From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Kenichi Handa <handa@m17n.org>
Newsgroups: gmane.emacs.bugs
Subject: bug#3208: 23.0.93;
	Memory full / crash when displaying lots of characters from a
	large	font (like Arial Unicode or Code2000) which is not
	explicitly	selected (on Win32)
Date: Tue, 19 May 2009 11:13:31 +0900
Message-ID: <E1M6Epf-0003UC-Jj@etlken>
References: <49FF3340.2040008@gmx.de> <4A005A64.5050908@gnu.org>
Reply-To: Kenichi Handa <handa@m17n.org>, 3208@emacsbugs.donarmstrong.com
NNTP-Posting-Host: lo.gmane.org
X-Trace: ger.gmane.org 1242700365 975 80.91.229.12 (19 May 2009 02:32:45 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Tue, 19 May 2009 02:32:45 +0000 (UTC)
Cc: schierlm@gmx.de
To: Jason Rumney <jasonr@gnu.org>, 3208@emacsbugs.donarmstrong.com
Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Tue May 19 04:32:38 2009
Return-path: <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>
Envelope-to: geb-bug-gnu-emacs@m.gmane.org
Original-Received: from lists.gnu.org ([199.232.76.165])
	by lo.gmane.org with esmtp (Exim 4.50)
	id 1M6F89-00084t-As
	for geb-bug-gnu-emacs@m.gmane.org; Tue, 19 May 2009 04:32:37 +0200
Original-Received: from localhost ([127.0.0.1]:57986 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43)
	id 1M6F88-0002Ys-Rh
	for geb-bug-gnu-emacs@m.gmane.org; Mon, 18 May 2009 22:32:36 -0400
Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1M6F7f-00028i-D8
	for bug-gnu-emacs@gnu.org; Mon, 18 May 2009 22:32:07 -0400
Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1M6F7a-00024o-9A
	for bug-gnu-emacs@gnu.org; Mon, 18 May 2009 22:32:06 -0400
Original-Received: from [199.232.76.173] (port=59365 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1M6F7a-00024g-6Q
	for bug-gnu-emacs@gnu.org; Mon, 18 May 2009 22:32:02 -0400
Original-Received: from rzlab.ucr.edu ([138.23.92.77]:44494)
	by monty-python.gnu.org with esmtps
	(TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.60)
	(envelope-from <debbugs@rzlab.ucr.edu>) id 1M6F7Z-00018G-K9
	for bug-gnu-emacs@gnu.org; Mon, 18 May 2009 22:32:01 -0400
Original-Received: from rzlab.ucr.edu (rzlab.ucr.edu [127.0.0.1])
	by rzlab.ucr.edu (8.13.8/8.13.8/Debian-3) with ESMTP id n4J2Vuq8022168; 
	Mon, 18 May 2009 19:31:59 -0700
Original-Received: (from debbugs@localhost)
	by rzlab.ucr.edu (8.13.8/8.13.8/Submit) id n4J2K6bV018241;
	Mon, 18 May 2009 19:20:06 -0700
X-Loop: owner@emacsbugs.donarmstrong.com
Resent-From: Kenichi Handa <handa@m17n.org>
Resent-To: bug-submit-list@donarmstrong.com
Resent-CC: Emacs Bugs <bug-gnu-emacs@gnu.org>
Resent-Date: Tue, 19 May 2009 02:20:05 +0000
Resent-Message-ID: <handler.3208.B3208.124269920416743@emacsbugs.donarmstrong.com>
Resent-Sender: owner@emacsbugs.donarmstrong.com
X-Emacs-PR-Message: followup 3208
X-Emacs-PR-Package: emacs
X-Emacs-PR-Keywords: 
Original-Received: via spool by 3208-submit@emacsbugs.donarmstrong.com
	id=B3208.124269920416743
	(code B ref 3208); Tue, 19 May 2009 02:20:05 +0000
Original-Received: (at 3208) by emacsbugs.donarmstrong.com; 19 May 2009 02:13:24 +0000
X-Spam-Bayes: score:0.5 Bayes not run. spammytokens:Tokens not available.
	hammytokens:Tokens not available.
Original-Received: from mx1.aist.go.jp (mx1.aist.go.jp [150.29.246.133])
	by rzlab.ucr.edu (8.13.8/8.13.8/Debian-3) with ESMTP id n4J2DJDb016736
	for <3208@emacsbugs.donarmstrong.com>; Mon, 18 May 2009 19:13:21 -0700
Original-Received: from rqsmtp2.aist.go.jp (rqsmtp2.aist.go.jp [150.29.254.123])
	by mx1.aist.go.jp  with ESMTP id n4J2DIEG009718;
	Tue, 19 May 2009 11:13:18 +0900 (JST) env-from (handa@m17n.org)
Original-Received: from smtp2.aist.go.jp
	by rqsmtp2.aist.go.jp  with ESMTP id n4J2DIqr018907;
	Tue, 19 May 2009 11:13:18 +0900 (JST) env-from (handa@m17n.org)
Original-Received: by smtp2.aist.go.jp  with ESMTP id n4J2DGNt014981;
	Tue, 19 May 2009 11:13:16 +0900 (JST) env-from (handa@m17n.org)
Original-Received: from handa by etlken with local (Exim 4.69)
	(envelope-from <handa@m17n.org>)
	id 1M6Epf-0003UC-Jj; Tue, 19 May 2009 11:13:31 +0900
In-reply-to: <4A005A64.5050908@gnu.org> (message from Jason Rumney on Tue, 05
	May 2009 23:25:24 +0800)
X-detected-operating-system: by monty-python.gnu.org: GNU/Linux 2.6 (newer, 3)
Resent-Date: Mon, 18 May 2009 22:32:06 -0400
X-BeenThere: bug-gnu-emacs@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Bug reports for GNU Emacs,
	the Swiss army knife of text editors" <bug-gnu-emacs.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/bug-gnu-emacs>,
	<mailto:bug-gnu-emacs-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/bug-gnu-emacs>
List-Post: <mailto:bug-gnu-emacs@gnu.org>
List-Help: <mailto:bug-gnu-emacs-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/bug-gnu-emacs>,
	<mailto:bug-gnu-emacs-request@gnu.org?subject=subscribe>
Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org
Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.bugs:28007
Archived-At: <http://permalink.gmane.org/gmane.emacs.bugs/28007>

In article <4A005A64.5050908@gnu.org>, Jason Rumney <jasonr@gnu.org> writes:

> Michael Schierl wrote:
> > - It is easier if you have one of the fonts Code2000 or Arial Unicode
> >   installed. I tried it with fonts that come with Windows XP (like
> >   Lucida Sans Unicode) but did not succeed in reproducing the bug.
> >   It might happen with other fonts as well, most likely ones that have
> >   lots of glyphs.
> > - You need to know a character that is in your font but not in the
> >   default font (0x2203 works for both Arial Unicode and Code2000, 0x2202
> >   would work for Lucida Sans Unicode, 0xFFFD works for Arial Unicode).
> > - Start emacs -Q
> > - Insert a few thousand characters of that kind, and move to the
> >   beginning and to the end of the buffer repeatedly. At first you
> >   receive warnings like "Emergency (alloc): Warning: past 95% of memory
> >   limit", then the memory is exhausted, and if you still go on, you will
> >   be asked if you want to debug Emacs. This is perfectly reproducable
> >   for me, both on my main machine and on a freshly installed WinXP
> >   virtual machine where I only added Emacs and one of the fonts.
> >   

> I can reproduce this. The malloc warnings always seem to occur in the 
> SAFE_ALLOCA call in font_sort_entities. The vec passed in to that 
> function contains all the fonts on my system, and len is over 3000, 
> requiring 24kB to be allocated. There appear to be two bugs here.

> One is that this function is being called all the time when we have 
> already found a font for the character we added to the buffer.

Oops, I've just fixed this typo:
  font_sort_entites -> font_sort_entities
Anyway, font_sort_entities is called from
font_find_for_lface (via font_select_entity).

Could you please find why font_find_for_lface is called so
releatedly by setting breakpoint in fontset_find_font (with
condition "c == 0x2203)?

> The other is that SAFE_FREE does not appear to call xfree to free the 
> memory that SAFE_ALLOCA allocated with xmalloc. Maybe SAFE_ALLOCA is not 
> used often to allocate more than 16kB (the threshold for using the heap 
> instead of the stack) so this has gone unnoticed in the past.

SAFE_FREE surely calls xfree via unbind_to because
SAFE_ALLOCA calls record_unwind_protect with
safe_alloca_unwind.

---
Kenichi Handa
handa@m17n.org