MPS: Crash while completing symbol with corfu

MPS: Crash while completing symbol with corfu

[Ihor Radchenko]

Thread 1 "emacs" hit Breakpoint 1, terminate_due_to_signal (sig=sig@entry=11, backtrace_limit=backtrace_limit@entry=40) at emacs.c:443
443	{
(gdb) bt
#0  terminate_due_to_signal (sig=sig@entry=11, backtrace_limit=backtrace_limit@entry=40) at emacs.c:443
#1  0x00005555556e446b in handle_fatal_signal (sig=sig@entry=11) at sysdep.c:1800
#2  0x00005555556e44d0 in deliver_thread_signal (sig=11, handler=0x5555556e4457 <handle_fatal_signal>) at sysdep.c:1792
#3  deliver_fatal_thread_signal (sig=sig@entry=11) at sysdep.c:1812
#4  0x00005555556e44fd in handle_sigsegv (sig=11, siginfo=<optimized out>, arg=<optimized out>) at sysdep.c:1950
#5  0x00007ffff3048050 in <signal handler called> () at /lib64/libc.so.6
#6  0x00007ffff304822b in kill () at /lib64/libc.so.6
#7  0x0000555555880af9 in sigHandle (sig=<optimized out>, info=<optimized out>, uap=<optimized out>) at /home/yantar92/Dist/mps/code/protsgix.c:114
#8  0x00007ffff3048050 in <signal handler called> () at /lib64/libc.so.6
#9  qttip_cb (widget=0x5555913b54b0, xpos=222, ypos=80, keyboard_mode=0, tooltip=0x555556741b10, user_data=0x7ffee6e6b3c8) at gtkutil.c:855
#10 0x00007ffff7486d63 in ??? () at /usr/lib64/libgtk-3.so.0
#11 0x00007ffff6e08d30 in g_closure_invoke () at /usr/lib64/libgobject-2.0.so.0
#12 0x00007ffff6e1c2ec in ??? () at /usr/lib64/libgobject-2.0.so.0
#13 0x00007ffff6e1d541 in ??? () at /usr/lib64/libgobject-2.0.so.0
#14 0x00007ffff6e23976 in g_signal_emit_valist () at /usr/lib64/libgobject-2.0.so.0
#15 0x00007ffff6e23a33 in g_signal_emit () at /usr/lib64/libgobject-2.0.so.0
#16 0x00007ffff777ef9d in ??? () at /usr/lib64/libgtk-3.so.0
#17 0x00007ffff77352e9 in ??? () at /usr/lib64/libgtk-3.so.0
#18 0x00007ffff77357cd in ??? () at /usr/lib64/libgtk-3.so.0
#19 0x00007ffff7614fd5 in gtk_main_do_event () at /usr/lib64/libgtk-3.so.0
#20 0x00007ffff7c71409 in ??? () at /usr/lib64/libgdk-3.so.0
#21 0x00007ffff7cc8e06 in ??? () at /usr/lib64/libgdk-3.so.0
#22 0x00007ffff6d07e04 in ??? () at /usr/lib64/libglib-2.0.so.0
#23 0x00007ffff6d0af27 in ??? () at /usr/lib64/libglib-2.0.so.0
#24 0x00007ffff6d0b540 in g_main_context_iteration () at /usr/lib64/libglib-2.0.so.0
#25 0x00007ffff7614239 in gtk_main_iteration () at /usr/lib64/libgtk-3.so.0
#26 0x00005555556834aa in XTread_socket (terminal=<optimized out>, hold_quit=0x7fffffffcd40) at xterm.c:25802
#27 0x00005555556d1bb5 in gobble_input () at keyboard.c:7934
#28 0x00005555555acbb2 in sit_for (timeout=timeout@entry=make_fixnum(37), reading=reading@entry=true, display_option=display_option@entry=1)
    at dispnew.c:6358
#29 0x00005555556d5efc in read_char
    (commandflag=1, map=map@entry=XIL(0x7ffee68ac24b), prev_event=XIL(0), used_mouse_menu=used_mouse_menu@entry=0x7fffffffd2fb, end_time=end_time@entry=0x0)
    at keyboard.c:2934
#30 0x00005555556d768a in read_key_sequence
    (keybuf=keybuf@entry=0x7fffffffd460, prompt=prompt@entry=XIL(0), dont_downcase_last=dont_downcase_last@entry=false, can_return_switch_frame=can_return_switch_frame@entry=true, fix_current_buffer=fix_current_buffer@entry=true, prevent_redisplay=prevent_redisplay@entry=false, disable_text_conversion_p=false)
    at keyboard.c:10759
#31 0x00005555556da3f3 in command_loop_1 () at keyboard.c:1440
#32 0x0000555555748c92 in internal_condition_case
    (bfun=bfun@entry=0x5555556d9208 <command_loop_1>, handlers=handlers@entry=XIL(0x90), hfun=hfun@entry=0x5555556ca60c <cmd_error>) at eval.c:1629
#33 0x00005555556c5838 in command_loop_2 (handlers=handlers@entry=XIL(0x90)) at keyboard.c:1179
--Type <RET> for more, q to quit, c to continue without paging--c
#34 0x0000555555748bc4 in internal_catch (tag=tag@entry=XIL(0x12360), func=func@entry=0x5555556c5811 <command_loop_2>, arg=arg@entry=XIL(0x90))
    at eval.c:1308
#35 0x00005555556c57ee in command_loop () at keyboard.c:1157
#36 0x00005555556ca1c1 in recursive_edit_1 () at keyboard.c:765
#37 0x00005555556ca52e in Frecursive_edit () at keyboard.c:848
#38 0x00005555556c4aad in main (argc=1, argv=<optimized out>) at emacs.c:2651
(gdb) xbacktrace 
(gdb) c
Continuing.
Fatal error 11: Segmentation fault
[Thread 0x7fffd74006c0 (LWP 24071) exited]
[Thread 0x7fffdd2006c0 (LWP 24069) exited]
[Thread 0x7fffddc006c0 (LWP 24068) exited]
[Thread 0x7fffde6006c0 (LWP 24067) exited]
[Thread 0x7ffff34142c0 (LWP 24055) exited]
[Thread 0x7fffdf0006c0 (LWP 24066) exited]
[New process 24055]

Program terminated with signal SIGSEGV, Segmentation fault.
The program no longer exists.
(gdb) bt
No stack.

-- 
Ihor Radchenko // yantar92,
Org mode contributor,
Learn more about Org mode at <https://orgmode.org/>.
Support Org development at <https://liberapay.com/org-mode>,
or support my work at <https://liberapay.com/yantar92>

Re: MPS: Crash while completing symbol with corfu

[Gerd Möllmann]

Ihor Radchenko <yantar92@posteo.net> writes:

> Thread 1 "emacs" hit Breakpoint 1, terminate_due_to_signal (sig=sig@entry=11, backtrace_limit=backtrace_limit@entry=40) at emacs.c:443
> 443	{
> (gdb) bt
> #0  terminate_due_to_signal (sig=sig@entry=11, backtrace_limit=backtrace_limit@entry=40) at emacs.c:443
> #1  0x00005555556e446b in handle_fatal_signal (sig=sig@entry=11) at sysdep.c:1800
> #2  0x00005555556e44d0 in deliver_thread_signal (sig=11, handler=0x5555556e4457 <handle_fatal_signal>) at sysdep.c:1792
> #3  deliver_fatal_thread_signal (sig=sig@entry=11) at sysdep.c:1812
> #4  0x00005555556e44fd in handle_sigsegv (sig=11, siginfo=<optimized out>, arg=<optimized out>) at sysdep.c:1950
> #5  0x00007ffff3048050 in <signal handler called> () at /lib64/libc.so.6
> #6  0x00007ffff304822b in kill () at /lib64/libc.so.6
> #7  0x0000555555880af9 in sigHandle (sig=<optimized out>, info=<optimized out>, uap=<optimized out>) at /home/yantar92/Dist/mps/code/protsgix.c:114
> #8  0x00007ffff3048050 in <signal handler called> () at /lib64/libc.so.6
> #9  qttip_cb (widget=0x5555913b54b0, xpos=222, ypos=80, keyboard_mode=0, tooltip=0x555556741b10, user_data=0x7ffee6e6b3c8) at gtkutil.c:855
> #10 0x00007ffff7486d63 in ??? () at /usr/lib64/libgtk-3.so.0
> #11 0x00007ffff6e08d30 in g_closure_invoke () at /usr/lib64/libgobject-2.0.so.0
> #12 0x00007ffff6e1c2ec in ??? () at /usr/lib64/libgobject-2.0.so.0
> #13 0x00007ffff6e1d541 in ??? () at /usr/lib64/libgobject-2.0.so.0
> #14 0x00007ffff6e23976 in g_signal_emit_valist () at /usr/lib64/libgobject-2.0.so.0
> #15 0x00007ffff6e23a33 in g_signal_emit () at /usr/lib64/libgobject-2.0.so.0
> #16 0x00007ffff777ef9d in ??? () at /usr/lib64/libgtk-3.so.0
> #17 0x00007ffff77352e9 in ??? () at /usr/lib64/libgtk-3.so.0
> #18 0x00007ffff77357cd in ??? () at /usr/lib64/libgtk-3.so.0
> #19 0x00007ffff7614fd5 in gtk_main_do_event () at /usr/lib64/libgtk-3.so.0
> #20 0x00007ffff7c71409 in ??? () at /usr/lib64/libgdk-3.so.0
> #21 0x00007ffff7cc8e06 in ??? () at /usr/lib64/libgdk-3.so.0
> #22 0x00007ffff6d07e04 in ??? () at /usr/lib64/libglib-2.0.so.0
> #23 0x00007ffff6d0af27 in ??? () at /usr/lib64/libglib-2.0.so.0
> #24 0x00007ffff6d0b540 in g_main_context_iteration () at /usr/lib64/libglib-2.0.so.0
> #25 0x00007ffff7614239 in gtk_main_iteration () at /usr/lib64/libgtk-3.so.0
> #26 0x00005555556834aa in XTread_socket (terminal=<optimized out>, hold_quit=0x7fffffffcd40) at xterm.c:25802
> #27 0x00005555556d1bb5 in gobble_input () at keyboard.c:7934
> #28 0x00005555555acbb2 in sit_for (timeout=timeout@entry=make_fixnum(37), reading=reading@entry=true, display_option=display_option@entry=1)
>     at dispnew.c:6358
> #29 0x00005555556d5efc in read_char
>     (commandflag=1, map=map@entry=XIL(0x7ffee68ac24b), prev_event=XIL(0), used_mouse_menu=used_mouse_menu@entry=0x7fffffffd2fb, end_time=end_time@entry=0x0)
>     at keyboard.c:2934
> #30 0x00005555556d768a in read_key_sequence
>     (keybuf=keybuf@entry=0x7fffffffd460, prompt=prompt@entry=XIL(0),
> dont_downcase_last=dont_downcase_last@entry=false,
> can_return_switch_frame=can_return_switch_frame@entry=true,
> fix_current_buffer=fix_current_buffer@entry=true,
> prevent_redisplay=prevent_redisplay@entry=false,
> disable_text_conversion_p=false)
>     at keyboard.c:10759
> #31 0x00005555556da3f3 in command_loop_1 () at keyboard.c:1440
> #32 0x0000555555748c92 in internal_condition_case
>     (bfun=bfun@entry=0x5555556d9208 <command_loop_1>, handlers=handlers@entry=XIL(0x90), hfun=hfun@entry=0x5555556ca60c <cmd_error>) at eval.c:1629
> #33 0x00005555556c5838 in command_loop_2 (handlers=handlers@entry=XIL(0x90)) at keyboard.c:1179
> --Type <RET> for more, q to quit, c to continue without paging--c
> #34 0x0000555555748bc4 in internal_catch (tag=tag@entry=XIL(0x12360), func=func@entry=0x5555556c5811 <command_loop_2>, arg=arg@entry=XIL(0x90))
>     at eval.c:1308
> #35 0x00005555556c57ee in command_loop () at keyboard.c:1157
> #36 0x00005555556ca1c1 in recursive_edit_1 () at keyboard.c:765
> #37 0x00005555556ca52e in Frecursive_edit () at keyboard.c:848
> #38 0x00005555556c4aad in main (argc=1, argv=<optimized out>) at emacs.c:2651
> (gdb) xbacktrace 
> (gdb) c
> Continuing.
> Fatal error 11: Segmentation fault
> [Thread 0x7fffd74006c0 (LWP 24071) exited]
> [Thread 0x7fffdd2006c0 (LWP 24069) exited]
> [Thread 0x7fffddc006c0 (LWP 24068) exited]
> [Thread 0x7fffde6006c0 (LWP 24067) exited]
> [Thread 0x7ffff34142c0 (LWP 24055) exited]
> [Thread 0x7fffdf0006c0 (LWP 24066) exited]
> [New process 24055]
>
> Program terminated with signal SIGSEGV, Segmentation fault.
> The program no longer exists.
> (gdb) bt
> No stack.

Not the slightest idea what's happening there. Aoparently Gtk gets
involved somehow and then everything is optimized out.

Maybe you could buld with CFLAGS="-g -O0" or something? Otherwise one
can't see much.

Re: MPS: Crash while completing symbol with corfu

[Eli Zaretskii]

> From: Gerd Möllmann <gerd.moellmann@gmail.com>
> Cc: emacs-devel@gnu.org,  Eli Zaretskii <eliz@gnu.org>,  eller.helmut@gmail.com
> Date: Mon, 01 Jul 2024 16:48:21 +0200
> 
> 
> Not the slightest idea what's happening there. Aoparently Gtk gets
> involved somehow and then everything is optimized out.
> 
> Maybe you could buld with CFLAGS="-g -O0" or something? Otherwise one
> can't see much.

The problem is that GTK calls our callback:

> > Thread 1 "emacs" hit Breakpoint 1, terminate_due_to_signal (sig=sig@entry=11, backtrace_limit=backtrace_limit@entry=40) at emacs.c:443
> > 443	{
> > (gdb) bt
> > #0  terminate_due_to_signal (sig=sig@entry=11, backtrace_limit=backtrace_limit@entry=40) at emacs.c:443
> > #1  0x00005555556e446b in handle_fatal_signal (sig=sig@entry=11) at sysdep.c:1800
> > #2  0x00005555556e44d0 in deliver_thread_signal (sig=11, handler=0x5555556e4457 <handle_fatal_signal>) at sysdep.c:1792
> > #3  deliver_fatal_thread_signal (sig=sig@entry=11) at sysdep.c:1812
> > #4  0x00005555556e44fd in handle_sigsegv (sig=11, siginfo=<optimized out>, arg=<optimized out>) at sysdep.c:1950
> > #5  0x00007ffff3048050 in <signal handler called> () at /lib64/libc.so.6
> > #6  0x00007ffff304822b in kill () at /lib64/libc.so.6
> > #7  0x0000555555880af9 in sigHandle (sig=<optimized out>, info=<optimized out>, uap=<optimized out>) at /home/yantar92/Dist/mps/code/protsgix.c:114
> > #8  0x00007ffff3048050 in <signal handler called> () at /lib64/libc.so.6
> > #9  qttip_cb (widget=0x5555913b54b0, xpos=222, ypos=80, keyboard_mode=0, tooltip=0x555556741b10, user_data=0x7ffee6e6b3c8) at gtkutil.c:855
> > #10 0x00007ffff7486d63 in ??? () at /usr/lib64/libgtk-3.so.0
> > #11 0x00007ffff6e08d30 in g_closure_invoke () at /usr/lib64/libgobject-2.0.so.0

See that qttip_cb from gtkutil.c?  That callback (from a tool-tip?)
probably accesses some data that MPS owns or something.

Re: MPS: Crash while completing symbol with corfu

[Eli Zaretskii]

> Date: Mon, 01 Jul 2024 17:55:24 +0300
> From: Eli Zaretskii <eliz@gnu.org>
> Cc: yantar92@posteo.net, emacs-devel@gnu.org, eller.helmut@gmail.com
> 
> > > #9  qttip_cb (widget=0x5555913b54b0, xpos=222, ypos=80, keyboard_mode=0, tooltip=0x555556741b10, user_data=0x7ffee6e6b3c8) at gtkutil.c:855
> > > #10 0x00007ffff7486d63 in ??? () at /usr/lib64/libgtk-3.so.0
> > > #11 0x00007ffff6e08d30 in g_closure_invoke () at /usr/lib64/libgobject-2.0.so.0
> 
> See that qttip_cb from gtkutil.c?  That callback (from a tool-tip?)
> probably accesses some data that MPS owns or something.

And here it is:

  static gboolean
  qttip_cb (GtkWidget  *widget,
	    gint        xpos,
	    gint        ypos,
	    gboolean    keyboard_mode,
	    GtkTooltip *tooltip,
	    gpointer    user_data)
  {
    struct frame *f = user_data;
    xp_output *x = f->output_data.xp;
    if (x->ttip_widget == NULL)  <<<<<<<<<<<<<<<<<<<<< line 855 of gtkutil.c

I'm guessing that user_data was moved meanwhile or something.

Re: MPS: Crash while completing symbol with corfu

[Gerd Möllmann]

Eli Zaretskii <eliz@gnu.org> writes:

> The problem is that GTK calls our callback:
>
>> > Thread 1 "emacs" hit Breakpoint 1, terminate_due_to_signal (sig=sig@entry=11, backtrace_limit=backtrace_limit@entry=40) at emacs.c:443
>> > 443	{
>> > (gdb) bt
>> > #0  terminate_due_to_signal (sig=sig@entry=11, backtrace_limit=backtrace_limit@entry=40) at emacs.c:443
>> > #1  0x00005555556e446b in handle_fatal_signal (sig=sig@entry=11) at sysdep.c:1800
>> > #2  0x00005555556e44d0 in deliver_thread_signal (sig=11, handler=0x5555556e4457 <handle_fatal_signal>) at sysdep.c:1792
>> > #3  deliver_fatal_thread_signal (sig=sig@entry=11) at sysdep.c:1812
>> > #4  0x00005555556e44fd in handle_sigsegv (sig=11, siginfo=<optimized out>, arg=<optimized out>) at sysdep.c:1950
>> > #5  0x00007ffff3048050 in <signal handler called> () at /lib64/libc.so.6
>> > #6  0x00007ffff304822b in kill () at /lib64/libc.so.6
>> > #7  0x0000555555880af9 in sigHandle (sig=<optimized out>, info=<optimized out>, uap=<optimized out>) at /home/yantar92/Dist/mps/code/protsgix.c:114
>> > #8  0x00007ffff3048050 in <signal handler called> () at /lib64/libc.so.6
>> > #9  qttip_cb (widget=0x5555913b54b0, xpos=222, ypos=80, keyboard_mode=0, tooltip=0x555556741b10, user_data=0x7ffee6e6b3c8) at gtkutil.c:855
>> > #10 0x00007ffff7486d63 in ??? () at /usr/lib64/libgtk-3.so.0
>> > #11 0x00007ffff6e08d30 in g_closure_invoke () at /usr/lib64/libgobject-2.0.so.0
>
> See that qttip_cb from gtkutil.c?  That callback (from a tool-tip?)
> probably accesses some data that MPS owns or something.

Thanks. I guess I can't help much here since I don't know Gtk at all.
Maybe something qtip_cb uses is not traced?

Re: MPS: Crash while completing symbol with corfu

[Gerd Möllmann]

Eli Zaretskii <eliz@gnu.org> writes:

>   static gboolean
>   qttip_cb (GtkWidget  *widget,
> 	    gint        xpos,
> 	    gint        ypos,
> 	    gboolean    keyboard_mode,
> 	    GtkTooltip *tooltip,
> 	    gpointer    user_data)
>   {
>     struct frame *f = user_data;
>     xp_output *x = f->output_data.xp;
>     if (x->ttip_widget == NULL)  <<<<<<<<<<<<<<<<<<<<< line 855 of gtkutil.c
>
> I'm guessing that user_data was moved meanwhile or something.

100% 👍

Re: MPS: Crash while completing symbol with corfu

[Ihor Radchenko]

Eli Zaretskii <eliz@gnu.org> writes:

> See that qttip_cb from gtkutil.c?  That callback (from a tool-tip?)
> probably accesses some data that MPS owns or something.

I confirm that it was an input with tooltip displayed (that's what corfu does).

-- 
Ihor Radchenko // yantar92,
Org mode contributor,
Learn more about Org mode at <https://orgmode.org/>.
Support Org development at <https://liberapay.com/org-mode>,
or support my work at <https://liberapay.com/yantar92>

Re: MPS: Crash while completing symbol with corfu

[Pip Cet]

[-- Attachment #1: Type: text/plain, Size: 448 bytes --]

On Monday, July 1st, 2024 at 15:16, Ihor Radchenko <yantar92@posteo.net> wrote:
> Eli Zaretskii eliz@gnu.org writes:
> 
> > See that qttip_cb from gtkutil.c? That callback (from a tool-tip?)
> > probably accesses some data that MPS owns or something.
> 
> 
> I confirm that it was an input with tooltip displayed (that's what corfu does).

Ihor, is this one reproducible? If it is, could you try with this patch installed?

Thanks
Pip

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-Try-to-fix-GTK-related-crashes.patch --]
[-- Type: text/x-patch; name=0001-Try-to-fix-GTK-related-crashes.patch, Size: 12243 bytes --]

From 4ce63abe7ae7a4e0f71a5d3aff2bf2454e8c2ac4 Mon Sep 17 00:00:00 2001
From: Pip Cet <pipcet@protonmail.com>
Date: Tue, 2 Jul 2024 00:18:43 +0000
Subject: [PATCH 1/2] Try to fix GTK-related crashes.

---
 src/gtkutil.c | 111 +++++++++++++++++++++++++++++++++++---------------
 src/xmenu.c   |   4 +-
 2 files changed, 81 insertions(+), 34 deletions(-)

diff --git a/src/gtkutil.c b/src/gtkutil.c
index e0bae6bf1ae..6b91c04f7da 100644
--- a/src/gtkutil.c
+++ b/src/gtkutil.c
@@ -149,6 +149,17 @@ #define TB_INFO_KEY "xg_frame_tb_info"
 
 \f
 
+#define glib_user_data(o) ({				\
+      gpointer p = igc_xzalloc_ambig (sizeof (o));	\
+      memcpy (p, &(o), sizeof (o));			\
+      p;						\
+    })
+
+static void glib_free_user_data (gpointer data, GClosure *closure)
+{
+  igc_xfree (data);
+}
+
 #ifdef HAVE_GTK3
 static void
 emacs_menu_bar_init (EmacsMenuBar *menu_bar)
@@ -828,7 +839,7 @@ hierarchy_ch_cb (GtkWidget *widget,
                  GtkWidget *previous_toplevel,
                  gpointer   user_data)
 {
-  struct frame *f = user_data;
+  struct frame *f = *(struct frame **)user_data;
   xp_output *x = f->output_data.xp;
   GtkWidget *top = gtk_widget_get_toplevel (x->ttip_lbl);
 
@@ -850,7 +861,7 @@ qttip_cb (GtkWidget  *widget,
           GtkTooltip *tooltip,
           gpointer    user_data)
 {
-  struct frame *f = user_data;
+  struct frame *f = *(struct frame **)user_data;
   xp_output *x = f->output_data.xp;
   if (x->ttip_widget == NULL)
     {
@@ -882,8 +893,11 @@ qttip_cb (GtkWidget  *widget,
       gtk_widget_realize (GTK_WIDGET (x->ttip_window));
       gtk_widget_realize (x->ttip_lbl);
 
-      g_signal_connect (x->ttip_lbl, "hierarchy-changed",
-                        G_CALLBACK (hierarchy_ch_cb), f);
+      g_signal_connect_data (x->ttip_lbl, "hierarchy-changed",
+			     G_CALLBACK (hierarchy_ch_cb),
+			     glib_user_data (f),
+			     glib_free_user_data,
+			     G_CONNECT_DEFAULT);
     }
 
   return FALSE;
@@ -1556,8 +1570,11 @@ xg_create_frame_widgets (struct frame *f)
 
   gtk_widget_set_app_paintable (wtop, f->alpha_background != 1.0);
 #if GTK_CHECK_VERSION (3, 10, 0)
-  g_signal_connect (G_OBJECT (wtop), "style-updated",
-		    G_CALLBACK (xg_widget_style_updated), f);
+  g_signal_connect_data (G_OBJECT (wtop), "style-updated",
+			 G_CALLBACK (xg_widget_style_updated),
+			 glib_user_data (f),
+			 glib_free_user_data,
+			 G_CONNECT_DEFAULT);
 #endif
 
   /* gtk_window_set_has_resize_grip is a Gtk+ 3.0 function but Ubuntu
@@ -1646,8 +1663,11 @@ xg_create_frame_widgets (struct frame *f)
 #ifndef HAVE_PGTK
   /* Add callback to do nothing on WM_DELETE_WINDOW.  The default in
      GTK is to destroy the widget.  We want Emacs to do that instead.  */
-  g_signal_connect (G_OBJECT (wtop), "delete-event",
-                    G_CALLBACK (delete_cb), f);
+  g_signal_connect_data (G_OBJECT (wtop), "delete-event",
+			 G_CALLBACK (delete_cb),
+			 glib_user_data (f),
+			 glib_free_user_data,
+			 G_CONNECT_DEFAULT);
 #endif
 
   /* Convert our geometry parameters into a geometry string
@@ -1735,14 +1755,18 @@ xg_create_frame_widgets (struct frame *f)
   f->output_data.xp->ttip_window = 0;
 #ifndef HAVE_PGTK
   gtk_widget_set_tooltip_text (wtop, "Dummy text");
-  g_signal_connect (wtop, "query-tooltip", G_CALLBACK (qttip_cb), f);
+  g_signal_connect_data (wtop, "query-tooltip", G_CALLBACK (qttip_cb),
+			 glib_user_data (f), glib_free_user_data,
+			 G_CONNECT_DEFAULT);
 
   imc = gtk_im_multicontext_new ();
   g_object_ref (imc);
   gtk_im_context_set_use_preedit (imc, TRUE);
 
-  g_signal_connect (G_OBJECT (imc), "commit",
-		    G_CALLBACK (xg_im_context_commit), f);
+  g_signal_connect_data (G_OBJECT (imc), "commit",
+		    G_CALLBACK (xg_im_context_commit),
+		    glib_user_data (f), glib_free_user_data,
+		    G_CONNECT_DEFAULT);
   g_signal_connect (G_OBJECT (imc), "preedit-changed",
 		    G_CALLBACK (xg_im_context_preedit_changed), NULL);
   g_signal_connect (G_OBJECT (imc), "preedit-end",
@@ -1853,7 +1877,9 @@ xg_create_frame_outer_widgets (struct frame *f)
   f->output_data.xp->ttip_window = 0;
 #ifndef HAVE_PGTK
   gtk_widget_set_tooltip_text (wtop, "Dummy text");
-  g_signal_connect (wtop, "query-tooltip", G_CALLBACK (qttip_cb), f);
+  g_signal_connect_data (wtop, "query-tooltip", G_CALLBACK (qttip_cb),
+		    glib_user_data (f), glib_free_user_data,
+		    G_CONNECT_DEFAULT);
 #endif
 
   {
@@ -2371,8 +2397,11 @@ create_dialog (widget_value *wv,
           if (! item->enabled)
             gtk_widget_set_sensitive (w, FALSE);
           if (select_cb)
-            g_signal_connect (G_OBJECT (w), "clicked",
-                              select_cb, item->call_data);
+            g_signal_connect_data (G_OBJECT (w), "clicked",
+                              select_cb,
+			      glib_user_data (item->call_data),
+			      glib_free_user_data,
+			      G_CONNECT_DEFAULT);
 
           gtk_box_pack_start (cur_box, w, TRUE, TRUE, button_spacing);
           if (++button_nr == left_buttons)
@@ -3084,7 +3113,7 @@ menuitem_destroy_callback (GtkWidget *w, gpointer client_data)
 {
   if (client_data)
     {
-      xg_menu_item_cb_data *data = client_data;
+      xg_menu_item_cb_data *data = *(xg_menu_item_cb_data **)client_data;
       xg_list_remove (&xg_menu_item_cb_list, &data->ptrs);
       xfree (data);
     }
@@ -3277,10 +3306,12 @@ xg_create_one_menuitem (widget_value *item,
   cb_data->cl_data = cl_data;
   cb_data->call_data = item->call_data;
 
-  g_signal_connect (G_OBJECT (w),
+  g_signal_connect_data (G_OBJECT (w),
                     "destroy",
                     G_CALLBACK (menuitem_destroy_callback),
-                    cb_data);
+		    glib_user_data (cb_data),
+		    glib_free_user_data,
+		    G_CONNECT_DEFAULT);
 
   /* Put cb_data in widget, so we can get at it when modifying menubar  */
   g_object_set_data (G_OBJECT (w), XG_ITEM_DATA, cb_data);
@@ -3290,7 +3321,10 @@ xg_create_one_menuitem (widget_value *item,
     {
       if (select_cb)
         cb_data->select_id
-          = g_signal_connect (G_OBJECT (w), "activate", select_cb, cb_data);
+          = g_signal_connect_data (G_OBJECT (w), "activate", select_cb,
+			      glib_user_data (cb_data),
+			      glib_free_user_data,
+			      G_CONNECT_DEFAULT);
     }
 
   return w;
@@ -3378,8 +3412,10 @@ create_menus (widget_value *data,
 #endif
 
 #ifdef HAVE_PGTK
-	  g_signal_connect (G_OBJECT (wmenu), "button-press-event",
-			    G_CALLBACK (menu_bar_button_pressed_cb), f);
+	  g_signal_connect_data (G_OBJECT (wmenu), "button-press-event",
+			    G_CALLBACK (menu_bar_button_pressed_cb),
+			    glib_user_data (f), glib_free_user_data,
+			    G_CONNECT_DEFAULT);
 #endif
           /* Set width of menu bar to a small value so it doesn't enlarge
              a small initial frame size.  The width will be set to the
@@ -3391,8 +3427,10 @@ create_menus (widget_value *data,
       /* Put cl_data on the top menu for easier access.  */
       cl_data = make_cl_data (cl_data, f, highlight_cb);
       g_object_set_data (G_OBJECT (wmenu), XG_FRAME_DATA, (gpointer)cl_data);
-      g_signal_connect (G_OBJECT (wmenu), "destroy",
-                        G_CALLBACK (menu_destroy_callback), cl_data);
+      g_signal_connect_data (G_OBJECT (wmenu), "destroy",
+                        G_CALLBACK (menu_destroy_callback),
+			glib_user_data (cl_data), glib_free_user_data,
+			G_CONNECT_DEFAULT);
 
       if (name)
         gtk_widget_set_name (wmenu, name);
@@ -3864,8 +3902,11 @@ xg_update_menu_item (widget_value *val,
           /* This item shall have a select callback.  */
           if (! cb_data->select_id)
             cb_data->select_id
-              = g_signal_connect (G_OBJECT (w), "activate",
-                                  select_cb, cb_data);
+              = g_signal_connect_data (G_OBJECT (w), "activate",
+                                  select_cb,
+				  glib_user_data (cb_data),
+				  glib_free_user_data,
+				  G_CONNECT_DEFAULT);
         }
       else if (cb_data->select_id)
         {
@@ -4111,7 +4152,7 @@ xg_modify_menubar_widgets (GtkWidget *menubar, struct frame *f,
 menubar_map_cb (GtkWidget *w, gpointer user_data)
 {
   GtkRequisition req;
-  struct frame *f = user_data;
+  struct frame *f = *(struct frame **)user_data;
   gtk_widget_get_preferred_size (w, NULL, &req);
   req.height *= xg_get_scale (f);
   if (FRAME_MENUBAR_HEIGHT (f) != req.height)
@@ -4143,7 +4184,9 @@ xg_update_frame_menubar (struct frame *f)
                       FALSE, FALSE, 0);
   gtk_box_reorder_child (GTK_BOX (x->vbox_widget), x->menubar_widget, 0);
 
-  g_signal_connect (x->menubar_widget, "map", G_CALLBACK (menubar_map_cb), f);
+  g_signal_connect_data (x->menubar_widget, "map", G_CALLBACK (menubar_map_cb),
+		    glib_user_data (f), glib_free_user_data,
+		    G_CONNECT_DEFAULT);
   gtk_widget_show_all (x->menubar_widget);
   gtk_widget_get_preferred_size (x->menubar_widget, NULL, &req);
   req.height *= scale;
@@ -5246,7 +5289,9 @@ xg_print_frames_dialog (Lisp_Object frames)
   if (page_setup != NULL)
     gtk_print_operation_set_default_page_setup (print, page_setup);
   gtk_print_operation_set_n_pages (print, list_length (frames));
-  g_signal_connect (print, "draw-page", G_CALLBACK (draw_page), &frames);
+  g_signal_connect_data (print, "draw-page", G_CALLBACK (draw_page),
+			 glib_user_data (frames), glib_free_user_data,
+			 G_CONNECT_DEFAULT);
   res = gtk_print_operation_run (print, GTK_PRINT_OPERATION_ACTION_PRINT_DIALOG,
                                  NULL, NULL);
   if (res == GTK_PRINT_OPERATION_RESULT_APPLY)
@@ -5478,7 +5523,7 @@ tb_size_cb (GtkWidget    *widget,
   /* When tool bar is created it has one preferred size.  But when size is
      allocated between widgets, it may get another.  So we must update
      size hints if tool bar size changes.  Seen on Fedora 18 at least.  */
-  struct frame *f = user_data;
+  struct frame *f = *(struct frame **)user_data;
 
   if (xg_update_tool_bar_sizes (f))
     adjust_frame_size (f, -1, -1, 2, false, Qtool_bar_lines);
@@ -5521,8 +5566,10 @@ xg_create_tool_bar (struct frame *f)
   gtk_toolbar_set_style (GTK_TOOLBAR (x->toolbar_widget), GTK_TOOLBAR_ICONS);
   gtk_orientable_set_orientation (GTK_ORIENTABLE (x->toolbar_widget),
                                   GTK_ORIENTATION_HORIZONTAL);
-  g_signal_connect (x->toolbar_widget, "size-allocate",
-                    G_CALLBACK (tb_size_cb), f);
+  g_signal_connect_data (x->toolbar_widget, "size-allocate",
+			 G_CALLBACK (tb_size_cb),
+			 glib_user_data (f), glib_free_user_data,
+			 G_CONNECT_DEFAULT);
 #ifdef HAVE_GTK3
   gsty = gtk_widget_get_style_context (x->toolbar_widget);
   gtk_style_context_add_class (gsty, "primary-toolbar");
@@ -6337,7 +6384,7 @@ xg_virtual_mods_to_x (struct x_display_info *dpyinfo, guint virtual)
 xg_im_context_commit (GtkIMContext *imc, gchar *str,
 		      gpointer user_data)
 {
-  struct frame *f = user_data;
+  struct frame *f = *(struct frame **)user_data;
   struct input_event ie;
 #ifdef HAVE_XINPUT2
   struct xi_device_t *source;
@@ -6708,7 +6755,7 @@ xg_filter_key (struct frame *frame, XEvent *xkey)
 static void
 xg_widget_style_updated (GtkWidget *widget, gpointer user_data)
 {
-  struct frame *f = user_data;
+  struct frame *f = *(struct frame **)user_data;
 
   if (f->alpha_background < 1.0)
     {
diff --git a/src/xmenu.c b/src/xmenu.c
index 6dd7b3f37a0..f318db6f433 100644
--- a/src/xmenu.c
+++ b/src/xmenu.c
@@ -793,7 +793,7 @@ menu_highlight_callback (Widget widget, LWLIB_ID id, void *call_data)
 static void
 menubar_selection_callback (GtkWidget *widget, gpointer client_data)
 {
-  xg_menu_item_cb_data *cb_data = client_data;
+  xg_menu_item_cb_data *cb_data = *(xg_menu_item_cb_data **)client_data;
 
   if (xg_crazy_callback_abort)
     return;
@@ -1478,7 +1478,7 @@ menu_position_func (GtkMenu *menu, gint *x, gint *y, gboolean *push_in, gpointer
 static void
 popup_selection_callback (GtkWidget *widget, gpointer client_data)
 {
-  xg_menu_item_cb_data *cb_data = client_data;
+  xg_menu_item_cb_data *cb_data = *(xg_menu_item_cb_data **)client_data;
 
   if (xg_crazy_callback_abort) return;
   if (cb_data) menu_item_selection = cb_data->call_data;
-- 
2.45.2

Re: MPS: Crash while completing symbol with corfu

[Ihor Radchenko]

Pip Cet <pipcet@protonmail.com> writes:

>> I confirm that it was an input with tooltip displayed (that's what corfu does).
>
> Ihor, is this one reproducible? If it is, could you try with this patch installed?

This crashes on startup:

Thread 1 "emacs" received signal SIGABRT, Aborted.
0x00007ffff30a487b in pthread_kill () from /lib64/libc.so.6
(gdb) handle SIGSEGV noprint nostop
Signal        Stop	Print	Pass to program	Description
SIGSEGV       No	No	Yes		Segmentation fault
(gdb) c
Continuing.

Thread 1 "emacs" hit Breakpoint 1, terminate_due_to_signal (sig=sig@entry=6, backtrace_limit=backtrace_limit@entry=40) at emacs.c:443
443	{
(gdb) bt
#0  terminate_due_to_signal (sig=sig@entry=6, backtrace_limit=backtrace_limit@entry=40) at emacs.c:443
#1  0x00005555556e456b in handle_fatal_signal (sig=sig@entry=6) at sysdep.c:1800
#2  0x00005555556e45d0 in deliver_thread_signal (sig=6, handler=0x5555556e4557 <handle_fatal_signal>) at sysdep.c:1792
#3  deliver_fatal_thread_signal (sig=6) at sysdep.c:1812
#4  0x00007ffff3048050 in <signal handler called> () at /lib64/libc.so.6
#5  0x00007ffff30a487b in pthread_kill () at /lib64/libc.so.6
#6  0x00007ffff3047fa6 in raise () at /lib64/libc.so.6
#7  0x00007ffff302b8ba in abort () at /lib64/libc.so.6
#8  0x00007ffff302c8cf in ??? () at /lib64/libc.so.6
#9  0x00007ffff30aebe7 in ??? () at /lib64/libc.so.6
#10 0x00007ffff30af93c in ??? () at /lib64/libc.so.6
#11 0x00007ffff30b18d5 in ??? () at /lib64/libc.so.6
#12 0x00007ffff30b44e8 in calloc () at /lib64/libc.so.6
#13 0x00007ffff6d11e8a in g_malloc0 () at /usr/lib64/libglib-2.0.so.0
#14 0x00007ffff6cf5abf in ??? () at /usr/lib64/libglib-2.0.so.0
#15 0x00007ffff6cf75c8 in g_hash_table_remove () at /usr/lib64/libglib-2.0.so.0
#16 0x00007ffff6e22b9a in g_signal_handlers_destroy () at /usr/lib64/libgobject-2.0.so.0
#17 0x00007ffff6e0d701 in ??? () at /usr/lib64/libgobject-2.0.so.0
#18 0x00007ffff6e0fb8e in g_object_run_dispose () at /usr/lib64/libgobject-2.0.so.0
#19 0x00007ffff762940d in ??? () at /usr/lib64/libgtk-3.so.0
#20 0x00007ffff7516b0c in ??? () at /usr/lib64/libgtk-3.so.0
#21 0x00007ffff6e08c95 in g_closure_invoke () at /usr/lib64/libgobject-2.0.so.0
#22 0x00007ffff6e1c8e5 in ??? () at /usr/lib64/libgobject-2.0.so.0
#23 0x00007ffff6e1dcf1 in ??? () at /usr/lib64/libgobject-2.0.so.0
#24 0x00007ffff6e23976 in g_signal_emit_valist () at /usr/lib64/libgobject-2.0.so.0
#25 0x00007ffff6e23a33 in g_signal_emit () at /usr/lib64/libgobject-2.0.so.0
#26 0x00007ffff778653c in ??? () at /usr/lib64/libgtk-3.so.0
#27 0x00007ffff6e0fb8e in g_object_run_dispose () at /usr/lib64/libgobject-2.0.so.0
#28 0x00007ffff7625769 in ??? () at /usr/lib64/libgtk-3.so.0
#29 0x00007ffff6e08c95 in g_closure_invoke () at /usr/lib64/libgobject-2.0.so.0
#30 0x00007ffff6e1c8e5 in ??? () at /usr/lib64/libgobject-2.0.so.0
#31 0x00007ffff6e1dcf1 in ??? () at /usr/lib64/libgobject-2.0.so.0
#32 0x00007ffff6e23976 in g_signal_emit_valist () at /usr/lib64/libgobject-2.0.so.0
#33 0x00007ffff6e23a33 in g_signal_emit () at /usr/lib64/libgobject-2.0.so.0
#34 0x00007ffff778653c in ??? () at /usr/lib64/libgtk-3.so.0
#35 0x00007ffff6e0fb8e in g_object_run_dispose () at /usr/lib64/libgobject-2.0.so.0
#36 0x00007ffff762940d in ??? () at /usr/lib64/libgtk-3.so.0
#37 0x00007ffff7516b0c in ??? () at /usr/lib64/libgtk-3.so.0
#38 0x00007ffff6e08d30 in g_closure_invoke () at /usr/lib64/libgobject-2.0.so.0
#39 0x00007ffff6e1c8e5 in ??? () at /usr/lib64/libgobject-2.0.so.0
#40 0x00007ffff6e1dcf1 in ??? () at /usr/lib64/libgobject-2.0.so.0
--Type <RET> for more, q to quit, c to continue without paging--c
#41 0x00007ffff6e23976 in g_signal_emit_valist () at /usr/lib64/libgobject-2.0.so.0
#42 0x00007ffff6e23a33 in g_signal_emit () at /usr/lib64/libgobject-2.0.so.0
#43 0x00007ffff778653c in ??? () at /usr/lib64/libgtk-3.so.0
#44 0x00007ffff6e0e1b0 in g_object_unref () at /usr/lib64/libgobject-2.0.so.0
#45 0x00007ffff7514c2d in gtk_container_remove () at /usr/lib64/libgtk-3.so.0
#46 0x00005555556b7864 in free_frame_menubar (f=f@entry=0x7fffe26840e8) at gtkutil.c:4225
#47 0x000055555569e918 in x_set_menu_bar_lines (f=0x7fffe26840e8, value=<optimized out>, oldval=<optimized out>) at xfns.c:1702
#48 0x00005555555b4430 in gui_set_frame_parameters_1 (f=f@entry=0x7fffe26840e8, alist=<optimized out>, 
    alist@entry=XIL(0x7fffe7436c4b), default_parameter=default_parameter@entry=false) at frame.c:4401
#49 0x00005555555b4faf in gui_set_frame_parameters (f=f@entry=0x7fffe26840e8, alist=alist@entry=XIL(0x7fffe7436c4b)) at frame.c:4561
#50 0x00005555555b5063 in Fmodify_frame_parameters (frame=<optimized out>, alist=XIL(0x7fffe7436c4b)) at frame.c:3550
#51 0x000055555574c372 in funcall_subr (subr=<optimized out>, numargs=numargs@entry=3, args=args@entry=0x7fffffffbf98) at eval.c:3190
#52 0x000055555574e5a2 in funcall_general (fun=<optimized out>, numargs=numargs@entry=3, args=args@entry=0x7fffffffbf98)
    at /home/yantar92/Git/emacs/src/lisp.h:2270
#53 0x000055555574a5c6 in Ffuncall (nargs=4, args=0x7fffffffbf90) at eval.c:3118
#54 0x00007fffe001b5b5 in F6d656e752d6261722d6d6f6465_menu_bar_mode_0 ()
    at /home/yantar92/Git/emacs/src/../native-lisp/31.0.50-99d8c67c/preloaded/menu-bar-4f46ea94-775a9ab5.eln
#55 0x000055555574d665 in eval_sub (form=<optimized out>) at eval.c:2623
#56 0x000055555574dd76 in Fprogn (body=<optimized out>) at eval.c:448
#57 0x000055555574d4b2 in eval_sub (form=<optimized out>) at eval.c:2574
#58 0x000055555574e6a0 in Fif (args=XIL(0x7fffe74365eb)) at eval.c:403
#59 0x000055555574d4b2 in eval_sub (form=<optimized out>) at eval.c:2574
#60 0x00005555557763a2 in readevalloop_eager_expand_eval (val=<optimized out>, val@entry=XIL(0x7fffe7436453), macroexpand=macroexpand@entry=XIL(0xb3d0))
    at lread.c:2357
#61 0x000055555577da56 in readevalloop
    (readcharfun=readcharfun@entry=XIL(0x7fffe290d0dd), infile0=infile0@entry=0x0, sourcename=sourcename@entry=XIL(0x7fffe290cf84), printflag=printflag@entry=false, unibyte=unibyte@entry=XIL(0), readfun=readfun@entry=XIL(0), start=XIL(0), end=<optimized out>) at lread.c:2539
#62 0x000055555577eb4b in Feval_buffer
    (buffer=<optimized out>, printflag=XIL(0), filename=XIL(0x7fffe290cf84), unibyte=XIL(0), do_allow_print=<optimized out>) at lread.c:2614
#63 0x00007fffe01023e4 in F6c6f61642d776974682d636f64652d636f6e76657273696f6e_load_with_code_conversion_0 ()
    at /home/yantar92/Git/emacs/src/../native-lisp/31.0.50-99d8c67c/preloaded/mule-3352613d-8d84c8e1.eln
#64 0x000055555574c3ac in funcall_subr (subr=<optimized out>, numargs=numargs@entry=4, args=args@entry=0x7fffffffc6e8) at eval.c:3194
#65 0x000055555574e5a2 in funcall_general (fun=<optimized out>, numargs=numargs@entry=4, args=args@entry=0x7fffffffc6e8)
    at /home/yantar92/Git/emacs/src/lisp.h:2270
#66 0x000055555574a5c6 in Ffuncall (nargs=nargs@entry=5, args=args@entry=0x7fffffffc6e0) at eval.c:3118
#67 0x000055555577e593 in Fload
    (file=XIL(0x7fffe290c8bc), noerror=<optimized out>, nomessage=<optimized out>, nosuffix=<optimized out>, must_suffix=<optimized out>) at lread.c:1620
#68 0x000055555574d6cd in eval_sub (form=<optimized out>) at eval.c:2637
#69 0x000055555574dd76 in Fprogn (body=<optimized out>) at eval.c:448
#70 0x000055555574f0b6 in Flet (args=<optimized out>) at /home/yantar92/Git/emacs/src/lisp.h:1557
#71 0x000055555574d4b2 in eval_sub (form=<optimized out>) at eval.c:2574
#72 0x00005555557763a2 in readevalloop_eager_expand_eval (val=<optimized out>, val@entry=XIL(0x7fffe290c82b), macroexpand=macroexpand@entry=XIL(0xb3d0))
    at lread.c:2357
#73 0x000055555577da56 in readevalloop
    (readcharfun=readcharfun@entry=XIL(0x7fffe29099a5), infile0=infile0@entry=0x0, sourcename=sourcename@entry=XIL(0x7fffe290989c), printflag=printflag@entry=false, unibyte=unibyte@entry=XIL(0), readfun=readfun@entry=XIL(0), start=XIL(0), end=<optimized out>) at lread.c:2539
#74 0x000055555577eb4b in Feval_buffer
    (buffer=<optimized out>, printflag=XIL(0), filename=XIL(0x7fffe290989c), unibyte=XIL(0), do_allow_print=<optimized out>) at lread.c:2614
#75 0x00007fffe01023e4 in F6c6f61642d776974682d636f64652d636f6e76657273696f6e_load_with_code_conversion_0 ()
    at /home/yantar92/Git/emacs/src/../native-lisp/31.0.50-99d8c67c/preloaded/mule-3352613d-8d84c8e1.eln
#76 0x000055555574c3ac in funcall_subr (subr=<optimized out>, numargs=numargs@entry=4, args=args@entry=0x7fffffffce48) at eval.c:3194
#77 0x000055555574e5a2 in funcall_general (fun=<optimized out>, numargs=numargs@entry=4, args=args@entry=0x7fffffffce48)
    at /home/yantar92/Git/emacs/src/lisp.h:2270
#78 0x000055555574a5c6 in Ffuncall (nargs=nargs@entry=5, args=args@entry=0x7fffffffce40) at eval.c:3118
#79 0x000055555577e593 in Fload
    (file=XIL(0x7fffe290956c), noerror=<optimized out>, nomessage=<optimized out>, nosuffix=<optimized out>, must_suffix=<optimized out>) at lread.c:1620
#80 0x000055555574c3ac in funcall_subr (subr=<optimized out>, numargs=numargs@entry=3, args=args@entry=0x7fffdf200048) at eval.c:3194
#81 0x00005555557922f6 in exec_byte_code (fun=<optimized out>, args_template=<optimized out>, args_template@entry=0, nargs=<optimized out>, 
    nargs@entry=0, args=<optimized out>, args@entry=0x7fffffffd150) at /home/yantar92/Git/emacs/src/lisp.h:2270
#82 0x000055555574deb4 in funcall_lambda (fun=XIL(0x7fffe28faf55), nargs=nargs@entry=0, arg_vector=arg_vector@entry=0x7fffffffd150) at eval.c:3277
#83 0x000055555574e454 in funcall_general (fun=<optimized out>, numargs=numargs@entry=0, args=args@entry=0x7fffffffd150) at eval.c:3069
#84 0x000055555574a5c6 in Ffuncall (nargs=1, args=0x7fffffffd148) at eval.c:3118
#85 0x00007fffdff374f7 in F737461727475702d2d6c6f61642d757365722d696e69742d66696c65_startup__load_user_init_file_0 ()
    at /home/yantar92/Git/emacs/src/../native-lisp/31.0.50-99d8c67c/preloaded/startup-bbc6ea72-e56c9510.eln
#86 0x000055555574c372 in funcall_subr (subr=<optimized out>, numargs=numargs@entry=3, args=args@entry=0x7fffffffd2e8) at eval.c:3190
#87 0x000055555574e5a2 in funcall_general (fun=<optimized out>, numargs=numargs@entry=3, args=args@entry=0x7fffffffd2e8)
    at /home/yantar92/Git/emacs/src/lisp.h:2270
#88 0x000055555574a5c6 in Ffuncall (nargs=4, args=0x7fffffffd2e0) at eval.c:3118
#89 0x00007fffdff3892b in F636f6d6d616e642d6c696e65_command_line_0 ()
    at /home/yantar92/Git/emacs/src/../native-lisp/31.0.50-99d8c67c/preloaded/startup-bbc6ea72-e56c9510.eln
#90 0x000055555574c33c in funcall_subr (subr=<optimized out>, numargs=numargs@entry=0, args=args@entry=0x7fffffffd460) at eval.c:3184
#91 0x000055555574e5a2 in funcall_general (fun=<optimized out>, numargs=numargs@entry=0, args=args@entry=0x7fffffffd460)
    at /home/yantar92/Git/emacs/src/lisp.h:2270
#92 0x000055555574a5c6 in Ffuncall (nargs=1, args=0x7fffffffd458) at eval.c:3118
#93 0x00007fffdff353f0 in F6e6f726d616c2d746f702d6c6576656c_normal_top_level_0 ()
    at /home/yantar92/Git/emacs/src/../native-lisp/31.0.50-99d8c67c/preloaded/startup-bbc6ea72-e56c9510.eln
#94 0x000055555574dc8b in eval_sub (form=form@entry=XIL(0x7fffe08b3523)) at eval.c:2620
#95 0x000055555574fa73 in Feval (form=XIL(0x7fffe08b3523), lexical=lexical@entry=XIL(0x30)) at eval.c:2482
#96 0x00005555556c5a4a in top_level_2 () at keyboard.c:1195
#97 0x0000555555748f12 in internal_condition_case
    (bfun=bfun@entry=0x5555556c5a2b <top_level_2>, handlers=handlers@entry=XIL(0x90), hfun=hfun@entry=0x5555556ca70c <cmd_error>) at eval.c:1629
#98 0x00005555556c596c in top_level_1 (ignore=ignore@entry=XIL(0)) at keyboard.c:1207
#99 0x0000555555748e44 in internal_catch (tag=tag@entry=XIL(0x12360), func=func@entry=0x5555556c5942 <top_level_1>, arg=arg@entry=XIL(0)) at eval.c:1308
#100 0x00005555556c58d8 in command_loop () at keyboard.c:1156
#101 0x00005555556ca2c1 in recursive_edit_1 () at keyboard.c:765
#102 0x00005555556ca62e in Frecursive_edit () at keyboard.c:848
#103 0x00005555556c4bad in main (argc=1, argv=<optimized out>) at emacs.c:2651

Lisp Backtrace:
"set-frame-parameter" (0xffffbf98)
"menu-bar-mode" (0xffffc040)
"progn" (0xffffc108)
"if" (0xffffc1c8)
"load-with-code-conversion" (0xffffc6e8)
"load" (0xffffc7e0)
"let" (0xffffc928)
"load-with-code-conversion" (0xffffce48)
"load" (0xdf200048)
0xe28faf50 PVEC_CLOSURE
"startup--load-user-init-file" (0xffffd2e8)
"command-line" (0xffffd460)
"normal-top-level" (0xffffd4f0)

-- 
Ihor Radchenko // yantar92,
Org mode contributor,
Learn more about Org mode at <https://orgmode.org/>.
Support Org development at <https://liberapay.com/org-mode>,
or support my work at <https://liberapay.com/yantar92>

Re: MPS: Crash while completing symbol with corfu

[Eli Zaretskii]

> Date: Tue, 02 Jul 2024 00:24:40 +0000
> From: Pip Cet <pipcet@protonmail.com>
> Cc: Eli Zaretskii <eliz@gnu.org>, Gerd Möllmann <gerd.moellmann@gmail.com>, emacs-devel@gnu.org, eller.helmut@gmail.com
> 
> > I confirm that it was an input with tooltip displayed (that's what corfu does).
> 
> Ihor, is this one reproducible? If it is, could you try with this patch installed?

Thanks, but please don't forget to make the new code MPS-specific.

Re: MPS: Crash while completing symbol with corfu

[Pip Cet]

[-- Attachment #1: Type: text/plain, Size: 653 bytes --]

On Tuesday, July 2nd, 2024 at 11:38, Ihor Radchenko <yantar92@posteo.net> wrote:
> Pip Cet pipcet@protonmail.com writes:
> 
> > > I confirm that it was an input with tooltip displayed (that's what corfu does).
> > 
> > Ihor, is this one reproducible? If it is, could you try with this patch installed?
> 
> 
> This crashes on startup:

Oops, turns out you shouldn't double free just to be sure.

Can you try the attached patch? I was able to trigger your bug by running

./emacs -Q --eval "(while t (menu-bar-mode 'toggle) (sit-for 0.1))"

The change is in menu_destroy_callback, which passed through the wrong pointer.

Thanks!

Pip

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0002-try-to-fix-GTK-related-crashes.patch --]
[-- Type: text/x-patch; name=0002-try-to-fix-GTK-related-crashes.patch, Size: 12584 bytes --]

From 3e34d7b26e2d1d36025094cdbc2d19a3435b9ae1 Mon Sep 17 00:00:00 2001
From: Pip Cet <pipcet@protonmail.com>
Date: Tue, 2 Jul 2024 00:18:43 +0000
Subject: [PATCH] Try to fix GTK-related crashes.

---
 src/gtkutil.c | 115 +++++++++++++++++++++++++++++++++++---------------
 src/xmenu.c   |   4 +-
 2 files changed, 83 insertions(+), 36 deletions(-)

diff --git a/src/gtkutil.c b/src/gtkutil.c
index e0bae6bf1ae..25dc27d5aec 100644
--- a/src/gtkutil.c
+++ b/src/gtkutil.c
@@ -149,6 +149,17 @@ #define TB_INFO_KEY "xg_frame_tb_info"
 
 \f
 
+#define glib_user_data(o) ({				\
+      gpointer p = igc_xzalloc_ambig (sizeof (o));	\
+      memcpy (p, &(o), sizeof (o));			\
+      p;						\
+    })
+
+static void glib_free_user_data (gpointer data, GClosure *closure)
+{
+  igc_xfree (data);
+}
+
 #ifdef HAVE_GTK3
 static void
 emacs_menu_bar_init (EmacsMenuBar *menu_bar)
@@ -828,7 +839,7 @@ hierarchy_ch_cb (GtkWidget *widget,
                  GtkWidget *previous_toplevel,
                  gpointer   user_data)
 {
-  struct frame *f = user_data;
+  struct frame *f = *(struct frame **)user_data;
   xp_output *x = f->output_data.xp;
   GtkWidget *top = gtk_widget_get_toplevel (x->ttip_lbl);
 
@@ -850,7 +861,7 @@ qttip_cb (GtkWidget  *widget,
           GtkTooltip *tooltip,
           gpointer    user_data)
 {
-  struct frame *f = user_data;
+  struct frame *f = *(struct frame **)user_data;
   xp_output *x = f->output_data.xp;
   if (x->ttip_widget == NULL)
     {
@@ -882,8 +893,11 @@ qttip_cb (GtkWidget  *widget,
       gtk_widget_realize (GTK_WIDGET (x->ttip_window));
       gtk_widget_realize (x->ttip_lbl);
 
-      g_signal_connect (x->ttip_lbl, "hierarchy-changed",
-                        G_CALLBACK (hierarchy_ch_cb), f);
+      g_signal_connect_data (x->ttip_lbl, "hierarchy-changed",
+			     G_CALLBACK (hierarchy_ch_cb),
+			     glib_user_data (f),
+			     glib_free_user_data,
+			     G_CONNECT_DEFAULT);
     }
 
   return FALSE;
@@ -1556,8 +1570,11 @@ xg_create_frame_widgets (struct frame *f)
 
   gtk_widget_set_app_paintable (wtop, f->alpha_background != 1.0);
 #if GTK_CHECK_VERSION (3, 10, 0)
-  g_signal_connect (G_OBJECT (wtop), "style-updated",
-		    G_CALLBACK (xg_widget_style_updated), f);
+  g_signal_connect_data (G_OBJECT (wtop), "style-updated",
+			 G_CALLBACK (xg_widget_style_updated),
+			 glib_user_data (f),
+			 glib_free_user_data,
+			 G_CONNECT_DEFAULT);
 #endif
 
   /* gtk_window_set_has_resize_grip is a Gtk+ 3.0 function but Ubuntu
@@ -1646,8 +1663,11 @@ xg_create_frame_widgets (struct frame *f)
 #ifndef HAVE_PGTK
   /* Add callback to do nothing on WM_DELETE_WINDOW.  The default in
      GTK is to destroy the widget.  We want Emacs to do that instead.  */
-  g_signal_connect (G_OBJECT (wtop), "delete-event",
-                    G_CALLBACK (delete_cb), f);
+  g_signal_connect_data (G_OBJECT (wtop), "delete-event",
+			 G_CALLBACK (delete_cb),
+			 glib_user_data (f),
+			 glib_free_user_data,
+			 G_CONNECT_DEFAULT);
 #endif
 
   /* Convert our geometry parameters into a geometry string
@@ -1735,14 +1755,18 @@ xg_create_frame_widgets (struct frame *f)
   f->output_data.xp->ttip_window = 0;
 #ifndef HAVE_PGTK
   gtk_widget_set_tooltip_text (wtop, "Dummy text");
-  g_signal_connect (wtop, "query-tooltip", G_CALLBACK (qttip_cb), f);
+  g_signal_connect_data (wtop, "query-tooltip", G_CALLBACK (qttip_cb),
+			 glib_user_data (f), glib_free_user_data,
+			 G_CONNECT_DEFAULT);
 
   imc = gtk_im_multicontext_new ();
   g_object_ref (imc);
   gtk_im_context_set_use_preedit (imc, TRUE);
 
-  g_signal_connect (G_OBJECT (imc), "commit",
-		    G_CALLBACK (xg_im_context_commit), f);
+  g_signal_connect_data (G_OBJECT (imc), "commit",
+		    G_CALLBACK (xg_im_context_commit),
+		    glib_user_data (f), glib_free_user_data,
+		    G_CONNECT_DEFAULT);
   g_signal_connect (G_OBJECT (imc), "preedit-changed",
 		    G_CALLBACK (xg_im_context_preedit_changed), NULL);
   g_signal_connect (G_OBJECT (imc), "preedit-end",
@@ -1853,7 +1877,9 @@ xg_create_frame_outer_widgets (struct frame *f)
   f->output_data.xp->ttip_window = 0;
 #ifndef HAVE_PGTK
   gtk_widget_set_tooltip_text (wtop, "Dummy text");
-  g_signal_connect (wtop, "query-tooltip", G_CALLBACK (qttip_cb), f);
+  g_signal_connect_data (wtop, "query-tooltip", G_CALLBACK (qttip_cb),
+		    glib_user_data (f), glib_free_user_data,
+		    G_CONNECT_DEFAULT);
 #endif
 
   {
@@ -2371,8 +2397,11 @@ create_dialog (widget_value *wv,
           if (! item->enabled)
             gtk_widget_set_sensitive (w, FALSE);
           if (select_cb)
-            g_signal_connect (G_OBJECT (w), "clicked",
-                              select_cb, item->call_data);
+            g_signal_connect_data (G_OBJECT (w), "clicked",
+                              select_cb,
+			      glib_user_data (item->call_data),
+			      glib_free_user_data,
+			      G_CONNECT_DEFAULT);
 
           gtk_box_pack_start (cur_box, w, TRUE, TRUE, button_spacing);
           if (++button_nr == left_buttons)
@@ -3082,9 +3111,9 @@ xg_mark_data (void)
 static void
 menuitem_destroy_callback (GtkWidget *w, gpointer client_data)
 {
-  if (client_data)
+  xg_menu_item_cb_data *data = *(xg_menu_item_cb_data **)client_data;
+  if (data)
     {
-      xg_menu_item_cb_data *data = client_data;
       xg_list_remove (&xg_menu_item_cb_list, &data->ptrs);
       xfree (data);
     }
@@ -3129,7 +3158,7 @@ menuitem_highlight_callback (GtkWidget *w,
 static void
 menu_destroy_callback (GtkWidget *w, gpointer client_data)
 {
-  unref_cl_data (client_data);
+  unref_cl_data (*(xg_menu_cb_data **)client_data);
 }
 
 /* Make a GTK widget that contains both UTF8_LABEL and UTF8_KEY (both
@@ -3277,10 +3306,12 @@ xg_create_one_menuitem (widget_value *item,
   cb_data->cl_data = cl_data;
   cb_data->call_data = item->call_data;
 
-  g_signal_connect (G_OBJECT (w),
+  g_signal_connect_data (G_OBJECT (w),
                     "destroy",
                     G_CALLBACK (menuitem_destroy_callback),
-                    cb_data);
+		    glib_user_data (cb_data),
+		    glib_free_user_data,
+		    G_CONNECT_DEFAULT);
 
   /* Put cb_data in widget, so we can get at it when modifying menubar  */
   g_object_set_data (G_OBJECT (w), XG_ITEM_DATA, cb_data);
@@ -3290,7 +3321,10 @@ xg_create_one_menuitem (widget_value *item,
     {
       if (select_cb)
         cb_data->select_id
-          = g_signal_connect (G_OBJECT (w), "activate", select_cb, cb_data);
+          = g_signal_connect_data (G_OBJECT (w), "activate", select_cb,
+			      glib_user_data (cb_data),
+			      glib_free_user_data,
+			      G_CONNECT_DEFAULT);
     }
 
   return w;
@@ -3378,8 +3412,10 @@ create_menus (widget_value *data,
 #endif
 
 #ifdef HAVE_PGTK
-	  g_signal_connect (G_OBJECT (wmenu), "button-press-event",
-			    G_CALLBACK (menu_bar_button_pressed_cb), f);
+	  g_signal_connect_data (G_OBJECT (wmenu), "button-press-event",
+			    G_CALLBACK (menu_bar_button_pressed_cb),
+			    glib_user_data (f), glib_free_user_data,
+			    G_CONNECT_DEFAULT);
 #endif
           /* Set width of menu bar to a small value so it doesn't enlarge
              a small initial frame size.  The width will be set to the
@@ -3391,8 +3427,10 @@ create_menus (widget_value *data,
       /* Put cl_data on the top menu for easier access.  */
       cl_data = make_cl_data (cl_data, f, highlight_cb);
       g_object_set_data (G_OBJECT (wmenu), XG_FRAME_DATA, (gpointer)cl_data);
-      g_signal_connect (G_OBJECT (wmenu), "destroy",
-                        G_CALLBACK (menu_destroy_callback), cl_data);
+      g_signal_connect_data (G_OBJECT (wmenu), "destroy",
+                        G_CALLBACK (menu_destroy_callback),
+			glib_user_data (cl_data), glib_free_user_data,
+			G_CONNECT_DEFAULT);
 
       if (name)
         gtk_widget_set_name (wmenu, name);
@@ -3864,8 +3902,11 @@ xg_update_menu_item (widget_value *val,
           /* This item shall have a select callback.  */
           if (! cb_data->select_id)
             cb_data->select_id
-              = g_signal_connect (G_OBJECT (w), "activate",
-                                  select_cb, cb_data);
+              = g_signal_connect_data (G_OBJECT (w), "activate",
+                                  select_cb,
+				  glib_user_data (cb_data),
+				  glib_free_user_data,
+				  G_CONNECT_DEFAULT);
         }
       else if (cb_data->select_id)
         {
@@ -4111,7 +4152,7 @@ xg_modify_menubar_widgets (GtkWidget *menubar, struct frame *f,
 menubar_map_cb (GtkWidget *w, gpointer user_data)
 {
   GtkRequisition req;
-  struct frame *f = user_data;
+  struct frame *f = *(struct frame **)user_data;
   gtk_widget_get_preferred_size (w, NULL, &req);
   req.height *= xg_get_scale (f);
   if (FRAME_MENUBAR_HEIGHT (f) != req.height)
@@ -4143,7 +4184,9 @@ xg_update_frame_menubar (struct frame *f)
                       FALSE, FALSE, 0);
   gtk_box_reorder_child (GTK_BOX (x->vbox_widget), x->menubar_widget, 0);
 
-  g_signal_connect (x->menubar_widget, "map", G_CALLBACK (menubar_map_cb), f);
+  g_signal_connect_data (x->menubar_widget, "map", G_CALLBACK (menubar_map_cb),
+		    glib_user_data (f), glib_free_user_data,
+		    G_CONNECT_DEFAULT);
   gtk_widget_show_all (x->menubar_widget);
   gtk_widget_get_preferred_size (x->menubar_widget, NULL, &req);
   req.height *= scale;
@@ -5246,7 +5289,9 @@ xg_print_frames_dialog (Lisp_Object frames)
   if (page_setup != NULL)
     gtk_print_operation_set_default_page_setup (print, page_setup);
   gtk_print_operation_set_n_pages (print, list_length (frames));
-  g_signal_connect (print, "draw-page", G_CALLBACK (draw_page), &frames);
+  g_signal_connect_data (print, "draw-page", G_CALLBACK (draw_page),
+			 glib_user_data (frames), glib_free_user_data,
+			 G_CONNECT_DEFAULT);
   res = gtk_print_operation_run (print, GTK_PRINT_OPERATION_ACTION_PRINT_DIALOG,
                                  NULL, NULL);
   if (res == GTK_PRINT_OPERATION_RESULT_APPLY)
@@ -5478,7 +5523,7 @@ tb_size_cb (GtkWidget    *widget,
   /* When tool bar is created it has one preferred size.  But when size is
      allocated between widgets, it may get another.  So we must update
      size hints if tool bar size changes.  Seen on Fedora 18 at least.  */
-  struct frame *f = user_data;
+  struct frame *f = *(struct frame **)user_data;
 
   if (xg_update_tool_bar_sizes (f))
     adjust_frame_size (f, -1, -1, 2, false, Qtool_bar_lines);
@@ -5521,8 +5566,10 @@ xg_create_tool_bar (struct frame *f)
   gtk_toolbar_set_style (GTK_TOOLBAR (x->toolbar_widget), GTK_TOOLBAR_ICONS);
   gtk_orientable_set_orientation (GTK_ORIENTABLE (x->toolbar_widget),
                                   GTK_ORIENTATION_HORIZONTAL);
-  g_signal_connect (x->toolbar_widget, "size-allocate",
-                    G_CALLBACK (tb_size_cb), f);
+  g_signal_connect_data (x->toolbar_widget, "size-allocate",
+			 G_CALLBACK (tb_size_cb),
+			 glib_user_data (f), glib_free_user_data,
+			 G_CONNECT_DEFAULT);
 #ifdef HAVE_GTK3
   gsty = gtk_widget_get_style_context (x->toolbar_widget);
   gtk_style_context_add_class (gsty, "primary-toolbar");
@@ -6337,7 +6384,7 @@ xg_virtual_mods_to_x (struct x_display_info *dpyinfo, guint virtual)
 xg_im_context_commit (GtkIMContext *imc, gchar *str,
 		      gpointer user_data)
 {
-  struct frame *f = user_data;
+  struct frame *f = *(struct frame **)user_data;
   struct input_event ie;
 #ifdef HAVE_XINPUT2
   struct xi_device_t *source;
@@ -6708,7 +6755,7 @@ xg_filter_key (struct frame *frame, XEvent *xkey)
 static void
 xg_widget_style_updated (GtkWidget *widget, gpointer user_data)
 {
-  struct frame *f = user_data;
+  struct frame *f = *(struct frame **)user_data;
 
   if (f->alpha_background < 1.0)
     {
diff --git a/src/xmenu.c b/src/xmenu.c
index 6dd7b3f37a0..f318db6f433 100644
--- a/src/xmenu.c
+++ b/src/xmenu.c
@@ -793,7 +793,7 @@ menu_highlight_callback (Widget widget, LWLIB_ID id, void *call_data)
 static void
 menubar_selection_callback (GtkWidget *widget, gpointer client_data)
 {
-  xg_menu_item_cb_data *cb_data = client_data;
+  xg_menu_item_cb_data *cb_data = *(xg_menu_item_cb_data **)client_data;
 
   if (xg_crazy_callback_abort)
     return;
@@ -1478,7 +1478,7 @@ menu_position_func (GtkMenu *menu, gint *x, gint *y, gboolean *push_in, gpointer
 static void
 popup_selection_callback (GtkWidget *widget, gpointer client_data)
 {
-  xg_menu_item_cb_data *cb_data = client_data;
+  xg_menu_item_cb_data *cb_data = *(xg_menu_item_cb_data **)client_data;
 
   if (xg_crazy_callback_abort) return;
   if (cb_data) menu_item_selection = cb_data->call_data;
-- 
2.45.2

Re: MPS: Crash while completing symbol with corfu

[Ihor Radchenko]

Pip Cet <pipcet@protonmail.com> writes:

> Oops, turns out you shouldn't double free just to be sure.
>
> Can you try the attached patch? I was able to trigger your bug by running
>
> ./emacs -Q --eval "(while t (menu-bar-mode 'toggle) (sit-for 0.1))"
>
> The change is in menu_destroy_callback, which passed through the wrong pointer.

No immediate crashes now.
I will keep this session running, with your patches installed.

-- 
Ihor Radchenko // yantar92,
Org mode contributor,
Learn more about Org mode at <https://orgmode.org/>.
Support Org development at <https://liberapay.com/org-mode>,
or support my work at <https://liberapay.com/yantar92>

Re: MPS: Crash while completing symbol with corfu

[Pip Cet]

[-- Attachment #1: Type: text/plain, Size: 860 bytes --]

On Tuesday, July 2nd, 2024 at 15:14, Ihor Radchenko <yantar92@posteo.net> wrote:

> Pip Cet pipcet@protonmail.com writes:
> 
> > Oops, turns out you shouldn't double free just to be sure.
> > 
> > Can you try the attached patch? I was able to trigger your bug by running
> > 
> > ./emacs -Q --eval "(while t (menu-bar-mode 'toggle) (sit-for 0.1))"
> > 
> > The change is in menu_destroy_callback, which passed through the wrong pointer.
> 
> 
> No immediate crashes now.
> I will keep this session running, with your patches installed.

Thanks! Here's what I'm testing now, FWIW.

Eli, is this sufficiently isolated from the non-MPS case? We use some trivial wrapper macros which become non-trivial in the MPS case, and we always use a slightly more verbose glib function to register handlers (and, in the MPS case, a cleanup handler).

Pip

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-Fix-GTK-related-MPS-crashes.patch --]
[-- Type: text/x-patch; name=0001-Fix-GTK-related-MPS-crashes.patch, Size: 17701 bytes --]

From be3ed571e4e1d69d29e1e4f51cf80432b176eff0 Mon Sep 17 00:00:00 2001
From: Pip Cet <pipcet@protonmail.com>
Date: Wed, 3 Jul 2024 13:43:59 +0000
Subject: [PATCH] Fix GTK-related MPS crashes

* src/gtkutil.c (free_glib_user_data): New function.
(xg_list_insert, xg_list_remove): Conditionalize on !HAVE_MPS.
(qttip_cb, xg_create_frame_widgets)
(xg_create_frame_outer_widgets, create_dialog)
(make_cl_data, unref_cl_data, xg_mark_data)
(menuitem_highlight_callback, xg_create_one_menuitem)
(create_menus, xg_update_menu_item, xg_modify_menubar_widgets)
(draw_page, xg_print_frames_dialog, xg_create_toolbar)
(xg_im_context_commit, xg_widget_style_updated)
(tb_size_cb): Adjust to use `get_glib_user_data' and
`g_signal_connect_data'.
(xg_initialize): Remove linked list if HAVE_MPS.
* src/gtkutil.h (glib_user_data, get_glib_user_data): New helper macros.
* src/xmenu.c (menubar_selection_callback)
(popup_selection_callback): Adjust to use `get_glib_user_data'.
---
 src/gtkutil.c | 147 +++++++++++++++++++++++++++++++++++++-------------
 src/gtkutil.h |  21 ++++++++
 src/xmenu.c   |   6 ++-
 3 files changed, 135 insertions(+), 39 deletions(-)

diff --git a/src/gtkutil.c b/src/gtkutil.c
index e0bae6bf1ae..a1707040e75 100644
--- a/src/gtkutil.c
+++ b/src/gtkutil.c
@@ -148,6 +148,17 @@ #define TB_INFO_KEY "xg_frame_tb_info"
 static GtkWidget *xg_get_widget_from_map (ptrdiff_t idx, Display *dpy);
 
 \f
+#ifdef HAVE_MPS
+void free_glib_user_data (gpointer data, GClosure *closure)
+{
+  igc_xfree (data);
+}
+#else
+void free_glib_user_data (gpointer data, GClosure *closure)
+{
+  return;
+}
+#endif
 
 #ifdef HAVE_GTK3
 static void
@@ -618,6 +629,7 @@ xg_set_cursor (GtkWidget *w, GdkCursor *cursor)
     gdk_window_set_cursor (GDK_WINDOW (children->data), cursor);
 }
 
+#ifndef HAVE_MPS
 /* Insert NODE into linked LIST.  */
 
 static void
@@ -648,6 +660,7 @@ xg_list_remove (xg_list_node *list, xg_list_node *node)
       if (node->next) node->next->prev = node->prev;
     }
 }
+#endif
 
 /* Allocate and return a utf8 version of STR.  If STR is already
    utf8 or NULL, just return a copy of STR.
@@ -828,7 +841,7 @@ hierarchy_ch_cb (GtkWidget *widget,
                  GtkWidget *previous_toplevel,
                  gpointer   user_data)
 {
-  struct frame *f = user_data;
+  struct frame *f = get_glib_user_data (user_data, struct frame);
   xp_output *x = f->output_data.xp;
   GtkWidget *top = gtk_widget_get_toplevel (x->ttip_lbl);
 
@@ -850,7 +863,7 @@ qttip_cb (GtkWidget  *widget,
           GtkTooltip *tooltip,
           gpointer    user_data)
 {
-  struct frame *f = user_data;
+  struct frame *f = get_glib_user_data (user_data, struct frame);
   xp_output *x = f->output_data.xp;
   if (x->ttip_widget == NULL)
     {
@@ -882,8 +895,11 @@ qttip_cb (GtkWidget  *widget,
       gtk_widget_realize (GTK_WIDGET (x->ttip_window));
       gtk_widget_realize (x->ttip_lbl);
 
-      g_signal_connect (x->ttip_lbl, "hierarchy-changed",
-                        G_CALLBACK (hierarchy_ch_cb), f);
+      g_signal_connect_data (x->ttip_lbl, "hierarchy-changed",
+			     G_CALLBACK (hierarchy_ch_cb),
+			     glib_user_data (f),
+			     free_glib_user_data,
+			     G_CONNECT_DEFAULT);
     }
 
   return FALSE;
@@ -1556,8 +1572,11 @@ xg_create_frame_widgets (struct frame *f)
 
   gtk_widget_set_app_paintable (wtop, f->alpha_background != 1.0);
 #if GTK_CHECK_VERSION (3, 10, 0)
-  g_signal_connect (G_OBJECT (wtop), "style-updated",
-		    G_CALLBACK (xg_widget_style_updated), f);
+  g_signal_connect_data (G_OBJECT (wtop), "style-updated",
+			 G_CALLBACK (xg_widget_style_updated),
+			 glib_user_data (f),
+			 free_glib_user_data,
+			 G_CONNECT_DEFAULT);
 #endif
 
   /* gtk_window_set_has_resize_grip is a Gtk+ 3.0 function but Ubuntu
@@ -1646,8 +1665,11 @@ xg_create_frame_widgets (struct frame *f)
 #ifndef HAVE_PGTK
   /* Add callback to do nothing on WM_DELETE_WINDOW.  The default in
      GTK is to destroy the widget.  We want Emacs to do that instead.  */
-  g_signal_connect (G_OBJECT (wtop), "delete-event",
-                    G_CALLBACK (delete_cb), f);
+  g_signal_connect_data (G_OBJECT (wtop), "delete-event",
+			 G_CALLBACK (delete_cb),
+			 glib_user_data (f),
+			 free_glib_user_data,
+			 G_CONNECT_DEFAULT);
 #endif
 
   /* Convert our geometry parameters into a geometry string
@@ -1735,14 +1757,18 @@ xg_create_frame_widgets (struct frame *f)
   f->output_data.xp->ttip_window = 0;
 #ifndef HAVE_PGTK
   gtk_widget_set_tooltip_text (wtop, "Dummy text");
-  g_signal_connect (wtop, "query-tooltip", G_CALLBACK (qttip_cb), f);
+  g_signal_connect_data (wtop, "query-tooltip", G_CALLBACK (qttip_cb),
+			 glib_user_data (f), free_glib_user_data,
+			 G_CONNECT_DEFAULT);
 
   imc = gtk_im_multicontext_new ();
   g_object_ref (imc);
   gtk_im_context_set_use_preedit (imc, TRUE);
 
-  g_signal_connect (G_OBJECT (imc), "commit",
-		    G_CALLBACK (xg_im_context_commit), f);
+  g_signal_connect_data (G_OBJECT (imc), "commit",
+			 G_CALLBACK (xg_im_context_commit),
+			 glib_user_data (f), free_glib_user_data,
+			 G_CONNECT_DEFAULT);
   g_signal_connect (G_OBJECT (imc), "preedit-changed",
 		    G_CALLBACK (xg_im_context_preedit_changed), NULL);
   g_signal_connect (G_OBJECT (imc), "preedit-end",
@@ -1853,7 +1879,9 @@ xg_create_frame_outer_widgets (struct frame *f)
   f->output_data.xp->ttip_window = 0;
 #ifndef HAVE_PGTK
   gtk_widget_set_tooltip_text (wtop, "Dummy text");
-  g_signal_connect (wtop, "query-tooltip", G_CALLBACK (qttip_cb), f);
+  g_signal_connect_data (wtop, "query-tooltip", G_CALLBACK (qttip_cb),
+			 glib_user_data (f), free_glib_user_data,
+			 G_CONNECT_DEFAULT);
 #endif
 
   {
@@ -2371,8 +2399,11 @@ create_dialog (widget_value *wv,
           if (! item->enabled)
             gtk_widget_set_sensitive (w, FALSE);
           if (select_cb)
-            g_signal_connect (G_OBJECT (w), "clicked",
-                              select_cb, item->call_data);
+            g_signal_connect_data (G_OBJECT (w), "clicked",
+				   select_cb,
+				   glib_user_data (item->call_data),
+				   free_glib_user_data,
+				   G_CONNECT_DEFAULT);
 
           gtk_box_pack_start (cur_box, w, TRUE, TRUE, button_spacing);
           if (++button_nr == left_buttons)
@@ -2946,6 +2977,7 @@ xg_get_font (struct frame *f, const char *default_name)
 #define MENU_ITEM_NAME "emacs-menuitem"
 
 
+#ifndef HAVE_MPS
 /* Linked list of all allocated struct xg_menu_cb_data.  Used for marking
    during GC.  The next member points to the items.  */
 static xg_list_node xg_menu_cb_list;
@@ -2953,6 +2985,7 @@ #define MENU_ITEM_NAME "emacs-menuitem"
 /* Linked list of all allocated struct xg_menu_item_cb_data.  Used for marking
    during GC.  The next member points to the items.  */
 static xg_list_node xg_menu_item_cb_list;
+#endif
 
 /* Allocate and initialize CL_DATA if NULL, otherwise increase ref_count.
    F is the frame CL_DATA will be initialized for.
@@ -2969,14 +3002,20 @@ make_cl_data (xg_menu_cb_data *cl_data, struct frame *f, GCallback highlight_cb)
 {
   if (! cl_data)
     {
+#ifndef HAVE_MPS
       cl_data = xmalloc (sizeof *cl_data);
+#else
+      cl_data = igc_xzalloc_ambig (sizeof *cl_data);
+#endif
       cl_data->f = f;
       cl_data->menu_bar_vector = f->menu_bar_vector;
       cl_data->menu_bar_items_used = f->menu_bar_items_used;
       cl_data->highlight_cb = highlight_cb;
       cl_data->ref_count = 0;
 
+#ifndef HAVE_MPS
       xg_list_insert (&xg_menu_cb_list, &cl_data->ptrs);
+#endif
     }
 
   cl_data->ref_count++;
@@ -3020,8 +3059,12 @@ unref_cl_data (xg_menu_cb_data *cl_data)
       cl_data->ref_count--;
       if (cl_data->ref_count == 0)
         {
+#ifndef HAVE_MPS
           xg_list_remove (&xg_menu_cb_list, &cl_data->ptrs);
           xfree (cl_data);
+#else
+	  igc_xfree (cl_data);
+#endif
         }
     }
 }
@@ -3082,11 +3125,16 @@ xg_mark_data (void)
 static void
 menuitem_destroy_callback (GtkWidget *w, gpointer client_data)
 {
-  if (client_data)
+  xg_menu_item_cb_data *data =
+    get_glib_user_data (client_data, xg_menu_item_cb_data);
+  if (data)
     {
-      xg_menu_item_cb_data *data = client_data;
+#ifndef HAVE_MPS
       xg_list_remove (&xg_menu_item_cb_list, &data->ptrs);
       xfree (data);
+#else
+      igc_xfree (data);
+#endif
     }
 }
 
@@ -3129,7 +3177,7 @@ menuitem_highlight_callback (GtkWidget *w,
 static void
 menu_destroy_callback (GtkWidget *w, gpointer client_data)
 {
-  unref_cl_data (client_data);
+  unref_cl_data (get_glib_user_data (client_data, xg_menu_cb_data));
 }
 
 /* Make a GTK widget that contains both UTF8_LABEL and UTF8_KEY (both
@@ -3268,19 +3316,25 @@ xg_create_one_menuitem (widget_value *item,
   if (utf8_label) g_free (utf8_label);
   if (utf8_key) g_free (utf8_key);
 
+#ifdef HAVE_MPS
+  cb_data = igc_xzalloc_ambig (sizeof *cb_data);
+#else
   cb_data = xmalloc (sizeof *cb_data);
 
   xg_list_insert (&xg_menu_item_cb_list, &cb_data->ptrs);
+#endif
 
   cb_data->select_id = 0;
   cb_data->help = item->help;
   cb_data->cl_data = cl_data;
   cb_data->call_data = item->call_data;
 
-  g_signal_connect (G_OBJECT (w),
-                    "destroy",
-                    G_CALLBACK (menuitem_destroy_callback),
-                    cb_data);
+  g_signal_connect_data (G_OBJECT (w),
+			 "destroy",
+			 G_CALLBACK (menuitem_destroy_callback),
+			 glib_user_data (cb_data),
+			 free_glib_user_data,
+			 G_CONNECT_DEFAULT);
 
   /* Put cb_data in widget, so we can get at it when modifying menubar  */
   g_object_set_data (G_OBJECT (w), XG_ITEM_DATA, cb_data);
@@ -3290,7 +3344,10 @@ xg_create_one_menuitem (widget_value *item,
     {
       if (select_cb)
         cb_data->select_id
-          = g_signal_connect (G_OBJECT (w), "activate", select_cb, cb_data);
+          = g_signal_connect_data (G_OBJECT (w), "activate", select_cb,
+				   glib_user_data (cb_data),
+				   free_glib_user_data,
+				   G_CONNECT_DEFAULT);
     }
 
   return w;
@@ -3378,8 +3435,10 @@ create_menus (widget_value *data,
 #endif
 
 #ifdef HAVE_PGTK
-	  g_signal_connect (G_OBJECT (wmenu), "button-press-event",
-			    G_CALLBACK (menu_bar_button_pressed_cb), f);
+	  g_signal_connect_data (G_OBJECT (wmenu), "button-press-event",
+			    G_CALLBACK (menu_bar_button_pressed_cb),
+			    glib_user_data (f), free_glib_user_data,
+			    G_CONNECT_DEFAULT);
 #endif
           /* Set width of menu bar to a small value so it doesn't enlarge
              a small initial frame size.  The width will be set to the
@@ -3391,8 +3450,10 @@ create_menus (widget_value *data,
       /* Put cl_data on the top menu for easier access.  */
       cl_data = make_cl_data (cl_data, f, highlight_cb);
       g_object_set_data (G_OBJECT (wmenu), XG_FRAME_DATA, (gpointer)cl_data);
-      g_signal_connect (G_OBJECT (wmenu), "destroy",
-                        G_CALLBACK (menu_destroy_callback), cl_data);
+      g_signal_connect_data (G_OBJECT (wmenu), "destroy",
+			     G_CALLBACK (menu_destroy_callback),
+			     glib_user_data (cl_data), free_glib_user_data,
+			     G_CONNECT_DEFAULT);
 
       if (name)
         gtk_widget_set_name (wmenu, name);
@@ -3864,8 +3925,11 @@ xg_update_menu_item (widget_value *val,
           /* This item shall have a select callback.  */
           if (! cb_data->select_id)
             cb_data->select_id
-              = g_signal_connect (G_OBJECT (w), "activate",
-                                  select_cb, cb_data);
+              = g_signal_connect_data (G_OBJECT (w), "activate",
+				       select_cb,
+				       glib_user_data (cb_data),
+				       free_glib_user_data,
+				       G_CONNECT_DEFAULT);
         }
       else if (cb_data->select_id)
         {
@@ -4111,7 +4175,7 @@ xg_modify_menubar_widgets (GtkWidget *menubar, struct frame *f,
 menubar_map_cb (GtkWidget *w, gpointer user_data)
 {
   GtkRequisition req;
-  struct frame *f = user_data;
+  struct frame *f = get_glib_user_data (user_data, struct frame);
   gtk_widget_get_preferred_size (w, NULL, &req);
   req.height *= xg_get_scale (f);
   if (FRAME_MENUBAR_HEIGHT (f) != req.height)
@@ -4143,7 +4207,9 @@ xg_update_frame_menubar (struct frame *f)
                       FALSE, FALSE, 0);
   gtk_box_reorder_child (GTK_BOX (x->vbox_widget), x->menubar_widget, 0);
 
-  g_signal_connect (x->menubar_widget, "map", G_CALLBACK (menubar_map_cb), f);
+  g_signal_connect_data (x->menubar_widget, "map", G_CALLBACK (menubar_map_cb),
+			 glib_user_data (f), free_glib_user_data,
+			 G_CONNECT_DEFAULT);
   gtk_widget_show_all (x->menubar_widget);
   gtk_widget_get_preferred_size (x->menubar_widget, NULL, &req);
   req.height *= scale;
@@ -5223,7 +5289,7 @@ #define GETSETUP(f) make_float (f (page_setup, GTK_UNIT_POINTS))
 draw_page (GtkPrintOperation *operation, GtkPrintContext *context,
 	   gint page_nr, gpointer user_data)
 {
-  Lisp_Object frames = *((Lisp_Object *) user_data);
+  Lisp_Object frames = *get_glib_user_data (user_data, Lisp_Object);
   struct frame *f = XFRAME (Fnth (make_fixnum (page_nr), frames));
   cairo_t *cr = gtk_print_context_get_cairo_context (context);
 
@@ -5246,7 +5312,10 @@ xg_print_frames_dialog (Lisp_Object frames)
   if (page_setup != NULL)
     gtk_print_operation_set_default_page_setup (print, page_setup);
   gtk_print_operation_set_n_pages (print, list_length (frames));
-  g_signal_connect (print, "draw-page", G_CALLBACK (draw_page), &frames);
+  Lisp_Object *frames_ptr = &frames;
+  g_signal_connect_data (print, "draw-page", G_CALLBACK (draw_page),
+			 glib_user_data (frames_ptr), free_glib_user_data,
+			 G_CONNECT_DEFAULT);
   res = gtk_print_operation_run (print, GTK_PRINT_OPERATION_ACTION_PRINT_DIALOG,
                                  NULL, NULL);
   if (res == GTK_PRINT_OPERATION_RESULT_APPLY)
@@ -5478,7 +5547,7 @@ tb_size_cb (GtkWidget    *widget,
   /* When tool bar is created it has one preferred size.  But when size is
      allocated between widgets, it may get another.  So we must update
      size hints if tool bar size changes.  Seen on Fedora 18 at least.  */
-  struct frame *f = user_data;
+  struct frame *f = get_glib_user_data (user_data, struct frame);
 
   if (xg_update_tool_bar_sizes (f))
     adjust_frame_size (f, -1, -1, 2, false, Qtool_bar_lines);
@@ -5521,8 +5590,10 @@ xg_create_tool_bar (struct frame *f)
   gtk_toolbar_set_style (GTK_TOOLBAR (x->toolbar_widget), GTK_TOOLBAR_ICONS);
   gtk_orientable_set_orientation (GTK_ORIENTABLE (x->toolbar_widget),
                                   GTK_ORIENTATION_HORIZONTAL);
-  g_signal_connect (x->toolbar_widget, "size-allocate",
-                    G_CALLBACK (tb_size_cb), f);
+  g_signal_connect_data (x->toolbar_widget, "size-allocate",
+			 G_CALLBACK (tb_size_cb),
+			 glib_user_data (f), free_glib_user_data,
+			 G_CONNECT_DEFAULT);
 #ifdef HAVE_GTK3
   gsty = gtk_widget_get_style_context (x->toolbar_widget);
   gtk_style_context_add_class (gsty, "primary-toolbar");
@@ -6234,8 +6305,10 @@ xg_initialize (void)
 
   gdpy_def = NULL;
   xg_ignore_gtk_scrollbar = 0;
+#ifndef HAVE_MPS
   xg_menu_cb_list.prev = xg_menu_cb_list.next =
     xg_menu_item_cb_list.prev = xg_menu_item_cb_list.next = 0;
+#endif
 
 #if defined HAVE_PGTK || !defined HAVE_GTK3
   id_to_widget.max_size = id_to_widget.used = 0;
@@ -6337,7 +6410,7 @@ xg_virtual_mods_to_x (struct x_display_info *dpyinfo, guint virtual)
 xg_im_context_commit (GtkIMContext *imc, gchar *str,
 		      gpointer user_data)
 {
-  struct frame *f = user_data;
+  struct frame *f = get_glib_user_data (user_data, struct frame);
   struct input_event ie;
 #ifdef HAVE_XINPUT2
   struct xi_device_t *source;
@@ -6708,7 +6781,7 @@ xg_filter_key (struct frame *frame, XEvent *xkey)
 static void
 xg_widget_style_updated (GtkWidget *widget, gpointer user_data)
 {
-  struct frame *f = user_data;
+  struct frame *f = get_glib_user_data (user_data, struct frame);
 
   if (f->alpha_background < 1.0)
     {
diff --git a/src/gtkutil.h b/src/gtkutil.h
index b689053b4b8..ac1b961e5a3 100644
--- a/src/gtkutil.h
+++ b/src/gtkutil.h
@@ -33,6 +33,27 @@ #define EVENT GdkEvent
 #define EVENT XEvent
 #endif
 
+/* Helper macros for glib callbacks.  On MPS builds, we need to pin
+   (pointers to) the objects, which requires an extra layer of
+   indirection. */
+
+#ifdef HAVE_MPS
+#define glib_user_data(o) ({				\
+      gpointer p = igc_xzalloc_ambig (sizeof (o));	\
+      memcpy (p, &(o), sizeof (o));			\
+      p;						\
+    })
+
+#define get_glib_user_data(user_data, type)	\
+  (*(type **)(user_data))
+
+#else
+#define glib_user_data(o) ((gpointer)(o))
+#define get_glib_user_data(user_data, type)	\
+  ((type *)(user_data))
+#endif
+extern void free_glib_user_data (gpointer data, GClosure *closure);
+
 /* Minimum and maximum values used for GTK scroll bars  */
 
 #define XG_SB_MIN 1
diff --git a/src/xmenu.c b/src/xmenu.c
index 6dd7b3f37a0..45def2fb1ea 100644
--- a/src/xmenu.c
+++ b/src/xmenu.c
@@ -793,7 +793,8 @@ menu_highlight_callback (Widget widget, LWLIB_ID id, void *call_data)
 static void
 menubar_selection_callback (GtkWidget *widget, gpointer client_data)
 {
-  xg_menu_item_cb_data *cb_data = client_data;
+  xg_menu_item_cb_data *cb_data =
+    get_glib_user_data (client_data, xg_menu_item_cb_data);
 
   if (xg_crazy_callback_abort)
     return;
@@ -1478,7 +1479,8 @@ menu_position_func (GtkMenu *menu, gint *x, gint *y, gboolean *push_in, gpointer
 static void
 popup_selection_callback (GtkWidget *widget, gpointer client_data)
 {
-  xg_menu_item_cb_data *cb_data = client_data;
+  xg_menu_item_cb_data *cb_data =
+    get_glib_user_data (client_data, xg_menu_item_cb_data);
 
   if (xg_crazy_callback_abort) return;
   if (cb_data) menu_item_selection = cb_data->call_data;
-- 
2.45.2

Re: MPS: Crash while completing symbol with corfu

[Eli Zaretskii]

> Date: Wed, 03 Jul 2024 14:19:02 +0000
> From: Pip Cet <pipcet@protonmail.com>
> Cc: Eli Zaretskii <eliz@gnu.org>, Gerd Möllmann <gerd.moellmann@gmail.com>, emacs-devel@gnu.org, eller.helmut@gmail.com
> 
> > No immediate crashes now.
> > I will keep this session running, with your patches installed.
> 
> Thanks! Here's what I'm testing now, FWIW.
> 
> Eli, is this sufficiently isolated from the non-MPS case? We use some trivial wrapper macros which become non-trivial in the MPS case, and we always use a slightly more verbose glib function to register handlers (and, in the MPS case, a cleanup handler).

I think it's okay, but I'd prefer inline functions instead of macros
for glib_user_data and get_glib_user_data.

Thanks.

Re: MPS: Crash while completing symbol with corfu

[Eli Zaretskii]

> Date: Wed, 03 Jul 2024 18:32:47 +0300
> From: Eli Zaretskii <eliz@gnu.org>
> Cc: yantar92@posteo.net, gerd.moellmann@gmail.com,
>  emacs-devel@gnu.org, eller.helmut@gmail.com
> 
> > Date: Wed, 03 Jul 2024 14:19:02 +0000
> > From: Pip Cet <pipcet@protonmail.com>
> > Cc: Eli Zaretskii <eliz@gnu.org>, Gerd Möllmann <gerd.moellmann@gmail.com>, emacs-devel@gnu.org, eller.helmut@gmail.com
> > 
> > > No immediate crashes now.
> > > I will keep this session running, with your patches installed.
> > 
> > Thanks! Here's what I'm testing now, FWIW.
> > 
> > Eli, is this sufficiently isolated from the non-MPS case? We use some trivial wrapper macros which become non-trivial in the MPS case, and we always use a slightly more verbose glib function to register handlers (and, in the MPS case, a cleanup handler).
> 
> I think it's okay, but I'd prefer inline functions instead of macros
> for glib_user_data and get_glib_user_data.

Or maybe just make then UPPER-CASE named, so that it's clear they are
macros.

Re: MPS: Crash while completing symbol with corfu

[Ihor Radchenko]

Pip Cet <pipcet@protonmail.com> writes:

>> No immediate crashes now.
>> I will keep this session running, with your patches installed.
>
> Thanks! Here's what I'm testing now, FWIW.

Should I also use the updated version of the patch?

-- 
Ihor Radchenko // yantar92,
Org mode contributor,
Learn more about Org mode at <https://orgmode.org/>.
Support Org development at <https://liberapay.com/org-mode>,
or support my work at <https://liberapay.com/yantar92>

Re: MPS: Crash while completing symbol with corfu

[Pip Cet]

On Wednesday, July 3rd, 2024 at 18:25, Ihor Radchenko <yantar92@posteo.net> wrote:
> Pip Cet pipcet@protonmail.com writes:
> 
> > > No immediate crashes now.
> > > I will keep this session running, with your patches installed.
> > 
> > Thanks! Here's what I'm testing now, FWIW.
> 
> Should I also use the updated version of the patch?

I don't think there were any functional changes, so there's no real need to. Thank you for testing it!

Pip

Re: MPS: Crash while completing symbol with corfu

[Pip Cet]

On Wednesday, July 3rd, 2024 at 20:25, Pip Cet <pipcet@protonmail.com> wrote:
> On Wednesday, July 3rd, 2024 at 18:25, Ihor Radchenko yantar92@posteo.net wrote:
> 
> > Pip Cet pipcet@protonmail.com writes:
> > 
> > > > No immediate crashes now.
> > > > I will keep this session running, with your patches installed.
> > > 
> > > Thanks! Here's what I'm testing now, FWIW.
> > 
> > Should I also use the updated version of the patch?
> 
> 
> I don't think there were any functional changes, so there's no real need to. Thank you for testing it!

I've now installed a fix on scratch/igc. It does create many roots, more than 2000, when menu-bar-mode is activated (on the other hand, all of them are freed when it is deactivated!). I'm not sure whether that's a problem.

Pip

Re: MPS: Crash while completing symbol with corfu

[Eli Zaretskii]

> Date: Thu, 04 Jul 2024 20:46:04 +0000
> From: Pip Cet <pipcet@protonmail.com>
> Cc: Ihor Radchenko <yantar92@posteo.net>, Eli Zaretskii <eliz@gnu.org>, Gerd Möllmann <gerd.moellmann@gmail.com>, emacs-devel@gnu.org, eller.helmut@gmail.com
> 
> I've now installed a fix on scratch/igc.

Did you forget to push?

Re: MPS: Crash while completing symbol with corfu

[Pip Cet]

On Friday, July 5th, 2024 at 05:51, Eli Zaretskii <eliz@gnu.org> wrote:
> > Date: Thu, 04 Jul 2024 20:46:04 +0000
> 
> > From: Pip Cet pipcet@protonmail.com
> > Cc: Ihor Radchenko yantar92@posteo.net, Eli Zaretskii eliz@gnu.org, Gerd Möllmann gerd.moellmann@gmail.com, emacs-devel@gnu.org, eller.helmut@gmail.com
> > 
> > I've now installed a fix on scratch/igc.
> 
> Did you forget to push?

I don't think so:

26ea4b462a0 Fix GTK-related MPS crashes

seems to be in scratch/igc for me (https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=scratch/igc&id=26ea4b462a031a8e57ed3ef8f8d76ba3f88b1372).

Did I get the branch name wrong, maybe?

Pip

Re: MPS: Crash while completing symbol with corfu

[Eli Zaretskii]

> Date: Fri, 05 Jul 2024 06:12:35 +0000
> From: Pip Cet <pipcet@protonmail.com>
> Cc: yantar92@posteo.net, gerd.moellmann@gmail.com, emacs-devel@gnu.org, eller.helmut@gmail.com
> 
> On Friday, July 5th, 2024 at 05:51, Eli Zaretskii <eliz@gnu.org> wrote:
> > > Date: Thu, 04 Jul 2024 20:46:04 +0000
> > 
> > > From: Pip Cet pipcet@protonmail.com
> > > Cc: Ihor Radchenko yantar92@posteo.net, Eli Zaretskii eliz@gnu.org, Gerd Möllmann gerd.moellmann@gmail.com, emacs-devel@gnu.org, eller.helmut@gmail.com
> > > 
> > > I've now installed a fix on scratch/igc.
> > 
> > Did you forget to push?
> 
> I don't think so:
> 
> 26ea4b462a0 Fix GTK-related MPS crashes
> 
> seems to be in scratch/igc for me (https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=scratch/igc&id=26ea4b462a031a8e57ed3ef8f8d76ba3f88b1372).
> 
> Did I get the branch name wrong, maybe?

No, I expected changes in other places, not just in GTK code (which is
of no interest to me and not compiled on my system).