From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Eli Zaretskii Newsgroups: gmane.emacs.bugs Subject: bug#53254: 28.0.60; Crash in composition_adjust_point while typing Date: Fri, 14 Jan 2022 15:58:19 +0200 Message-ID: <83pmou1ksk.fsf@gnu.org> References: <87h7a6saw1.fsf.ref@yahoo.com> <87h7a6saw1.fsf@yahoo.com> Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="36602"; mail-complaints-to="usenet@ciao.gmane.io" Cc: 53254@debbugs.gnu.org To: Po Lu Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Fri Jan 14 15:22:24 2022 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1n8NTD-0009Q6-O0 for geb-bug-gnu-emacs@m.gmane-mx.org; Fri, 14 Jan 2022 15:22:23 +0100 Original-Received: from localhost ([::1]:50114 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1n8NTC-0003sl-R1 for geb-bug-gnu-emacs@m.gmane-mx.org; Fri, 14 Jan 2022 09:22:22 -0500 Original-Received: from eggs.gnu.org ([209.51.188.92]:45582) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1n8N6f-0005kf-Df for bug-gnu-emacs@gnu.org; Fri, 14 Jan 2022 08:59:05 -0500 Original-Received: from debbugs.gnu.org ([209.51.188.43]:43048) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1n8N6c-0001Hj-AJ for bug-gnu-emacs@gnu.org; Fri, 14 Jan 2022 08:59:05 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1n8N6c-000778-5c for bug-gnu-emacs@gnu.org; Fri, 14 Jan 2022 08:59:02 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Eli Zaretskii Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Fri, 14 Jan 2022 13:59:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 53254 X-GNU-PR-Package: emacs Original-Received: via spool by 53254-submit@debbugs.gnu.org id=B53254.164216870627293 (code B ref 53254); Fri, 14 Jan 2022 13:59:02 +0000 Original-Received: (at 53254) by debbugs.gnu.org; 14 Jan 2022 13:58:26 +0000 Original-Received: from localhost ([127.0.0.1]:35951 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1n8N61-000769-Uc for submit@debbugs.gnu.org; Fri, 14 Jan 2022 08:58:26 -0500 Original-Received: from eggs.gnu.org ([209.51.188.92]:44662) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1n8N5z-00075w-Fm for 53254@debbugs.gnu.org; Fri, 14 Jan 2022 08:58:24 -0500 Original-Received: from [2001:470:142:3::e] (port=40112 helo=fencepost.gnu.org) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1n8N5u-0001DW-5M; Fri, 14 Jan 2022 08:58:18 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date: mime-version; bh=qonWo7D7d1IpPpV5GO8iRkhnx5YOQ+cMJmjMR8rXhd8=; b=l4bKIAqKCxU9 tpcP9yj9pzMb3HZiDzQhccRl06X4ef99kYa1U4ju9/BQg1OvQrGnIR/JS4W5VnXAyw4IDvrhn6b3Q dd8yVC20EhQmZMdH7o4J8qOfzQjLuO+A0El36V35Z0rFZx6+oP6Wfiw3d67W8mPrsnjtrNkaDVkb3 IyeSoSc8A8gkpRiXrLcdQilRukCnvGQYcZYzwFg1DWDenshddkqCctuwmNaxd/dq4Qj9ajoEPqcTs gtQWtS9qJLccy+y0ePoH3NEU7IdFnrziRFp0l6PGfWGhqsa5Frw6ybT7yWeYb94BBPStzsa24SNCJ FgSy9JrPu9YCx2ZZP5TArg==; Original-Received: from [87.69.77.57] (port=3848 helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1n8N5u-00027Z-7s; Fri, 14 Jan 2022 08:58:18 -0500 In-Reply-To: <87h7a6saw1.fsf@yahoo.com> (bug-gnu-emacs@gnu.org) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.io gmane.emacs.bugs:224207 Archived-At: > Date: Fri, 14 Jan 2022 21:30:06 +0800 > From: Po Lu via "Bug reports for GNU Emacs, > the Swiss army knife of text editors" > > Typing a document, I got a crash with the following backtrace: > > #0 0x00007f356943585c in __pthread_kill_implementation () at /lib64/libc.so.6 > #1 0x00007f35693e86b6 in raise () at /lib64/libc.so.6 > #2 0x000000000041db0a in terminate_due_to_signal (sig=sig@entry=11, backtrace_limit=backtrace_limit@entry=40) at emacs.c:437 > #3 0x000000000041df7d in handle_fatal_signal (sig=sig@entry=11) at sysdep.c:1762 > #4 0x000000000051a718 in deliver_thread_signal (sig=sig@entry=11, handler=0x41df72 ) at sysdep.c:1754 > #5 0x000000000051a789 in deliver_fatal_thread_signal (sig=11) at sysdep.c:1774 > #6 handle_sigsegv (sig=11, siginfo=, arg=) at sysdep.c:1867 > #7 0x00007f35693e8760 in () at /lib64/libc.so.6 > #8 face_at_buffer_position (w=w@entry=0x3038d1b0, pos=pos@entry=31829, endptr=endptr@entry=0x7fff02e94768, limit=, mouse=, base_face_id=base_face_id@entry=-1, attr_filter=) at xfaces.c:6441 > #9 0x0000000000594f66 in font_range (pos=pos@entry=31829, pos_byte=pos_byte@entry=32669, limit=limit@entry=0x7fff02e94808, w=w@entry=0x3038d1b0, face=face@entry=0x0, string=string@entry=0x0, ch=62) at font.c:3928 > #10 0x00000000005e4423 in autocmp_chars (rule=0x4ee2945, charpos=charpos@entry=31829, bytepos=32669, limit=31832, limit@entry=31840, win=win@entry=0x3038d1b0, face=face@entry=0x0, string=0x0, direction=0x0, ch=62) at composite.c:924 > #11 0x00000000005e7dd2 in find_automatic_composition (pos=pos@entry=31839, limit=31839, limit@entry=-1, backlim=backlim@entry=-1, start=start@entry=0x7fff02e94938, end=end@entry=0x7fff02e94940, gstring=gstring@entry=0x7fff02e94948, string=0x0) at composite.c:1682 > #12 0x00000000005e8afd in composition_adjust_point (last_pt=last_pt@entry=31839, new_pt=new_pt@entry=31839) at composite.c:1769 > #13 0x0000000000512c93 in command_loop_1 () at keyboard.c:1608 > #14 0x000000000057c867 in internal_condition_case (bfun=bfun@entry=0x511c00 , handlers=handlers@entry=0x90, hfun=hfun@entry=0x508730 ) at eval.c:1453 > #15 0x0000000000502aca in command_loop_2 (handlers=handlers@entry=0x90) at keyboard.c:1133 > #16 0x000000000057c7c1 in internal_catch (tag=tag@entry=0xe7f0, func=func@entry=0x502ab0 , arg=arg@entry=0x90) at eval.c:1184 > #17 0x0000000000502a6f in command_loop () at keyboard.c:1111 > #18 0x000000000050832c in recursive_edit_1 () at keyboard.c:720 > #19 0x0000000000508673 in Frecursive_edit () at keyboard.c:803 > #20 0x0000000000425a73 in main (argc=1, argv=) at emacs.c:2310 > > Does anyone know why this is? I hope this hasn't been fixed in the > pretests (if so, sorry for the report), but I couldn't find anything > relevant. Thanks in advance. Looks very similar to bug#51864, but that one was fixed a day before your binary was built. So I'm not sure what's going on. However, it sounds like it's exactly that bug, because after the fix default_face cannot be a NULL pointer, according to my reading of the code: default_face = FACE_FROM_ID_OR_NULL (f, face_id); if (!default_face) <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< default_face = FACE_FROM_ID (f, lookup_basic_face (w, f, DEFAULT_FACE_ID)); } /* Optimize common cases where we can use the default face. */ if (noverlays == 0 && NILP (prop)) { SAFE_FREE (); return default_face->id; } /* Begin with attributes from the default face. */ memcpy (attrs, default_face->lface, sizeof(attrs)); It seems to crash in the call to memcpy. Or maybe the backtrace is inaccurate, this being an optimized build.