From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Robert Pluim Newsgroups: gmane.emacs.bugs Subject: bug#42943: 28.0.50; Emacsclient crashes in ftcrfont_glyph_extents Date: Sat, 24 Oct 2020 15:27:39 +0200 Message-ID: References: <877dtuta6z.fsf@tcd.ie> <87y2m82ix4.fsf@gnus.org> <87zh4emnzm.fsf@gnus.org> <87lffxlxm5.fsf@tcd.ie> <83lffvhmne.fsf@gnu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="7195"; mail-complaints-to="usenet@ciao.gmane.io" Cc: contovob@tcd.ie, larsi@gnus.org, 42943@debbugs.gnu.org To: Eli Zaretskii Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Sat Oct 24 15:28:08 2020 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1kWJaZ-0001lU-Sp for geb-bug-gnu-emacs@m.gmane-mx.org; Sat, 24 Oct 2020 15:28:07 +0200 Original-Received: from localhost ([::1]:35358 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kWJaY-00070J-Qq for geb-bug-gnu-emacs@m.gmane-mx.org; Sat, 24 Oct 2020 09:28:06 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:55636) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kWJaU-00070A-6K for bug-gnu-emacs@gnu.org; Sat, 24 Oct 2020 09:28:02 -0400 Original-Received: from debbugs.gnu.org ([209.51.188.43]:49648) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kWJaT-0006Cl-Tz for bug-gnu-emacs@gnu.org; Sat, 24 Oct 2020 09:28:01 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1kWJaT-0007K9-OW for bug-gnu-emacs@gnu.org; Sat, 24 Oct 2020 09:28:01 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Robert Pluim Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Sat, 24 Oct 2020 13:28:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 42943 X-GNU-PR-Package: emacs Original-Received: via spool by 42943-submit@debbugs.gnu.org id=B42943.160354607628142 (code B ref 42943); Sat, 24 Oct 2020 13:28:01 +0000 Original-Received: (at 42943) by debbugs.gnu.org; 24 Oct 2020 13:27:56 +0000 Original-Received: from localhost ([127.0.0.1]:32961 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kWJaK-0007Jk-Um for submit@debbugs.gnu.org; Sat, 24 Oct 2020 09:27:56 -0400 Original-Received: from mail-wm1-f47.google.com ([209.85.128.47]:37728) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kWJaF-0007JR-CY for 42943@debbugs.gnu.org; Sat, 24 Oct 2020 09:27:51 -0400 Original-Received: by mail-wm1-f47.google.com with SMTP id c16so5723295wmd.2 for <42943@debbugs.gnu.org>; Sat, 24 Oct 2020 06:27:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:references:date:in-reply-to:message-id :mime-version:content-transfer-encoding; bh=SqTkDGQY6X1q4p2c74Zy4qe8KiHbNkxcShn72X3Eu/k=; b=SZYFwP+d2LPJFDBpi/Tb/CVIXc4F4W5bdo295Mil/yO+AuIfiM6usmFcYZktLUAn3I uMw6Qg/X1laQL7ayUHADDT8y7LSgsOdEajBDxSynpQOwqm+/xeUMAIpMitm0imYUUmrw 8oY9k1zruAIoFGuDd3s5x3FVtD1E3rJwYVH+AN5/6mtrpuizY3ZLZHyoxwyAIaSHpuZN o3G8AeWc+sYdbv5X05T14jyMQbr+IkopOmu9gk2IjiQ4RFXELKyypEaFXONp+VL4LBDp TnyYu1GpTBwyK/auJtKpvYmVeg771HfEeru4xw6FQu2j2ZNvE8BsUufKtaXZs63J84A0 gJMg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to :message-id:mime-version:content-transfer-encoding; bh=SqTkDGQY6X1q4p2c74Zy4qe8KiHbNkxcShn72X3Eu/k=; b=kyp7azPavvuT8FaTi341iWSA+1G71oAzXZLz8/RuXCGuVY0o38aUk2iT1RpaxQiGtK LZVjxJsmZ4W8FhF7iaxBF3Rs9Aya3u9Krn9fLD1b36yXRNvN9Y1N0fKwTe9VDZaGiU6d ElR7KkSp1hvrWG//9Rwrx4nVlQRX8/KJQH3KMRjbuQ2lxVkopH2tFahIoC5cb+ZYPKrY Eut0OAzwqkahgTjbRbL25FY37xJvhTz4ySF/8S8uGIFmE3pJQgjxDttMuXz54nj+8+pq MbZgfJ/vbCnnj9E4qoamw0OxuwLJ5BTJsa6jVlhW6yONrkbDjiPvhf5eIL9W0w95BRPu qerw== X-Gm-Message-State: AOAM530vo7TATfx9+H1ojeJQJPK2w+bEiurDbWP7YZN1rRRwu+yffWQx 9dNNjt8/yCyJV/n6CzPiEcMcv6DQL08= X-Google-Smtp-Source: ABdhPJydMx3vDZDS+I+fezCWNtazMOAnVBJXK/vi5svPEFm5c0NufS+MfkFHJKBm8LX2YvV8PZMBWw== X-Received: by 2002:a1c:68c1:: with SMTP id d184mr6851356wmc.74.1603546060993; Sat, 24 Oct 2020 06:27:40 -0700 (PDT) Original-Received: from rpluim-mac ([2a01:e34:ecfc:a860:8d6e:d31:eb45:4a86]) by smtp.gmail.com with ESMTPSA id a2sm10450538wrs.55.2020.10.24.06.27.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 24 Oct 2020 06:27:40 -0700 (PDT) In-Reply-To: (Robert Pluim's message of "Sat, 24 Oct 2020 14:14:53 +0200") X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.io gmane.emacs.bugs:191423 Archived-At: >>>>> On Sat, 24 Oct 2020 14:14:53 +0200, Robert Pluim s= aid: Eli> I'm guessing that we close the font, but there's still a face that Eli> references that font, and we try using that face for display. Can= you Eli> see if that is the case? The 'face' member of 'struct glyph_strin= g' Eli> should point to the face, and face->font should point to the font. Robert> Yes, we=CA=BCre using the face that=CA=BCs cached in the glyph_= string: Robert> Thread 1 "emacs" received signal SIGSEGV, Segmentation fault. Robert> ftcrfont_glyph_extents (font=3D0x555556930478, glyph=3D1036, Robert> metrics=3Dmetrics@entry=3D0x0) at ftcrfont.c:81 Robert> 81 if (METRICS_STATUS (cache) =3D=3D METRICS_INVALID) Robert> (gdb) up Robert> #1 0x00005555558453a1 in ftcrfont_draw (s=3D0x7fffffffb440, Robert> from=3D, to=3D, x=3D17, y=3D<= optimized out>, Robert> with_background=3D) at ftcrfont.c:520 Robert> 520 x +=3D (s->padding_p ? 1 : ftcrfont_glyph_extents= (s->font, Robert> (gdb) l 500 Robert> 495 struct face *face =3D s->face; Robert> 496 struct font_info *ftcrfont_info =3D (struct font_info= *) s->font; Robert> 497 cairo_t *cr; Robert> 498 cairo_glyph_t *glyphs; Robert> 499 int len =3D to - from; Robert> 500 int i; Robert> 501 Robert> 502 block_input (); Robert> 503 Robert> 504 cr =3D x_begin_cr_clip (f, s->gc); Robert> (gdb) p s->face Robert> $1 =3D (struct face *) 0x555556113290 Robert> (gdb) p s->face->font Robert> $2 =3D (struct font *) 0x555556930478 Robert> (gdb) p s->font Robert> $3 =3D (struct font *) 0x555556930478 And that font comes from here: static int fill_gstring_glyph_string (struct glyph_string *s, int face_id, int start, int end, int overlaps) { struct glyph *glyph, *last; Lisp_Object lgstring; int i; bool glyph_not_available_p; s->for_overlaps =3D overlaps; glyph =3D s->row->glyphs[s->area] + start; last =3D s->row->glyphs[s->area] + end; glyph_not_available_p =3D glyph->glyph_not_available_p; s->cmp_id =3D glyph->u.cmp.id; s->cmp_from =3D glyph->slice.cmp.from; s->cmp_to =3D glyph->slice.cmp.to + 1; s->face =3D FACE_FROM_ID (s->f, face_id); lgstring =3D composition_gstring_from_id (s->cmp_id); s->font =3D XFONT_OBJECT (LGSTRING_FONT (lgstring)); <---- so it=CA=BCs the caching in the Lisp_Object for the composition that=CA=BCs causing the problem. I can also get it to crash by entering 'a' followed by U+306 (COMBINING BREVE), but the initial code path is different, as then the initial caching of the font is here: Lisp_Object hbfont_shape (Lisp_Object lgstring, Lisp_Object direction) { struct font *font =3D CHECK_FONT_GET_OBJECT (LGSTRING_FONT (lgstring)); (but the final crash is at the same place). Robert --=20