From: Herbert Euler <herberteuler@hotmail.com>
To: Katsumi Yamaoka <yamaoka@jpl.org>, Kenichi Handa <handa@ni.aist.go.jp>
Cc: emacs-devel@gnu.org
Subject: RE: Unicode-2 crash by set-face-font
Date: Fri, 25 Jan 2008 13:57:16 +0800 [thread overview]
Message-ID: <BAY143-W5DF4F25E381127C993E4FDA390@phx.gbl> (raw)
In-Reply-To: <BAY143-W44D48055FD7BD9626A0018DA390@phx.gbl>
> herbert@euler:/data/emacs/emacs/src$ gdb emacs
> GNU gdb 6.7.1-debian
> Copyright (C) 2007 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law. Type "show copying"
> and "show warranty" for details.
> This GDB was configured as "i486-linux-gnu"...
> Using host libthread_db library "/lib/i686/cmov/libthread_db.so.1".
> SIGINT is used by the debugger.
> Are you sure you want to change it? (y or n) [answered Y; input not from terminal]
> DISPLAY = :0.0
> TERM = linux
> Breakpoint 1 at 0x8106fb6: file emacs.c, line 432.
> Breakpoint 2 at 0x8120a69: file sysdep.c, line 1432.
> (gdb) r -Q
> Starting program: /data/emacs/emacs/src/emacs -Q
> [Thread debugging using libthread_db enabled]
> [New Thread 0xb73b36b0 (LWP 30679)]
>
> Program received signal SIGSEGV, Segmentation fault.
> [Switching to Thread 0xb73b36b0 (LWP 30679)]
> font_load_for_face (f=0x8bd0428, face=0x87b5ad8) at font.c:2761
> 2761 face->font = font->font.font;
> (gdb) bt
> #0 font_load_for_face (f=0x8bd0428, face=0x87b5ad8) at font.c:2761
> #1 0x080cea50 in realize_face (cache=0x85c2520, attrs=0xbf9ceb14, former_face_id=) at xfaces.c:7749
> #2 0x080cf2f2 in realize_basic_faces (f=0x8bd0428) at xfaces.c:7535
> #3 0x080d17d4 in recompute_basic_faces (f=0x8bd0428) at xfaces.c:960
> #4 0x0807f94d in init_iterator (it=0xbf9cebf4, w=0x87b7200, charpos=1, bytepos=1, row=0x0, base_face_id=DEFAULT_FACE_ID)
> at xdisp.c:2537
> #5 0x080848dd in resize_mini_window (w=0x87b7200, exact_p=1) at xdisp.c:8505
> #6 0x08062b15 in do_switch_frame (frame=137824364, track=1, for_deletion=0) at frame.c:873
> #7 0x08063361 in Fselect_frame (frame=137824364) at frame.c:932
> #8 0x08171abc in Ffuncall (nargs=2, args=0xbf9cf080) at eval.c:3025
> #9 0x0819b22c in Fbyte_code (bytestr=136857459, vector=136857484, maxdepth=) at bytecode.c:679
> #10 0x08170fce in Feval (form=136857445) at eval.c:2362
> #11 0x0817129f in Fprogn (args=1) at eval.c:451
> #12 0x0816f8ad in unbind_to (count=240, value=137693385) at eval.c:3380
> #13 0x0819b1dc in Fbyte_code (bytestr=136857347, vector=136857364, maxdepth=) at bytecode.c:701
> #14 0x08171446 in funcall_lambda (fun=136857308, nargs=1, arg_vector=0xbf9cf2f4) at eval.c:3212
> #15 0x08171851 in Ffuncall (nargs=2, args=0xbf9cf2f0) at eval.c:3082
> #16 0x0819b22c in Fbyte_code (bytestr=136407475, vector=136407492, maxdepth=) at bytecode.c:679
> #17 0x08171446 in funcall_lambda (fun=136407428, nargs=1, arg_vector=0xbf9cf424) at eval.c:3212
> #18 0x08171851 in Ffuncall (nargs=2, args=0xbf9cf420) at eval.c:3082
> #19 0x0819b22c in Fbyte_code (bytestr=136658139, vector=136658156, maxdepth=) at bytecode.c:679
> #20 0x08171446 in funcall_lambda (fun=136658092, nargs=1, arg_vector=0xbf9cf564) at eval.c:3212
> #21 0x08171851 in Ffuncall (nargs=2, args=0xbf9cf560) at eval.c:3082
> #22 0x0819b22c in Fbyte_code (bytestr=136655195, vector=136655212, maxdepth=) at bytecode.c:679
> #23 0x08171446 in funcall_lambda (fun=136655164, nargs=0, arg_vector=0xbf9cf6a4) at eval.c:3212
> #24 0x08171851 in Ffuncall (nargs=1, args=0xbf9cf6a0) at eval.c:3082
> #25 0x0819b22c in Fbyte_code (bytestr=136425707, vector=136425724, maxdepth=) at bytecode.c:679
> #26 0x08171446 in funcall_lambda (fun=136425684, nargs=0, arg_vector=0xbf9cf7e4) at eval.c:3212
> #27 0x08171851 in Ffuncall (nargs=1, args=0xbf9cf7e0) at eval.c:3082
> #28 0x0819b22c in Fbyte_code (bytestr=136422403, vector=136422420, maxdepth=) at bytecode.c:679
> #29 0x08171446 in funcall_lambda (fun=136422380, nargs=0, arg_vector=0xbf9cf8b0) at eval.c:3212
> #30 0x08171640 in apply_lambda (fun=136422380, args=137693385, eval_flag=1) at eval.c:3136
> #31 0x08170d04 in Feval (form=138077709) at eval.c:2416
> #32 0x0810ebb3 in top_level_2 () at keyboard.c:1390
> #33 0x081703a0 in internal_condition_case (bfun=0x810eba0 , handlers=137737617, hfun=0x8112350 )
> at eval.c:1494
> #34 0x08111770 in top_level_1 () at keyboard.c:1398
> #35 0x0817047a in internal_catch (tag=137732465, func=0x8111740 , arg=137693385) at eval.c:1230
> #36 0x08112199 in command_loop () at keyboard.c:1353
> #37 0x0811251b in recursive_edit_1 () at keyboard.c:969
> #38 0x08112651 in Frecursive_edit () at keyboard.c:1031
> #39 0x08107dd2 in main (argc=2, argv=0xbf9cff64) at emacs.c:1809
>
> Lisp Backtrace:
> "select-frame" (0xbf9cf084)
> "byte-code" (0xbf9cf120)
> "x-setup-function-keys" (0xbf9cf2f4)
> ---Type to continue, or q to quit---
> "x-create-frame-with-faces" (0xbf9cf424)
> "make-frame" (0xbf9cf564)
> "frame-initialize" (0xbf9cf6a4)
> "command-line" (0xbf9cf7e4)
> "normal-top-level" (0xbf9cf8b0)
> (gdb)
FWIW, here is the first difference I notice until now. I'm continuing to investigate, but
hope this helpful.
During the starting of Emacs, realize_default_face is called many times. In my case,
it crashes Emacs at the second time it is called. I guess the relative part to this crash
in the code is the content of `attr', and so I print it:
(gdb) r -Q
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /data/emacs/emacs/src/emacs -Q
[Thread debugging using libthread_db enabled]
[New Thread 0xb74086b0 (LWP 1981)]
[Switching to Thread 0xb74086b0 (LWP 1981)]
Breakpoint 6, realize_default_face (f=0x83f2868) at xfaces.c:7535
7535 face = realize_face (c, attrs, DEFAULT_FACE_ID);
(gdb) p attrs[LFACE_FONT_INDEX]
$19 = 138252817
(gdb) pr
unspecified
(gdb) p ((union Lisp_Misc *) ((long) ((attrs[LFACE_FONT_INDEX]) & ~((((long) 1) << 3) - 1))))
$20 = (union Lisp_Misc *) 0x83d9210
(gdb) p *$
$21 = {
u_any = {
type = 16,
gcmarkbit = 0,
spacer = 0
},
u_free = {
type = 16,
gcmarkbit = 0,
spacer = 0,
chain = 0x8263383,
padding = "\341(=\b\341(=\b\311(=\b\000\000\000"
},
u_marker = {
type = 16,
gcmarkbit = 0,
spacer = 0,
need_adjustment = 0,
insertion_type = 0,
buffer = 0x8263383,
next = 0x83d28e1,
charpos = 138225889,
bytepos = 138225865
},
u_intfwd = {
type = 16,
gcmarkbit = 0,
spacer = 0,
intvar = 0x8263383
},
u_boolfwd = {
type = 16,
gcmarkbit = 0,
spacer = 0,
boolvar = 0x8263383
},
u_objfwd = {
type = 16,
gcmarkbit = 0,
spacer = 0,
objvar = 0x8263383
},
u_buffer_objfwd = {
type = 16,
gcmarkbit = 0,
spacer = 0,
slottype = 136721283,
---Type to continue, or q to quit---
offset = 138225889
},
u_buffer_local_value = {
type = 16,
gcmarkbit = 0,
spacer = 0,
local_if_set = 0,
check_frame = 0,
found_for_buffer = 0,
found_for_frame = 0,
realvalue = 136721283,
buffer = 138225889,
frame = 138225889,
cdr = 138225865
},
u_overlay = {
type = 16,
gcmarkbit = 0,
spacer = 0,
next = 0x8263383,
start = 138225889,
end = 138225889,
plist = 138225865
},
u_kboard_objfwd = {
type = 16,
gcmarkbit = 0,
spacer = 0,
offset = 136721283
},
u_save_value = {
type = 16,
gcmarkbit = 0,
spacer = 0,
dogc = 0,
pointer = 0x8263383,
integer = 138225889
}
}
(gdb) c
Continuing.
Breakpoint 6, realize_default_face (f=0x8c4fbf8) at xfaces.c:7535
7535 face = realize_face (c, attrs, DEFAULT_FACE_ID);
(gdb) p attrs[LFACE_FONT_INDEX]
$22 = 141793459
(gdb) pr
"-Adobe-Courier-Medium-R-Normal--12-120-75-75-M-70-ISO8859-1"
(gdb) p ((union Lisp_Misc *) ((long) ((attrs[LFACE_FONT_INDEX]) & ~((((long) 1) << 3) - 1))))
$23 = (union Lisp_Misc *) 0x87398b0
(gdb) p *$
$24 = {
u_any = {
type = 59,
gcmarkbit = 0,
spacer = 0
},
u_free = {
type = 59,
gcmarkbit = 0,
spacer = 0,
chain = 0xffffffff,
padding = "\000\000\000\000\270\331\212\b\r\000\000\000\377\377\377\377"
},
u_marker = {
type = 59,
gcmarkbit = 0,
spacer = 0,
need_adjustment = 0,
insertion_type = 0,
buffer = 0xffffffff,
next = 0x0,
charpos = 143317432,
bytepos = 13
},
u_intfwd = {
type = 59,
gcmarkbit = 0,
spacer = 0,
intvar = 0xffffffff
},
u_boolfwd = {
type = 59,
gcmarkbit = 0,
spacer = 0,
boolvar = 0xffffffff
},
u_objfwd = {
type = 59,
gcmarkbit = 0,
spacer = 0,
objvar = 0xffffffff
},
u_buffer_objfwd = {
type = 59,
gcmarkbit = 0,
spacer = 0,
slottype = -1,
---Type to continue, or q to quit---
offset = 0
},
u_buffer_local_value = {
type = 59,
gcmarkbit = 0,
spacer = 0,
local_if_set = 0,
check_frame = 0,
found_for_buffer = 0,
found_for_frame = 0,
realvalue = -1,
buffer = 0,
frame = 143317432,
cdr = 13
},
u_overlay = {
type = 59,
gcmarkbit = 0,
spacer = 0,
next = 0xffffffff,
start = 0,
end = 143317432,
plist = 13
},
u_kboard_objfwd = {
type = 59,
gcmarkbit = 0,
spacer = 0,
offset = -1
},
u_save_value = {
type = 59,
gcmarkbit = 0,
spacer = 0,
dogc = 0,
pointer = 0xffffffff,
integer = 0
}
}
(gdb)
There are many 0xffffffff's before the execution going into `realize_x_face' for the second
time, is that the cause of the crash?
Regards,
Guanpeng Xu
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
next prev parent reply other threads:[~2008-01-25 5:57 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-01-22 4:55 Unicode-2 crash by set-face-font Katsumi Yamaoka
2008-01-22 7:17 ` Kenichi Handa
2008-01-22 12:06 ` Kenichi Handa
2008-01-22 23:34 ` Katsumi Yamaoka
2008-01-23 0:55 ` Katsumi Yamaoka
2008-01-23 11:14 ` Kenichi Handa
2008-01-23 11:54 ` Katsumi Yamaoka
2008-01-23 12:42 ` Kenichi Handa
2008-01-23 22:57 ` Katsumi Yamaoka
2008-01-24 11:19 ` Kenichi Handa
2008-01-24 11:53 ` Katsumi Yamaoka
2008-01-25 2:21 ` Kenichi Handa
2008-01-25 2:44 ` Katsumi Yamaoka
2008-01-25 2:51 ` Miles Bader
2008-01-25 6:22 ` Katsumi Yamaoka
2008-01-25 6:10 ` Katsumi Yamaoka
2008-01-25 11:28 ` Kenichi Handa
2008-01-28 0:05 ` Katsumi Yamaoka
2008-02-02 14:22 ` Jason Rumney
2008-01-25 6:59 ` Herbert Euler
2008-01-25 3:15 ` Herbert Euler
2008-01-25 3:17 ` Herbert Euler
2008-01-25 5:57 ` Herbert Euler [this message]
2008-01-25 6:37 ` Herbert Euler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=BAY143-W5DF4F25E381127C993E4FDA390@phx.gbl \
--to=herberteuler@hotmail.com \
--cc=emacs-devel@gnu.org \
--cc=handa@ni.aist.go.jp \
--cc=yamaoka@jpl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).