here---------------start------------->8---
> glyph 7 row 0 col 7 nrows 1 m 0x5555561a7660 r 0x555556495210 c 0x555556495256
> 
> glyph 7 row 0 col 7 nrows 1 m 0x5555561a7660 r 0x555556495210 c 0x555556495256
> 
> glyph 63 row 0 col 63 nrows 1 m 0x5555561a7660 r 0x555556495210 c 0x555556495486
> sz 24 len 1 from 0 i 0
> glyph 3 row 0 col 3 nrows 1 m 0x5555561a7660 r 0x555556495210 c 0x55555649522e
> sz 24 len 1 from 0 i 0
> glyph 1135 row 8 col 111 nrows 10 m 0x5555562304d0 r 0x2073756c50656d55 c 0x2073756c506571ab
> --8<---------------cut here---------------end--------------->8---

Is 0x2073756c506571ab a bogus pointer, i.e. it cannot be dereferenced?
If so, you need to figure out where did it come from.  It could have
come from the xmalloc call, but then why the trace around that call
are not shown in your printfs?

And what is sizeof(struct font_metrics) there?  I see no printfs which
show that, so I can only guess.




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#42943; Package emacs. Full text available.

Message received at submit <at> debbugs.gnu.org:


Received: (at submit) by debbugs.gnu.org; 20 Aug 2020 00:47:45 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Aug 19 20:47:44 2020
Received: from localhost ([127.0.0.1]:41313 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1k8Yk4-0006UL-8l
	for submit <at> debbugs.gnu.org; Wed, 19 Aug 2020 20:47:44 -0400
Received: from lists.gnu.org ([209.51.188.17]:46604)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <contovob@HIDDEN>) id 1k8Yk1-0006UC-Jy
 for submit <at> debbugs.gnu.org; Wed, 19 Aug 2020 20:47:42 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:54392)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <contovob@HIDDEN>) id 1k8Yk1-0005RR-1y
 for bug-gnu-emacs@HIDDEN; Wed, 19 Aug 2020 20:47:41 -0400
Received: from mail-wr1-x42c.google.com ([2a00:1450:4864:20::42c]:43887)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <contovob@HIDDEN>) id 1k8Yjy-00066U-Ao
 for bug-gnu-emacs@HIDDEN; Wed, 19 Aug 2020 20:47:40 -0400
Received: by mail-wr1-x42c.google.com with SMTP id a15so453985wrh.10
 for <bug-gnu-emacs@HIDDEN>; Wed, 19 Aug 2020 17:47:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=tcd-ie.20150623.gappssmtp.com; s=20150623;
 h=from:to:subject:date:message-id:mime-version;
 bh=iJNsrFdLEyNtf6clJYv9CjgmGTVUuRH6l+vWM5MQAw4=;
 b=meOM2NfA7TVLLmbw86kads9SzyaguNAY9+G9F4lfaebbWdIbgzmfXtQSIkraSjbcMB
 ABr+WUAg8NQgkA/GgyoM2EbXzdURju30J4ngoZpnef8Cut5N5l4CvuoCk5gjvJMMDeNn
 BdajbdBBzO7QGFGjNXLAwUs3Il+X8BzbKuQiOt00hpFY45/WGXV2kHqEqwrJEf0AzF9x
 A03sKCpFEWoYH2CCvQgAtyQl7tbPDN/ygSUMjQ3/a5TkSun81ZUtGyG69GCgC28zxGyu
 srBjhBhCh3OKTC54bHJwHvIHRihHBNzsgwDp/wmqRQ+7eRsJnZSj8Fi4N6VU8AA+dTDf
 aGfw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:subject:date:message-id:mime-version;
 bh=iJNsrFdLEyNtf6clJYv9CjgmGTVUuRH6l+vWM5MQAw4=;
 b=cvOZSufQU5/zfJXWNS4H5AJS0F4J1qV//QHIjTMGKUlaYRTe+UCvFTIM8BymzA7ocN
 9ZsABV4ZInQSQe+7gYHNvaWF/MxIZxhVse4kzhdpsMFycwN9HayVQ8EVPLe/BXys1UBZ
 w2hX2Am9hfi/QTJPTOO6JNXe8qX1sHm2SrubfiCfhXwuc3uTM/z2h8nUn/t+lC05D7kC
 uDg70ymyF5ROe3y0DqT4Jkq7RfnvXLQmC8U0UKIt58AHR1MAKV2hUg3qlj4g6HKLB2GT
 EL3M+gtGzVryTxM7Dk5U2FrQYKBqFwUFPNEglw3/IPe7u2VB/bzEz2bHHY5+SwSabQ+a
 78Vg==
X-Gm-Message-State: AOAM530ktePuIgB0eZxy3APqJQLT4tQBlExLzmvWPL7vIeDTqvJIrtPb
 YUElNoTaq6wyewt5Q6CMZxCBF+zc0cj3Yg==
X-Google-Smtp-Source: ABdhPJzal0I7YsoFFDn8i8qE4esfg11lAXbcQbutk97Om5kv/oWJkC7ePj3LKZX8DStmu4CT/QQrfQ==
X-Received: by 2002:a5d:420b:: with SMTP id n11mr548635wrq.11.1597884454561;
 Wed, 19 Aug 2020 17:47:34 -0700 (PDT)
Received: from localhost ([2a02:8084:20e2:c380:36e2:16c0:7240:397])
 by smtp.gmail.com with ESMTPSA id s20sm937990wmh.21.2020.08.19.17.47.33
 for <bug-gnu-emacs@HIDDEN>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 19 Aug 2020 17:47:33 -0700 (PDT)
From: "Basil L. Contovounesios" <contovob@HIDDEN>
To: bug-gnu-emacs@HIDDEN
Subject: 28.0.50; Emacsclient crashes in ftcrfont_glyph_extents
Date: Thu, 20 Aug 2020 01:47:32 +0100
Message-ID: <877dtuta6z.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
Received-SPF: none client-ip=2a00:1450:4864:20::42c;
 envelope-from=contovob@HIDDEN; helo=mail-wr1-x42c.google.com
X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache.
 That's all we know.
X-Spam_score_int: -18
X-Spam_score: -1.9
X-Spam_bar: -
X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
 SPF_NONE=0.001, URIBL_BLOCKED=0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

--=-=-=
Content-Type: text/plain

From the project-root:

0. cd src
1. gdb ./emacs
2. set logging on
3. r -Q --fg-daemon

From the project-root in another shell:

4. ./lib-src/emacsclient -c
5. C-\ arabic RET
6. s ~ A
7. C-x 5 0
8. ./lib-src/emacsclient -c

Back to GDB:

9. bt full

I attach the resulting backtrace.

I then recompiled ftcrfont.c with the following printf sprinkles:


--=-=-=
Content-Type: text/x-diff
Content-Disposition: inline; filename=printf-debug.diff

diff --git a/src/ftcrfont.c b/src/ftcrfont.c
index 29813c8d7d..7832d4f5ce 100644
--- b/src/ftcrfont.c
+++ a/src/ftcrfont.c
@@ -52,11 +52,19 @@
 
   row = glyph / METRICS_NCOLS_PER_ROW;
   col = glyph % METRICS_NCOLS_PER_ROW;
+  fprintf (stderr, "\nglyph %u row %d col %d nrows %d",
+           glyph, row, col, ftcrfont_info->metrics_nrows);
   if (row >= ftcrfont_info->metrics_nrows)
     {
+      fprintf (stderr, " realloc %p %zu", ftcrfont_info->metrics,
+               sizeof (struct font_metrics *) * (row + 1));
       ftcrfont_info->metrics =
 	xrealloc (ftcrfont_info->metrics,
 		  sizeof (struct font_metrics *) * (row + 1));
+      fprintf (stderr, " memset %p %zu",
+               ftcrfont_info->metrics + ftcrfont_info->metrics_nrows,
+               (sizeof (struct font_metrics *)
+               * (row + 1 - ftcrfont_info->metrics_nrows)));
       memset (ftcrfont_info->metrics + ftcrfont_info->metrics_nrows, 0,
 	      (sizeof (struct font_metrics *)
 	       * (row + 1 - ftcrfont_info->metrics_nrows)));
@@ -68,10 +76,15 @@
       int i;
 
       new = xmalloc (sizeof (struct font_metrics) * METRICS_NCOLS_PER_ROW);
+      fprintf (stderr, " malloc %p %zu", new,
+               sizeof (struct font_metrics) * METRICS_NCOLS_PER_ROW);
       for (i = 0; i < METRICS_NCOLS_PER_ROW; i++)
 	METRICS_SET_STATUS (new + i, METRICS_INVALID);
       ftcrfont_info->metrics[row] = new;
     }
+  fprintf (stderr, " m %p r %p c %p\n", ftcrfont_info->metrics,
+           ftcrfont_info->metrics[row],
+           ftcrfont_info->metrics[row] + col);
   cache = ftcrfont_info->metrics[row] + col;
 
   if (METRICS_STATUS (cache) == METRICS_INVALID)
@@ -503,8 +516,10 @@
     }
 
   glyphs = alloca (sizeof (cairo_glyph_t) * len);
+  fprintf (stderr, "sz %zu len %d", sizeof (cairo_glyph_t), len);
   for (i = 0; i < len; i++)
     {
+      fprintf (stderr, " from %d i %d", from, i);
       glyphs[i].index = s->char2b[from + i];
       glyphs[i].x = x;
       glyphs[i].y = y;

--=-=-=
Content-Type: text/plain


and repeated the recipe.  IIRC the segfault didn't happen in step 8 the
first time; I had to repeat steps 7-8 a few times before it did, and
this generated a lot of output.  Here are the last few lines:

--8<---------------cut here---------------start------------->8---
glyph 7 row 0 col 7 nrows 1 m 0x5555561a7660 r 0x555556495210 c 0x555556495256

glyph 7 row 0 col 7 nrows 1 m 0x5555561a7660 r 0x555556495210 c 0x555556495256

glyph 63 row 0 col 63 nrows 1 m 0x5555561a7660 r 0x555556495210 c 0x555556495486
sz 24 len 1 from 0 i 0
glyph 3 row 0 col 3 nrows 1 m 0x5555561a7660 r 0x555556495210 c 0x55555649522e
sz 24 len 1 from 0 i 0
glyph 1135 row 8 col 111 nrows 10 m 0x5555562304d0 r 0x2073756c50656d55 c 0x2073756c506571ab
--8<---------------cut here---------------end--------------->8---

IIRC step 8 segfaulted every time after I removed some of the printfs.
Either way, the pattern is always the same: 'glyph' goes from being a
small number to 1135 or 1153, and the address of ftcrfont_info->metrics
changes.

Any ideas?

Thanks,

-- 
Basil

In GNU Emacs 28.0.50 (build 9, x86_64-pc-linux-gnu, X toolkit, cairo version 1.16.0, Xaw3d scroll bars)
 of 2020-08-20 built on tabos
Repository revision: f8d3d18168a742691d095a3f0c83512f19621725
Repository branch: master
Windowing system distributor 'The X.Org Foundation', version 11.0.12008000
System Description: Debian GNU/Linux bullseye/sid

Configured using:
 'configure 'CC=ccache gcc' 'CFLAGS=-O0 -g3 -ggdb -gdwarf-4'
 --config-cache --prefix=/home/blc/.local --program-suffix=-dbg
 --enable-checking=yes,glyphs --enable-check-lisp-object-type
 --with-x-toolkit=lucid --with-file-notification=yes --with-x'

Configured features:
XAW3D XPM JPEG TIFF GIF PNG RSVG CAIRO SOUND GPM DBUS GSETTINGS GLIB
NOTIFY INOTIFY ACL LIBSELINUX GNUTLS LIBXML2 FREETYPE HARFBUZZ M17N_FLT
LIBOTF ZLIB TOOLKIT_SCROLL_BARS LUCID X11 XDBE XIM MODULES THREADS
LIBSYSTEMD JSON PDUMPER LCMS2

Important settings:
  value of $LANG: en_IE.UTF-8
  locale-coding-system: utf-8-unix


--=-=-=
Content-Type: text/plain
Content-Disposition: attachment; filename=gdb.txt

Starting program: /home/blc/.local/src/emacs-dbg/src/emacs -Q --fg-daemon
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7ffff18bf700 (LWP 151164)]
[New Thread 0x7ffff10ad700 (LWP 151217)]
[New Thread 0x7ffff08ac700 (LWP 151218)]

Thread 1 "emacs" received signal SIGSEGV, Segmentation fault.
0x00005555558c001e in ftcrfont_glyph_extents (font=0x5555560ee8d8, glyph=1135, metrics=0x0) at ftcrfont.c:77
77	  if (METRICS_STATUS (cache) == METRICS_INVALID)
#0  0x00005555558c001e in ftcrfont_glyph_extents (font=0x5555560ee8d8, glyph=1135, metrics=0x0) at ftcrfont.c:77
        ftcrfont_info = 0x5555560ee8d8
        row = 8
        col = 111
        cache = 0x3720a1c
#1  0x00005555558c16d6 in ftcrfont_draw (s=0x7fffffffb400, from=0, to=1, x=11, y=1006, with_background=false)
    at ftcrfont.c:511
        f = 0x5555560d8570
        face = 0x5555561a6860
        ftcrfont_info = 0x5555560ee8d8
        cr = 0x5555561b5810
        glyphs = 0x7fffffffaa20
        len = 1
        i = 0
#2  0x00005555556dcd4a in x_draw_composite_glyph_string_foreground (s=0x7fffffffb400) at xterm.c:1969
        gstring = XIL(0x5555560eea1d)
        glyph = XIL(0x555556482de5)
        y = 1006
        width = 9
        i = 1
        j = 0
        x = 11
        font = 0x5555560ee8d8
#3  0x00005555556e08df in x_draw_glyph_string (s=0x7fffffffb400) at xterm.c:3780
        relief_drawn_p = true
#4  0x0000555555625aeb in draw_glyphs
    (w=0x55555656e2d8, x=956, row=0x5555563112a0, area=TEXT_AREA, start=0, end=106, hl=DRAW_NORMAL_TEXT, overlaps=0)
    at xdisp.c:28732
        head = 0x7fffffffb6a0
        tail = 0x7fffffffade0
        s = 0x7fffffffb400
        clip_head = 0x0
        clip_tail = 0x0
        i = 106
        j = -1
        x_reached = 956
        last_x = 955
        area_left = 1
        f = 0x5555560d8570
        sa_avail = 14820
        sa_count = 9
#5  0x000055555562cdd0 in gui_write_glyphs
    (w=0x55555656e2d8, updated_row=0x5555563112a0, start=0x55555636f700, updated_area=TEXT_AREA, len=106)
    at xdisp.c:30750
        x = 61
        hpos = 0
        chpos = 0
#6  0x000055555559dd23 in update_text_area (w=0x55555656e2d8, updated_row=0x5555563112a0, vpos=61) at dispnew.c:3842
        current_row = 0x5555563761a0
        desired_row = 0x5555563112a0
        rif = 0x555555a03200 <x_redisplay_interface>
        changed_p = false
#7  0x000055555559e852 in update_window_line (w=0x55555656e2d8, vpos=61, mouse_face_overwritten_p=0x7fffffffbbe7)
    at dispnew.c:4085
        current_row = 0x5555563761a0
        desired_row = 0x5555563112a0
        rif = 0x555555a03200 <x_redisplay_interface>
        changed_p = false
#8  0x000055555559d0ed in update_window (w=0x55555656e2d8, force_p=true) at dispnew.c:3566
        end = 0x5555563112a0
        mode_line_row = 0x5555563112a0
        header_line_row = 0x0
        changed_p = false
        mouse_face_overwritten_p = false
        row = 0x55555630d5a0
        tab_line_row = 0x0
        yb = 955
        n_updated = 0
        desired_matrix = 0x55555656daf0
        paused_p = false
        preempt_count = 9
        rif = 0x555555a03200 <x_redisplay_interface>
#9  0x000055555559c6d6 in update_window_tree (w=0x55555656e2d8, force_p=true) at dispnew.c:3337
        paused_p = false
#10 0x000055555559c2bd in update_frame (f=0x5555560d8570, force_p=true, inhibit_hairy_id_p=false) at dispnew.c:3226
        paused_p = false
        root_window = 0x55555656e2d8
#11 0x00005555555f5564 in redisplay_internal () at xdisp.c:15868
        gcscrollbars = true
        f_redisplay_flag = true
        f = 0x5555560d8570
        w = 0x55555656e2d8
        sw = 0x55555656e2d8
        fr = 0x5555560d8570
        pending = false
        must_finish = true
        match_p = true
        tlbufpos = {
          charpos = 146,
          bytepos = 146
        }
        tlendpos = {
          charpos = 0,
          bytepos = 0
        }
        number_of_visible_frames = 2
        count = 6
        sf = 0x5555560d8570
        polling_stopped_here = true
        tail = XIL(0x555555f13a33)
        frame = XIL(0x5555560d8575)
        hscroll_retries = 0
        garbaged_frame_retries = 0
        consider_all_windows_p = true
        update_miniwindow_p = true
#12 0x00005555555f6056 in redisplay_preserve_echo_area (from_where=12) at xdisp.c:16137
        count = 5
#13 0x0000555555870357 in wait_reading_process_output
    (time_limit=30, nsecs=0, read_kbd=-1, do_display=true, wait_for_cell=XIL(0), wait_proc=0x0, just_wait_proc=0)
    at process.c:5812
        nread = 3375
        process_skipped = false
        channel = 7
        nfds = 1
        Available = {
          fds_bits = {0 <repeats 16 times>}
        }
        Writeok = {
          fds_bits = {0 <repeats 16 times>}
        }
        check_write = true
        check_delay = 0
        no_avail = false
        xerrno = 11
        proc = XIL(0x55555656e51d)
        timeout = {
          tv_sec = 30,
          tv_nsec = 0
        }
        end_time = {
          tv_sec = 1597883621,
          tv_nsec = 52427752
        }
        timer_delay = {
          tv_sec = 0,
          tv_nsec = -1
        }
        got_output_end_time = {
          tv_sec = 0,
          tv_nsec = -1
        }
        wait = TIMEOUT
        got_some_output = 3375
        prev_wait_proc_nbytes_read = 0
        retry_for_async = false
        count = 4
        now = {
          tv_sec = 0,
          tv_nsec = -1
        }
#14 0x00005555555a4ac8 in sit_for (timeout=make_fixnum(30), reading=true, display_option=1) at dispnew.c:6049
        sec = 30
        nsec = 0
        do_display = true
#15 0x000055555572c886 in read_char
    (commandflag=1, map=XIL(0x555556572ac3), prev_event=XIL(0), used_mouse_menu=0x7fffffffd9ef, end_time=0x0)
    at keyboard.c:2738
        tem0 = XIL(0x7fffffffd6a0)
        timeout = 30
        count1 = 3
        delay_level = 4
        buffer_size = 1
        c = XIL(0)
        jmpcount = 3
        local_getcjmp = {{
            __jmpbuf = {0, -4276096293224735316, 93824992491632, 0, 0, 0, -4276096293535113812, -7927157738208125524},
            __mask_was_saved = 0,
            __saved_mask = {
              __val = {93824995017460, 140737488345088, 0, 140737488345168, 93824995064878, 93825009134259, 3, 93825009134243, 93825001707712, 0, 0, 140737488345168, 0, 93825009134259, 0, 140737488345344}
            }
          }}
        save_jump = {{
            __jmpbuf = {0, 0, 0, 0, 0, 0, 0, 0},
            __mask_was_saved = 0,
            __saved_mask = {
              __val = {0 <repeats 16 times>}
            }
          }}
        tem = XIL(0x2ffffd6d8)
        save = XIL(0x7ffff1c186f8)
        previous_echo_area_message = XIL(0)
        also_record = XIL(0)
        reread = false
        recorded = false
        polling_stopped_here = false
        orig_kboard = 0x555555fa53c0
#16 0x000055555573ed3b in read_key_sequence
    (keybuf=0x7fffffffdb80, prompt=XIL(0), dont_downcase_last=false, can_return_switch_frame=true, fix_current_buffer=true, prevent_redisplay=false) at keyboard.c:9547
        interrupted_kboard = 0x555555fa53c0
        interrupted_frame = 0x555555efeea8
        key = XIL(0x7ffff1c186fd)
        used_mouse_menu = false
        echo_local_start = 0
        last_real_key_start = 0
        keys_local_start = 0
        new_binding = XIL(0x55555589484d)
        count = 3
        t = 0
        echo_start = 0
        keys_start = 0
        current_binding = XIL(0x555556572ac3)
        first_unbound = 31
        mock_input = 0
        used_mouse_menu_history = {false <repeats 30 times>}
        fkey = {
          parent = XIL(0x555555f708b3),
          map = XIL(0x555555f708b3),
          start = 0,
          end = 0
        }
        keytran = {
          parent = XIL(0x7ffff22acc43),
          map = XIL(0x7ffff22acc43),
          start = 0,
          end = 0
        }
        indec = {
          parent = XIL(0x555555f708c3),
          map = XIL(0x555555f708c3),
          start = 0,
          end = 0
        }
        shift_translated = false
        delayed_switch_frame = XIL(0)
        original_uppercase = XIL(0)
        original_uppercase_position = -1
        dummyflag = false
        starting_buffer = 0x7ffff1c186f8
        fake_prefixed_keys = XIL(0)
        first_event = XIL(0)
        second_event = XIL(0)
#17 0x00005555557282e5 in command_loop_1 () at keyboard.c:1350
        cmd = XIL(0x4e60)
        keybuf = 
          {make_fixnum(24), make_fixnum(53), make_fixnum(48), XIL(0x5555557df79c), XIL(0x1f22c1f30), XIL(0x7ffff22c1f30), XIL(0), XIL(0x8250), XIL(0x7fffffffdbf0), XIL(0), XIL(0x555555e5d8c0), XIL(0), XIL(0x7fffffffdc10), XIL(0x5555557fc2a0), make_fixnum(34910567923712), XIL(0), XIL(0x555555e5d8c0), XIL(0), XIL(0x7fffffffdc40), XIL(0x5555557fc2a0), XIL(0), XIL(0x555555e5d8c0), XIL(0), XIL(0), XIL(0x7fffffffdc60), XIL(0x5555557fc2f4), XIL(0x8), XIL(0x8250), XIL(0x7fffffffdca0), make_fixnum(23456248759793)}
        i = 3
        prev_modiff = 38
        prev_buffer = 0x7ffff1c186f8
        already_adjusted = false
#18 0x0000555555801286 in internal_condition_case
    (bfun=0x555555727e69 <command_loop_1>, handlers=XIL(0x90), hfun=0x555555727480 <cmd_error>) at eval.c:1356
        val = XIL(0x5555557245c8)
        c = 0x555555f268e0
#19 0x0000555555727a52 in command_loop_2 (ignore=XIL(0)) at keyboard.c:1091
        val = XIL(0xd5f0)
#20 0x000055555580073a in internal_catch (tag=XIL(0xd5f0), func=0x555555727a25 <command_loop_2>, arg=XIL(0))
    at eval.c:1117
        val = XIL(0)
        c = 0x555555f10c00
#21 0x00005555557279f1 in command_loop () at keyboard.c:1070
#22 0x0000555555726f69 in recursive_edit_1 () at keyboard.c:714
        count = 1
        val = XIL(0x7fffffffde10)
#23 0x0000555555727160 in Frecursive_edit () at keyboard.c:786
        count = 0
        buffer = XIL(0)
#24 0x0000555555723120 in main (argc=3, argv=0x7fffffffe078) at emacs.c:2047
        stack_bottom_variable = 0x7ffff5acd720
        no_loadup = false
        junk = 0x0
        dname_arg = 0x0
        ch_to_dir = 0x0
        original_pwd = 0x0
        dump_mode = 0x0
        skip_args = 1
        temacs = 0x0
        attempt_load_pdump = true
        rlim = {
          rlim_cur = 10022912,
          rlim_max = 18446744073709551615
        }
        lc_all = 0x0
        sockfd = -1
        module_assertions = false

Lisp Backtrace:
"redisplay_internal (C function)" (0x0)

--=-=-=--




Acknowledgement sent to "Basil L. Contovounesios" <contovob@HIDDEN>:
New bug report received and forwarded. Copy sent to bug-gnu-emacs@HIDDEN. Full text available.
Report forwarded to bug-gnu-emacs@HIDDEN:
bug#42943; Package emacs. Full text available.
Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.
Last modified: Fri, 21 Aug 2020 14:15:02 UTC

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.