GNU bug report logs -
#53254
28.0.60; Crash in composition_adjust_point while typing
Previous Next
Reported by: Po Lu <luangruo <at> yahoo.com>
Date: Fri, 14 Jan 2022 13:31:01 UTC
Severity: normal
Found in version 28.0.60
Done: Po Lu <luangruo <at> yahoo.com>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 53254 in the body.
You can then email your comments to 53254 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#53254; Package
emacs.
(Fri, 14 Jan 2022 13:31:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Po Lu <luangruo <at> yahoo.com>:
New bug report received and forwarded. Copy sent to
bug-gnu-emacs <at> gnu.org.
(Fri, 14 Jan 2022 13:31:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
Typing a document, I got a crash with the following backtrace:
#0 0x00007f356943585c in __pthread_kill_implementation () at /lib64/libc.so.6
#1 0x00007f35693e86b6 in raise () at /lib64/libc.so.6
#2 0x000000000041db0a in terminate_due_to_signal (sig=sig <at> entry=11, backtrace_limit=backtrace_limit <at> entry=40) at emacs.c:437
#3 0x000000000041df7d in handle_fatal_signal (sig=sig <at> entry=11) at sysdep.c:1762
#4 0x000000000051a718 in deliver_thread_signal (sig=sig <at> entry=11, handler=0x41df72 <handle_fatal_signal>) at sysdep.c:1754
#5 0x000000000051a789 in deliver_fatal_thread_signal (sig=11) at sysdep.c:1774
#6 handle_sigsegv (sig=11, siginfo=<optimized out>, arg=<optimized out>) at sysdep.c:1867
#7 0x00007f35693e8760 in <signal handler called> () at /lib64/libc.so.6
#8 face_at_buffer_position (w=w <at> entry=0x3038d1b0, pos=pos <at> entry=31829, endptr=endptr <at> entry=0x7fff02e94768, limit=<optimized out>, mouse=<optimized out>, base_face_id=base_face_id <at> entry=-1, attr_filter=<optimized out>) at xfaces.c:6441
#9 0x0000000000594f66 in font_range (pos=pos <at> entry=31829, pos_byte=pos_byte <at> entry=32669, limit=limit <at> entry=0x7fff02e94808, w=w <at> entry=0x3038d1b0, face=face <at> entry=0x0, string=string <at> entry=0x0, ch=62) at font.c:3928
#10 0x00000000005e4423 in autocmp_chars (rule=0x4ee2945, charpos=charpos <at> entry=31829, bytepos=32669, limit=31832, limit <at> entry=31840, win=win <at> entry=0x3038d1b0, face=face <at> entry=0x0, string=0x0, direction=0x0, ch=62) at composite.c:924
#11 0x00000000005e7dd2 in find_automatic_composition (pos=pos <at> entry=31839, limit=31839, limit <at> entry=-1, backlim=backlim <at> entry=-1, start=start <at> entry=0x7fff02e94938, end=end <at> entry=0x7fff02e94940, gstring=gstring <at> entry=0x7fff02e94948, string=0x0) at composite.c:1682
#12 0x00000000005e8afd in composition_adjust_point (last_pt=last_pt <at> entry=31839, new_pt=new_pt <at> entry=31839) at composite.c:1769
#13 0x0000000000512c93 in command_loop_1 () at keyboard.c:1608
#14 0x000000000057c867 in internal_condition_case (bfun=bfun <at> entry=0x511c00 <command_loop_1>, handlers=handlers <at> entry=0x90, hfun=hfun <at> entry=0x508730 <cmd_error>) at eval.c:1453
#15 0x0000000000502aca in command_loop_2 (handlers=handlers <at> entry=0x90) at keyboard.c:1133
#16 0x000000000057c7c1 in internal_catch (tag=tag <at> entry=0xe7f0, func=func <at> entry=0x502ab0 <command_loop_2>, arg=arg <at> entry=0x90) at eval.c:1184
#17 0x0000000000502a6f in command_loop () at keyboard.c:1111
#18 0x000000000050832c in recursive_edit_1 () at keyboard.c:720
#19 0x0000000000508673 in Frecursive_edit () at keyboard.c:803
#20 0x0000000000425a73 in main (argc=1, argv=<optimized out>) at emacs.c:2310
Does anyone know why this is? I hope this hasn't been fixed in the
pretests (if so, sorry for the report), but I couldn't find anything
relevant. Thanks in advance.
In GNU Emacs 28.0.60 (build 2, x86_64-pc-linux-gnu, X toolkit, cairo version 1.17.4, Xaw3d scroll bars)
of 2021-11-16 built on trinity
Repository revision: e852822f3db469c985bf022651f184d6ff2c518a
Repository branch: emacs-28
Windowing system distributor 'The X.Org Foundation', version 11.0.12101003
System Description: Fedora Linux 35 (Workstation Edition)
Configured using:
'configure --with-x-toolkit=lucid --with-native-compilation
--cache-file=/tmp/ccache'
Configured features:
ACL CAIRO DBUS FREETYPE GIF GLIB GMP GNUTLS GSETTINGS HARFBUZZ JPEG JSON
LCMS2 LIBSELINUX LIBSYSTEMD LIBXML2 MODULES NATIVE_COMP NOTIFY INOTIFY
PDUMPER PNG RSVG SECCOMP SOUND THREADS TIFF TOOLKIT_SCROLL_BARS X11
XAW3D XDBE XIM XPM LUCID ZLIB
Important settings:
value of $LANG: en_GB.UTF-8
value of $XMODIFIERS: @im=ibus
locale-coding-system: utf-8-unix
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#53254; Package
emacs.
(Fri, 14 Jan 2022 13:59:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 53254 <at> debbugs.gnu.org (full text, mbox):
> Date: Fri, 14 Jan 2022 21:30:06 +0800
> From: Po Lu via "Bug reports for GNU Emacs,
> the Swiss army knife of text editors" <bug-gnu-emacs <at> gnu.org>
>
> Typing a document, I got a crash with the following backtrace:
>
> #0 0x00007f356943585c in __pthread_kill_implementation () at /lib64/libc.so.6
> #1 0x00007f35693e86b6 in raise () at /lib64/libc.so.6
> #2 0x000000000041db0a in terminate_due_to_signal (sig=sig <at> entry=11, backtrace_limit=backtrace_limit <at> entry=40) at emacs.c:437
> #3 0x000000000041df7d in handle_fatal_signal (sig=sig <at> entry=11) at sysdep.c:1762
> #4 0x000000000051a718 in deliver_thread_signal (sig=sig <at> entry=11, handler=0x41df72 <handle_fatal_signal>) at sysdep.c:1754
> #5 0x000000000051a789 in deliver_fatal_thread_signal (sig=11) at sysdep.c:1774
> #6 handle_sigsegv (sig=11, siginfo=<optimized out>, arg=<optimized out>) at sysdep.c:1867
> #7 0x00007f35693e8760 in <signal handler called> () at /lib64/libc.so.6
> #8 face_at_buffer_position (w=w <at> entry=0x3038d1b0, pos=pos <at> entry=31829, endptr=endptr <at> entry=0x7fff02e94768, limit=<optimized out>, mouse=<optimized out>, base_face_id=base_face_id <at> entry=-1, attr_filter=<optimized out>) at xfaces.c:6441
> #9 0x0000000000594f66 in font_range (pos=pos <at> entry=31829, pos_byte=pos_byte <at> entry=32669, limit=limit <at> entry=0x7fff02e94808, w=w <at> entry=0x3038d1b0, face=face <at> entry=0x0, string=string <at> entry=0x0, ch=62) at font.c:3928
> #10 0x00000000005e4423 in autocmp_chars (rule=0x4ee2945, charpos=charpos <at> entry=31829, bytepos=32669, limit=31832, limit <at> entry=31840, win=win <at> entry=0x3038d1b0, face=face <at> entry=0x0, string=0x0, direction=0x0, ch=62) at composite.c:924
> #11 0x00000000005e7dd2 in find_automatic_composition (pos=pos <at> entry=31839, limit=31839, limit <at> entry=-1, backlim=backlim <at> entry=-1, start=start <at> entry=0x7fff02e94938, end=end <at> entry=0x7fff02e94940, gstring=gstring <at> entry=0x7fff02e94948, string=0x0) at composite.c:1682
> #12 0x00000000005e8afd in composition_adjust_point (last_pt=last_pt <at> entry=31839, new_pt=new_pt <at> entry=31839) at composite.c:1769
> #13 0x0000000000512c93 in command_loop_1 () at keyboard.c:1608
> #14 0x000000000057c867 in internal_condition_case (bfun=bfun <at> entry=0x511c00 <command_loop_1>, handlers=handlers <at> entry=0x90, hfun=hfun <at> entry=0x508730 <cmd_error>) at eval.c:1453
> #15 0x0000000000502aca in command_loop_2 (handlers=handlers <at> entry=0x90) at keyboard.c:1133
> #16 0x000000000057c7c1 in internal_catch (tag=tag <at> entry=0xe7f0, func=func <at> entry=0x502ab0 <command_loop_2>, arg=arg <at> entry=0x90) at eval.c:1184
> #17 0x0000000000502a6f in command_loop () at keyboard.c:1111
> #18 0x000000000050832c in recursive_edit_1 () at keyboard.c:720
> #19 0x0000000000508673 in Frecursive_edit () at keyboard.c:803
> #20 0x0000000000425a73 in main (argc=1, argv=<optimized out>) at emacs.c:2310
>
> Does anyone know why this is? I hope this hasn't been fixed in the
> pretests (if so, sorry for the report), but I couldn't find anything
> relevant. Thanks in advance.
Looks very similar to bug#51864, but that one was fixed a day before
your binary was built. So I'm not sure what's going on. However, it
sounds like it's exactly that bug, because after the fix
default_face cannot be a NULL pointer, according to my reading of the
code:
default_face = FACE_FROM_ID_OR_NULL (f, face_id);
if (!default_face) <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
default_face = FACE_FROM_ID (f,
lookup_basic_face (w, f, DEFAULT_FACE_ID));
}
/* Optimize common cases where we can use the default face. */
if (noverlays == 0
&& NILP (prop))
{
SAFE_FREE ();
return default_face->id;
}
/* Begin with attributes from the default face. */
memcpy (attrs, default_face->lface, sizeof(attrs));
It seems to crash in the call to memcpy.
Or maybe the backtrace is inaccurate, this being an optimized build.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#53254; Package
emacs.
(Fri, 14 Jan 2022 14:15:02 GMT)
Full text and
rfc822 format available.
Message #11 received at 53254 <at> debbugs.gnu.org (full text, mbox):
> Date: Fri, 14 Jan 2022 21:30:06 +0800
> From: Po Lu via "Bug reports for GNU Emacs,
> the Swiss army knife of text editors" <bug-gnu-emacs <at> gnu.org>
>
> Typing a document, I got a crash with the following backtrace:
>
> #0 0x00007f356943585c in __pthread_kill_implementation () at /lib64/libc.so.6
> #1 0x00007f35693e86b6 in raise () at /lib64/libc.so.6
> #2 0x000000000041db0a in terminate_due_to_signal (sig=sig <at> entry=11, backtrace_limit=backtrace_limit <at> entry=40) at emacs.c:437
> #3 0x000000000041df7d in handle_fatal_signal (sig=sig <at> entry=11) at sysdep.c:1762
> #4 0x000000000051a718 in deliver_thread_signal (sig=sig <at> entry=11, handler=0x41df72 <handle_fatal_signal>) at sysdep.c:1754
> #5 0x000000000051a789 in deliver_fatal_thread_signal (sig=11) at sysdep.c:1774
> #6 handle_sigsegv (sig=11, siginfo=<optimized out>, arg=<optimized out>) at sysdep.c:1867
> #7 0x00007f35693e8760 in <signal handler called> () at /lib64/libc.so.6
> #8 face_at_buffer_position (w=w <at> entry=0x3038d1b0, pos=pos <at> entry=31829, endptr=endptr <at> entry=0x7fff02e94768, limit=<optimized out>, mouse=<optimized out>, base_face_id=base_face_id <at> entry=-1, attr_filter=<optimized out>) at xfaces.c:6441
> #9 0x0000000000594f66 in font_range (pos=pos <at> entry=31829, pos_byte=pos_byte <at> entry=32669, limit=limit <at> entry=0x7fff02e94808, w=w <at> entry=0x3038d1b0, face=face <at> entry=0x0, string=string <at> entry=0x0, ch=62) at font.c:3928
Ignore my previous message. I installed a fix.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#53254; Package
emacs.
(Sat, 15 Jan 2022 00:43:02 GMT)
Full text and
rfc822 format available.
Message #14 received at 53254 <at> debbugs.gnu.org (full text, mbox):
Eli Zaretskii <eliz <at> gnu.org> writes:
>> Date: Fri, 14 Jan 2022 21:30:06 +0800
>> From: Po Lu via "Bug reports for GNU Emacs,
>> the Swiss army knife of text editors" <bug-gnu-emacs <at> gnu.org>
>>
>> Typing a document, I got a crash with the following backtrace:
>>
>> #0 0x00007f356943585c in __pthread_kill_implementation () at /lib64/libc.so.6
>> #1 0x00007f35693e86b6 in raise () at /lib64/libc.so.6
>> #2 0x000000000041db0a in terminate_due_to_signal (sig=sig <at> entry=11, backtrace_limit=backtrace_limit <at> entry=40) at emacs.c:437
>> #3 0x000000000041df7d in handle_fatal_signal (sig=sig <at> entry=11) at sysdep.c:1762
>> #4 0x000000000051a718 in deliver_thread_signal (sig=sig <at> entry=11, handler=0x41df72 <handle_fatal_signal>) at sysdep.c:1754
>> #5 0x000000000051a789 in deliver_fatal_thread_signal (sig=11) at sysdep.c:1774
>> #6 handle_sigsegv (sig=11, siginfo=<optimized out>, arg=<optimized out>) at sysdep.c:1867
>> #7 0x00007f35693e8760 in <signal handler called> () at /lib64/libc.so.6
>> #8 face_at_buffer_position (w=w <at> entry=0x3038d1b0,
>> pos=pos <at> entry=31829, endptr=endptr <at> entry=0x7fff02e94768,
>> limit=<optimized out>, mouse=<optimized out>,
>> base_face_id=base_face_id <at> entry=-1, attr_filter=<optimized out>) at
>> xfaces.c:6441
>> #9 0x0000000000594f66 in font_range (pos=pos <at> entry=31829,
>> pos_byte=pos_byte <at> entry=32669, limit=limit <at> entry=0x7fff02e94808,
>> w=w <at> entry=0x3038d1b0, face=face <at> entry=0x0, string=string <at> entry=0x0,
>> ch=62) at font.c:3928
>
> Ignore my previous message. I installed a fix.
Thanks, I'll see if it worked.
Reply sent
to
Po Lu <luangruo <at> yahoo.com>:
You have taken responsibility.
(Mon, 17 Jan 2022 10:55:01 GMT)
Full text and
rfc822 format available.
Notification sent
to
Po Lu <luangruo <at> yahoo.com>:
bug acknowledged by developer.
(Mon, 17 Jan 2022 10:55:01 GMT)
Full text and
rfc822 format available.
Message #19 received at 53254-done <at> debbugs.gnu.org (full text, mbox):
Po Lu <luangruo <at> yahoo.com> writes:
> Thanks, I'll see if it worked.
Emacs hasn't crashed in 2 days 10 hours, so I think the fix worked.
Thanks, closing.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Mon, 14 Feb 2022 12:24:07 GMT)
Full text and
rfc822 format available.
This bug report was last modified 2 years and 65 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.