* bug#34256: 27.0.50; Crash on draw_glyphs()
@ 2019-01-30 14:30 Kaushal Modi
2019-01-30 16:16 ` Eli Zaretskii
0 siblings, 1 reply; 18+ messages in thread
From: Kaushal Modi @ 2019-01-30 14:30 UTC (permalink / raw)
To: 34256
[-- Attachment #1: Type: text/plain, Size: 3529 bytes --]
Hello,
I was working in an Org mode buffer and I got this crash on doing C-x v u
(vc-revert).
Thread 1 "emacs" received signal SIGSEGV, Segmentation fault.
0x00000000004c6814 in x_draw_glyph_string ()
(gdb) bt
#0 0x00000000004c6814 in x_draw_glyph_string ()
#1 0x000000000045b394 in draw_glyphs ()
#2 0x0000000000460ec9 in x_write_glyphs ()
#3 0x000000000041eb02 in update_window_line ()
#4 0x0000000000420737 in update_window ()
#5 0x000000000042209a in update_window_tree ()
#6 0x00000000004220ab in update_window_tree ()
#7 0x000000000042445d in update_frame ()
#8 0x000000000045831f in redisplay_internal ()
#9 0x00000000004fc2b3 in read_char ()
#10 0x00000000004feccc in read_key_sequence ()
#11 0x000000000050168d in read_key_sequence_vs ()
#12 0x000000000056bcef in Ffuncall ()
#13 0x00000000005a4d73 in exec_byte_code ()
#14 0x000000000056bc6f in Ffuncall ()
#15 0x00000000005a4d73 in exec_byte_code ()
#16 0x000000000056bc6f in Ffuncall ()
#17 0x00000000005a4d73 in exec_byte_code ()
#18 0x000000000056bc6f in Ffuncall ()
#19 0x0000000000568700 in Ffuncall_interactively ()
#20 0x000000000056bcef in Ffuncall ()
#21 0x000000000056bf6d in Fapply ()
#22 0x0000000000569d8a in Fcall_interactively ()
#23 0x000000000056bcef in Ffuncall ()
#24 0x00000000005a4d73 in exec_byte_code ()
#25 0x000000000056bc6f in Ffuncall ()
#26 0x000000000056bdaa in call1 ()
#27 0x0000000000500630 in command_loop_1 ()
#28 0x000000000056af3e in internal_condition_case ()
#29 0x00000000004f2a1c in command_loop_2 ()
#30 0x000000000056aead in internal_catch ()
#31 0x00000000004f29c4 in command_loop ()
#32 0x00000000004f75e6 in recursive_edit_1 ()
#33 0x00000000004f7904 in Frecursive_edit ()
#34 0x00000000004f1d13 in main ()
Lisp Backtrace:
No symbol "CHECK_LISP_OBJECT_TYPE" in current context.
Note: I am using Emacs built using the harfbuzz branch but I don't know if
this is related to that.
I have the gdb session open; let me know how to get more debug info for you.
Thank you.
In GNU Emacs 27.0.50 (build 11, x86_64-pc-linux-gnu, GTK+ Version 2.24.23)
of 2019-01-28 built on kmodi-lx01.cld.analog.com
Repository revision: 137b65a9b0a4118adda50f34375b4960701542e9
Repository branch: master
Windowing system distributor 'Open Text', version 11.0.11505
System Description: Red Hat Enterprise Linux Workstation release 6.8
(Santiago)
Recent messages:
For information about GNU Emacs and the GNU system, type C-h C-a.
Configured using:
'configure --with-modules
--prefix=/home/kmodi/usr_local/apps/6/emacs/master
'--program-transform-name=s/^ctags$/ctags_emacs/' --with-harfbuzz
'CPPFLAGS=-I/home/kmodi/stowed/include
-I/home/kmodi/usr_local/6/include -I/usr/include/freetype2
-I/usr/include' 'CFLAGS=-O2 -march=native'
'LDFLAGS=-L/home/kmodi/stowed/lib -L/home/kmodi/stowed/lib64
-L/home/kmodi/usr_local/6/lib -L/home/kmodi/usr_local/6/lib64'
PKG_CONFIG_PATH=/home/kmodi/usr_local/6/lib/pkgconfig:/home/kmodi/usr_local/6/lib64/pkgconfig:/cad/adi/apps/gnu/linux/x86_64/6/lib/pkgconfig:/cad/adi/apps/gnu/linux/x86_64/6/lib64/pkgconfig:/home/kmodi/stowed/lib/pkgconfig:/usr/lib/pkgconfig:/usr/lib64/pkgconfig:/usr/share/pkgconfig:/lib/pkgconfig:/lib64/pkgconfig'
Configured features:
XPM JPEG TIFF GIF PNG RSVG IMAGEMAGICK SOUND GPM DBUS GSETTINGS GLIB
NOTIFY INOTIFY ACL LIBSELINUX GNUTLS LIBXML2 FREETYPE M17N_FLT LIBOTF
XFT ZLIB TOOLKIT_SCROLL_BARS GTK2 X11 XDBE XIM MODULES THREADS
CANNOT_DUMP GMP
--
Kaushal Modi
[-- Attachment #2: Type: text/html, Size: 4117 bytes --]
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#34256: 27.0.50; Crash on draw_glyphs()
2019-01-30 14:30 bug#34256: 27.0.50; Crash on draw_glyphs() Kaushal Modi
@ 2019-01-30 16:16 ` Eli Zaretskii
2019-01-30 16:35 ` Kaushal Modi
0 siblings, 1 reply; 18+ messages in thread
From: Eli Zaretskii @ 2019-01-30 16:16 UTC (permalink / raw)
To: Kaushal Modi; +Cc: 34256
> From: Kaushal Modi <kaushal.modi@gmail.com>
> Date: Wed, 30 Jan 2019 09:30:23 -0500
>
> I was working in an Org mode buffer and I got this crash on doing C-x v u (vc-revert).
>
> Thread 1 "emacs" received signal SIGSEGV, Segmentation fault.
> 0x00000000004c6814 in x_draw_glyph_string ()
> (gdb) bt
> #0 0x00000000004c6814 in x_draw_glyph_string ()
> #1 0x000000000045b394 in draw_glyphs ()
> #2 0x0000000000460ec9 in x_write_glyphs ()
> #3 0x000000000041eb02 in update_window_line ()
> #4 0x0000000000420737 in update_window ()
> #5 0x000000000042209a in update_window_tree ()
> #6 0x00000000004220ab in update_window_tree ()
> #7 0x000000000042445d in update_frame ()
> #8 0x000000000045831f in redisplay_internal ()
> #9 0x00000000004fc2b3 in read_char ()
> #10 0x00000000004feccc in read_key_sequence ()
> #11 0x000000000050168d in read_key_sequence_vs ()
> #12 0x000000000056bcef in Ffuncall ()
> #13 0x00000000005a4d73 in exec_byte_code ()
> #14 0x000000000056bc6f in Ffuncall ()
> #15 0x00000000005a4d73 in exec_byte_code ()
> #16 0x000000000056bc6f in Ffuncall ()
> #17 0x00000000005a4d73 in exec_byte_code ()
> #18 0x000000000056bc6f in Ffuncall ()
> #19 0x0000000000568700 in Ffuncall_interactively ()
> #20 0x000000000056bcef in Ffuncall ()
> #21 0x000000000056bf6d in Fapply ()
> #22 0x0000000000569d8a in Fcall_interactively ()
> #23 0x000000000056bcef in Ffuncall ()
> #24 0x00000000005a4d73 in exec_byte_code ()
> #25 0x000000000056bc6f in Ffuncall ()
> #26 0x000000000056bdaa in call1 ()
> #27 0x0000000000500630 in command_loop_1 ()
> #28 0x000000000056af3e in internal_condition_case ()
> #29 0x00000000004f2a1c in command_loop_2 ()
> #30 0x000000000056aead in internal_catch ()
> #31 0x00000000004f29c4 in command_loop ()
> #32 0x00000000004f75e6 in recursive_edit_1 ()
> #33 0x00000000004f7904 in Frecursive_edit ()
> #34 0x00000000004f1d13 in main ()
>
> Lisp Backtrace:
> No symbol "CHECK_LISP_OBJECT_TYPE" in current context.
Thanks.
Do you strip Emacs when you install it? If so, please don't, because
when you strip the debugging symbols, you lose the capability of
giving us any useful information about the crash.
If you can reproduce this problem, please post the recipe; otherwise I
don't see how this could be of any use. Too bad.
> Configured using:
> 'configure --with-modules
> --prefix=/home/kmodi/usr_local/apps/6/emacs/master
> '--program-transform-name=s/^ctags$/ctags_emacs/' --with-harfbuzz
> 'CPPFLAGS=-I/home/kmodi/stowed/include
> -I/home/kmodi/usr_local/6/include -I/usr/include/freetype2
> -I/usr/include' 'CFLAGS=-O2 -march=native'
> 'LDFLAGS=-L/home/kmodi/stowed/lib -L/home/kmodi/stowed/lib64
> -L/home/kmodi/usr_local/6/lib -L/home/kmodi/usr_local/6/lib64'
Why isn't there a -g3 in the compiler switches? AFAIK, the default
configuration supplies it. Did you specify CFLAGS at configure time?
If so, please add -g3 to the switches, and I suggest to use -Og,
not -O2, for better debuggability.
> Configured features:
> XPM JPEG TIFF GIF PNG RSVG IMAGEMAGICK SOUND GPM DBUS GSETTINGS GLIB
> NOTIFY INOTIFY ACL LIBSELINUX GNUTLS LIBXML2 FREETYPE M17N_FLT LIBOTF
> XFT ZLIB TOOLKIT_SCROLL_BARS GTK2 X11 XDBE XIM MODULES THREADS
> CANNOT_DUMP GMP
Did you merge the harfbuzz branch with master, so there's no pdumper
in your build? If not, why do I see CANNOT_DUMP in the list of
features?
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#34256: 27.0.50; Crash on draw_glyphs()
2019-01-30 16:16 ` Eli Zaretskii
@ 2019-01-30 16:35 ` Kaushal Modi
2019-01-30 16:51 ` Eli Zaretskii
0 siblings, 1 reply; 18+ messages in thread
From: Kaushal Modi @ 2019-01-30 16:35 UTC (permalink / raw)
To: Eli Zaretskii; +Cc: 34256
[-- Attachment #1: Type: text/plain, Size: 1337 bytes --]
On Wed, Jan 30, 2019 at 11:16 AM Eli Zaretskii <eliz@gnu.org> wrote:
>
> Do you strip Emacs when you install it? If so, please don't, because
> when you strip the debugging symbols, you lose the capability of
> giving us any useful information about the crash.
>
Understood. I built that emacs with -O2 and without "
--enable-checking='yes,glyphs' --enable-check-lisp-object-type" as it's my
daily driver version.
> If you can reproduce this problem, please post the recipe; otherwise I
> don't see how this could be of any use. Too bad.
>
I'll work on getting a recipe.
Why isn't there a -g3 in the compiler switches? AFAIK, the default
> configuration supplies it.
Yes, I did not add that switch; I do that in my debug builds.
> Did you specify CFLAGS at configure time?
> If so, please add -g3 to the switches, and I suggest to use -Og,
> not -O2, for better debuggability.
>
Will do.
Did you merge the harfbuzz branch with master, so there's no pdumper
> in your build?
Actually, sorry for that confusion. I realized that I had the
--with-harfbuff switch since when I tried the harfbuff branch, but forgot
to remove that from my build script.
> If not, why do I see CANNOT_DUMP in the list of
> features?
>
This was built using the latest master (i.e. with pdumper and no harfbuzz).
I'll try to get a recipe.
[-- Attachment #2: Type: text/html, Size: 2629 bytes --]
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#34256: 27.0.50; Crash on draw_glyphs()
2019-01-30 16:35 ` Kaushal Modi
@ 2019-01-30 16:51 ` Eli Zaretskii
2019-01-30 18:22 ` Kaushal Modi
0 siblings, 1 reply; 18+ messages in thread
From: Eli Zaretskii @ 2019-01-30 16:51 UTC (permalink / raw)
To: Kaushal Modi; +Cc: 34256
> From: Kaushal Modi <kaushal.modi@gmail.com>
> Date: Wed, 30 Jan 2019 11:35:32 -0500
> Cc: 34256@debbugs.gnu.org
>
> Understood. I built that emacs with -O2 and without " --enable-checking='yes,glyphs'
> --enable-check-lisp-object-type" as it's my daily driver version.
I recommend always using these options when building the master
branch.
> I'll work on getting a recipe.
Thanks.
> Why isn't there a -g3 in the compiler switches? AFAIK, the default
> configuration supplies it.
>
> Yes, I did not add that switch; I do that in my debug builds.
Well, please always use that when you build the master branch. It's
potentially buggy code, so we need every possible piece of supporting
information to identify and solve bugs reported b y users.
> This was built using the latest master (i.e. with pdumper and no harfbuzz).
Makes sense. In that case, it is even more important to find the
reason for this, as there aren't supposed to be display-related
changes on master, so stuff like x_draw_glyph_string isn't supposed to
get in trouble.
Thanks.
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#34256: 27.0.50; Crash on draw_glyphs()
2019-01-30 16:51 ` Eli Zaretskii
@ 2019-01-30 18:22 ` Kaushal Modi
2019-01-30 18:55 ` Eli Zaretskii
0 siblings, 1 reply; 18+ messages in thread
From: Kaushal Modi @ 2019-01-30 18:22 UTC (permalink / raw)
To: Eli Zaretskii; +Cc: 34256
[-- Attachment #1: Type: text/plain, Size: 12817 bytes --]
On Wed, Jan 30, 2019 at 11:51 AM Eli Zaretskii <eliz@gnu.org> wrote:
>
> I recommend always using these options when building the master
> branch.
>
OK. Will do so.
> I'll work on getting a recipe.
>
> Thanks.
>
Unfortunately, I couldn't create a recipe even with my whole emacs config.
I can recreate the issue only when I load the desktop session.
Here is the snippet of the .desktop file related to the buffer in which I
can reproduce the crash consistently.
=====
(setq desktop-saved-frameset
[frameset 1
(23633 59565 276710 128000)
(desktop . "208")
"kmodi@kmodi-lx01.foo.bar.com" nil nil
((((minibuffer . t)
(undecorated)
(override-redirect)
(font-backend xft x)
(font .
"-unknown-PragmataPro-normal-normal-normal-*-18-*-*-*-*-0-iso10646-1")
(font-parameter .
"-unknown-PragmataPro-normal-normal-normal-*-18-*-*-*-*-0-iso10646-1")
(border-width . 0)
(internal-border-width . 0)
(right-divider-width . 1)
(bottom-divider-width . 0)
(vertical-scroll-bars)
(horizontal-scroll-bars)
(foreground-color . "#f7f7f7")
(background-color . "#282828")
(mouse-color . "black")
(border-color . "black")
(screen-gamma)
(line-spacing)
(left-fringe . 8)
(right-fringe . 8)
(no-special-glyphs)
(scroll-bar-foreground)
(scroll-bar-background)
(menu-bar-lines . 0)
(tool-bar-lines . 0)
(title)
(wait-for-wm . t)
(tool-bar-position . top)
(inhibit-double-buffering)
(icon-type . t)
(auto-raise)
(auto-lower)
(cursor-type . box)
(scroll-bar-width . 0)
(scroll-bar-height . 0)
(alpha)
(no-focus-on-map)
(no-accept-focus)
(fullscreen)
(visibility . t)
(skip-taskbar)
(z-group)
(display-type . color)
(background-mode . dark)
(cursor-color . "white")
(sticky)
(last-focus-update)
(frameset--id . "BE37-83AB-0DA7-C565")
(frameset--mini t . t)
(modeline . t)
(unsplittable)
(icon-name)
(display . ":1.0")
(explicit-name)
(fullscreen-restore)
(frameset--text-pixel-width . 2030)
(frameset--text-pixel-height . 1089)
(height . 54)
(width . 225)
(left . 0)
(top . 0))
((min-height . 4)
(min-width . 10)
(min-height-ignore . 2)
(min-width-ignore . 4)
(min-height-safe . 1)
(min-width-safe . 2)
(min-pixel-height . 80)
(min-pixel-width . 90)
(min-pixel-height-ignore . 40)
(min-pixel-width-ignore . 36)
(min-pixel-height-safe . 20)
(min-pixel-width-safe . 18))
leaf
(pixel-width . 2046)
(pixel-height . 1069)
(total-width . 227)
(total-height . 53)
(normal-height . 1.0)
(normal-width . 1.0)
(buffer "emacs_27_0.desktop"
(selected . t)
(hscroll . 0)
(fringes 8 8 nil)
(margins nil)
(scroll-bars nil 0 t nil 0 t)
(vscroll . 0)
(dedicated)
(point . 45706)
(start . 42427))
(prev-buffers
("emacs_27_0.desktop" 42647 45125)
("init.el" 9884 10328)
("rxdp_simple_test.sv" 1 1089))))])
...
(desktop-create-buffer 208
"/home/kmodi/hugo/work_blog/content-org/work-posts.org"
"work-posts.org"
'org-mode
'(auto-fill-mode abbrev-mode visual-line-mode eldoc-mode
override-global-mode modi-mode beacon-mode hi-lock-mode
volatile-highlights-mode hungry-delete-mode page-break-lines-mode
undo-tree-mode wrap-region-mode writegood-mode diff-hl-mode org-indent-mode
org-hugo-auto-export-mode projectile-mode hardcore-mode which-key-mode
ivy-mode anzu-mode mode-line-space-mode)
50848
'(nil nil)
nil
nil
'((indent-tabs-mode) (buffer-display-time 23633 59378 650447 18000)
(buffer-file-coding-system . utf-8-unix) (fill-column . 70)
(truncate-lines))
'((mark-ring nil)))
=====
- I cannot reproduce the crash in an emacs -Q session using the same Org
file, or even using my full unaltered config (except for commenting out
desktop loading).
But now I have this detailed backtrace; hopefully it helps you spot the
problem:
xdisp.c:26154: Emacs fatal error: assertion failed: s->img
Thread 1 "emacs" hit Breakpoint 1, terminate_due_to_signal (sig=sig@entry=6,
backtrace_limit=backtrace_limit@entry=2147483647) at emacs.c:370
370 {
(gdb) bt
#0 terminate_due_to_signal (sig=sig@entry=6,
backtrace_limit=backtrace_limit@entry=2147483647) at emacs.c:370
#1 0x00000000005a1622 in die (msg=msg@entry=0x67dc2c "s->img",
file=file@entry=0x67dbaa "xdisp.c", line=line@entry=26154) at alloc.c:7453
#2 0x00000000004378fe in fill_image_glyph_string (s=s@entry=0x7fffffff7aa0)
at xdisp.c:26154
#3 0x00000000004708cf in draw_glyphs (w=w@entry=0x13fa4e0, x=44,
row=0x234ba50, area=area@entry=TEXT_AREA, start=<optimized out>, start@entry=0,
end=end@entry=6, hl=DRAW_NORMAL_TEXT, overlaps=0)
at xdisp.c:26841
#4 0x0000000000474bd2 in x_write_glyphs (w=0x13fa4e0,
updated_row=<optimized out>, start=<optimized out>, updated_area=TEXT_AREA,
len=6) at xdisp.c:29042
#5 0x000000000042244d in update_text_area (w=w@entry=0x13fa4e0,
updated_row=updated_row@entry=0x234ba50, vpos=vpos@entry=14) at
dispnew.c:3613
#6 0x0000000000422fea in update_window_line (w=w@entry=0x13fa4e0,
vpos=vpos@entry=14,
mouse_face_overwritten_p=mouse_face_overwritten_p@entry=0x7fffffff7f2f)
at dispnew.c:3856
#7 0x000000000042366e in update_window (w=w@entry=0x13fa4e0,
force_p=force_p@entry=true) at dispnew.c:3478
#8 0x00000000004238ab in update_window_tree (w=0x13fa4e0,
force_p=force_p@entry=true) at dispnew.c:3220
#9 0x000000000042389b in update_window_tree (w=w@entry=0xdfaee0,
force_p=force_p@entry=true) at dispnew.c:3218
#10 0x00000000004259db in update_frame (f=f@entry=0x143b1b0, force_p=true,
force_p@entry=false, inhibit_hairy_id_p=inhibit_hairy_id_p@entry=false) at
dispnew.c:3109
#11 0x000000000046cf22 in redisplay_internal () at xdisp.c:14521
#12 0x000000000046e493 in redisplay () at xdisp.c:13664
#13 0x000000000054451e in read_char (commandflag=0, map=...,
map@entry=XIL(0x418b203),
prev_event=XIL(0x418b203),
used_mouse_menu=used_mouse_menu@entry=0x7fffffff967b,
end_time=end_time@entry=0x0)
at keyboard.c:2462
#14 0x0000000000545f05 in read_key_sequence
(keybuf=keybuf@entry=0x7fffffff9750,
prompt=..., prompt@entry=XIL(0x2fd53a4), dont_downcase_last=<optimized out>,
can_return_switch_frame=can_return_switch_frame@entry=false,
fix_current_buffer=fix_current_buffer@entry=false,
prevent_redisplay=prevent_redisplay@entry=false) at keyboard.c:9082
#15 0x00000000005489be in read_key_sequence_vs (prompt=...,
continue_echo=XIL(0), dont_downcase_last=...,
can_return_switch_frame=XIL(0), cmd_loop=...,
allow_string=allow_string@entry=false)
at keyboard.c:9777
#16 0x0000000000548a97 in Fread_key_sequence_vector (prompt=...,
continue_echo=..., dont_downcase_last=..., can_return_switch_frame=...,
cmd_loop=...) at keyboard.c:9858
#17 0x00000000005cf89c in funcall_subr (subr=0xcdd780
<Sread_key_sequence_vector>, numargs=numargs@entry=3,
args=args@entry=0x7fffffff9970)
at eval.c:2947
#18 0x00000000005cdc27 in Ffuncall (nargs=4, args=args@entry=0x7fffffff9968)
at eval.c:2860
#19 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff31fe77d), maxdepth=..., maxdepth@entry=make_number(14),
args_template=...,
args_template@entry=make_number(256), nargs=nargs@entry=1,
args=<optimized out>, args@entry=0x7fffffff9ca0) at bytecode.c:633
#20 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff31fe74d),
nargs=nargs@entry=1, arg_vector=arg_vector@entry=0x7fffffff9ca0) at
eval.c:3058
#21 0x00000000005cdd80 in Ffuncall (nargs=2, args=args@entry=0x7fffffff9c98)
at eval.c:2862
#22 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff319f95d), maxdepth=..., maxdepth@entry=make_number(9),
args_template=..., args_template@entry=make_number(257),
nargs=nargs@entry=1, args=<optimized out>, args@entry=0x7fffffffa0a0)
at bytecode.c:633
#23 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff319f92d),
nargs=nargs@entry=1, arg_vector=arg_vector@entry=0x7fffffffa0a0) at
eval.c:3058
#24 0x00000000005cdd80 in Ffuncall (nargs=2, args=args@entry=0x7fffffffa098)
at eval.c:2862
#25 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x604bd85), maxdepth=..., maxdepth@entry=make_number(14),
args_template=..., args_template@entry=make_number(0),
nargs=nargs@entry=0, args=<optimized out>, args@entry=0x7fffffffa620)
at bytecode.c:633
#26 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x604bec5),
nargs=nargs@entry=0, arg_vector=arg_vector@entry=0x7fffffffa620) at
eval.c:3058
#27 0x00000000005cdd80 in Ffuncall (nargs=nargs@entry=1,
args=args@entry=0x7fffffffa618)
at eval.c:2862
#28 0x00000000005c91cb in Ffuncall_interactively (nargs=1,
args=0x7fffffffa618) at callint.c:253
#29 0x00000000005cf71c in funcall_subr (subr=0xce4780
<Sfuncall_interactively>, numargs=numargs@entry=1,
args=args@entry=0x7fffffffa618)
at eval.c:2915
#30 0x00000000005cdc27 in Ffuncall (nargs=nargs@entry=2,
args=args@entry=0x7fffffffa610)
at eval.c:2860
#31 0x00000000005ce16c in Fapply (nargs=nargs@entry=3,
args=args@entry=0x7fffffffa610)
at eval.c:2433
#32 0x00000000005c9a0a in Fcall_interactively (function=...,
record_flag=..., keys=...) at callint.c:340
#33 0x00000000005cf86a in funcall_subr (subr=0xce4740
<Scall_interactively>, numargs=numargs@entry=3, args=args@entry=0x7fffffffa750)
at eval.c:2940#34 0x00000000005cdc27 in Ffuncall (nargs=4,
args=args@entry=0x7fffffffa748)
at eval.c:2860
#35 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff32a25a5), maxdepth=..., maxdepth@entry=make_number(13),
args_template=...,
args_template@entry=make_number(1025), nargs=nargs@entry=1,
args=<optimized out>, args@entry=0x7fffffffaa78) at bytecode.c:633
#36 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff32a2575),
nargs=nargs@entry=1, arg_vector=arg_vector@entry=0x7fffffffaa78) at
eval.c:3058
#37 0x00000000005cdd80 in Ffuncall (nargs=nargs@entry=2,
args=args@entry=0x7fffffffaa70)
at eval.c:2862
#38 0x00000000005ce041 in call1 (fn=..., fn@entry=XIL(0x4020), arg1=...) at
eval.c:2711
#39 0x0000000000547999 in command_loop_1 () at keyboard.c:1462
#40 0x00000000005ccded in internal_condition_case (bfun=bfun@entry=0x5473a3
<command_loop_1>, handlers=..., handlers@entry=XIL(0x5490),
hfun=hfun@entry=0x53c25f
<cmd_error>) at eval.c:1376
#41 0x0000000000537c9a in command_loop_2 (ignore=..., ignore@entry=XIL(0))
at keyboard.c:1090
#42 0x00000000005ccd35 in internal_catch (tag=..., func=func@entry=0x537c82
<command_loop_2>, arg=..., arg@entry=XIL(0)) at eval.c:1139
---Type <return> to continue, or q <return> to quit---
#43 0x000000000053addd in command_loop () at keyboard.c:1069
#44 0x000000000053bcff in recursive_edit_1 () at keyboard.c:714
#45 0x000000000053c061 in Frecursive_edit () at keyboard.c:785
#46 0x0000000000534efa in main (argc=1, argv=<optimized out>) at
emacs.c:1949
Lisp Backtrace:
"redisplay_internal (C function)" (0x0)
"read-key-sequence-vector" (0xffff9970)
"read-key" (0xffff9ca0)
"yes-or-no-p" (0xffffa0a0)
"vc-revert" (0xffffa620)
"funcall-interactively" (0xffffa618)
"call-interactively" (0xffffa750)
"command-execute" (0xffffaa78)
(gdb)
More Info:
- The Org file/buffer seen when this crash happens displays inline images.
[-- Attachment #2: Type: text/html, Size: 16641 bytes --]
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#34256: 27.0.50; Crash on draw_glyphs()
2019-01-30 18:22 ` Kaushal Modi
@ 2019-01-30 18:55 ` Eli Zaretskii
2019-01-30 20:54 ` Kaushal Modi
0 siblings, 1 reply; 18+ messages in thread
From: Eli Zaretskii @ 2019-01-30 18:55 UTC (permalink / raw)
To: Kaushal Modi; +Cc: 34256
> From: Kaushal Modi <kaushal.modi@gmail.com>
> Date: Wed, 30 Jan 2019 13:22:01 -0500
> Cc: 34256@debbugs.gnu.org
>
> - I cannot reproduce the crash in an emacs -Q session using the same Org file, or even using my full
> unaltered config (except for commenting out desktop loading).
>
> But now I have this detailed backtrace; hopefully it helps you spot the problem:
>
> xdisp.c:26154: Emacs fatal error: assertion failed: s->img
>
> Thread 1 "emacs" hit Breakpoint 1, terminate_due_to_signal (sig=sig@entry=6,
> backtrace_limit=backtrace_limit@entry=2147483647) at emacs.c:370
> 370 {
> (gdb) bt
> #0 terminate_due_to_signal (sig=sig@entry=6, backtrace_limit=backtrace_limit@entry=2147483647) at
> emacs.c:370
> #1 0x00000000005a1622 in die (msg=msg@entry=0x67dc2c "s->img", file=file@entry=0x67dbaa "xdisp.c",
> line=line@entry=26154) at alloc.c:7453
> #2 0x00000000004378fe in fill_image_glyph_string (s=s@entry=0x7fffffff7aa0) at xdisp.c:26154
> #3 0x00000000004708cf in draw_glyphs (w=w@entry=0x13fa4e0, x=44, row=0x234ba50,
> area=area@entry=TEXT_AREA, start=<optimized out>, start@entry=0, end=end@entry=6,
> hl=DRAW_NORMAL_TEXT, overlaps=0)
> at xdisp.c:26841
This says Emacs was trying to display an image, but what image is
that? Where did it come from? And could it be that the new native
image scaling is the reason for this (i.e., was the image supposed to
be resized)? Hmm, but you built with ImageMagick, which AFAIU means
the native resizing code should not be invoked...
> - The Org file/buffer seen when this crash happens displays inline images.
Please show the relevant parts of the file anyway.
Also, in this callstack frame:
#2 0x00000000004378fe in fill_image_glyph_string (s=s@entry=0x7fffffff7aa0) at xdisp.c:26154
please show the full contents of s->first_glyph. Like this:
(gdb) frame 2
(gdb) p *s->first_glyph
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#34256: 27.0.50; Crash on draw_glyphs()
2019-01-30 18:55 ` Eli Zaretskii
@ 2019-01-30 20:54 ` Kaushal Modi
2019-01-31 14:02 ` Eli Zaretskii
0 siblings, 1 reply; 18+ messages in thread
From: Kaushal Modi @ 2019-01-30 20:54 UTC (permalink / raw)
To: Eli Zaretskii; +Cc: 34256
[-- Attachment #1: Type: text/plain, Size: 3046 bytes --]
On Wed, Jan 30, 2019 at 1:55 PM Eli Zaretskii <eliz@gnu.org> wrote:
> > #3 0x00000000004708cf in draw_glyphs (w=w@entry=0x13fa4e0, x=44,
> row=0x234ba50,
> > area=area@entry=TEXT_AREA, start=<optimized out>, start@entry=0,
> end=end@entry=6,
> > hl=DRAW_NORMAL_TEXT, overlaps=0)
> > at xdisp.c:26841
>
> This says Emacs was trying to display an image, but what image is
> that? Where did it come from?
It's the inline image display in the Org mode buffer.
=====
#+startup: inlineimages
# ... <snip>
#+attr_html: :width 500
#+caption: ~.vplanx~ flow
#+RESULTS:
[[file:images/vmanager-golden-file/vplan_vplanx.png]]
**** Cons
1. Time consuming to enter data for one test case at a time.
=====
Above code looks like this: https://i.imgtc.com/SynM50x.png
> And could it be that the new native
> image scaling is the reason for this (i.e., was the image supposed to
> be resized)? Hmm, but you built with ImageMagick, which AFAIU means
> the native resizing code should not be invoked...
>
Imagemagick is probably not getting invoked.
Org is using this part of the code to create image overlays:
https://code.orgmode.org/bzg/org-mode/src/8ba23b9ce18d947a0241017ff33015a7807f615d/lisp/org.el#L18630-L18631
.
(create-image file
(and width 'imagemagick)
nil
:width width)
That `width' variable is nil, so effectively this is happening:
(create-image file nil nil :width nil)
> > - The Org file/buffer seen when this crash happens displays inline
> images.
>
> Please show the relevant parts of the file anyway.
>
I've shown that above.
> Also, in this callstack frame:
>
> #2 0x00000000004378fe in fill_image_glyph_string (s=s@entry=0x7fffffff7aa0)
> at xdisp.c:26154
>
> please show the full contents of s->first_glyph. Like this:
>
> (gdb) frame 2
> (gdb) p *s->first_glyph
>
Here it is:
(gdb) frame 2
#2 0x00000000004378fe in fill_image_glyph_string (s=s@entry=0x7fffffff7aa0)
at xdisp.c:26154
26154 eassert (s->img);
(gdb) p *s->first_glyph
$1 = {
charpos = 50512,
object = XIL(0x47ba435),
pixel_width = 404,
ascent = 80,
descent = 81,
voffset = 0,
type = 3,
multibyte_p = true,
left_box_line_p = false,
right_box_line_p = false,
overlaps_vertically_p = false,
padding_p = false,
glyph_not_available_p = false,
avoid_cursor_p = false,
resolved_level = 0,
bidi_type = 1,
face_id = 15,
font_type = 0,
slice = {
img = {
x = 0,
y = 0,
width = 404,
height = 161
},
cmp = {
from = 0,
to = 10551700
},
glyphless = {
upper_xoff = 0,
upper_yoff = 0,
lower_xoff = 404,
lower_yoff = 161
}
},
u = {
ch = 0,
cmp = {
automatic = false,
id = 0
},
img_id = 0,
stretch = {
height = 0,
ascent = 0
},
glyphless = {
method = 0,
for_no_font = false,
---Type <return> to continue, or q <return> to quit---
len = 0,
ch = 0
},
val = 0
}
}
(gdb)
[-- Attachment #2: Type: text/html, Size: 5036 bytes --]
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#34256: 27.0.50; Crash on draw_glyphs()
2019-01-30 20:54 ` Kaushal Modi
@ 2019-01-31 14:02 ` Eli Zaretskii
2019-01-31 15:50 ` Kaushal Modi
0 siblings, 1 reply; 18+ messages in thread
From: Eli Zaretskii @ 2019-01-31 14:02 UTC (permalink / raw)
To: Kaushal Modi; +Cc: 34256
> From: Kaushal Modi <kaushal.modi@gmail.com>
> Date: Wed, 30 Jan 2019 15:54:06 -0500
> Cc: 34256@debbugs.gnu.org
>
> > This says Emacs was trying to display an image, but what image is
> > that? Where did it come from?
>
>
> It's the inline image display in the Org mode buffer.
OK.
> > And could it be that the new native
> > image scaling is the reason for this (i.e., was the image supposed to
> > be resized)? Hmm, but you built with ImageMagick, which AFAIU means
> > the native resizing code should not be invoked...
> >
>
> Imagemagick is probably not getting invoked.
>
> Org is using this part of the code to create image overlays:
> https://code.orgmode.org/bzg/org-mode/src/8ba23b9ce18d947a0241017ff33015a7807f615d/lisp/org.el#L18630-L18631
> .
>
> (create-image file
> (and width 'imagemagick)
> nil
> :width width)
>
> That `width' variable is nil, so effectively this is happening:
>
> (create-image file nil nil :width nil)
OK, so image resizing is still a suspect. Do you have HAVE_XRENDER
defined in src/config.h?
> > (gdb) frame 2
> > (gdb) p *s->first_glyph
> >
>
> Here it is:
>
> (gdb) frame 2
> #2 0x00000000004378fe in fill_image_glyph_string (s=s@entry=0x7fffffff7aa0)
> at xdisp.c:26154
> 26154 eassert (s->img);
> (gdb) p *s->first_glyph
> $1 = {
> charpos = 50512,
> object = XIL(0x47ba435),
> pixel_width = 404,
> ascent = 80,
> descent = 81,
> voffset = 0,
> type = 3,
> [...]
> u = {
> ch = 0,
> cmp = {
> automatic = false,
> id = 0
> },
> img_id = 0,
img_id = 0 is unusual for an image in a buffer. Are you running with
the tool bar disabled, perhaps?
And what do these show in the same call-stack frame #2:
(gdb) p FRAME_IMAGE_CACHE (s->f)->used
(gdb) p FRAME_IMAGE_CACHE (s->f)->images[0]
Thanks.
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#34256: 27.0.50; Crash on draw_glyphs()
2019-01-31 14:02 ` Eli Zaretskii
@ 2019-01-31 15:50 ` Kaushal Modi
2019-01-31 16:52 ` Eli Zaretskii
0 siblings, 1 reply; 18+ messages in thread
From: Kaushal Modi @ 2019-01-31 15:50 UTC (permalink / raw)
To: Eli Zaretskii; +Cc: 34256
[-- Attachment #1: Type: text/plain, Size: 693 bytes --]
On Thu, Jan 31, 2019 at 9:03 AM Eli Zaretskii <eliz@gnu.org> wrote:
>
> OK, so image resizing is still a suspect. Do you have HAVE_XRENDER
> defined in src/config.h?
>
Yes, I do. Here is the full config.h: https://ptpb.pw/ls2f
> > img_id = 0,
>
> img_id = 0 is unusual for an image in a buffer. Are you running with
> the tool bar disabled, perhaps?
>
Yes, I am! I am hiding both tool and menu bars.
And what do these show in the same call-stack frame #2:
>
> (gdb) p FRAME_IMAGE_CACHE (s->f)->used
> (gdb) p FRAME_IMAGE_CACHE (s->f)->images[0]
>
(gdb) p FRAME_IMAGE_CACHE (s->f)->used
$2 = 2
(gdb) p FRAME_IMAGE_CACHE (s->f)->images[0]
$3 = (struct image *) 0x0
Thank you.
[-- Attachment #2: Type: text/html, Size: 1518 bytes --]
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#34256: 27.0.50; Crash on draw_glyphs()
2019-01-31 15:50 ` Kaushal Modi
@ 2019-01-31 16:52 ` Eli Zaretskii
2019-01-31 17:02 ` Kaushal Modi
0 siblings, 1 reply; 18+ messages in thread
From: Eli Zaretskii @ 2019-01-31 16:52 UTC (permalink / raw)
To: Kaushal Modi; +Cc: 34256
> From: Kaushal Modi <kaushal.modi@gmail.com>
> Date: Thu, 31 Jan 2019 10:50:26 -0500
> Cc: 34256@debbugs.gnu.org
>
> > img_id = 0,
>
> img_id = 0 is unusual for an image in a buffer. Are you running with
> the tool bar disabled, perhaps?
>
> Yes, I am! I am hiding both tool and menu bars.
So if you start "emacs -Q", then disable the tool bar, perhaps you can
reproduce the problem without your elaborate setup?
> (gdb) p FRAME_IMAGE_CACHE (s->f)->used
> (gdb) p FRAME_IMAGE_CACHE (s->f)->images[0]
>
> (gdb) p FRAME_IMAGE_CACHE (s->f)->used
> $2 = 2
> (gdb) p FRAME_IMAGE_CACHE (s->f)->images[0]
> $3 = (struct image *) 0x0
OK, so something sets the image in the cache to NULL. When you
reproduce this, is there just one frame, or more than one?
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#34256: 27.0.50; Crash on draw_glyphs()
2019-01-31 16:52 ` Eli Zaretskii
@ 2019-01-31 17:02 ` Kaushal Modi
2019-01-31 17:05 ` Kaushal Modi
2019-01-31 20:26 ` Eli Zaretskii
0 siblings, 2 replies; 18+ messages in thread
From: Kaushal Modi @ 2019-01-31 17:02 UTC (permalink / raw)
To: Eli Zaretskii; +Cc: 34256
[-- Attachment #1: Type: text/plain, Size: 1397 bytes --]
On Thu, Jan 31, 2019 at 11:52 AM Eli Zaretskii <eliz@gnu.org> wrote:
>
> So if you start "emacs -Q", then disable the tool bar, perhaps you can
> reproduce the problem without your elaborate setup?
>
No, I cannot.
As I mentioned earlier, I cannot reproduce the issue with my whole config
if I comment out just the desktop loading setup.
So there's something to do with frame restoring that the desktop does that
messes up something?
Here's my entire desktop setup: https://ptpb.pw/Z8TC/elisp
- The "(setq desktop-restore-frames nil)" bit doesn't get evaluated as
emacs version is >= 25.0.
- The only other desktop/frame related setup that I have is "(setq
desktop-restore-forces-onscreen nil)" (changing from the default t to nil).
And then I basically call this 1 second after my init.el finishes loading:
(desktop-save-mode 1)
(desktop-read)
> (gdb) p FRAME_IMAGE_CACHE (s->f)->used
> > (gdb) p FRAME_IMAGE_CACHE (s->f)->images[0]
> >
> > (gdb) p FRAME_IMAGE_CACHE (s->f)->used
> > $2 = 2
> > (gdb) p FRAME_IMAGE_CACHE (s->f)->images[0]
> > $3 = (struct image *) 0x0
>
> OK, so something sets the image in the cache to NULL. When you
> reproduce this, is there just one frame, or more than one?
>
There's always one frame only. I never work with multiple frames. You can
see the saved frame info in my earlier message in
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34256#17.
[-- Attachment #2: Type: text/html, Size: 2386 bytes --]
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#34256: 27.0.50; Crash on draw_glyphs()
2019-01-31 17:02 ` Kaushal Modi
@ 2019-01-31 17:05 ` Kaushal Modi
2019-01-31 20:26 ` Eli Zaretskii
1 sibling, 0 replies; 18+ messages in thread
From: Kaushal Modi @ 2019-01-31 17:05 UTC (permalink / raw)
To: Eli Zaretskii; +Cc: 34256
[-- Attachment #1: Type: text/plain, Size: 991 bytes --]
On Thu, Jan 31, 2019 at 12:02 PM Kaushal Modi <kaushal.modi@gmail.com>
wrote:
> On Thu, Jan 31, 2019 at 11:52 AM Eli Zaretskii <eliz@gnu.org> wrote:
>
>>
>> So if you start "emacs -Q", then disable the tool bar, perhaps you can
>> reproduce the problem without your elaborate setup?
>>
>
> No, I cannot.
>
> As I mentioned earlier, I cannot reproduce the issue with my whole config
> if I comment out just the desktop loading setup.
>
Let me fix the above bit; it jumbled it up:
As I mentioned earlier, I cannot reproduce the issue *even* with my whole
config with just the desktop loading setup commented out.
Summary:
- emacs -Q, opening the same Org file, disabling tool-bar: cannot reproduce
the crash
- my whole config (*commenting out desktop loading*), opening the same Org
file, [disabling tool-bar is part of my config]: cannot reproduce the crash
- my whole config (*with* desktop loading), opening the same Org file,
[disabling tool-bar is part of my config]: crash happens!
[-- Attachment #2: Type: text/html, Size: 1842 bytes --]
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#34256: 27.0.50; Crash on draw_glyphs()
2019-01-31 17:02 ` Kaushal Modi
2019-01-31 17:05 ` Kaushal Modi
@ 2019-01-31 20:26 ` Eli Zaretskii
2019-02-01 3:15 ` Kaushal Modi
1 sibling, 1 reply; 18+ messages in thread
From: Eli Zaretskii @ 2019-01-31 20:26 UTC (permalink / raw)
To: Kaushal Modi; +Cc: 34256
> From: Kaushal Modi <kaushal.modi@gmail.com>
> Date: Thu, 31 Jan 2019 12:02:40 -0500
> Cc: 34256@debbugs.gnu.org
>
> Here's my entire desktop setup: https://ptpb.pw/Z8TC/elisp
>
> - The "(setq desktop-restore-frames nil)" bit doesn't get evaluated as emacs version is >= 25.0.
> - The only other desktop/frame related setup that I have is "(setq desktop-restore-forces-onscreen nil)"
> (changing from the default t to nil).
>
> And then I basically call this 1 second after my init.el finishes loading:
>
> (desktop-save-mode 1)
> (desktop-read)
>
> > (gdb) p FRAME_IMAGE_CACHE (s->f)->used
> > (gdb) p FRAME_IMAGE_CACHE (s->f)->images[0]
> >
> > (gdb) p FRAME_IMAGE_CACHE (s->f)->used
> > $2 = 2
> > (gdb) p FRAME_IMAGE_CACHE (s->f)->images[0]
> > $3 = (struct image *) 0x0
>
> OK, so something sets the image in the cache to NULL. When you
> reproduce this, is there just one frame, or more than one?
>
> There's always one frame only. I never work with multiple frames. You can see the saved frame info in my
> earlier message in https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34256#17.
OK, so here's a way that could potentially find the culprit:
$ cd /path/to/emacs/src
$ gdb ./emacs
...
(gdb) source ./.gdbinit
(gdb) break fill_image_glyph_string
(gdb) run
When this breakpoint breaks, type:
(gdb) disable
(gdb) print s->f->terminal->image_cache->images[0]
(gdb) watch -l s->f->terminal->image_cache->images[0] if s->f->terminal->image_cache->images[0] == 0
(gdb) continue
Then invoke the rest of your recipe. (It could be that the breakpoint
breaks only after you invoke the last two lines of the recipe.)
Each time the watchpoint breaks, type
(gdb) bt
The result should include the Lisp backtrace as well. If the "print"
command above shows that images[0] is already NULL, type "bt" right
there and then, before continuing with the rest.
Each time the watchpoint breaks, type "continue" until the program
segfaults, I want to see all the cases where the image in the cache
gets nullified.
I hope this will allow us to find which code causes this trouble.
Thanks.
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#34256: 27.0.50; Crash on draw_glyphs()
2019-01-31 20:26 ` Eli Zaretskii
@ 2019-02-01 3:15 ` Kaushal Modi
2019-02-01 3:25 ` Kaushal Modi
0 siblings, 1 reply; 18+ messages in thread
From: Kaushal Modi @ 2019-02-01 3:15 UTC (permalink / raw)
To: Eli Zaretskii; +Cc: 34256
[-- Attachment #1: Type: text/plain, Size: 22210 bytes --]
On Thu, Jan 31, 2019 at 3:26 PM Eli Zaretskii <eliz@gnu.org> wrote:
>
> OK, so here's a way that could potentially find the culprit:
>
> $ cd /path/to/emacs/src
> $ gdb ./emacs
> ...
> (gdb) source ./.gdbinit
> (gdb) break fill_image_glyph_string
> (gdb) run
>
(gdb) break fill_image_glyph_string
Breakpoint 3 at 0x4377e1: file xdisp.c, line 26151.
(gdb) run
Starting program: /home/kmodi/downloads/git/emacs/src/emacs
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
[New Thread 0x7fffec3ab700 (LWP 5462)]
(emacs:5458): GLib-GIO-CRITICAL **: g_settings_schema_source_lookup:
assertion 'source != NULL' failed
When this breakpoint breaks, type:
>
> (gdb) disable
> (gdb) print s->f->terminal->image_cache->images[0]
> (gdb) watch -l s->f->terminal->image_cache->images[0] if
> s->f->terminal->image_cache->images[0] == 0
> (gdb) continue
>
Thread 1 "emacs" hit Breakpoint 3, fill_image_glyph_string (
s=s@entry=0x7fffffff8f10) at xdisp.c:26151
26151 {
(gdb) disable
(gdb) print s->f->terminal->image_cache->images[0]
$1 = (struct image *) 0x42a70b0
(gdb) watch -l s->f->terminal->image_cache->images[0] if
s->f->terminal->image_cache->images[0] == 0
Hardware watchpoint 4: -location s->f->terminal->image_cache->images[0]
(gdb) continue
Continuing.
> Then invoke the rest of your recipe. (It could be that the breakpoint
> breaks only after you invoke the last two lines of the recipe.)
>
warning: Watchpoint condition cannot be tested in the current scope
Thread 1 "emacs" hit Hardware watchpoint 4: -location
s->f->terminal->image_cache->images[0]
Old value = (struct image *) 0x42a70b0
New value = (struct image *) 0x0
free_image (f=f@entry=0x143b260, img=img@entry=0x42a70b0) at image.c:1022
1022 if (img->picture)
> Each time the watchpoint breaks, type
>
> (gdb) bt
>
(gdb) bt
#0 free_image (f=f@entry=0x143b260, img=img@entry=0x42a70b0) at
image.c:1022
#1 0x00000000006646a1 in clear_image_cache (f=0x143b260,
filter=filter@entry=XIL(0xc5a0)) at image.c:1574
#2 0x000000000066a35d in Fclear_image_cache (filter=...) at image.c:1658
#3 0x00000000005cf848 in funcall_subr (subr=0xceadc0 <Sclear_image_cache>,
numargs=numargs@entry=0, args=args@entry=0x7fffffff0650) at eval.c:2935
#4 0x00000000005cdc27 in Ffuncall (nargs=1, args=args@entry=0x7fffffff0648)
at eval.c:2860
#5 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x4d70415), maxdepth=..., maxdepth@entry
=make_number(17),
args_template=..., args_template@entry=make_number(1024),
nargs=nargs@entry=0, args=<optimized out>, args@entry=0x7fffffff0a88)
at bytecode.c:633
#6 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x4d70635),
nargs=nargs@entry=0, arg_vector=arg_vector@entry=0x7fffffff0a88)
at eval.c:3058
#7 0x00000000005cdd80 in Ffuncall (nargs=1, args=args@entry=0x7fffffff0a80)
at eval.c:2862
#8 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x4ce79c5), maxdepth=..., maxdepth@entry
=make_number(7),
args_template=..., args_template@entry=make_number(0),
nargs=nargs@entry=0, args=<optimized out>, args@entry=0x7fffffff1020)
at bytecode.c:633
#9 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x4ce6925),
nargs=nargs@entry=0, arg_vector=arg_vector@entry=0x7fffffff1020)
at eval.c:3058
#10 0x00000000005cdd80 in Ffuncall (nargs=1, args=args@entry=0x7fffffff1018)
at eval.c:2862
#11 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
---Type <return> to continue, or q <return> to quit---
vector@entry=XIL(0x7ffff32d538d), maxdepth=...,
maxdepth@entry=make_number(5), args_template=...,
args_template@entry=make_number(513), nargs=nargs@entry=2,
args=<optimized out>, args@entry=0x7fffffff1308) at bytecode.c:633
#12 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff32d535d),
nargs=nargs@entry=2, arg_vector=arg_vector@entry=0x7fffffff1308)
at eval.c:3058
#13 0x00000000005cdd80 in Ffuncall (nargs=3, args=args@entry=0x7fffffff1300)
at eval.c:2862
#14 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff31de765), maxdepth=...,
maxdepth@entry=make_number(13), args_template=...,
args_template@entry=make_number(256), nargs=nargs@entry=0,
args=<optimized out>, args@entry=0x7fffffff17d0) at bytecode.c:633
#15 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff31de735),
nargs=nargs@entry=0, arg_vector=arg_vector@entry=0x7fffffff17d0)
at eval.c:3058
#16 0x00000000005cdd80 in Ffuncall (nargs=1, args=args@entry=0x7fffffff17c8)
at eval.c:2862
#17 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x60373e5), maxdepth=..., maxdepth@entry
=make_number(16),
args_template=..., args_template@entry=make_number(1026),
nargs=nargs@entry=4, args=<optimized out>, args@entry=0x7fffffff1bb0)
at bytecode.c:633
#18 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x60374e5),
nargs=nargs@entry=4, arg_vector=arg_vector@entry=0x7fffffff1bb0)
at eval.c:3058
#19 0x00000000005cdd80 in Ffuncall (nargs=5, args=args@entry=0x7fffffff1ba8)
at eval.c:2862
---Type <return> to continue, or q <return> to quit---
#20 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x3e55fd5), maxdepth=..., maxdepth@entry
=make_number(18),
args_template=..., args_template@entry=make_number(771),
nargs=nargs@entry=3, args=<optimized out>, args@entry=0x7fffffff2130)
at bytecode.c:633
#21 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x3e55365),
nargs=nargs@entry=3, arg_vector=arg_vector@entry=0x7fffffff2130)
at eval.c:3058
#22 0x00000000005cdd80 in Ffuncall (nargs=4, args=args@entry=0x7fffffff2128)
at eval.c:2862
#23 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x3e549b5), maxdepth=..., maxdepth@entry
=make_number(6),
args_template=..., args_template@entry=make_number(514),
nargs=nargs@entry=2, args=<optimized out>, args@entry=0x7fffffff23f0)
at bytecode.c:633
#24 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x3e549d5),
nargs=nargs@entry=2, arg_vector=arg_vector@entry=0x7fffffff23f0)
at eval.c:3058
#25 0x00000000005cdd80 in Ffuncall (nargs=3, args=args@entry=0x7fffffff23e8)
at eval.c:2862
#26 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x3e54895), maxdepth=..., maxdepth@entry
=make_number(9),
args_template=..., args_template@entry=make_number(257),
nargs=nargs@entry=1, args=<optimized out>, args@entry=0x7fffffff2788)
at bytecode.c:633
#27 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x3e54945),
nargs=nargs@entry=1, arg_vector=arg_vector@entry=0x7fffffff2788)
at eval.c:3058
#28 0x00000000005cdd80 in Ffuncall (nargs=2, args=args@entry=0x7fffffff2780)
---Type <return> to continue, or q <return> to quit---
at eval.c:2862
#29 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff323e465), maxdepth=...,
maxdepth@entry=make_number(30), args_template=...,
args_template@entry=make_number(770), nargs=nargs@entry=3,
args=<optimized out>, args@entry=0x7fffffff2d40) at bytecode.c:633
#30 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff323e435),
nargs=nargs@entry=3, arg_vector=arg_vector@entry=0x7fffffff2d40)
at eval.c:3058
#31 0x00000000005cdd80 in Ffuncall (nargs=4, args=args@entry=0x7fffffff2d38)
at eval.c:2862
#32 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff323da15), maxdepth=...,
maxdepth@entry=make_number(14), args_template=...,
args_template@entry=make_number(771), nargs=nargs@entry=3,
args=<optimized out>, args@entry=0x7fffffff30b8) at bytecode.c:633
#33 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff323d9e5),
nargs=nargs@entry=3, arg_vector=arg_vector@entry=0x7fffffff30b8)
at eval.c:3058
#34 0x00000000005cdd80 in Ffuncall (nargs=4, args=args@entry=0x7fffffff30b0)
at eval.c:2862
#35 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff323d94d), maxdepth=...,
maxdepth@entry=make_number(7), args_template=...,
args_template@entry=make_number(770), nargs=nargs@entry=2,
args=<optimized out>, args@entry=0x7fffffff3358) at bytecode.c:633
#36 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff323d91d),
nargs=nargs@entry=2, arg_vector=arg_vector@entry=0x7fffffff3358)
at eval.c:3058
---Type <return> to continue, or q <return> to quit---
#37 0x00000000005cdd80 in Ffuncall (nargs=3, args=args@entry=0x7fffffff3350)
at eval.c:2862
#38 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x1c09dd5), maxdepth=..., maxdepth@entry
=make_number(10),
args_template=..., args_template@entry=make_number(257),
nargs=nargs@entry=1, args=<optimized out>, args@entry=0x7fffffff37a8)
at bytecode.c:633
#39 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x1c09e25),
nargs=nargs@entry=1, arg_vector=arg_vector@entry=0x7fffffff37a8)
at eval.c:3058
#40 0x00000000005cdd80 in Ffuncall (nargs=2, args=args@entry=0x7fffffff37a0)
at eval.c:2862
#41 0x00000000005cdff9 in run_hook_wrapped_funcall (nargs=<optimized out>,
args=0x7fffffff37a0) at eval.c:2587
#42 0x00000000005cd341 in run_hook_with_args (nargs=2, args=0x7fffffff37a0,
funcall=funcall@entry=0x5cdfdd <run_hook_wrapped_funcall>) at
eval.c:2668
#43 0x00000000005cd4de in Frun_hook_wrapped (nargs=<optimized out>,
args=<optimized out>) at eval.c:2602
#44 0x00000000005cf71c in funcall_subr (subr=0xce4ac0 <Srun_hook_wrapped>,
numargs=numargs@entry=2, args=args@entry=0x7fffffff37a0) at eval.c:2915
#45 0x00000000005cdc27 in Ffuncall (nargs=3, args=args@entry=0x7fffffff3798)
at eval.c:2860
#46 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff32e32bd), maxdepth=...,
maxdepth@entry=make_number(19), args_template=...,
args_template@entry=make_number(514), nargs=nargs@entry=2,
args=<optimized out>, args@entry=0x7fffffff3ae0) at bytecode.c:633
#47 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff32e328d),
nargs=nargs@entry=2, arg_vector=arg_vector@entry=0x7fffffff3ae0)
---Type <return> to continue, or q <return> to quit---
at eval.c:3058
#48 0x00000000005cdd80 in Ffuncall (nargs=3, args=args@entry=0x7fffffff3ad8)
at eval.c:2862
#49 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff32e303d), maxdepth=...,
maxdepth@entry=make_number(27), args_template=...,
args_template@entry=make_number(512), nargs=nargs@entry=2,
args=<optimized out>, args@entry=0x7fffffff3ef8) at bytecode.c:633
#50 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff32e300d),
nargs=nargs@entry=2, arg_vector=arg_vector@entry=0x7fffffff3ef8)
at eval.c:3058
#51 0x00000000005cdd80 in Ffuncall (nargs=3, args=args@entry=0x7fffffff3ef0)
at eval.c:2862
#52 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff3352f5d), maxdepth=...,
maxdepth@entry=make_number(12), args_template=...,
args_template@entry=make_number(257), nargs=nargs@entry=1,
args=<optimized out>, args@entry=0x7fffffff4248) at bytecode.c:633
#53 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff3352f2d),
nargs=nargs@entry=1, arg_vector=arg_vector@entry=0x7fffffff4248)
at eval.c:3058
#54 0x00000000005cdd80 in Ffuncall (nargs=nargs@entry=2,
args=args@entry=0x7fffffff4240) at eval.c:2862
#55 0x00000000005ccffa in internal_condition_case_n (bfun=0x5cdaef
<Ffuncall>,
nargs=nargs@entry=2, args=args@entry=0x7fffffff4240, handlers=...,
handlers@entry=XIL(0xc5a0), hfun=hfun@entry=0x4529d5
<safe_eval_handler>)
at eval.c:1456
#56 0x00000000004455e9 in safe__call (inhibit_quit=inhibit_quit@entry=false,
nargs=nargs@entry=2, func=XIL(0x7ffff25f1c78), ap=ap@entry
=0x7fffffff42b8)
---Type <return> to continue, or q <return> to quit---
at xdisp.c:2644
#57 0x000000000044dd82 in safe_call (nargs=nargs@entry=2, func=...)
at xdisp.c:2659
#58 0x000000000044dda3 in safe_call1 (fn=..., fn@entry=XIL(0x7ffff25f1c78),
arg=..., arg@entry=make_number(1)) at xdisp.c:2670
#59 0x000000000044e068 in handle_fontified_prop (it=0x7fffffff4520)
at xdisp.c:3914
#60 0x0000000000455bc3 in handle_stop (it=it@entry=0x7fffffff4520)
at xdisp.c:3480
#61 0x0000000000455c97 in reseat (it=it@entry=0x7fffffff4520, pos=...,
force_p=force_p@entry=true) at xdisp.c:6673
#62 0x0000000000456563 in init_iterator (it=it@entry=0x7fffffff4520,
w=w@entry=0x4e72520, charpos=1, bytepos=<optimized out>,
row=<optimized out>, base_face_id=base_face_id@entry=DEFAULT_FACE_ID)
at xdisp.c:3095
#63 0x000000000045e6e1 in start_display (it=it@entry=0x7fffffff4520,
w=w@entry=0x4e72520, pos=...) at xdisp.c:3111
#64 0x0000000000466acf in try_window (window=..., window@entry
=XIL(0x4e72525),
pos=..., flags=flags@entry=1) at xdisp.c:17812
#65 0x000000000047c63b in redisplay_window (window=XIL(0x4e72525),
just_this_one_p=just_this_one_p@entry=false) at xdisp.c:17265
#66 0x000000000047e247 in redisplay_window_0 (window=...,
window@entry=XIL(0x4e72525)) at xdisp.c:14993
#67 0x00000000005cce92 in internal_condition_case_1 (
bfun=bfun@entry=0x47e218 <redisplay_window_0>, arg=...,
arg@entry=XIL(0x4e72525), handlers=...,
hfun=hfun@entry=0x43b9ba <redisplay_window_error>) at eval.c:1400
#68 0x000000000043d755 in redisplay_windows (window=...) at xdisp.c:14973
#69 0x000000000043d6f6 in redisplay_windows (window=...) at xdisp.c:14967
---Type <return> to continue, or q <return> to quit---
#70 0x000000000046ce76 in redisplay_internal () at xdisp.c:14443
#71 0x000000000046e493 in redisplay () at xdisp.c:13664
#72 0x000000000054451e in read_char (commandflag=0, map=...,
map@entry=XIL(0x47f8093),
prev_event=XIL(0x47f8093),
used_mouse_menu=used_mouse_menu@entry=0x7fffffff967b,
end_time=end_time@entry=0x0)
at keyboard.c:2462
#73 0x0000000000545f05 in read_key_sequence
(keybuf=keybuf@entry=0x7fffffff9750,
prompt=..., prompt@entry=XIL(0x3ada394), dont_downcase_last=<optimized out>,
can_return_switch_frame=can_return_switch_frame@entry=false,
fix_current_buffer=fix_current_buffer@entry=false,
prevent_redisplay=prevent_redisplay@entry=false) at keyboard.c:9082
#74 0x00000000005489be in read_key_sequence_vs (prompt=...,
continue_echo=XIL(0), dont_downcase_last=...,
can_return_switch_frame=XIL(0), cmd_loop=...,
allow_string=allow_string@entry=false)
at keyboard.c:9777
#75 0x0000000000548a97 in Fread_key_sequence_vector (prompt=...,
continue_echo=..., dont_downcase_last=..., can_return_switch_frame=...,
cmd_loop=...) at keyboard.c:9858
#76 0x00000000005cf89c in funcall_subr (subr=0xcdd780
<Sread_key_sequence_vector>, numargs=numargs@entry=3,
args=args@entry=0x7fffffff9970)
at eval.c:2947
#77 0x00000000005cdc27 in Ffuncall (nargs=4, args=args@entry=0x7fffffff9968)
at eval.c:2860
#78 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff31fe77d), maxdepth=..., maxdepth@entry=make_number(14),
args_template=...,
args_template@entry=make_number(256), nargs=nargs@entry=1,
args=<optimized out>, args@entry=0x7fffffff9ca0) at bytecode.c:633
#79 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff31fe74d),
nargs=nargs@entry=1, arg_vector=arg_vector@entry=0x7fffffff9ca0) at
eval.c:3058
#80 0x00000000005cdd80 in Ffuncall (nargs=2, args=args@entry=0x7fffffff9c98)
at eval.c:2862
#81 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff319f95d), maxdepth=..., maxdepth@entry=make_number(9),
args_template=..., args_template@entry=make_number(257),
nargs=nargs@entry=1, args=<optimized out>, args@entry=0x7fffffffa0a0)
at bytecode.c:633
#82 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff319f92d),
nargs=nargs@entry=1, arg_vector=arg_vector@entry=0x7fffffffa0a0) at
eval.c:3058
#83 0x00000000005cdd80 in Ffuncall (nargs=2, args=args@entry=0x7fffffffa098)
at eval.c:2862
#84 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x603b905), maxdepth=..., maxdepth@entry=make_number(14),
args_template=..., args_template@entry=make_number(0),
nargs=nargs@entry=0, args=<optimized out>, args@entry=0x7fffffffa620)
at bytecode.c:633
#85 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x603ba45),
nargs=nargs@entry=0, arg_vector=arg_vector@entry=0x7fffffffa620) at
eval.c:3058
#86 0x00000000005cdd80 in Ffuncall (nargs=nargs@entry=1,
args=args@entry=0x7fffffffa618)
at eval.c:2862
#87 0x00000000005c91cb in Ffuncall_interactively (nargs=1,
args=0x7fffffffa618) at callint.c:253
#88 0x00000000005cf71c in funcall_subr (subr=0xce4780
<Sfuncall_interactively>, numargs=numargs@entry=1,
args=args@entry=0x7fffffffa618)
at eval.c:2915
#89 0x00000000005cdc27 in Ffuncall (nargs=nargs@entry=2,
args=args@entry=0x7fffffffa610)
at eval.c:2860
#90 0x00000000005ce16c in Fapply (nargs=nargs@entry=3,
args=args@entry=0x7fffffffa610)
at eval.c:2433
#91 0x00000000005c9a0a in Fcall_interactively (function=...,
record_flag=..., keys=...) at callint.c:340
#92 0x00000000005cf86a in funcall_subr (subr=0xce4740
<Scall_interactively>, numargs=numargs@entry=3, args=args@entry=0x7fffffffa750)
at eval.c:2940
#93 0x00000000005cdc27 in Ffuncall (nargs=4, args=args@entry=0x7fffffffa748)
at eval.c:2860
#94 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff32a25a5), maxdepth=..., maxdepth@entry=make_number(13),
args_template=...,
args_template@entry=make_number(1025), nargs=nargs@entry=1,
args=<optimized out>, args@entry=0x7fffffffaa78) at bytecode.c:633
#95 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff32a2575),
nargs=nargs@entry=1, arg_vector=arg_vector@entry=0x7fffffffaa78) at
eval.c:3058
#96 0x00000000005cdd80 in Ffuncall (nargs=nargs@entry=2,
args=args@entry=0x7fffffffaa70)
at eval.c:2862
#97 0x00000000005ce041 in call1 (fn=..., fn@entry=XIL(0x4020), arg1=...) at
eval.c:2711
#98 0x0000000000547999 in command_loop_1 () at keyboard.c:1462
#99 0x00000000005ccded in internal_condition_case (bfun=bfun@entry=0x5473a3
<command_loop_1>, handlers=..., handlers@entry=XIL(0x5490),
hfun=hfun@entry=0x53c25f
<cmd_error>) at eval.c:1376
#100 0x0000000000537c9a in command_loop_2 (ignore=..., ignore@entry=XIL(0))
at keyboard.c:1090
#101 0x00000000005ccd35 in internal_catch (tag=..., func=func@entry=0x537c82
<command_loop_2>, arg=..., arg@entry=XIL(0)) at eval.c:1139
#102 0x000000000053addd in command_loop () at keyboard.c:1069
#103 0x000000000053bcff in recursive_edit_1 () at keyboard.c:714
#104 0x000000000053c061 in Frecursive_edit () at keyboard.c:785
#105 0x0000000000534efa in main (argc=1, argv=<optimized out>) at
emacs.c:1949
Lisp Backtrace:
"clear-image-cache" (0xffff0650)
"org-display-inline-images" (0xffff0a88)
"org-mode" (0xffff1020)
"set-auto-mode-0" (0xffff1308)
"set-auto-mode" (0xffff17d0)
"vc-find-revision-no-save" (0xffff1bb0)
---Type <return> to continue, or q <return> to quit---
"diff-syntax-fontify-hunk" (0xffff2130)
"diff-syntax-fontify" (0xffff23f0)
"diff--font-lock-syntax" (0xffff2788)
"font-lock-fontify-keywords-region" (0xffff2d40)
"font-lock-default-fontify-region" (0xffff30b8)
"font-lock-fontify-region" (0xffff3358)
0x1c09e20 PVEC_COMPILED
"run-hook-wrapped" (0xffff37a0)
"jit-lock--run-functions" (0xffff3ae0)
"jit-lock-fontify-now" (0xffff3ef8)
"jit-lock-function" (0xffff4248)
"redisplay_internal (C function)" (0x0)
"read-key-sequence-vector" (0xffff9970)
"read-key" (0xffff9ca0)
"yes-or-no-p" (0xffffa0a0)
"vc-revert" (0xffffa620)
"funcall-interactively" (0xffffa618)
"call-interactively" (0xffffa750)
"command-execute" (0xffffaa78)
(gdb) continue
Continuing.
warning: Watchpoint condition cannot be tested in the current scope
Thread 1 "emacs" hit Hardware watchpoint 4: -location
s->f->terminal->image_cache->images[0]
Old value = (struct image *) 0x0
New value = (struct image *) 0x1f089b0
cache_image (f=f@entry=0x143b260, img=img@entry=0x1f089b0) at image.c:2044
2044 img->id = i;
The result should include the Lisp backtrace as well. If the "print"
> command above shows that images[0] is already NULL, type "bt" right
> there and then, before continuing with the rest.
>
> Each time the watchpoint breaks, type "continue" until the program
> segfaults, I want to see all the cases where the image in the cache
> gets nullified.
>
Interestingly, the segfault did not happen when I set that breakpoint and
proceeded as you suggested, as you see above.
But I killed that gdb session and started again, redid steps to create and
crash and got the segfault again:
(gdb) r
Starting program: /home/kmodi/downloads/git/emacs/src/emacs
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
[New Thread 0x7fffec3ab700 (LWP 8054)]
(emacs:8050): GLib-GIO-CRITICAL **: g_settings_schema_source_lookup:
assertion 'source != NULL' failed
xdisp.c:26154: Emacs fatal error: assertion failed: s->img
Thread 1 "emacs" hit Breakpoint 1, terminate_due_to_signal (sig=sig@entry=6,
backtrace_limit=backtrace_limit@entry=2147483647) at emacs.c:370
370 {
(gdb) bt
#0 terminate_due_to_signal (sig=sig@entry=6,
backtrace_limit=backtrace_limit@entry=2147483647) at emacs.c:370
#1 0x00000000005a1622 in die (msg=msg@entry=0x67dc2c "s->img",
file=file@entry=0x67dbaa "xdisp.c", line=line@entry=26154) at alloc.c:7453
#2 0x00000000004378fe in fill_image_glyph_string (s=s@entry=0x7fffffff7aa0)
at xdisp.c:26154
#3 0x00000000004708cf in draw_glyphs (w=w@entry=0x13fa500, x=44,
row=0x3c6a390, area=area@entry=TEXT_AREA, start=<optimized out>, start@entry=0,
end=end@entry=6, hl=DRAW_NORMAL_TEXT, overlaps=0)
at xdisp.c:26841
#4 0x0000000000474bd2 in x_write_glyphs (w=0x13fa500,
updated_row=<optimized out>, start=<optimized out>, updated_area=TEXT_AREA,
len=6) at xdisp.c:29042
[-- Attachment #2: Type: text/html, Size: 25926 bytes --]
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#34256: 27.0.50; Crash on draw_glyphs()
2019-02-01 3:15 ` Kaushal Modi
@ 2019-02-01 3:25 ` Kaushal Modi
2019-02-01 8:41 ` Eli Zaretskii
0 siblings, 1 reply; 18+ messages in thread
From: Kaushal Modi @ 2019-02-01 3:25 UTC (permalink / raw)
To: Eli Zaretskii; +Cc: 34256
[-- Attachment #1: Type: text/plain, Size: 27283 bytes --]
On Thu, Jan 31, 2019 at 10:15 PM Kaushal Modi <kaushal.modi@gmail.com>
wrote:
>
>> Each time the watchpoint breaks, type "continue" until the program
>> segfaults, I want to see all the cases where the image in the cache
>> gets nullified.
>>
>
> Interestingly, the segfault did not happen when I set that breakpoint and
> proceeded as you suggested, as you see above.
>
I redid the steps with the breakpoint and got it to segfault this time (I
had forgotten the source ./.gdbinit the first time)!
Hopefully this helps:
Thread 1 "emacs" hit Hardware watchpoint 6: -location
s->f->terminal->image_cache->images[0]
Old value = (struct image *) 0x2346430
New value = (struct image *) 0x0
free_image (f=f@entry=0x143b1b0, img=img@entry=0x2346430) at image.c:1022
1022 if (img->picture)
(gdb) bt
#0 free_image (f=f@entry=0x143b1b0, img=img@entry=0x2346430) at
image.c:1022
#1 0x00000000006646a1 in clear_image_cache (f=0x143b1b0,
filter=filter@entry=XIL(0xc5a0)) at image.c:1574
#2 0x000000000066a35d in Fclear_image_cache (filter=...) at image.c:1658
#3 0x00000000005cf848 in funcall_subr (subr=0xceadc0 <Sclear_image_cache>,
numargs=numargs@entry=0, args=args@entry=0x7fffffff0650) at eval.c:2935
#4 0x00000000005cdc27 in Ffuncall (nargs=1, args=args@entry=0x7fffffff0648)
at eval.c:2860
#5 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x4d72415), maxdepth=..., maxdepth@entry=make_number(17),
args_template=..., args_template@entry=make_number(1024),
nargs=nargs@entry=0, args=<optimized out>, args@entry=0x7fffffff0a88)
at bytecode.c:633
#6 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x4d72635),
nargs=nargs@entry=0, arg_vector=arg_vector@entry=0x7fffffff0a88) at
eval.c:3058
#7 0x00000000005cdd80 in Ffuncall (nargs=1, args=args@entry=0x7fffffff0a80)
at eval.c:2862
#8 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x4ce99c5), maxdepth=..., maxdepth@entry=make_number(7),
args_template=..., args_template@entry=make_number(0),
nargs=nargs@entry=0, args=<optimized out>, args@entry=0x7fffffff1020)
at bytecode.c:633
#9 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x4ce8925),
nargs=nargs@entry=0, arg_vector=arg_vector@entry=0x7fffffff1020) at
eval.c:3058
#10 0x00000000005cdd80 in Ffuncall (nargs=1, args=args@entry=0x7fffffff1018)
at eval.c:2862
#11 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff32d538d), maxdepth=..., maxdepth@entry=make_number(5),
args_template=..., args_template@entry=make_number(513),
nargs=nargs@entry=2, args=<optimized out>, args@entry=0x7fffffff1308)
at bytecode.c:633
#12 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff32d535d),
nargs=nargs@entry=2, arg_vector=arg_vector@entry=0x7fffffff1308) at
eval.c:3058
#13 0x00000000005cdd80 in Ffuncall (nargs=3, args=args@entry=0x7fffffff1300)
at eval.c:2862
#14 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff31de765), maxdepth=..., maxdepth@entry=make_number(13),
args_template=...,
args_template@entry=make_number(256), nargs=nargs@entry=0,
args=<optimized out>, args@entry=0x7fffffff17d0) at bytecode.c:633
#15 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff31de735),
nargs=nargs@entry=0, arg_vector=arg_vector@entry=0x7fffffff17d0) at
eval.c:3058
#16 0x00000000005cdd80 in Ffuncall (nargs=1, args=args@entry=0x7fffffff17c8)
at eval.c:2862
#17 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x6039245), maxdepth=..., maxdepth@entry=make_number(16),
args_template=..., args_template@entry=make_number(1026),
nargs=nargs@entry=4, args=<optimized out>, args@entry=0x7fffffff1bb0)
at bytecode.c:633
#18 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x6039345),
nargs=nargs@entry=4, arg_vector=arg_vector@entry=0x7fffffff1bb0) at
eval.c:3058
#19 0x00000000005cdd80 in Ffuncall (nargs=5, args=args@entry=0x7fffffff1ba8)
at eval.c:2862
#20 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x3e58015), maxdepth=..., maxdepth@entry=make_number(18),
args_template=..., args_template@entry=make_number(771),
nargs=nargs@entry=3, args=<optimized out>, args@entry=0x7fffffff2130)
at bytecode.c:633
#21 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x3e573a5),
nargs=nargs@entry=3, arg_vector=arg_vector@entry=0x7fffffff2130) at
eval.c:3058
#22 0x00000000005cdd80 in Ffuncall (nargs=4, args=args@entry=0x7fffffff2128)
at eval.c:2862
#23 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x3e569f5), maxdepth=..., maxdepth@entry=make_number(6),
args_template=..., args_template@entry=make_number(514),
nargs=nargs@entry=2, args=<optimized out>, args@entry=0x7fffffff23f0)
at bytecode.c:633
#24 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x3e56a15),
nargs=nargs@entry=2, arg_vector=arg_vector@entry=0x7fffffff23f0) at
eval.c:3058
#25 0x00000000005cdd80 in Ffuncall (nargs=3, args=args@entry=0x7fffffff23e8)
at eval.c:2862
#26 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x3e568d5), maxdepth=..., maxdepth@entry=make_number(9),
args_template=..., args_template@entry=make_number(257),
nargs=nargs@entry=1, args=<optimized out>, args@entry=0x7fffffff2788)
at bytecode.c:633
#27 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x3e56985),
nargs=nargs@entry=1, arg_vector=arg_vector@entry=0x7fffffff2788) at
eval.c:3058
#28 0x00000000005cdd80 in Ffuncall (nargs=2, args=args@entry=0x7fffffff2780)
at eval.c:2862
#29 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff323e465), maxdepth=..., maxdepth@entry=make_number(30),
args_template=...,
args_template@entry=make_number(770), nargs=nargs@entry=3,
args=<optimized out>, args@entry=0x7fffffff2d40) at bytecode.c:633
#30 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff323e435),
nargs=nargs@entry=3, arg_vector=arg_vector@entry=0x7fffffff2d40) at
eval.c:3058
#31 0x00000000005cdd80 in Ffuncall (nargs=4, args=args@entry=0x7fffffff2d38)
at eval.c:2862
#32 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff323da15), maxdepth=..., maxdepth@entry=make_number(14),
args_template=...,
args_template@entry=make_number(771), nargs=nargs@entry=3,
args=<optimized out>, args@entry=0x7fffffff30b8) at bytecode.c:633
#33 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff323d9e5),
nargs=nargs@entry=3, arg_vector=arg_vector@entry=0x7fffffff30b8) at
eval.c:3058
#34 0x00000000005cdd80 in Ffuncall (nargs=4, args=args@entry=0x7fffffff30b0)
at eval.c:2862
#35 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff323d94d), maxdepth=..., maxdepth@entry=make_number(7),
args_template=..., args_template@entry=make_number(770),
nargs=nargs@entry=2, args=<optimized out>, args@entry=0x7fffffff3358)
at bytecode.c:633
#36 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff323d91d),
nargs=nargs@entry=2, arg_vector=arg_vector@entry=0x7fffffff3358) at
eval.c:3058
#37 0x00000000005cdd80 in Ffuncall (nargs=3, args=args@entry=0x7fffffff3350)
at eval.c:2862
#38 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x4a1a875), maxdepth=..., maxdepth@entry=make_number(10),
args_template=..., args_template@entry=make_number(257),
nargs=nargs@entry=1, args=<optimized out>, args@entry=0x7fffffff37a8)
at bytecode.c:633
---Type <return> to continue, or q <return> to quit---
#39 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x4a1a8c5),
nargs=nargs@entry=1, arg_vector=arg_vector@entry=0x7fffffff37a8) at
eval.c:3058
#40 0x00000000005cdd80 in Ffuncall (nargs=2, args=args@entry=0x7fffffff37a0)
at eval.c:2862
#41 0x00000000005cdff9 in run_hook_wrapped_funcall (nargs=<optimized out>,
args=0x7fffffff37a0) at eval.c:2587
#42 0x00000000005cd341 in run_hook_with_args (nargs=2, args=0x7fffffff37a0,
funcall=funcall@entry=0x5cdfdd <run_hook_wrapped_funcall>) at eval.c:2668
#43 0x00000000005cd4de in Frun_hook_wrapped (nargs=<optimized out>,
args=<optimized out>) at eval.c:2602
#44 0x00000000005cf71c in funcall_subr (subr=0xce4ac0 <Srun_hook_wrapped>,
numargs=numargs@entry=2, args=args@entry=0x7fffffff37a0) at eval.c:2915
#45 0x00000000005cdc27 in Ffuncall (nargs=3, args=args@entry=0x7fffffff3798)
at eval.c:2860
#46 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff32e32bd), maxdepth=..., maxdepth@entry=make_number(19),
args_template=...,
args_template@entry=make_number(514), nargs=nargs@entry=2,
args=<optimized out>, args@entry=0x7fffffff3ae0) at bytecode.c:633
#47 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff32e328d),
nargs=nargs@entry=2, arg_vector=arg_vector@entry=0x7fffffff3ae0) at
eval.c:3058
#48 0x00000000005cdd80 in Ffuncall (nargs=3, args=args@entry=0x7fffffff3ad8)
at eval.c:2862
#49 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff32e303d), maxdepth=..., maxdepth@entry=make_number(27),
args_template=...,
args_template@entry=make_number(512), nargs=nargs@entry=2,
args=<optimized out>, args@entry=0x7fffffff3ef8) at bytecode.c:633
#50 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff32e300d),
nargs=nargs@entry=2, arg_vector=arg_vector@entry=0x7fffffff3ef8) at
eval.c:3058
#51 0x00000000005cdd80 in Ffuncall (nargs=3, args=args@entry=0x7fffffff3ef0)
at eval.c:2862
#52 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff3352f5d), maxdepth=..., maxdepth@entry=make_number(12),
args_template=...,
args_template@entry=make_number(257), nargs=nargs@entry=1,
args=<optimized out>, args@entry=0x7fffffff4248) at bytecode.c:633
#53 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff3352f2d),
nargs=nargs@entry=1, arg_vector=arg_vector@entry=0x7fffffff4248) at
eval.c:3058
#54 0x00000000005cdd80 in Ffuncall (nargs=nargs@entry=2,
args=args@entry=0x7fffffff4240)
at eval.c:2862
#55 0x00000000005ccffa in internal_condition_case_n (bfun=0x5cdaef
<Ffuncall>, nargs=nargs@entry=2, args=args@entry=0x7fffffff4240,
handlers=..., handlers@entry=XIL(0xc5a0),
hfun=hfun@entry=0x4529d5 <safe_eval_handler>) at eval.c:1456
#56 0x00000000004455e9 in safe__call (inhibit_quit=inhibit_quit@entry=false,
nargs=nargs@entry=2, func=XIL(0x7ffff25f1c78), ap=ap@entry=0x7fffffff42b8)
at xdisp.c:2644
#57 0x000000000044dd82 in safe_call (nargs=nargs@entry=2, func=...) at
xdisp.c:2659
#58 0x000000000044dda3 in safe_call1 (fn=..., fn@entry=XIL(0x7ffff25f1c78),
arg=..., arg@entry=make_number(1)) at xdisp.c:2670
#59 0x000000000044e068 in handle_fontified_prop (it=0x7fffffff4520) at
xdisp.c:3914
#60 0x0000000000455bc3 in handle_stop (it=it@entry=0x7fffffff4520) at
xdisp.c:3480
#61 0x0000000000455c97 in reseat (it=it@entry=0x7fffffff4520, pos=...,
force_p=force_p@entry=true) at xdisp.c:6673
#62 0x0000000000456563 in init_iterator (it=it@entry=0x7fffffff4520,
w=w@entry=0x4a143d0, charpos=1, bytepos=<optimized out>, row=<optimized
out>, base_face_id=base_face_id@entry=DEFAULT_FACE_ID)
at xdisp.c:3095
#63 0x000000000045e6e1 in start_display (it=it@entry=0x7fffffff4520,
w=w@entry=0x4a143d0, pos=...) at xdisp.c:3111
#64 0x0000000000466acf in try_window (window=..., window@entry=XIL(0x4a143d5),
pos=..., flags=flags@entry=1) at xdisp.c:17812
#65 0x000000000047c63b in redisplay_window (window=XIL(0x4a143d5),
just_this_one_p=just_this_one_p@entry=false) at xdisp.c:17265
#66 0x000000000047e247 in redisplay_window_0 (window=...,
window@entry=XIL(0x4a143d5))
at xdisp.c:14993
#67 0x00000000005cce92 in internal_condition_case_1 (bfun=bfun@entry=0x47e218
<redisplay_window_0>, arg=..., arg@entry=XIL(0x4a143d5), handlers=...,
hfun=hfun@entry=0x43b9ba <redisplay_window_error>)
at eval.c:1400
#68 0x000000000043d755 in redisplay_windows (window=...) at xdisp.c:14973
#69 0x000000000043d6f6 in redisplay_windows (window=...) at xdisp.c:14967
#70 0x000000000046ce76 in redisplay_internal () at xdisp.c:14443
#71 0x000000000046e493 in redisplay () at xdisp.c:13664
#72 0x000000000054451e in read_char (commandflag=0, map=...,
map@entry=XIL(0x5264753),
prev_event=XIL(0x5264753),
used_mouse_menu=used_mouse_menu@entry=0x7fffffff967b,
end_time=end_time@entry=0x0)
at keyboard.c:2462
#73 0x0000000000545f05 in read_key_sequence
(keybuf=keybuf@entry=0x7fffffff9750,
prompt=..., prompt@entry=XIL(0x1a09754), dont_downcase_last=<optimized out>,
can_return_switch_frame=can_return_switch_frame@entry=false,
fix_current_buffer=fix_current_buffer@entry=false,
prevent_redisplay=prevent_redisplay@entry=false) at keyboard.c:9082
#74 0x00000000005489be in read_key_sequence_vs (prompt=...,
continue_echo=XIL(0), dont_downcase_last=...,
can_return_switch_frame=XIL(0), cmd_loop=...,
allow_string=allow_string@entry=false)
at keyboard.c:9777
#75 0x0000000000548a97 in Fread_key_sequence_vector (prompt=...,
continue_echo=..., dont_downcase_last=..., can_return_switch_frame=...,
cmd_loop=...) at keyboard.c:9858
#76 0x00000000005cf89c in funcall_subr (subr=0xcdd780
<Sread_key_sequence_vector>, numargs=numargs@entry=3,
args=args@entry=0x7fffffff9970)
at eval.c:2947
#77 0x00000000005cdc27 in Ffuncall (nargs=4, args=args@entry=0x7fffffff9968)
at eval.c:2860
#78 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff31fe77d), maxdepth=..., maxdepth@entry=make_number(14),
args_template=...,
args_template@entry=make_number(256), nargs=nargs@entry=1,
args=<optimized out>, args@entry=0x7fffffff9ca0) at bytecode.c:633
#79 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff31fe74d),
nargs=nargs@entry=1, arg_vector=arg_vector@entry=0x7fffffff9ca0) at
eval.c:3058
---Type <return> to continue, or q <return> to quit---
#80 0x00000000005cdd80 in Ffuncall (nargs=2, args=args@entry=0x7fffffff9c98)
at eval.c:2862
#81 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff319f95d), maxdepth=..., maxdepth@entry=make_number(9),
args_template=..., args_template@entry=make_number(257),
nargs=nargs@entry=1, args=<optimized out>, args@entry=0x7fffffffa0a0)
at bytecode.c:633
#82 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff319f92d),
nargs=nargs@entry=1, arg_vector=arg_vector@entry=0x7fffffffa0a0) at
eval.c:3058
#83 0x00000000005cdd80 in Ffuncall (nargs=2, args=args@entry=0x7fffffffa098)
at eval.c:2862
#84 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x603d725), maxdepth=..., maxdepth@entry=make_number(14),
args_template=..., args_template@entry=make_number(0),
nargs=nargs@entry=0, args=<optimized out>, args@entry=0x7fffffffa620)
at bytecode.c:633
#85 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x603d865),
nargs=nargs@entry=0, arg_vector=arg_vector@entry=0x7fffffffa620) at
eval.c:3058
#86 0x00000000005cdd80 in Ffuncall (nargs=nargs@entry=1,
args=args@entry=0x7fffffffa618)
at eval.c:2862
#87 0x00000000005c91cb in Ffuncall_interactively (nargs=1,
args=0x7fffffffa618) at callint.c:253
#88 0x00000000005cf71c in funcall_subr (subr=0xce4780
<Sfuncall_interactively>, numargs=numargs@entry=1,
args=args@entry=0x7fffffffa618)
at eval.c:2915
#89 0x00000000005cdc27 in Ffuncall (nargs=nargs@entry=2,
args=args@entry=0x7fffffffa610)
at eval.c:2860
#90 0x00000000005ce16c in Fapply (nargs=nargs@entry=3,
args=args@entry=0x7fffffffa610)
at eval.c:2433
#91 0x00000000005c9a0a in Fcall_interactively (function=...,
record_flag=..., keys=...) at callint.c:340
#92 0x00000000005cf86a in funcall_subr (subr=0xce4740
<Scall_interactively>, numargs=numargs@entry=3, args=args@entry=0x7fffffffa750)
at eval.c:2940
#93 0x00000000005cdc27 in Ffuncall (nargs=4, args=args@entry=0x7fffffffa748)
at eval.c:2860
#94 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff32a25a5), maxdepth=..., maxdepth@entry=make_number(13),
args_template=...,
args_template@entry=make_number(1025), nargs=nargs@entry=1,
args=<optimized out>, args@entry=0x7fffffffaa78) at bytecode.c:633
#95 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff32a2575),
nargs=nargs@entry=1, arg_vector=arg_vector@entry=0x7fffffffaa78) at
eval.c:3058
#96 0x00000000005cdd80 in Ffuncall (nargs=nargs@entry=2,
args=args@entry=0x7fffffffaa70)
at eval.c:2862
#97 0x00000000005ce041 in call1 (fn=..., fn@entry=XIL(0x4020), arg1=...) at
eval.c:2711
#98 0x0000000000547999 in command_loop_1 () at keyboard.c:1462
#99 0x00000000005ccded in internal_condition_case (bfun=bfun@entry=0x5473a3
<command_loop_1>, handlers=..., handlers@entry=XIL(0x5490),
hfun=hfun@entry=0x53c25f
<cmd_error>) at eval.c:1376
#100 0x0000000000537c9a in command_loop_2 (ignore=..., ignore@entry=XIL(0))
at keyboard.c:1090
#101 0x00000000005ccd35 in internal_catch (tag=..., func=func@entry=0x537c82
<command_loop_2>, arg=..., arg@entry=XIL(0)) at eval.c:1139
#102 0x000000000053addd in command_loop () at keyboard.c:1069
#103 0x000000000053bcff in recursive_edit_1 () at keyboard.c:714
#104 0x000000000053c061 in Frecursive_edit () at keyboard.c:785
#105 0x0000000000534efa in main (argc=1, argv=<optimized out>) at
emacs.c:1949
Lisp Backtrace:
"clear-image-cache" (0xffff0650)
"org-display-inline-images" (0xffff0a88)
"org-mode" (0xffff1020)
"set-auto-mode-0" (0xffff1308)
"set-auto-mode" (0xffff17d0)
"vc-find-revision-no-save" (0xffff1bb0)
"diff-syntax-fontify-hunk" (0xffff2130)
"diff-syntax-fontify" (0xffff23f0)
"diff--font-lock-syntax" (0xffff2788)
"font-lock-fontify-keywords-region" (0xffff2d40)
"font-lock-default-fontify-region" (0xffff30b8)
"font-lock-fontify-region" (0xffff3358)
0x4a1a8c0 PVEC_COMPILED
"run-hook-wrapped" (0xffff37a0)
"jit-lock--run-functions" (0xffff3ae0)
"jit-lock-fontify-now" (0xffff3ef8)
"jit-lock-function" (0xffff4248)
"redisplay_internal (C function)" (0x0)
"read-key-sequence-vector" (0xffff9970)
"read-key" (0xffff9ca0)
---Type <return> to continue, or q <return> to quit---
"yes-or-no-p" (0xffffa0a0)
"vc-revert" (0xffffa620)
"funcall-interactively" (0xffffa618)
"call-interactively" (0xffffa750)
"command-execute" (0xffffaa78)
(gdb) continue
Continuing.
xdisp.c:26154: Emacs fatal error: assertion failed: s->img
Fatal error 6: Aborted
Backtrace:
/home/kmodi/downloads/git/emacs/src/emacs[0x55611b]
/home/kmodi/downloads/git/emacs/src/emacs[0x533fd8]
/home/kmodi/downloads/git/emacs/src/emacs[0x5a1622]
/home/kmodi/downloads/git/emacs/src/emacs[0x4378fe]
/home/kmodi/downloads/git/emacs/src/emacs[0x4708cf]
/home/kmodi/downloads/git/emacs/src/emacs[0x474bd2]
/home/kmodi/downloads/git/emacs/src/emacs[0x42244d]
/home/kmodi/downloads/git/emacs/src/emacs[0x422fea]
/home/kmodi/downloads/git/emacs/src/emacs[0x42366e]
/home/kmodi/downloads/git/emacs/src/emacs[0x4238ab]
/home/kmodi/downloads/git/emacs/src/emacs[0x42389b]
/home/kmodi/downloads/git/emacs/src/emacs[0x4259db]
/home/kmodi/downloads/git/emacs/src/emacs[0x46cf22]
/home/kmodi/downloads/git/emacs/src/emacs[0x46e493]
/home/kmodi/downloads/git/emacs/src/emacs[0x54451e]
/home/kmodi/downloads/git/emacs/src/emacs[0x545f05]
/home/kmodi/downloads/git/emacs/src/emacs[0x5489be]
/home/kmodi/downloads/git/emacs/src/emacs[0x548a97]
/home/kmodi/downloads/git/emacs/src/emacs[0x5cf89c]
/home/kmodi/downloads/git/emacs/src/emacs[0x5cdc27]
/home/kmodi/downloads/git/emacs/src/emacs[0x60f0bb]
/home/kmodi/downloads/git/emacs/src/emacs[0x5d0e5b]
/home/kmodi/downloads/git/emacs/src/emacs[0x5cdd80]
/home/kmodi/downloads/git/emacs/src/emacs[0x5ce041]
/home/kmodi/downloads/git/emacs/src/emacs[0x547999]
/home/kmodi/downloads/git/emacs/src/emacs[0x5ccded]
/home/kmodi/downloads/git/emacs/src/emacs[0x537c9a]
/home/kmodi/downloads/git/emacs/src/emacs[0x5ccd35]
/home/kmodi/downloads/git/emacs/src/emacs[0x53addd]
/home/kmodi/downloads/git/emacs/src/emacs[0x53bcff]
/home/kmodi/downloads/git/emacs/src/emacs[0x53c061]
/home/kmodi/downloads/git/emacs/src/emacs[0x534efa]
/lib64/libc.so.6(__libc_start_main+0xfd)[0x32f4c1ed1d]
/home/kmodi/downloads/git/emacs/src/emacs[0x41c1a9]
Thread 1 "emacs" received signal SIGABRT, Aborted.
0x00000032f580f6ab in raise () from /lib64/libpthread.so.0
(gdb) bt
#0 0x00000032f580f6ab in raise () from /lib64/libpthread.so.0
#1 0x0000000000533f82 in terminate_due_to_signal (sig=sig@entry=6,
backtrace_limit=backtrace_limit@entry=2147483647) at emacs.c:401
#2 0x00000000005a1622 in die (msg=msg@entry=0x67dc2c "s->img",
file=file@entry=0x67dbaa "xdisp.c", line=line@entry=26154) at alloc.c:7453
#3 0x00000000004378fe in fill_image_glyph_string (s=s@entry=0x7fffffff7aa0)
at xdisp.c:26154
#4 0x00000000004708cf in draw_glyphs (w=w@entry=0x13fa4e0, x=44,
row=0x3c69310, area=area@entry=TEXT_AREA, start=<optimized out>, start@entry=0,
end=end@entry=6, hl=DRAW_NORMAL_TEXT, overlaps=0)
at xdisp.c:26841
#5 0x0000000000474bd2 in x_write_glyphs (w=0x13fa4e0,
updated_row=<optimized out>, start=<optimized out>, updated_area=TEXT_AREA,
len=6) at xdisp.c:29042
#6 0x000000000042244d in update_text_area (w=w@entry=0x13fa4e0,
updated_row=updated_row@entry=0x3c69310, vpos=vpos@entry=14) at
dispnew.c:3613
#7 0x0000000000422fea in update_window_line (w=w@entry=0x13fa4e0,
vpos=vpos@entry=14,
mouse_face_overwritten_p=mouse_face_overwritten_p@entry=0x7fffffff7f2f)
at dispnew.c:3856
#8 0x000000000042366e in update_window (w=w@entry=0x13fa4e0,
force_p=force_p@entry=true) at dispnew.c:3478
#9 0x00000000004238ab in update_window_tree (w=0x13fa4e0,
force_p=force_p@entry=true) at dispnew.c:3220
#10 0x000000000042389b in update_window_tree (w=w@entry=0x4a141c0,
force_p=force_p@entry=true) at dispnew.c:3218
#11 0x00000000004259db in update_frame (f=f@entry=0x143b1b0, force_p=true,
force_p@entry=false, inhibit_hairy_id_p=inhibit_hairy_id_p@entry=false) at
dispnew.c:3109
#12 0x000000000046cf22 in redisplay_internal () at xdisp.c:14521
#13 0x000000000046e493 in redisplay () at xdisp.c:13664
#14 0x000000000054451e in read_char (commandflag=0, map=...,
map@entry=XIL(0x5264753),
prev_event=XIL(0x5264753),
used_mouse_menu=used_mouse_menu@entry=0x7fffffff967b,
end_time=end_time@entry=0x0)
at keyboard.c:2462
#15 0x0000000000545f05 in read_key_sequence
(keybuf=keybuf@entry=0x7fffffff9750,
prompt=..., prompt@entry=XIL(0x1a09754), dont_downcase_last=<optimized out>,
can_return_switch_frame=can_return_switch_frame@entry=false,
fix_current_buffer=fix_current_buffer@entry=false,
prevent_redisplay=prevent_redisplay@entry=false) at keyboard.c:9082
#16 0x00000000005489be in read_key_sequence_vs (prompt=...,
continue_echo=XIL(0), dont_downcase_last=...,
can_return_switch_frame=XIL(0), cmd_loop=...,
allow_string=allow_string@entry=false)
at keyboard.c:9777
#17 0x0000000000548a97 in Fread_key_sequence_vector (prompt=...,
continue_echo=..., dont_downcase_last=..., can_return_switch_frame=...,
cmd_loop=...) at keyboard.c:9858
#18 0x00000000005cf89c in funcall_subr (subr=0xcdd780
<Sread_key_sequence_vector>, numargs=numargs@entry=3,
args=args@entry=0x7fffffff9970)
at eval.c:2947
#19 0x00000000005cdc27 in Ffuncall (nargs=4, args=args@entry=0x7fffffff9968)
at eval.c:2860
#20 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff31fe77d), maxdepth=..., maxdepth@entry=make_number(14),
args_template=...,
args_template@entry=make_number(256), nargs=nargs@entry=1,
args=<optimized out>, args@entry=0x7fffffff9ca0) at bytecode.c:633
#21 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff31fe74d),
nargs=nargs@entry=1, arg_vector=arg_vector@entry=0x7fffffff9ca0) at
eval.c:3058
#22 0x00000000005cdd80 in Ffuncall (nargs=2, args=args@entry=0x7fffffff9c98)
at eval.c:2862
#23 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff319f95d), maxdepth=..., maxdepth@entry=make_number(9),
args_template=..., args_template@entry=make_number(257),
nargs=nargs@entry=1, args=<optimized out>, args@entry=0x7fffffffa0a0)
at bytecode.c:633
#24 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff319f92d),
nargs=nargs@entry=1, arg_vector=arg_vector@entry=0x7fffffffa0a0) at
eval.c:3058
#25 0x00000000005cdd80 in Ffuncall (nargs=2, args=args@entry=0x7fffffffa098)
at eval.c:2862
#26 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x603d725), maxdepth=..., maxdepth@entry=make_number(14),
args_template=..., args_template@entry=make_number(0),
nargs=nargs@entry=0, args=<optimized out>, args@entry=0x7fffffffa620)
at bytecode.c:633
#27 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x603d865),
nargs=nargs@entry=0, arg_vector=arg_vector@entry=0x7fffffffa620) at
eval.c:3058
#28 0x00000000005cdd80 in Ffuncall (nargs=nargs@entry=1,
args=args@entry=0x7fffffffa618)
at eval.c:2862
#29 0x00000000005c91cb in Ffuncall_interactively (nargs=1,
args=0x7fffffffa618) at callint.c:253
#30 0x00000000005cf71c in funcall_subr (subr=0xce4780
<Sfuncall_interactively>, numargs=numargs@entry=1,
args=args@entry=0x7fffffffa618)
at eval.c:2915
#31 0x00000000005cdc27 in Ffuncall (nargs=nargs@entry=2,
args=args@entry=0x7fffffffa610)
at eval.c:2860
#32 0x00000000005ce16c in Fapply (nargs=nargs@entry=3,
args=args@entry=0x7fffffffa610)
at eval.c:2433
#33 0x00000000005c9a0a in Fcall_interactively (function=...,
record_flag=..., keys=...) at callint.c:340
#34 0x00000000005cf86a in funcall_subr (subr=0xce4740
<Scall_interactively>, numargs=numargs@entry=3, args=args@entry=0x7fffffffa750)
at eval.c:2940
#35 0x00000000005cdc27 in Ffuncall (nargs=4, args=args@entry=0x7fffffffa748)
at eval.c:2860
#36 0x000000000060f0bb in exec_byte_code (bytestr=..., vector=...,
vector@entry=XIL(0x7ffff32a25a5), maxdepth=..., maxdepth@entry=make_number(13),
args_template=...,
args_template@entry=make_number(1025), nargs=nargs@entry=1,
args=<optimized out>, args@entry=0x7fffffffaa78) at bytecode.c:633
#37 0x00000000005d0e5b in funcall_lambda (fun=fun@entry=XIL(0x7ffff32a2575),
nargs=nargs@entry=1, arg_vector=arg_vector@entry=0x7fffffffaa78) at
eval.c:3058
#38 0x00000000005cdd80 in Ffuncall (nargs=nargs@entry=2,
args=args@entry=0x7fffffffaa70)
at eval.c:2862
#39 0x00000000005ce041 in call1 (fn=..., fn@entry=XIL(0x4020), arg1=...) at
eval.c:2711
#40 0x0000000000547999 in command_loop_1 () at keyboard.c:1462
#41 0x00000000005ccded in internal_condition_case (bfun=bfun@entry=0x5473a3
<command_loop_1>, handlers=..., handlers@entry=XIL(0x5490),
hfun=hfun@entry=0x53c25f
<cmd_error>) at eval.c:1376
#42 0x0000000000537c9a in command_loop_2 (ignore=..., ignore@entry=XIL(0))
at keyboard.c:1090
---Type <return> to continue, or q <return> to quit---
#43 0x00000000005ccd35 in internal_catch (tag=..., func=func@entry=0x537c82
<command_loop_2>, arg=..., arg@entry=XIL(0)) at eval.c:1139
#44 0x000000000053addd in command_loop () at keyboard.c:1069
#45 0x000000000053bcff in recursive_edit_1 () at keyboard.c:714
#46 0x000000000053c061 in Frecursive_edit () at keyboard.c:785
#47 0x0000000000534efa in main (argc=1, argv=<optimized out>) at
emacs.c:1949
Lisp Backtrace:
"redisplay_internal (C function)" (0x0)
"read-key-sequence-vector" (0xffff9970)
"read-key" (0xffff9ca0)
"yes-or-no-p" (0xffffa0a0)
"vc-revert" (0xffffa620)
"funcall-interactively" (0xffffa618)
"call-interactively" (0xffffa750)
"command-execute" (0xffffaa78)
(gdb)
[-- Attachment #2: Type: text/html, Size: 29895 bytes --]
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#34256: 27.0.50; Crash on draw_glyphs()
2019-02-01 3:25 ` Kaushal Modi
@ 2019-02-01 8:41 ` Eli Zaretskii
2019-02-04 16:03 ` Kaushal Modi
0 siblings, 1 reply; 18+ messages in thread
From: Eli Zaretskii @ 2019-02-01 8:41 UTC (permalink / raw)
To: Kaushal Modi; +Cc: 34256
> From: Kaushal Modi <kaushal.modi@gmail.com>
> Date: Thu, 31 Jan 2019 22:25:35 -0500
> Cc: 34256@debbugs.gnu.org
>
> Thread 1 "emacs" hit Hardware watchpoint 6: -location
> s->f->terminal->image_cache->images[0]
>
> Old value = (struct image *) 0x2346430
> New value = (struct image *) 0x0
> free_image (f=f@entry=0x143b1b0, img=img@entry=0x2346430) at image.c:1022
> 1022 if (img->picture)
> (gdb) bt
> #0 free_image (f=f@entry=0x143b1b0, img=img@entry=0x2346430) at
> image.c:1022
> #1 0x00000000006646a1 in clear_image_cache (f=0x143b1b0,
> filter=filter@entry=XIL(0xc5a0)) at image.c:1574
> #2 0x000000000066a35d in Fclear_image_cache (filter=...) at image.c:1658
> [...]
> Lisp Backtrace:
> "clear-image-cache" (0xffff0650)
> "org-display-inline-images" (0xffff0a88)
> "org-mode" (0xffff1020)
> "set-auto-mode-0" (0xffff1308)
> "set-auto-mode" (0xffff17d0)
> "vc-find-revision-no-save" (0xffff1bb0)
> "diff-syntax-fontify-hunk" (0xffff2130)
> "diff-syntax-fontify" (0xffff23f0)
> "diff--font-lock-syntax" (0xffff2788)
> "font-lock-fontify-keywords-region" (0xffff2d40)
> "font-lock-default-fontify-region" (0xffff30b8)
> "font-lock-fontify-region" (0xffff3358)
> 0x4a1a8c0 PVEC_COMPILED
> "run-hook-wrapped" (0xffff37a0)
> "jit-lock--run-functions" (0xffff3ae0)
> "jit-lock-fontify-now" (0xffff3ef8)
> "jit-lock-function" (0xffff4248)
> "redisplay_internal (C function)" (0x0)
Thanks, I think I understand what happened here. Does the patch below
fix the problem? If it doesn't, please repeat the procedure with the
patched Emacs.
diff --git a/src/frame.h b/src/frame.h
index ab3efdf..e0dab51 100644
--- a/src/frame.h
+++ b/src/frame.h
@@ -413,6 +413,10 @@ struct frame
/* Non-zero if this frame's faces need to be recomputed. */
bool_bf face_change : 1;
+ /* Non-zero if this frame's image cache cannot be freed because the
+ frame is in the process of being redisplayed. */
+ bool_bf inhibit_clear_image_cache : 1;
+
/* Bitfield area ends here. */
/* This frame's change stamp, set the last time window change
diff --git a/src/image.c b/src/image.c
index 2014860..342b647 100644
--- a/src/image.c
+++ b/src/image.c
@@ -1554,7 +1554,7 @@ clear_image_cache (struct frame *f, Lisp_Object filter)
{
struct image_cache *c = FRAME_IMAGE_CACHE (f);
- if (c)
+ if (c && !f->inhibit_clear_image_cache)
{
ptrdiff_t i, nfreed = 0;
diff --git a/src/xdisp.c b/src/xdisp.c
index ec8dd86..b43777a 100644
--- a/src/xdisp.c
+++ b/src/xdisp.c
@@ -14440,7 +14440,17 @@ redisplay_internal (void)
FRAME_TERMINAL (f)->condemn_scroll_bars_hook (f);
if (FRAME_VISIBLE_P (f) && !FRAME_OBSCURED_P (f))
- redisplay_windows (FRAME_ROOT_WINDOW (f));
+ {
+
+ /* Don't allow freeing images for this frame as long
+ as the frame's update wasn't completed. This
+ prevents crashes when some Lisp that runs from
+ the various hooks or font-lock decides to clear
+ the frame's image cache, when the images in that
+ cache are referenced by the desired matrix. */
+ f->inhibit_clear_image_cache = true;
+ redisplay_windows (FRAME_ROOT_WINDOW (f));
+ }
/* Remember that the invisible frames need to be redisplayed next
time they're visible. */
else if (!REDISPLAY_SOME_P ())
@@ -14521,6 +14531,7 @@ redisplay_internal (void)
pending |= update_frame (f, false, false);
f->cursor_type_changed = false;
f->updated_p = true;
+ f->inhibit_clear_image_cache = false;
}
}
}
@@ -14548,6 +14559,7 @@ redisplay_internal (void)
}
else if (FRAME_VISIBLE_P (sf) && !FRAME_OBSCURED_P (sf))
{
+ sf->inhibit_clear_image_cache = true;
displayed_buffer = XBUFFER (XWINDOW (selected_window)->contents);
/* Use list_of_error, not Qerror, so that
we catch only errors and don't run the debugger. */
@@ -14603,6 +14615,7 @@ redisplay_internal (void)
XWINDOW (selected_window)->must_be_updated_p = true;
pending = update_frame (sf, false, false);
sf->cursor_type_changed = false;
+ sf->inhibit_clear_image_cache = false;
}
/* We may have called echo_area_display at the top of this
^ permalink raw reply related [flat|nested] 18+ messages in thread
* bug#34256: 27.0.50; Crash on draw_glyphs()
2019-02-01 8:41 ` Eli Zaretskii
@ 2019-02-04 16:03 ` Kaushal Modi
2019-02-04 17:50 ` Eli Zaretskii
0 siblings, 1 reply; 18+ messages in thread
From: Kaushal Modi @ 2019-02-04 16:03 UTC (permalink / raw)
To: Eli Zaretskii; +Cc: 34256
[-- Attachment #1: Type: text/plain, Size: 1738 bytes --]
Hi Eli,
On Fri, Feb 1, 2019 at 3:41 AM Eli Zaretskii <eliz@gnu.org> wrote:
> > "redisplay_internal (C function)" (0x0)
>
> Thanks, I think I understand what happened here. Does the patch below
> fix the problem? If it doesn't, please repeat the procedure with the
> patched Emacs.
>
> diff --git a/src/frame.h b/src/frame.h
> index ab3efdf..e0dab51 100644
> --- a/src/frame.h
> +++ b/src/frame.h
> @@ -413,6 +413,10 @@ struct frame
> /* Non-zero if this frame's faces need to be recomputed. */
> bool_bf face_change : 1;
>
> + /* Non-zero if this frame's image cache cannot be freed because the
> + frame is in the process of being redisplayed. */
> + bool_bf inhibit_clear_image_cache : 1;
> +
> /* Bitfield area ends here. */
>
> /* This frame's change stamp, set the last time window change
> diff --git a/src/image.c b/src/image.c
> index 2014860..342b647 100644
> --- a/src/image.c
> +++ b/src/image.c
> @@ -1554,7 +1554,7 @@ clear_image_cache (struct frame *f, Lisp_Object
> filter)
> {
> struct image_cache *c = FRAME_IMAGE_CACHE (f);
>
> - if (c)
> + if (c && !f->inhibit_clear_image_cache)
> {
> ptrdiff_t i, nfreed = 0;
>
> diff --git a/src/xdisp.c b/src/xdisp.c
> index ec8dd86..b43777a 100644
> --- a/src/xdisp.c
> +++ b/src/xdisp.c
> @@ -14440,7 +14440,17 @@ redisplay_internal (void)
> FRAME_TERMINAL (f)->condemn_scroll_bars_hook (f);
>
> if (FRAME_VISIBLE_P (f) && !FRAME_OBSCURED_P (f))
> - redisplay_windows (FRAME_ROOT_WINDOW (f));
> + {
Thanks for the patch!
I couldn't apply the patch, so had to apply it manually.
But it works!
I am looking forward to understand in plain terms what this fix did.
Thank you.
[-- Attachment #2: Type: text/html, Size: 2459 bytes --]
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#34256: 27.0.50; Crash on draw_glyphs()
2019-02-04 16:03 ` Kaushal Modi
@ 2019-02-04 17:50 ` Eli Zaretskii
0 siblings, 0 replies; 18+ messages in thread
From: Eli Zaretskii @ 2019-02-04 17:50 UTC (permalink / raw)
To: Kaushal Modi; +Cc: 34256-done
> From: Kaushal Modi <kaushal.modi@gmail.com>
> Date: Mon, 4 Feb 2019 11:03:37 -0500
> Cc: 34256@debbugs.gnu.org
>
> Thanks for the patch!
>
> I couldn't apply the patch, so had to apply it manually.
>
> But it works!
Thanks, I've now pushed it to the master branch.
> I am looking forward to understand in plain terms what this fix did.
What happened was that while the display engine was redisplaying the
buffer, font-lock was called to fontify some part of the buffer, and
that activated Org mode (because the buffer displayed diffs of an Org
file, I presume?), and Org mode explicitly clears the image cache of
the frame for some reason I couldn't fathom. So an inline image that
was ready to be displayed got removed and freed from under the feet of
the display engine, and when the time came to actually display it,
there was nothing to display...
The fix is to inhibit clearing of a frame's image cache until after
the frame has been updated by the display engine.
Thanks for helping me track this bug.
^ permalink raw reply [flat|nested] 18+ messages in thread
end of thread, other threads:[~2019-02-04 17:50 UTC | newest]
Thread overview: 18+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-01-30 14:30 bug#34256: 27.0.50; Crash on draw_glyphs() Kaushal Modi
2019-01-30 16:16 ` Eli Zaretskii
2019-01-30 16:35 ` Kaushal Modi
2019-01-30 16:51 ` Eli Zaretskii
2019-01-30 18:22 ` Kaushal Modi
2019-01-30 18:55 ` Eli Zaretskii
2019-01-30 20:54 ` Kaushal Modi
2019-01-31 14:02 ` Eli Zaretskii
2019-01-31 15:50 ` Kaushal Modi
2019-01-31 16:52 ` Eli Zaretskii
2019-01-31 17:02 ` Kaushal Modi
2019-01-31 17:05 ` Kaushal Modi
2019-01-31 20:26 ` Eli Zaretskii
2019-02-01 3:15 ` Kaushal Modi
2019-02-01 3:25 ` Kaushal Modi
2019-02-01 8:41 ` Eli Zaretskii
2019-02-04 16:03 ` Kaushal Modi
2019-02-04 17:50 ` Eli Zaretskii
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).