From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Eli Zaretskii Newsgroups: gmane.emacs.bugs Subject: bug#22818: 25.1.1 Emacs.app crash ns_compute_glyph_string_overhangs Date: Sat, 19 Nov 2016 12:27:27 +0200 Message-ID: <83k2bzbw8g.fsf@gnu.org> References: <83twb4aqwp.fsf@gnu.org> <20161119100703.GA66661@breton.holly.idiocy.org> Reply-To: Eli Zaretskii NNTP-Posting-Host: blaine.gmane.org X-Trace: blaine.gmane.org 1479551296 27877 195.159.176.226 (19 Nov 2016 10:28:16 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Sat, 19 Nov 2016 10:28:16 +0000 (UTC) Cc: 22818@debbugs.gnu.org, josh@berdine.net To: Alan Third Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Sat Nov 19 11:28:12 2016 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1c82sU-0006qm-Hb for geb-bug-gnu-emacs@m.gmane.org; Sat, 19 Nov 2016 11:28:10 +0100 Original-Received: from localhost ([::1]:40784 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1c82sY-0003Z9-1I for geb-bug-gnu-emacs@m.gmane.org; Sat, 19 Nov 2016 05:28:14 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:59076) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1c82sP-0003Xr-A5 for bug-gnu-emacs@gnu.org; Sat, 19 Nov 2016 05:28:06 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1c82sM-00019l-4u for bug-gnu-emacs@gnu.org; Sat, 19 Nov 2016 05:28:05 -0500 Original-Received: from debbugs.gnu.org ([208.118.235.43]:47302) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1c82sM-00019g-1x for bug-gnu-emacs@gnu.org; Sat, 19 Nov 2016 05:28:02 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1c82sL-0003pe-UN for bug-gnu-emacs@gnu.org; Sat, 19 Nov 2016 05:28:01 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Eli Zaretskii Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Sat, 19 Nov 2016 10:28:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 22818 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: unreproducible Original-Received: via spool by 22818-submit@debbugs.gnu.org id=B22818.147955125214677 (code B ref 22818); Sat, 19 Nov 2016 10:28:01 +0000 Original-Received: (at 22818) by debbugs.gnu.org; 19 Nov 2016 10:27:32 +0000 Original-Received: from localhost ([127.0.0.1]:34468 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1c82rs-0003of-9N for submit@debbugs.gnu.org; Sat, 19 Nov 2016 05:27:32 -0500 Original-Received: from eggs.gnu.org ([208.118.235.92]:39397) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1c82rq-0003oR-9C for 22818@debbugs.gnu.org; Sat, 19 Nov 2016 05:27:30 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1c82rh-0000hh-Sh for 22818@debbugs.gnu.org; Sat, 19 Nov 2016 05:27:25 -0500 Original-Received: from fencepost.gnu.org ([2001:4830:134:3::e]:39482) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1c82rh-0000hb-Pn; Sat, 19 Nov 2016 05:27:21 -0500 Original-Received: from 84.94.185.246.cable.012.net.il ([84.94.185.246]:3683 helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.82) (envelope-from ) id 1c82rh-00089P-1x; Sat, 19 Nov 2016 05:27:21 -0500 In-reply-to: <20161119100703.GA66661@breton.holly.idiocy.org> (message from Alan Third on Sat, 19 Nov 2016 10:07:03 +0000) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:125864 Archived-At: > Date: Sat, 19 Nov 2016 10:07:03 +0000 > From: Alan Third > Cc: Josh Berdine , 22818@debbugs.gnu.org > > On Sat, Nov 19, 2016 at 09:07:50AM +0200, Eli Zaretskii wrote: > > Can you convert the address in frame #0 into line numbers? Judging by > > the faulting address, 0xd0, some pointer in > > ns_compute_glyph_string_overhangs is a null pointer, but it's hard to > > tell which one without the line number information. > > I finally managed to replicate this on my own build: > > (lldb) run -Q ~/test-file > Process 66588 launched: '/Users/alan/src/emacs/emacs-25/nextstep/Emacs.app/Contents/MacOS/Emacs' (x86_64) > Process 66588 stopped > * thread #1: tid = 0x154600, 0x00000001002c0940 Emacs`ns_compute_glyph_string_overhangs(s=0x00007fff5fbfb6f0) + 224 at nsterm.m:2681, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0xd0) > frame #0: 0x00000001002c0940 Emacs`ns_compute_glyph_string_overhangs(s=0x00007fff5fbfb6f0) + 224 at nsterm.m:2681 > 2678 else > 2679 { > 2680 s->left_overhang = 0; > -> 2681 if (EQ (font->driver->type, Qns)) > 2682 s->right_overhang = ((struct nsfont_info *)font)->ital ? > 2683 FONT_HEIGHT (font) * 0.2 : 0; > 2684 else > (lldb) bt all > * thread #1: tid = 0x154600, 0x00000001002c0940 Emacs`ns_compute_glyph_string_overhangs(s=0x00007fff5fbfb6f0) + 224 at nsterm.m:2681, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0xd0) > * frame #0: 0x00000001002c0940 Emacs`ns_compute_glyph_string_overhangs(s=0x00007fff5fbfb6f0) + 224 at nsterm.m:2681 > frame #1: 0x0000000100058e7c Emacs`draw_glyphs(w=0x000000010204f430, x=570, row=0x000000010240e100, area=TEXT_AREA, start=0, end=52, hl=DRAW_NORMAL_TEXT, overlaps=0) + 3324 at xdisp.c:25673 So the question now becomes: how did that glyph_string got a NULL font? The answer is somewhere in the code that generates glyph strings as part of the call to BUILD_GLYPH_STRINGS. Can you try figuring out why does that happen, by stepping through the code in BUILD_GLYPH_STRINGS? > (lldb) frame variable > (glyph_string *) s = 0x00007fff5fbfb6f0 > (font *) font = 0x0000000000000000 > > (lldb) frame variable *s > (glyph_string) *s = { > x = 10 > y = 16 > ybase = 30 > width = 11 > background_width = 11 > height = 20 > left_overhang = 0 > right_overhang = 0 > f = 0x0000000102050430 > w = 0x000000010204f430 > display = 0x0000000000000000 > window = 1 > row = 0x000000010240e100 > area = TEXT_AREA > char2b = 0x0000000000000000 > nchars = 1 > hl = DRAW_NORMAL_TEXT > face = 0x000000010153b400 What kind of face is s->face? Thanks.