From: YAMAMOTO Mitsuharu <mituharu@math.s.chiba-u.ac.jp>
To: Kenichi Handa <handa@m17n.org>
Cc: Sven Joachim <svenjoac@gmx.de>, 5609@debbugs.gnu.org
Subject: bug#5609: 23.1.92; segfault in composition_compute_stop_pos
Date: Fri, 26 Feb 2010 08:30:07 +0900 [thread overview]
Message-ID: <wlk4u051xc.wl%mituharu@math.s.chiba-u.ac.jp> (raw)
In-Reply-To: <tl7tyt62gel.fsf@m17n.org>
>>>>> On Thu, 25 Feb 2010 11:33:22 +0900, Kenichi Handa <handa@m17n.org> said:
> In article <871vgfomwq.fsf@turtle.gmx.de>, Sven Joachim
> <svenjoac@gmx.de> writes:
>> During the last weeks I experienced several segfaults, mostly in
>> Dired, but unfortunately I did not run Emacs under GDB. This time
>> I did. I visited a file named "Makefile" and started an I-search
>> for "distcheck" when Emacs segfaulted. This is not reproducible.
> Although I can't reproduce that bug, I found a suspicious code and
> just fixed it. Please try the latest version.
Actually I suspected this out-of-boundary `endpos' value in
http://lists.gnu.org/archive/html/bug-gnu-emacs/2010-01/msg00522.html
I suspect the problematic case is that `charpos + field_width' in
reseat_to_string exceeds the length of the given string. The value of
`field_width' is 12 by default when displaying buffer names.
Also, I guess the upper limit of `endpos' is `SCHARS (it->string)'
instead of `charpos + SCHARS (it->string)' at line 5614 below. Could
you confirm if it is correct?
5611 it->stop_charpos = charpos;
5612 if (s == NULL && it->multibyte_p)
5613 {
5614 EMACS_INT endpos = charpos + SCHARS (it->string);
5615 if (endpos > it->end_charpos)
5616 endpos = it->end_charpos;
5617 composition_compute_stop_pos (&it->cmp_it, charpos, -1, endpos,
5618 it->string);
5619 }
YAMAMOTO Mitsuharu
mituharu@math.s.chiba-u.ac.jp
next prev parent reply other threads:[~2010-02-25 23:30 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-02-20 17:08 bug#5609: 23.1.92; segfault in composition_compute_stop_pos Sven Joachim
2010-02-21 13:16 ` Chong Yidong
2010-02-22 7:54 ` Kenichi Handa
2010-02-25 2:33 ` Kenichi Handa
2010-02-25 23:30 ` YAMAMOTO Mitsuharu [this message]
2010-02-26 1:23 ` Kenichi Handa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=wlk4u051xc.wl%mituharu@math.s.chiba-u.ac.jp \
--to=mituharu@math.s.chiba-u.ac.jp \
--cc=5609@debbugs.gnu.org \
--cc=handa@m17n.org \
--cc=svenjoac@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).