From: Eli Zaretskii <eliz@gnu.org>
To: Po Lu <luangruo@yahoo.com>
Cc: 53254@debbugs.gnu.org
Subject: bug#53254: 28.0.60; Crash in composition_adjust_point while typing
Date: Fri, 14 Jan 2022 15:58:19 +0200 [thread overview]
Message-ID: <83pmou1ksk.fsf@gnu.org> (raw)
In-Reply-To: <87h7a6saw1.fsf@yahoo.com> (bug-gnu-emacs@gnu.org)
> Date: Fri, 14 Jan 2022 21:30:06 +0800
> From: Po Lu via "Bug reports for GNU Emacs,
> the Swiss army knife of text editors" <bug-gnu-emacs@gnu.org>
>
> Typing a document, I got a crash with the following backtrace:
>
> #0 0x00007f356943585c in __pthread_kill_implementation () at /lib64/libc.so.6
> #1 0x00007f35693e86b6 in raise () at /lib64/libc.so.6
> #2 0x000000000041db0a in terminate_due_to_signal (sig=sig@entry=11, backtrace_limit=backtrace_limit@entry=40) at emacs.c:437
> #3 0x000000000041df7d in handle_fatal_signal (sig=sig@entry=11) at sysdep.c:1762
> #4 0x000000000051a718 in deliver_thread_signal (sig=sig@entry=11, handler=0x41df72 <handle_fatal_signal>) at sysdep.c:1754
> #5 0x000000000051a789 in deliver_fatal_thread_signal (sig=11) at sysdep.c:1774
> #6 handle_sigsegv (sig=11, siginfo=<optimized out>, arg=<optimized out>) at sysdep.c:1867
> #7 0x00007f35693e8760 in <signal handler called> () at /lib64/libc.so.6
> #8 face_at_buffer_position (w=w@entry=0x3038d1b0, pos=pos@entry=31829, endptr=endptr@entry=0x7fff02e94768, limit=<optimized out>, mouse=<optimized out>, base_face_id=base_face_id@entry=-1, attr_filter=<optimized out>) at xfaces.c:6441
> #9 0x0000000000594f66 in font_range (pos=pos@entry=31829, pos_byte=pos_byte@entry=32669, limit=limit@entry=0x7fff02e94808, w=w@entry=0x3038d1b0, face=face@entry=0x0, string=string@entry=0x0, ch=62) at font.c:3928
> #10 0x00000000005e4423 in autocmp_chars (rule=0x4ee2945, charpos=charpos@entry=31829, bytepos=32669, limit=31832, limit@entry=31840, win=win@entry=0x3038d1b0, face=face@entry=0x0, string=0x0, direction=0x0, ch=62) at composite.c:924
> #11 0x00000000005e7dd2 in find_automatic_composition (pos=pos@entry=31839, limit=31839, limit@entry=-1, backlim=backlim@entry=-1, start=start@entry=0x7fff02e94938, end=end@entry=0x7fff02e94940, gstring=gstring@entry=0x7fff02e94948, string=0x0) at composite.c:1682
> #12 0x00000000005e8afd in composition_adjust_point (last_pt=last_pt@entry=31839, new_pt=new_pt@entry=31839) at composite.c:1769
> #13 0x0000000000512c93 in command_loop_1 () at keyboard.c:1608
> #14 0x000000000057c867 in internal_condition_case (bfun=bfun@entry=0x511c00 <command_loop_1>, handlers=handlers@entry=0x90, hfun=hfun@entry=0x508730 <cmd_error>) at eval.c:1453
> #15 0x0000000000502aca in command_loop_2 (handlers=handlers@entry=0x90) at keyboard.c:1133
> #16 0x000000000057c7c1 in internal_catch (tag=tag@entry=0xe7f0, func=func@entry=0x502ab0 <command_loop_2>, arg=arg@entry=0x90) at eval.c:1184
> #17 0x0000000000502a6f in command_loop () at keyboard.c:1111
> #18 0x000000000050832c in recursive_edit_1 () at keyboard.c:720
> #19 0x0000000000508673 in Frecursive_edit () at keyboard.c:803
> #20 0x0000000000425a73 in main (argc=1, argv=<optimized out>) at emacs.c:2310
>
> Does anyone know why this is? I hope this hasn't been fixed in the
> pretests (if so, sorry for the report), but I couldn't find anything
> relevant. Thanks in advance.
Looks very similar to bug#51864, but that one was fixed a day before
your binary was built. So I'm not sure what's going on. However, it
sounds like it's exactly that bug, because after the fix
default_face cannot be a NULL pointer, according to my reading of the
code:
default_face = FACE_FROM_ID_OR_NULL (f, face_id);
if (!default_face) <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
default_face = FACE_FROM_ID (f,
lookup_basic_face (w, f, DEFAULT_FACE_ID));
}
/* Optimize common cases where we can use the default face. */
if (noverlays == 0
&& NILP (prop))
{
SAFE_FREE ();
return default_face->id;
}
/* Begin with attributes from the default face. */
memcpy (attrs, default_face->lface, sizeof(attrs));
It seems to crash in the call to memcpy.
Or maybe the backtrace is inaccurate, this being an optimized build.
next prev parent reply other threads:[~2022-01-14 13:58 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <87h7a6saw1.fsf.ref@yahoo.com>
2022-01-14 13:30 ` bug#53254: 28.0.60; Crash in composition_adjust_point while typing Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-01-14 13:58 ` Eli Zaretskii [this message]
2022-01-14 14:14 ` Eli Zaretskii
2022-01-15 0:42 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-01-17 10:54 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=83pmou1ksk.fsf@gnu.org \
--to=eliz@gnu.org \
--cc=53254@debbugs.gnu.org \
--cc=luangruo@yahoo.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).