From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Eli Zaretskii Newsgroups: gmane.emacs.bugs Subject: bug#24064: 24.5; NULL pointer dereference in compute_motion(), indent.c Date: Mon, 25 Jul 2016 19:24:14 +0300 Message-ID: <83vaztu1n5.fsf@gnu.org> References: <18720133-6691-74c9-528f-3baee920b421@gmail.com> Reply-To: Eli Zaretskii NNTP-Posting-Host: plane.gmane.org X-Trace: ger.gmane.org 1469463933 25919 80.91.229.3 (25 Jul 2016 16:25:33 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Mon, 25 Jul 2016 16:25:33 +0000 (UTC) Cc: 24064@debbugs.gnu.org To: Sergei Litvin Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Mon Jul 25 18:25:18 2016 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1bRigu-0000Gd-P6 for geb-bug-gnu-emacs@m.gmane.org; Mon, 25 Jul 2016 18:25:17 +0200 Original-Received: from localhost ([::1]:33450 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bRigq-00068K-HX for geb-bug-gnu-emacs@m.gmane.org; Mon, 25 Jul 2016 12:25:12 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:49389) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bRigk-00065g-O0 for bug-gnu-emacs@gnu.org; Mon, 25 Jul 2016 12:25:07 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bRigg-0003p4-K9 for bug-gnu-emacs@gnu.org; Mon, 25 Jul 2016 12:25:05 -0400 Original-Received: from debbugs.gnu.org ([208.118.235.43]:53016) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bRigg-0003oy-H1 for bug-gnu-emacs@gnu.org; Mon, 25 Jul 2016 12:25:02 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1bRigg-0002Qu-CJ for bug-gnu-emacs@gnu.org; Mon, 25 Jul 2016 12:25:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Eli Zaretskii Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Mon, 25 Jul 2016 16:25:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 24064 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: Original-Received: via spool by 24064-submit@debbugs.gnu.org id=B24064.14694638789316 (code B ref 24064); Mon, 25 Jul 2016 16:25:02 +0000 Original-Received: (at 24064) by debbugs.gnu.org; 25 Jul 2016 16:24:38 +0000 Original-Received: from localhost ([127.0.0.1]:37120 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1bRigI-0002QB-Jv for submit@debbugs.gnu.org; Mon, 25 Jul 2016 12:24:38 -0400 Original-Received: from eggs.gnu.org ([208.118.235.92]:58252) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1bRigH-0002Q0-Jx for 24064@debbugs.gnu.org; Mon, 25 Jul 2016 12:24:37 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bRig9-0003gI-8k for 24064@debbugs.gnu.org; Mon, 25 Jul 2016 12:24:32 -0400 Original-Received: from fencepost.gnu.org ([2001:4830:134:3::e]:53004) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bRig9-0003gB-5K; Mon, 25 Jul 2016 12:24:29 -0400 Original-Received: from 84.94.185.246.cable.012.net.il ([84.94.185.246]:4836 helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.82) (envelope-from ) id 1bRig7-0008Fk-Ap; Mon, 25 Jul 2016 12:24:27 -0400 In-reply-to: <18720133-6691-74c9-528f-3baee920b421@gmail.com> (message from Sergei Litvin on Mon, 25 Jul 2016 02:51:40 +0300) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:121521 Archived-At: > From: Sergei Litvin > Date: Mon, 25 Jul 2016 02:51:40 +0300 > > > struct position * > compute_motion (ptrdiff_t from, ptrdiff_t frombyte, EMACS_INT fromvpos, > EMACS_INT fromhpos, bool did_motion, ptrdiff_t to, > EMACS_INT tovpos, EMACS_INT tohpos, EMACS_INT width, > ptrdiff_t hscroll, int tab_offset, struct window *win) > { > > ... > > if (dp == buffer_display_table ()) > width_table = (VECTORP (BVAR (current_buffer, width_table)) > ? XVECTOR (BVAR (current_buffer, width_table))->contents > : 0); > else > /* If the window has its own display table, we can't use the width > run cache, because that's based on the buffer's display table. */ > width_table = 0; // initialize it with 0 (current buffer has no display table) > > ... > > if (width_cache) > { > /* Is this character part of the current run? If so, extend > the run. */ > if (pos - 1 == width_run_end > && XFASTINT (width_table[c]) == width_run_width) // dereference width_table here, and crash > width_run_end = pos; Did you actually see such a crash, and if so, can you show a recipe for reproducing that? Thanks.