From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: YAMAMOTO Mitsuharu Newsgroups: gmane.emacs.bugs Subject: bug#5609: 23.1.92; segfault in composition_compute_stop_pos Date: Fri, 26 Feb 2010 08:30:07 +0900 Organization: Faculty of Science, Chiba University Message-ID: References: <871vgfomwq.fsf@turtle.gmx.de> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII X-Trace: dough.gmane.org 1267142011 17099 80.91.229.12 (25 Feb 2010 23:53:31 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Thu, 25 Feb 2010 23:53:31 +0000 (UTC) Cc: Sven Joachim , 5609@debbugs.gnu.org To: Kenichi Handa Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Fri Feb 26 00:53:26 2010 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1NknWH-0004VS-Gw for geb-bug-gnu-emacs@m.gmane.org; Fri, 26 Feb 2010 00:53:25 +0100 Original-Received: from localhost ([127.0.0.1]:55412 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1NknWH-00065j-4z for geb-bug-gnu-emacs@m.gmane.org; Thu, 25 Feb 2010 18:53:25 -0500 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1NknWC-00065U-66 for bug-gnu-emacs@gnu.org; Thu, 25 Feb 2010 18:53:20 -0500 Original-Received: from [140.186.70.92] (port=52839 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1NknWB-00065B-CD for bug-gnu-emacs@gnu.org; Thu, 25 Feb 2010 18:53:19 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.69) (envelope-from ) id 1NknWA-0006bp-80 for bug-gnu-emacs@gnu.org; Thu, 25 Feb 2010 18:53:19 -0500 Original-Received: from debbugs.gnu.org ([140.186.70.43]:50888) by eggs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1NknWA-0006bl-4T for bug-gnu-emacs@gnu.org; Thu, 25 Feb 2010 18:53:18 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.69) (envelope-from ) id 1NknAb-0002Og-Qz; Thu, 25 Feb 2010 18:31:01 -0500 X-Loop: bug-gnu-emacs@gnu.org Resent-From: YAMAMOTO Mitsuharu Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-To: owner@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Thu, 25 Feb 2010 23:31:01 +0000 Resent-Message-ID: Resent-Sender: bug-gnu-emacs@gnu.org X-Emacs-PR-Message: followup 5609 X-Emacs-PR-Package: emacs X-Emacs-PR-Keywords: Original-Received: via spool by 5609-submit@debbugs.gnu.org id=B5609.12671406189190 (code B ref 5609); Thu, 25 Feb 2010 23:31:01 +0000 Original-Received: (at 5609) by debbugs.gnu.org; 25 Feb 2010 23:30:18 +0000 Original-Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Nkn9s-0002O9-IM for submit@debbugs.gnu.org; Thu, 25 Feb 2010 18:30:16 -0500 Original-Received: from ntp.math.s.chiba-u.ac.jp ([133.82.132.2] helo=mathmail.math.s.chiba-u.ac.jp) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Nkn9q-0002O2-8Z for 5609@debbugs.gnu.org; Thu, 25 Feb 2010 18:30:15 -0500 Original-Received: from church.math.s.chiba-u.ac.jp (church [133.82.132.36]) by mathmail.math.s.chiba-u.ac.jp (Postfix) with ESMTP id 069E8C0561; Fri, 26 Feb 2010 08:30:07 +0900 (JST) In-Reply-To: User-Agent: Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.8 =?UTF-8?Q?(Shij=C5=8D)?= APEL/10.6 Emacs/22.3 (sparc-sun-solaris2.8) MULE/5.0 (SAKAKI) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.11 Precedence: list Resent-Date: Thu, 25 Feb 2010 18:31:01 -0500 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:35319 Archived-At: >>>>> On Thu, 25 Feb 2010 11:33:22 +0900, Kenichi Handa said: > In article <871vgfomwq.fsf@turtle.gmx.de>, Sven Joachim > writes: >> During the last weeks I experienced several segfaults, mostly in >> Dired, but unfortunately I did not run Emacs under GDB. This time >> I did. I visited a file named "Makefile" and started an I-search >> for "distcheck" when Emacs segfaulted. This is not reproducible. > Although I can't reproduce that bug, I found a suspicious code and > just fixed it. Please try the latest version. Actually I suspected this out-of-boundary `endpos' value in http://lists.gnu.org/archive/html/bug-gnu-emacs/2010-01/msg00522.html I suspect the problematic case is that `charpos + field_width' in reseat_to_string exceeds the length of the given string. The value of `field_width' is 12 by default when displaying buffer names. Also, I guess the upper limit of `endpos' is `SCHARS (it->string)' instead of `charpos + SCHARS (it->string)' at line 5614 below. Could you confirm if it is correct? 5611 it->stop_charpos = charpos; 5612 if (s == NULL && it->multibyte_p) 5613 { 5614 EMACS_INT endpos = charpos + SCHARS (it->string); 5615 if (endpos > it->end_charpos) 5616 endpos = it->end_charpos; 5617 composition_compute_stop_pos (&it->cmp_it, charpos, -1, endpos, 5618 it->string); 5619 } YAMAMOTO Mitsuharu mituharu@math.s.chiba-u.ac.jp