From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.ciao.gmane.io!not-for-mail From: Daniel Pittman Newsgroups: gmane.emacs.devel Subject: macOS NS GUI crash due to invalid font pointer in frame struct while marking Date: Thu, 23 Jan 2020 11:16:39 -0500 Message-ID: Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="0000000000006a3cf4059cd0f9d1" Injection-Info: ciao.gmane.io; posting-host="ciao.gmane.io:159.69.161.202"; logging-data="8003"; mail-complaints-to="usenet@ciao.gmane.io" To: emacs-devel Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Thu Jan 23 19:21:01 2020 Return-path: Envelope-to: ged-emacs-devel@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1iuh6C-000227-Tq for ged-emacs-devel@m.gmane-mx.org; Thu, 23 Jan 2020 19:21:00 +0100 Original-Received: from localhost ([::1]:34594 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iuh6B-0002zR-B9 for ged-emacs-devel@m.gmane-mx.org; Thu, 23 Jan 2020 13:20:59 -0500 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:60238) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iufAV-0006Ag-DL for emacs-devel@gnu.org; Thu, 23 Jan 2020 11:17:20 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iufAT-0002MG-1Q for emacs-devel@gnu.org; Thu, 23 Jan 2020 11:17:19 -0500 Original-Received: from mail-qt1-x82d.google.com ([2607:f8b0:4864:20::82d]:37109) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1iufAS-0002Jc-Rx for emacs-devel@gnu.org; Thu, 23 Jan 2020 11:17:16 -0500 Original-Received: by mail-qt1-x82d.google.com with SMTP id w47so2888040qtk.4 for ; Thu, 23 Jan 2020 08:17:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=A2JLHCUNYcCVQO0oed1t6Lnv8UelnrX2lFhBEQG8SOk=; b=EcoMNgaFXhe5JCAtVzb8sXs/rT8gFtMi+bJuR2JZUEgn+AmhHqa6nJzRf7IjZNfvP1 nQRR0/iG7iI+0URh9KMu5+3THAIY8ippMbNtnnCHG9yl2aXOJS2dlXVepf6NBibKUQNx BVAnUPXv9/Etwxdw5pFaws7wMP7OmKvKaXpM6SrAyl0DOHv17xTx18TMpoAGZlXrqyEJ eKM5bxaYEfeOUXpyWouHo8/xOfsHxxrPnr7PTVXiEUvpaALM9ivKz7wAKIAKERdXCZ8d ytHU89EwWinnYbxf+YMRGyL0v+bhNZWvet9C8fDISqDOWYLYK/FWbeOIw+66+qd2WBG4 tFGA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=A2JLHCUNYcCVQO0oed1t6Lnv8UelnrX2lFhBEQG8SOk=; b=Um8zsjQFzqprBWjmSHvqHXNMTMdZDEvEnVM3jNV5FB9xO0Rrn18CMucv8A0CU70YCM 74W3cRLCxe5aFIEfOPMxFzGlgNnCpAiHTdcTxiERjskc1Vv/6R+nSb58H9yGWTKeZvz5 TMljLQrYKBC/ZohUEUPgpgIptWL5iJSFDvqsXOWVPj0X28icBdgi2X0mFZAhK+020OYh NjsbBNxXdBGzX2BqDJni5S7xhgAyW53143JRHU618O3w/Ov2C4PXEgdHtb1VxWBAYPwL 3OOt/rsVTpCoplVfTCQmtbtTlo3JWqy2VkemqfTiQKLnnKzOy47f1mowMmmun4Zktwv5 erjQ== X-Gm-Message-State: APjAAAWS7NTL/vOH1n5R1IFx5x3ceeMBrTnzT3YhlTXUbONr7o9jUXBA YyyvALSVZlPBfOHx72X43eozDiFVF6DKuvGKQ0mBGgaUzRw= X-Google-Smtp-Source: APXvYqxEaF79Youx0lYf+zGMJTt8e1Rg6dOyVC5az0JtgtSKf5WCUV+nIt+zq4av+qU2DAowYS7zwllNGia+GEkOMX0= X-Received: by 2002:ac8:1851:: with SMTP id n17mr17220799qtk.305.1579796235149; Thu, 23 Jan 2020 08:17:15 -0800 (PST) X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2607:f8b0:4864:20::82d X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.io gmane.emacs.devel:244542 Archived-At: --0000000000006a3cf4059cd0f9d1 Content-Type: text/plain; charset="UTF-8" G'day. I've come across a crash during GC on macOS 10.15.2, GNU Emacs built from source, git d97a77c481ec913d8c3c24f2eecdc41a28243678. The crash is located at: ...->mark_window->mark_vectorlike->mark_frame In this the bad pointer is in (struct frame).output_data.ns.font, where the pointer is wildly out of the memory map, and so crashes trying to determine if that was marked. I haven't yet tracked this down to a root cause, but before I invest significant time in that I'd like to know if anyone else is investigating this, or something similar to this? Reproduction is, painfully, just a matter of waiting for a crash. It seems to be vaguely correlated to external process interactions, but can't find a clear root cause. I'll work to get a fix, of course, but wanted to avoid duplicating work if someone else already has this in hand, or knows more. Thanks! --0000000000006a3cf4059cd0f9d1 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
G'day.=C2=A0 I've come across a crash during GC on= macOS 10.15.2, GNU Emacs built from source, git=C2=A0d97a77c481ec913d8c3c2= 4f2eecdc41a28243678.

The crash is located at:
= ...->mark_window->mark_vectorlike->mark_frame

=
In this the bad pointer is in (struct frame).output_data.ns.font, wher= e the pointer is wildly out of the memory map, and so crashes trying to det= ermine if that was marked.

I haven't yet track= ed this down to a root cause, but before I invest significant time in that = I'd like to know if anyone else is investigating this, or something sim= ilar to this?

Reproduction is, painfully, just a m= atter of waiting for a crash.=C2=A0 It seems to be vaguely correlated to ex= ternal process interactions, but can't find a clear root cause.

I'll work to get a fix, of course, but wanted to avoi= d duplicating work if someone else already has this in hand, or knows more.= =C2=A0

Thanks!
--0000000000006a3cf4059cd0f9d1--