On Mon, 10 May 2010 21:20:25 +0300 Eli Zaretskii wrote: >> From: Stephen Berman >> Cc: Eli Zaretskii , emacs-devel@gnu.org >> Date: Sun, 09 May 2010 23:25:53 +0200 >> >> I just tried this recipe on GNU Emacs 24.0.50.2 (i686-pc-linux-gnu, GTK+ >> Version 2.18.6) of 2010-05-08 on escher with a JPG file and Emacs dumped >> core. The gdb backtrace from the core file is attached. > > Could you please post that JPG file as an attachment? I don't see a > crash, only an infloop, so perhaps there's more than one problem, or > maybe the bug is data-dependent. > > I know what the problem is, at least what's responsible for the > infloop, and will fix it soon in the repository. But please post the > file that crashes nonetheless, so I could make sure there are no > further problems. I think you're right that the crash is data-dependent: I tried the recipe on several other JPG and PDF files, and they all made Emacs infloop but not abort. I then experimented with the file that induced the crash (of which file(1) says: JPEG image data, EXIF standard 2.21): - First I found that the crash still happens when Emacs tries to visit a file consisting of only a fairly small initial segment of the original JPG file. - Then I tried even smaller initial segments, but they all only made Emacs infloop, not crash. - Then I tried a non-initial segment, starting from the end position of the largest initial segment that induced the infloop but not the crash, and ending with the end of the segment that induced the crash, and voila! -- Emacs crashed. The backtrace I got from the core file was essentially the same as the one I posted to the list, modulo values of variables. - Then I renamed this file (the non-initial segment that induced a crash) from "test8.jpg" to simply "test", ran the recipe -- and Emacs successfully visited the file, no crash, no hang. So I've attached this file, which again, is a small non-initial segment of a JPG file (and as such not recognized by file(1) as a JPG file); (only) if its name ends in .jpg and (setq-default bidi-display-reordering t) is evaluated, Emacs crashes upon visiting this file. I hope it helps you shed some light on the problem. Steve Berman