From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Michael Welsh Duggan Newsgroups: gmane.emacs.bugs Subject: bug#23522: 25.0.93; SEGFAULT when displaying HELLO Date: Fri, 13 May 2016 10:52:31 -0400 Message-ID: <877feyau34.fsf@md5i.com> References: <83lh3f9jdr.fsf@gnu.org> <83eg979g1p.fsf@gnu.org> <87wpmzgfxw.fsf@md5i.com> <8337pm9z8j.fsf@gnu.org> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Trace: ger.gmane.org 1463151204 10338 80.91.229.3 (13 May 2016 14:53:24 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Fri, 13 May 2016 14:53:24 +0000 (UTC) Cc: mwd@md5i.com, mwd@cert.org, 23522@debbugs.gnu.org To: Eli Zaretskii Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Fri May 13 16:53:13 2016 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1b1ESl-0005zg-Pe for geb-bug-gnu-emacs@m.gmane.org; Fri, 13 May 2016 16:53:12 +0200 Original-Received: from localhost ([::1]:34860 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1b1ESl-0001j5-0V for geb-bug-gnu-emacs@m.gmane.org; Fri, 13 May 2016 10:53:11 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:41491) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1b1ESh-0001gz-AM for bug-gnu-emacs@gnu.org; Fri, 13 May 2016 10:53:08 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1b1ESc-0007jT-4u for bug-gnu-emacs@gnu.org; Fri, 13 May 2016 10:53:06 -0400 Original-Received: from debbugs.gnu.org ([208.118.235.43]:37743) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1b1ESc-0007jP-1G for bug-gnu-emacs@gnu.org; Fri, 13 May 2016 10:53:02 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1b1ESb-0004sI-Om for bug-gnu-emacs@gnu.org; Fri, 13 May 2016 10:53:01 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Michael Welsh Duggan Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Fri, 13 May 2016 14:53:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 23522 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: Original-Received: via spool by 23522-submit@debbugs.gnu.org id=B23522.146315116018712 (code B ref 23522); Fri, 13 May 2016 14:53:01 +0000 Original-Received: (at 23522) by debbugs.gnu.org; 13 May 2016 14:52:40 +0000 Original-Received: from localhost ([127.0.0.1]:50080 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1b1ESG-0004rk-9e for submit@debbugs.gnu.org; Fri, 13 May 2016 10:52:40 -0400 Original-Received: from md5i.com ([75.151.244.229]:52976) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1b1ESA-0004rX-3b for 23522@debbugs.gnu.org; Fri, 13 May 2016 10:52:38 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=md5i.com; s=dkim; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Message-ID: In-Reply-To:Date:References:Subject:Cc:To:From:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=tIgxogYj05R7v8m7LxH0tLrf70dZTIxKFev8Nf6aE9k=; b=wgEaA2BBVV7OWl2OWYhENKQVNd v3/wi9MbY0RNs46BQP6CRqJt2jt3hrluHvrDd91ZbUC/VBT/LCZ2slK2OkXx9R1JAf5f5u/aOLWI1 N3/wJkLROJVt5ekkfnNi6piHd; Original-Received: from md5i by md5i.com with local (Exim 4.87) (envelope-from ) id 1b1ES7-0007NR-ER; Fri, 13 May 2016 10:52:31 -0400 In-Reply-To: <8337pm9z8j.fsf@gnu.org> (Eli Zaretskii's message of "Fri, 13 May 2016 10:46:36 +0300") User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.0.92 (gnu/linux) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:118198 Archived-At: Eli Zaretskii writes: >> From: Michael Welsh Duggan >> Cc: Michael Welsh Duggan , , >> <23522@debbugs.gnu.org> >> Date: Thu, 12 May 2016 16:49:15 -0400 >>=20 >> Eli Zaretskii writes: >>=20 >> >> From: Michael Welsh Duggan >> >> Cc: , <23522@debbugs.gnu.org> >> >> Date: Thu, 12 May 2016 15:58:43 -0400 >> >>=20 >> >> (gdb) up >> >> #4 0x00000000006b47e2 in ftfont_shape_by_flt (lgstring=3D14496901,=20 >> >> font=3D0x17b3660, ft_face=3D0x1739f10, otf=3D0x16df8d0, matrix=3D= 0x17b3758) >> >> at ../../../git/emacs/src/ftfont.c:2655 >> >> (gdb) pp lgstring >> >> [[#> >> Gujarati-normal-normal-normal-*-13-*-*-*-*-0-iso10646-1"> 2744 2765 >> >> 2724 2759] nil [0 0 2744 98 10 0 9 8 0 nil] [1 1 2765 115 0 -4 3 0 4 >> >> nil] [2 2 2724 81 9 0 8 8 0 nil] [3 3 2759 110 0 -7 -1 12 -7 nil] >> >> nil nil nil nil] >> >> (gdb)=20 >> > >> > In the above stack frame, what is the value of g->g (it's a >> > structure)? >>=20 >> (gdb) p g->g >> $3 =3D { >> c =3D 0,=20 >> code =3D 175,=20 >> from =3D 0,=20 >> to =3D 115, <<<<<<<<<<<<<<<<<<<<<< > > This value of 'to' looks bogus (too large) to me. The line that > segfaults is > > g->g.to =3D LGLYPH_TO (LGSTRING_GLYPH (lgstring, g->g.to)); > > and the LGSTRING_GLYPH macro expands to AREF (lgstring, g->g.to+2), so > we are indexing an lgstring with an index that's 117, too large. The > value of lgstring shown above has only 10 elements, which is > consistent with the definition of an lgstring (see composite.h, around > line 270). > > So the question becomes: where did that value of 'to' come from, and > how come its value is bogus? Can you look at the code before the > faulting line and figure that out? It's being filled in by mflt_run() at ftfont.c:2646. > I'm CC'ing Handa-san, who might have insight for this problem. > >> > The crash seems to happen when Emacs tries to display line #10 of >> > HELLO, which begins with " South Asia:". The first word after that is >> > the one that causes the crash. Can you look at another system, where >> > there's no crash, and tell which font is used for that word? >>=20 >> Looking at previous frames, it looks like the character is char 383: > > That's right. > >> position: 383 of 3322 (11%), column: 16 >> character: =E0=AA=B8 (displayed as =E0=AA=B8) (codepoint 274= 4, #o5270, #xab8) >> preferred charset: mule-unicode-0100-24ff (Unicode characters of the= range U+0100..U+24FF.) >> code point in charset: 0x3978 >> script: gujarati >> syntax: w which means: word >> category: .:Base, L:Left-to-right (strong) >> to input: type "C-x 8 RET ab8" or "C-x 8 RET GUJARATI LETTE= R SA" >> buffer code: #xE0 #xAA #xB8 >> file code: ESC #x24 #x2C #x31 #x39 #x78 (encoded by coding s= ystem iso-2022-7bit-unix) >> display: composed to form "=E0=AA=B8=E0=AB=8D=E0=AA=A4=E0= =AB=87" (see below) >>=20 >> Composed with the following character(s) "=E0=AB=8D=E0=AA=A4=E0=AB=87" u= sing this font: >> xft:-unknown-FreeSerif-normal-normal-normal-*-15-*-*-*-*-0-iso10646-1 >> by these glyphs: >> [0 3 0 10195 9 0 10 10 0 nil] >> [0 3 2724 2103 10 1 10 10 1 nil] >> [0 3 2759 2132 0 -8 -2 13 -10 [-1 0 0]] > > So why does Emacs use FreeSerif on this system and Lohit Gujarati on > the faulting one?=20 The two systems I have access to are running completely different distributions of Linux. I don't have much control over the packages installed on the system on which Emacs breaks. > Are both fonts installed on both systems? Is Lohit > Gujarati a bad font, by any chance? No idea. How can I find out? The font comes from /usr/share/fonts/lohit-gujarati/Lohit-Gujarati.ttf . > Also, do both systems have the same version of libm17n-flt and m17n-db > libraries? Almost certainly not. --=20 Michael Welsh Duggan (md5i@md5i.com)