* bug#5609: 23.1.92; segfault in composition_compute_stop_pos
@ 2010-02-20 17:08 Sven Joachim
2010-02-21 13:16 ` Chong Yidong
2010-02-25 2:33 ` Kenichi Handa
0 siblings, 2 replies; 6+ messages in thread
From: Sven Joachim @ 2010-02-20 17:08 UTC (permalink / raw)
To: 5609; +Cc: Sven Joachim
During the last weeks I experienced several segfaults, mostly in Dired,
but unfortunately I did not run Emacs under GDB. This time I did.
I visited a file named "Makefile" and started an I-search for
"distcheck" when Emacs segfaulted. This is not reproducible.
(gdb) xbacktrace
(gdb) bt full
#0 0x081e30b4 in composition_compute_stop_pos (cmp_it=0xffffb040, charpos=16, bytepos=26,
endpos=17, string=<value optimized out>) at composite.c:1072
elt = <value optimized out>
start = 0
end = -22168
c = 14719988
prop = 0
val = <value optimized out>
#1 0x08079548 in reseat_to_string (it=<value optimized out>, s=0x0, string=<value optimized out>,
charpos=0, precision=-8, field_width=17, multibyte=1) at xdisp.c:5613
No locals.
#2 0x08080031 in display_string (string=0x83ec9f2 "", lisp_string=154714081,
face_string=<value optimized out>, face_string_pos=1, start=0, it=0xffffac88, field_width=17,
precision=-8, max_x=0, multibyte=1) at xdisp.c:18866
hpos_at_start = 8
saved_face_id = 1
row = 0x8f77368
#3 0x08086434 in display_mode_element (it=<value optimized out>, depth=<value optimized out>,
field_width=<value optimized out>, precision=-8, elt=156429401, props=138332658, risky=0)
at xdisp.c:17614
nwritten = <value optimized out>
multibyte = 1
charpos = <value optimized out>
spec = 0x6 <Address 0x6 out of bounds>
string = 138332658
c = <value optimized out>
offset = 4
n = 0
field = 17
prec = <value optimized out>
literal = <value optimized out>
#4 0x08087271 in display_mode_element (it=<value optimized out>, depth=<value optimized out>,
field_width=<value optimized out>, precision=-8, elt=<value optimized out>, props=138332658,
risky=0) at xdisp.c:17786
halftail = 154085734
len = 1
car = <value optimized out>
tem = <value optimized out>
n = 0
field = <value optimized out>
prec = <value optimized out>
literal = <value optimized out>
#5 0x08087271 in display_mode_element (it=<value optimized out>, depth=<value optimized out>,
field_width=<value optimized out>, precision=0, elt=<value optimized out>, props=138332658,
risky=0) at xdisp.c:17786
halftail = 138568870
len = 8
car = <value optimized out>
tem = <value optimized out>
n = 8
field = <value optimized out>
prec = <value optimized out>
literal = <value optimized out>
#6 0x080878ad in display_mode_line (w=<value optimized out>, face_id=MODE_LINE_FACE_ID,
format=<value optimized out>) at xdisp.c:17297
it = {
window = 155275757,
w = 0x94151e8,
f = 0x8743160,
method = GET_FROM_STRING,
stop_charpos = 0,
end_charpos = 17,
s = 0x0,
string_nchars = 4,
region_beg_charpos = -1,
region_end_charpos = -1,
redisplay_end_trigger_charpos = 0,
multibyte_p = 1,
header_line_p = 0,
string_from_display_prop_p = 0,
ellipsis_p = 0,
avoid_cursor_p = 0,
dp = 0x8eb1488,
dpvec = 0x0,
dpend = 0x0,
dpvec_char_len = 0,
dpvec_face_id = 0,
saved_face_id = 1,
ctl_chars = {0 <repeats 16 times>},
start = {
pos = {
charpos = 0,
bytepos = 0
},
overlay_string_index = 0,
string_pos = {
charpos = 0,
bytepos = 0
},
dpvec_index = 0
},
current = {
pos = {
charpos = 0,
bytepos = 0
},
overlay_string_index = -1,
string_pos = {
charpos = 0,
bytepos = 0
},
dpvec_index = -1
},
n_overlay_strings = 0,
overlay_strings = {0 <repeats 16 times>},
string_overlays = {0 <repeats 16 times>},
string = 154714081,
from_overlay = 0,
stack = {{
string = 0,
string_nchars = 0,
end_charpos = 0,
stop_charpos = 0,
cmp_it = {
stop_pos = 0,
id = 0,
ch = 0,
lookback = 0,
nglyphs = 0,
nchars = 0,
nbytes = 0,
from = 0,
to = 0,
width = 0
},
face_id = 0,
u = {
image = {
object = 0,
slice = {
x = 0,
y = 0,
width = 0,
height = 0
},
image_id = 0
},
comp = {
object = 0
},
stretch = {
object = 0
}
},
position = {
charpos = 0,
bytepos = 0
},
current = {
pos = {
charpos = 0,
bytepos = 0
},
overlay_string_index = 0,
string_pos = {
charpos = 0,
bytepos = 0
},
dpvec_index = 0
},
from_overlay = 0,
area = LEFT_MARGIN_AREA,
method = GET_FROM_BUFFER,
multibyte_p = 0,
string_from_display_prop_p = 0,
display_ellipsis_p = 0,
avoid_cursor_p = 0,
line_wrap = TRUNCATE,
voffset = 0,
space_width = 0,
font_height = 0
}, {
string = 0,
string_nchars = 0,
end_charpos = 0,
stop_charpos = 0,
cmp_it = {
stop_pos = 0,
id = 0,
ch = 0,
lookback = 0,
nglyphs = 0,
nchars = 0,
nbytes = 0,
from = 0,
to = 0,
width = 0
},
face_id = 0,
u = {
image = {
object = 0,
slice = {
x = 0,
y = 0,
width = 0,
height = 0
},
image_id = 0
},
comp = {
object = 0
},
stretch = {
object = 0
}
},
position = {
charpos = 0,
bytepos = 0
},
current = {
pos = {
charpos = 0,
bytepos = 0
},
overlay_string_index = 0,
string_pos = {
charpos = 0,
bytepos = 0
},
dpvec_index = 0
},
from_overlay = 0,
area = LEFT_MARGIN_AREA,
method = GET_FROM_BUFFER,
multibyte_p = 0,
string_from_display_prop_p = 0,
display_ellipsis_p = 0,
avoid_cursor_p = 0,
line_wrap = TRUNCATE,
voffset = 0,
space_width = 0,
font_height = 0
}, {
string = 0,
string_nchars = 0,
end_charpos = 0,
stop_charpos = 0,
cmp_it = {
stop_pos = 0,
id = 0,
ch = 0,
lookback = 0,
nglyphs = 0,
nchars = 0,
nbytes = 0,
from = 0,
to = 0,
width = 0
},
face_id = 0,
u = {
image = {
object = 0,
slice = {
x = 0,
y = 0,
width = 0,
height = 0
},
image_id = 0
},
comp = {
object = 0
},
stretch = {
object = 0
}
},
position = {
charpos = 0,
bytepos = 0
},
current = {
pos = {
charpos = 0,
bytepos = 0
},
overlay_string_index = 0,
string_pos = {
charpos = 0,
bytepos = 0
},
dpvec_index = 0
},
from_overlay = 0,
area = LEFT_MARGIN_AREA,
method = GET_FROM_BUFFER,
multibyte_p = 0,
string_from_display_prop_p = 0,
display_ellipsis_p = 0,
avoid_cursor_p = 0,
line_wrap = TRUNCATE,
voffset = 0,
space_width = 0,
font_height = 0
}, {
string = 0,
string_nchars = 0,
end_charpos = 0,
stop_charpos = 0,
cmp_it = {
stop_pos = 0,
id = 0,
ch = 0,
lookback = 0,
nglyphs = 0,
nchars = 0,
nbytes = 0,
from = 0,
to = 0,
width = 0
},
face_id = 0,
u = {
image = {
object = 0,
slice = {
x = 0,
y = 0,
width = 0,
height = 0
},
image_id = 0
},
comp = {
object = 0
},
stretch = {
object = 0
}
},
position = {
charpos = 0,
bytepos = 0
},
current = {
pos = {
charpos = 0,
bytepos = 0
},
overlay_string_index = 0,
string_pos = {
charpos = 0,
bytepos = 0
},
dpvec_index = 0
},
from_overlay = 0,
area = LEFT_MARGIN_AREA,
method = GET_FROM_BUFFER,
multibyte_p = 0,
string_from_display_prop_p = 0,
display_ellipsis_p = 0,
avoid_cursor_p = 0,
line_wrap = TRUNCATE,
voffset = 0,
space_width = 0,
font_height = 0
}},
sp = 0,
selective = -1,
what = IT_EOB,
face_id = 1,
selective_display_ellipsis_p = 1,
ctl_arrow_p = 1,
face_box_p = 1,
start_of_box_run_p = 0,
end_of_box_run_p = 0,
overlay_strings_at_end_processed_p = 0,
ignore_overlay_strings_at_pos_p = 0,
glyph_not_available_p = 0,
starts_in_middle_of_char_p = 0,
face_before_selective_p = 0,
constrain_row_ascent_descent_p = 0,
line_wrap = TRUNCATE,
base_face_id = 1,
c = 32,
len = 1,
cmp_it = {
stop_pos = 17,
id = -1,
ch = -2,
lookback = 0,
nglyphs = 0,
nchars = 0,
nbytes = 0,
from = 0,
to = 0,
width = 0
},
char_to_display = 32,
image_id = 0,
slice = {
x = 138332658,
y = 138332658,
width = 138332658,
height = 138332658
},
space_width = 138332658,
voffset = 0,
tab_width = 8,
font_height = 138332658,
object = 136532569,
position = {
charpos = 1,
bytepos = 1
},
truncation_pixel_width = 0,
continuation_pixel_width = 0,
first_visible_x = 0,
last_visible_x = 1280,
last_visible_y = 945,
extra_line_spacing = 0,
max_extra_line_spacing = 0,
override_ascent = -1,
override_descent = 0,
override_boff = 0,
glyph_row = 0x8f77368,
area = TEXT_AREA,
nglyphs = 1,
pixel_width = 10,
ascent = 12,
descent = 3,
max_ascent = 12,
max_descent = 3,
phys_ascent = 1,
phys_descent = 0,
max_phys_ascent = 11,
max_phys_descent = 0,
current_x = 81,
continuation_lines_width = 0,
current_y = 0,
first_vpos = 0,
vpos = 0,
hpos = 8,
left_user_fringe_bitmap = 0,
right_user_fringe_bitmap = 0,
left_user_fringe_face_id = 0,
right_user_fringe_face_id = 0
}
face = 0x0
#7 0x08087b32 in display_mode_lines (w=0x94151e8) at xdisp.c:17241
sel_w = 0x94151e8
old_selected_window = 155275757
old_selected_frame = 141832549
n = <value optimized out>
#8 0x0808e110 in redisplay_window (window=<value optimized out>,
just_this_one_p=<value optimized out>) at xdisp.c:13868
w = 0x94151e8
f = 0x8743160
buffer = <value optimized out>
old = 0x86f5ba0
startp = <value optimized out>
update_mode_line = 1
tem = <value optimized out>
it = {
window = 0,
w = 0x0,
f = 0x8743160,
method = GET_FROM_BUFFER,
stop_charpos = -16312,
end_charpos = 141833240,
s = 0xffffbba8 "\035\064t\b\030\064t\b`1t\b",
string_nchars = 0,
region_beg_charpos = -16312,
region_end_charpos = 134783922,
redisplay_end_trigger_charpos = -17496,
multibyte_p = 0,
header_line_p = 0,
string_from_display_prop_p = 0,
ellipsis_p = 1,
avoid_cursor_p = 1,
dp = 0x1,
dpvec = 0x1,
dpend = 0x87c8e48,
dpvec_char_len = 140138472,
dpvec_face_id = 1,
saved_face_id = 14,
ctl_chars = {15, 0, 141832549, 141716496, 142380616, 140138472, 141833245, 141833240,
141832544, 0, 1, 1, 0, 0, -1, -1},
start = {
pos = {
charpos = 0,
bytepos = 0
},
overlay_string_index = 149623944,
string_pos = {
charpos = 0,
bytepos = 0
},
dpvec_index = 0
},
current = {
pos = {
charpos = 0,
bytepos = -1
},
overlay_string_index = 0,
string_pos = {
charpos = 0,
bytepos = 0
},
dpvec_index = 0
},
n_overlay_strings = 0,
overlay_strings = {0 <repeats 11 times>, 1, 1, -1, -1, -1},
string_overlays = {-1, 1, 1, -1, -1, -1, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0},
string = 0,
from_overlay = 0,
stack = {{
string = 0,
string_nchars = 0,
end_charpos = 0,
stop_charpos = 0,
cmp_it = {
stop_pos = 0,
id = 0,
ch = 0,
lookback = 0,
nglyphs = 0,
nchars = 0,
nbytes = 0,
from = 0,
to = 0,
width = 0
},
face_id = 0,
u = {
image = {
object = 0,
slice = {
x = 0,
y = 0,
width = 0,
height = 0
},
image_id = 0
},
comp = {
object = 0
},
stretch = {
object = 0
}
},
position = {
charpos = 0,
bytepos = 138332658
},
current = {
pos = {
charpos = 0,
bytepos = 0
},
overlay_string_index = 0,
string_pos = {
charpos = 0,
bytepos = 0
},
dpvec_index = 0
},
from_overlay = 0,
area = LEFT_MARGIN_AREA,
method = GET_FROM_BUFFER,
multibyte_p = 0,
string_from_display_prop_p = 0,
display_ellipsis_p = 0,
avoid_cursor_p = 0,
line_wrap = TRUNCATE,
voffset = 0,
space_width = 0,
font_height = 0
}, {
string = 0,
string_nchars = 0,
end_charpos = 0,
stop_charpos = 0,
cmp_it = {
stop_pos = 0,
id = 0,
ch = 0,
lookback = 0,
nglyphs = 0,
nchars = 0,
nbytes = 0,
from = 0,
to = 0,
width = 0
},
face_id = 0,
u = {
image = {
object = 0,
slice = {
x = 0,
y = 0,
width = 0,
height = 0
},
image_id = 0
},
comp = {
object = 0
},
stretch = {
object = 0
}
},
position = {
charpos = 0,
bytepos = 0
},
current = {
pos = {
charpos = 0,
bytepos = 0
},
overlay_string_index = 0,
string_pos = {
charpos = 0,
bytepos = 0
},
dpvec_index = 0
},
from_overlay = 0,
area = LEFT_MARGIN_AREA,
method = GET_FROM_BUFFER,
multibyte_p = 0,
string_from_display_prop_p = 0,
display_ellipsis_p = 0,
avoid_cursor_p = 0,
line_wrap = TRUNCATE,
voffset = 0,
space_width = 0,
font_height = 0
}, {
string = 0,
string_nchars = 0,
end_charpos = 0,
stop_charpos = 0,
cmp_it = {
stop_pos = 0,
id = 0,
ch = 0,
lookback = 0,
nglyphs = 0,
nchars = 0,
nbytes = 0,
from = 0,
to = 0,
width = 0
},
face_id = 0,
u = {
image = {
object = 0,
slice = {
x = 0,
y = 0,
width = 0,
height = 0
},
image_id = 0
},
comp = {
object = 0
},
stretch = {
object = 0
}
},
position = {
charpos = 0,
bytepos = 0
},
current = {
pos = {
charpos = 0,
bytepos = 0
},
overlay_string_index = 0,
string_pos = {
charpos = 0,
bytepos = 0
},
dpvec_index = 0
},
from_overlay = 0,
area = LEFT_MARGIN_AREA,
method = GET_FROM_BUFFER,
multibyte_p = 0,
string_from_display_prop_p = 0,
display_ellipsis_p = 0,
avoid_cursor_p = 0,
line_wrap = TRUNCATE,
voffset = 0,
space_width = 0,
font_height = 0
}, {
string = 0,
string_nchars = 0,
end_charpos = 0,
stop_charpos = 0,
cmp_it = {
stop_pos = 0,
id = 0,
ch = 0,
lookback = 0,
nglyphs = 0,
nchars = 0,
nbytes = 0,
from = 0,
to = 0,
width = 0
},
face_id = 0,
u = {
image = {
object = 0,
slice = {
x = 0,
y = 0,
width = 0,
height = 0
},
image_id = 0
},
comp = {
object = 0
},
stretch = {
object = 0
}
},
position = {
charpos = 0,
bytepos = 0
},
current = {
pos = {
charpos = 0,
bytepos = 0
},
overlay_string_index = 0,
string_pos = {
charpos = 0,
bytepos = 0
},
dpvec_index = 0
},
from_overlay = 0,
area = LEFT_MARGIN_AREA,
method = GET_FROM_BUFFER,
multibyte_p = 0,
string_from_display_prop_p = 0,
display_ellipsis_p = 0,
avoid_cursor_p = 0,
line_wrap = TRUNCATE,
voffset = 0,
space_width = 0,
font_height = 0
}},
sp = 0,
selective = 0,
what = IT_CHARACTER,
face_id = 0,
selective_display_ellipsis_p = 0,
ctl_arrow_p = 0,
face_box_p = 0,
start_of_box_run_p = 0,
end_of_box_run_p = 0,
overlay_strings_at_end_processed_p = 0,
ignore_overlay_strings_at_pos_p = 0,
glyph_not_available_p = 0,
starts_in_middle_of_char_p = 0,
face_before_selective_p = 0,
constrain_row_ascent_descent_p = 0,
line_wrap = TRUNCATE,
base_face_id = 0,
c = 0,
len = 0,
cmp_it = {
stop_pos = 0,
id = 0,
ch = 0,
lookback = 0,
nglyphs = 0,
nchars = 0,
nbytes = 0,
from = 0,
to = 0,
width = 0
},
char_to_display = 0,
image_id = 0,
slice = {
x = 0,
y = 0,
width = 0,
height = 0
},
space_width = 0,
voffset = 4,
tab_width = 0,
font_height = 0,
object = 35,
position = {
charpos = 2,
bytepos = 0
},
truncation_pixel_width = 0,
continuation_pixel_width = 0,
first_visible_x = 0,
last_visible_x = 1,
last_visible_y = -1,
extra_line_spacing = -2,
max_extra_line_spacing = 0,
override_ascent = 0,
override_descent = 0,
override_boff = 0,
glyph_row = 0x8410c7a,
area = 141931472,
nglyphs = 143393862,
pixel_width = -16456,
ascent = 135781496,
descent = 138480762,
max_ascent = 138477947,
max_descent = 154085310,
phys_ascent = 0,
phys_descent = 138332658,
max_phys_ascent = 524288,
max_phys_descent = 138332658,
current_x = 138480762,
continuation_lines_width = 141716496,
current_y = 80,
first_vpos = -16424,
vpos = 135781869,
hpos = 1240,
left_user_fringe_bitmap = 15,
right_user_fringe_bitmap = 0,
left_user_fringe_face_id = 0,
right_user_fringe_face_id = 185024
}
current_matrix_up_to_date_p = 0
used_current_matrix_p = 0
buffer_unchanged_p = 0
temp_scroll_step = <value optimized out>
centering_position = <value optimized out>
last_line_misfit = 141238272
beg_unchanged = 0
end_unchanged = 2568
#9 0x08090483 in redisplay_window_0 (window=155275757) at xdisp.c:12278
No locals.
#10 0x0818c487 in internal_condition_case_1 (bfun=0x8090460 <redisplay_window_0>, arg=155275757,
handlers=138320542, hfun=0x806ac70 <redisplay_window_error>) at eval.c:1538
val = 6
c = {
tag = 138332658,
val = 138332658,
next = 0xffffcf44,
gcpro = 0x0,
jmp = {{
__jmpbuf = {155275752, 141832544, 138938688, -16136, -287380560, 550922335},
__mask_was_saved = 0,
__saved_mask = {
__val = {138377114, 138371811, 1600000, 141515680, 141213181, 138332658, 0, 1,
1073741820, 154085328, 138332658, 138332682, 138480762, 1073741820, 0, 1600000,
138377114, 64, 4294951112, 135838356, 138377114, 1600000, 0, 1, 141833240,
134784400, 143408256, 138332658, 138377114, 1073741820, 138332658, 141832544}
}
}},
backlist = 0x0,
handlerlist = 0xffffd00c,
lisp_eval_depth = 0,
pdlcount = 4,
poll_suppress_count = 1,
interrupt_input_blocked = 0,
byte_stack = 0x0
}
h = {
handler = 138320542,
var = 138332658,
chosen_clause = 138320552,
tag = 0xffffc014,
next = 0xffffd00c
}
#11 0x0807ba3f in redisplay_windows (window=0) at xdisp.c:12257
w = 0x94151e8
#12 0x08092280 in redisplay_internal (preserve_echo_area=<value optimized out>) at xdisp.c:11829
f = 0x8743160
tail = <value optimized out>
frame = <value optimized out>
w = 0x94151e8
pause = 0
must_finish = 1
---Type <return> to continue, or q <return> to quit---
number_of_visible_frames = <value optimized out>
polling_stopped_here = 0
old_frame = 141832549
consider_all_windows_p = <value optimized out>
#13 0x0812aa30 in read_char (commandflag=1, nmaps=2, maps=0xffffcd30, prev_event=138332658,
used_mouse_menu=0xffffcde8, end_time=0x0) at keyboard.c:2727
c = <value optimized out>
local_getcjmp = {{
__jmpbuf = {-1, -13300, 141515680, -13320, 136158720, 154649174},
__mask_was_saved = 138360818,
__saved_mask = {
__val = {1, 4294967295, 4294953996, 4294967295, 4294954216, 135818359, 154649174,
138360818, 141515685, 143544384, 4294953764, 2, 144514080, 135781869, 1, 0,
4294953784, 4294954060, 4294953760, 4294953764, 2, 135725056, 139178826,
4294953736, 0, 4294953760, 141515685, 2812, 4294954184, 136181870, 141515680, 0}
}
}}
save_jump = {{
__jmpbuf = {2812, 1773, 0, 970, 2812, 4114930},
__mask_was_saved = -13432,
__saved_mask = {
__val = {141515685, 4294953996, 141515680, 4294953832, 136155080, 138481026, 701,
4294953896, 136156349, 160257596, 703, 1, 101, 2808, 0, 4294953896, 5, 154649168,
138332658, 4294953944, 136158539, 138360818, 154085310, 4294953944, 136181141,
160257596, 702, 1, 154649174, 154649158, 138481026, 141515685}
}
}}
key_already_recorded = 0
tem = <value optimized out>
save = <value optimized out>
previous_echo_area_message = 138332658
also_record = 138332658
reread = 0
polling_stopped_here = <value optimized out>
orig_kboard = 0x852b728
#14 0x0812cd0e in read_key_sequence (keybuf=<value optimized out>, bufsize=<value optimized out>,
prompt=<value optimized out>, dont_downcase_last=0, can_return_switch_frame=1,
fix_current_buffer=1) at keyboard.c:9512
interrupted_kboard = 0x852b728
key = <value optimized out>
used_mouse_menu = 0
echo_local_start = 0
last_real_key_start = 0
keys_local_start = 0
local_first_binding = 0
from_string = 138332658
count = 2
t = 0
echo_start = 0
keys_start = 0
nmaps = 2
nmaps_allocated = 2
defs = 0xffffcd10
submaps = 0xffffcd30
orig_local_map = 138321278
orig_keymap = 138332658
localized_local_map = 0
first_binding = 0
first_unbound = 31
mock_input = 0
fkey = {
parent = 139906014,
map = 139906014,
start = 0,
end = 0
}
keytran = {
parent = 138325734,
map = 138325734,
start = 0,
end = 0
}
indec = {
parent = 139906870,
map = 139906870,
start = 0,
end = 0
}
shift_translated = 0
delayed_switch_frame = 138332658
original_uppercase = -12776
original_uppercase_position = -1
starting_buffer = <value optimized out>
fake_prefixed_keys = 138332658
#15 0x0812f05b in command_loop_1 () at keyboard.c:1643
cmd = <value optimized out>
lose = <value optimized out>
keybuf = {452, 400, 392, -134245944, -12592, -12578, 138332658, 138332658, -12504,
135434301, 153440622, -12578, 0, 0, 0, 0, -12564, -16724416, 0, -144834560, 138332658,
139239074, 134524336, 1, -134230028, 139103760, 139103760, 139103776, -12504, 135414371}
i = <value optimized out>
prev_modiff = 322
prev_buffer = 0x91f11c8
already_adjusted = 0
#16 0x0818c581 in internal_condition_case (bfun=0x812ee80 <command_loop_1>, handlers=138370474,
hfun=0x8128f70 <cmd_error>) at eval.c:1490
val = 6
c = {
tag = 138332658,
val = 138332658,
next = 0xffffd068,
gcpro = 0x0,
jmp = {{
__jmpbuf = {139103760, 139103760, 139103776, -12248, -289371216, 550791263},
__mask_was_saved = 0,
__saved_mask = {
__val = {0, 18, 0, 0, 0, 4160679520, 134546603, 4150183196, 4160737268,
4143076812, 28, 4294954692, 4160655461, 4294954680, 4149112913, 4149029509,
140498800, 4140892148, 4160721352, 4294954640, 4150183280, 0, 276967387,
8655230, 68, 4148686304, 4150183280, 4294955312, 4294967295, 4160737268,
134524336, 4160738928}
}
}},
backlist = 0x0,
handlerlist = 0x0,
lisp_eval_depth = 0,
pdlcount = 2,
poll_suppress_count = 1,
interrupt_input_blocked = 0,
byte_stack = 0x0
}
h = {
handler = 138370474,
var = 138332658,
chosen_clause = 138332706,
tag = 0xffffcf44,
next = 0x0
}
#17 0x08128445 in command_loop_2 () at keyboard.c:1360
val = 6
#18 0x0818c661 in internal_catch (tag=138367546, func=0x8128420 <command_loop_2>, arg=138332658)
at eval.c:1226
c = {
tag = 138367546,
val = 138332658,
next = 0x0,
gcpro = 0x0,
jmp = {{
__jmpbuf = {139103760, 139103760, 139103776, -11976, -285324368, 550670431},
__mask_was_saved = 0,
__saved_mask = {
__val = {4294955300, 4294955448, 135430290, 4149103649, 0, 0, 0, 0, 0, 0,
138358368, 138332658, 138499904, 4294955288, 135783316, 138499906, 138497787,
138332658, 138358368, 22, 140457504, 4, 0, 2144828478, 138802912, 1, 138332682,
0, 14, 4294955404, 138499906, 138332658}
}
}},
backlist = 0x0,
handlerlist = 0x0,
lisp_eval_depth = 0,
pdlcount = 2,
poll_suppress_count = 1,
interrupt_input_blocked = 0,
byte_stack = 0x0
}
#19 0x08128dbf in command_loop () at keyboard.c:1339
No locals.
#20 0x0812915a in recursive_edit_1 () at keyboard.c:954
val = <value optimized out>
#21 0x08129282 in Frecursive_edit () at keyboard.c:1016
buffer = 138332658
#22 0x0811d8d8 in main (argc=<value optimized out>, argv=<value optimized out>) at emacs.c:1833
dummy = -11092
stack_bottom_variable = 8 '\b'
do_initial_setlocale = 139103760
skip_args = 0
rlim = {
rlim_cur = 8388608,
rlim_max = 18446744073709551615
}
no_loadup = 0
junk = 0x0
dname_arg = 0x0
In GNU Emacs 23.1.92.1 (i486-pc-linux-gnu, GTK+ Version 2.18.7)
of 2010-02-20 on turtle, modified by Debian
(emacs-snapshot package, version 1:20100220-1)
Windowing system distributor `The X.Org Foundation', version 11.0.10705000
configured using `configure '--build' 'i486-linux-gnu' '--host' 'i486-linux-gnu' '--prefix=/usr' '--sharedstatedir=/var/lib' '--libexecdir=/usr/lib' '--localstatedir=/var' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--with-pop=yes' '--enable-locallisppath=/etc/emacs-snapshot:/etc/emacs:/usr/local/share/emacs/23.1.92/site-lisp:/usr/local/share/emacs/site-lisp:/usr/share/emacs/23.1.92/site-lisp:/usr/share/emacs/site-lisp' '--with-x=yes' '--with-x-toolkit=gtk' 'build_alias=i486-linux-gnu' 'host_alias=i486-linux-gnu' 'CFLAGS=-DDEBIAN -DSITELOAD_PURESIZE_EXTRA=5000 -g -O2' 'LDFLAGS=-g -Wl,--as-needed' 'CPPFLAGS=''
Important settings:
value of $LC_ALL: nil
value of $LC_COLLATE: C
value of $LC_CTYPE: nil
value of $LC_MESSAGES: nil
value of $LC_MONETARY: nil
value of $LC_NUMERIC: nil
value of $LC_TIME: nil
value of $LANG: de_DE.UTF-8
value of $XMODIFIERS: nil
locale-coding-system: utf-8-unix
default enable-multibyte-characters: t
Major mode: Group
Minor modes in effect:
gnus-undo-mode: t
display-time-mode: t
auto-image-file-mode: t
show-paren-mode: t
tooltip-mode: t
mouse-wheel-mode: t
menu-bar-mode: t
file-name-shadow-mode: t
global-font-lock-mode: t
font-lock-mode: t
auto-encryption-mode: t
auto-compression-mode: t
temp-buffer-resize-mode: t
column-number-mode: t
line-number-mode: t
transient-mark-mode: t
Recent input:
<help-echo> C-x d / t m <tab> <return> <down> <down>
<down> <return> <down> <down> <down> <down> <down>
<down> <down> <down> <down> v C-s d i s t c h e c k
C-s C-s C-s <return> <return> <f7> <down> <down> <down>
<return> M-x g n u s <return> y <down> <down> <down>
<down> <down> <down> <down> <down> <down> <down> <down>
<down> <down> <down> <down> <down> <down> <down> <down>
<down> <down> <down> <down> <down> <down> <down> <down>
<down> <down> <down> <down> <down> SPC q SPC q M-x
r e p o r t - e m <tab> <return>
Recent messages:
Opening nnfolder server...done
No new newsgroups
Opening nnfolder server on archive...done
Opening nntp server on news.gnus.org...done
Opening nntp server on news.eternal-september.org...done
Retrieving newsgroup: nntp+news.eternal-september.org:de.comp.os.unix.apps.kde...
Fetching headers for nntp+news.eternal-september.org:de.comp.os.unix.apps.kde...done
Retrieving newsgroup: nntp+news.eternal-september.org:de.sci.mathematik...
Fetching headers for nntp+news.eternal-september.org:de.sci.mathematik...done
Quit [2 times]
Load-path shadows:
~/elisp/po-mode hides /usr/share/emacs-snapshot/site-lisp/gettext/po-mode
~/elisp/debian-bts-control hides /usr/share/emacs-snapshot/site-lisp/dpkg-dev-el/debian-bts-control
/usr/share/emacs/23.1.92/site-lisp/auctex/tex-fptex hides /usr/share/emacs/site-lisp/auctex/tex-fptex
/usr/share/emacs/23.1.92/site-lisp/auctex/tex hides /usr/share/emacs/site-lisp/auctex/tex
/usr/share/emacs/23.1.92/site-lisp/auctex/latex hides /usr/share/emacs/site-lisp/auctex/latex
/usr/share/emacs/23.1.92/site-lisp/auctex/tex-fold hides /usr/share/emacs/site-lisp/auctex/tex-fold
/usr/share/emacs/23.1.92/site-lisp/auctex/texmathp hides /usr/share/emacs/site-lisp/auctex/texmathp
/usr/share/emacs/23.1.92/site-lisp/auctex/tex-bar hides /usr/share/emacs/site-lisp/auctex/tex-bar
/usr/share/emacs/23.1.92/site-lisp/auctex/tex-mik hides /usr/share/emacs/site-lisp/auctex/tex-mik
/usr/share/emacs/23.1.92/site-lisp/auctex/context hides /usr/share/emacs/site-lisp/auctex/context
/usr/share/emacs/23.1.92/site-lisp/auctex/context-nl hides /usr/share/emacs/site-lisp/auctex/context-nl
/usr/share/emacs/23.1.92/site-lisp/auctex/bib-cite hides /usr/share/emacs/site-lisp/auctex/bib-cite
/usr/share/emacs/23.1.92/site-lisp/auctex/multi-prompt hides /usr/share/emacs/site-lisp/auctex/multi-prompt
/usr/share/emacs/23.1.92/site-lisp/auctex/tex-buf hides /usr/share/emacs/site-lisp/auctex/tex-buf
/usr/share/emacs/23.1.92/site-lisp/auctex/tex-jp hides /usr/share/emacs/site-lisp/auctex/tex-jp
/usr/share/emacs/23.1.92/site-lisp/auctex/context-en hides /usr/share/emacs/site-lisp/auctex/context-en
/usr/share/emacs/23.1.92/site-lisp/auctex/tex-font hides /usr/share/emacs/site-lisp/auctex/tex-font
/usr/share/emacs/23.1.92/site-lisp/auctex/toolbar-x hides /usr/share/emacs/site-lisp/auctex/toolbar-x
/usr/share/emacs/23.1.92/site-lisp/auctex/tex-style hides /usr/share/emacs/site-lisp/auctex/tex-style
/usr/share/emacs/23.1.92/site-lisp/auctex/font-latex hides /usr/share/emacs/site-lisp/auctex/font-latex
/usr/share/emacs/23.1.92/site-lisp/auctex/tex-info hides /usr/share/emacs/site-lisp/auctex/tex-info
/usr/share/emacs-snapshot/site-lisp/bbdb/bbdb-pilot-jwz hides /usr/share/emacs/site-lisp/bbdb/bbdb-pilot-jwz
~/elisp/po-mode hides /usr/share/emacs/site-lisp/gettext/po-mode
/usr/share/emacs-snapshot/site-lisp/gettext/po-compat hides /usr/share/emacs/site-lisp/gettext/po-compat
/usr/share/emacs-snapshot/site-lisp/gnuplot-mode/gnuplot hides /usr/share/emacs/site-lisp/gnuplot-mode/gnuplot
/usr/share/emacs-snapshot/site-lisp/gnuplot-mode/info-look.20.3 hides /usr/share/emacs/site-lisp/gnuplot-mode/info-look.20.3
/usr/share/emacs-snapshot/site-lisp/gnuplot-mode/gnuplot-gui hides /usr/share/emacs/site-lisp/gnuplot-mode/gnuplot-gui
/usr/share/emacs/23.1.92/site-lisp/cmake/cmake-mode hides /usr/share/emacs/23.1.92/site-lisp/cmake-data/cmake-mode
/usr/share/emacs/23.1.92/site-lisp/cmake/cmake-mode hides /usr/share/emacs/site-lisp/cmake-mode
/usr/share/emacs/23.1.92/site-lisp/debian-startup hides /usr/share/emacs/site-lisp/debian-startup
/usr/share/emacs/23.1.92/site-lisp/magit hides /usr/share/emacs/site-lisp/magit
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-util hides /usr/share/emacs/site-lisp/w3m/w3m-util
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-dtree hides /usr/share/emacs/site-lisp/w3m/w3m-dtree
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-hist hides /usr/share/emacs/site-lisp/w3m/w3m-hist
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-weather hides /usr/share/emacs/site-lisp/w3m/w3m-weather
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-rss hides /usr/share/emacs/site-lisp/w3m/w3m-rss
/usr/share/emacs-snapshot/site-lisp/w3m/mew-w3m hides /usr/share/emacs/site-lisp/w3m/mew-w3m
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-filter hides /usr/share/emacs/site-lisp/w3m/w3m-filter
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-session hides /usr/share/emacs/site-lisp/w3m/w3m-session
/usr/share/emacs-snapshot/site-lisp/w3m/w3mhack hides /usr/share/emacs/site-lisp/w3m/w3mhack
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-search hides /usr/share/emacs/site-lisp/w3m/w3m-search
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-lnum hides /usr/share/emacs/site-lisp/w3m/w3m-lnum
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-proc hides /usr/share/emacs/site-lisp/w3m/w3m-proc
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-fb hides /usr/share/emacs/site-lisp/w3m/w3m-fb
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-favicon hides /usr/share/emacs/site-lisp/w3m/w3m-favicon
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-bug hides /usr/share/emacs/site-lisp/w3m/w3m-bug
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-perldoc hides /usr/share/emacs/site-lisp/w3m/w3m-perldoc
/usr/share/emacs-snapshot/site-lisp/w3m/mime-w3m hides /usr/share/emacs/site-lisp/w3m/mime-w3m
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-bookmark hides /usr/share/emacs/site-lisp/w3m/w3m-bookmark
/usr/share/emacs-snapshot/site-lisp/w3m/octet hides /usr/share/emacs/site-lisp/w3m/octet
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-ems hides /usr/share/emacs/site-lisp/w3m/w3m-ems
/usr/share/emacs-snapshot/site-lisp/w3m/w3m hides /usr/share/emacs/site-lisp/w3m/w3m
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-ccl hides /usr/share/emacs/site-lisp/w3m/w3m-ccl
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-mail hides /usr/share/emacs/site-lisp/w3m/w3m-mail
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-cookie hides /usr/share/emacs/site-lisp/w3m/w3m-cookie
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-image hides /usr/share/emacs/site-lisp/w3m/w3m-image
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-form hides /usr/share/emacs/site-lisp/w3m/w3m-form
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-antenna hides /usr/share/emacs/site-lisp/w3m/w3m-antenna
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-symbol hides /usr/share/emacs/site-lisp/w3m/w3m-symbol
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-tabmenu hides /usr/share/emacs/site-lisp/w3m/w3m-tabmenu
/usr/share/emacs-snapshot/site-lisp/w3m/w3m-namazu hides /usr/share/emacs/site-lisp/w3m/w3m-namazu
Features:
(shadow ispell emacsbug sort gnus-cite smiley ansi-color mail-extr
gnus-async gnus-bcklg parse-time timezone gnus-ml disp-table auth-source
byte-opt bytecomp byte-compile nnfolder nndraft nnmh nnagent nnml
gnus-agent gnus-srvr gnus-score score-mode nnvirtual gnus-msg gnus-art
mm-uu mml2015 epg-config mm-view smime dig nntp gnus-cache gnus-sum nnoo
gnus-group gnus-undo nnmail mail-source format-spec gnus-start gnus-spec
gnus-int gnus-range message idna sendmail ecomplete rfc822 mml easymenu
mml-sec password-cache mm-decode mm-bodies mm-encode mailcap mail-parse
rfc2231 rfc2047 rfc2045 qp ietf-drums mailabbrev gmm-utils mailheader
canlock sha1 hex-util hashcash gnus-win gnus gnus-ems nnheader gnus-util
netrc time-date mail-utils mm-util mail-prsvr wid-edit multi-isearch
vc-git make-mode view dired-x dired-aux dired time server uniquify
advice help-fns advice-preload po generic-x regexp-opt image-file paren
add-ons bitmap bitmap-ci poem poem-e20 poem-e20_3 pces pces-e20 pces-20
broken pcustom poe pym static apel-ver product debian-el
debian-el-loaddefs w3m-load vm-autoload vm-autoloads vm-init
emacs-goodies-el emacs-goodies-custom emacs-goodies-loaddefs dpkg-dev-el
dpkg-dev-el-loaddefs bbdb-autoloads preview-latex tex-site auto-loads
tooltip ediff-hook vc-hooks lisp-float-type mwheel x-win x-dnd
font-setting tool-bar dnd fontset image fringe lisp-mode register page
menu-bar rfn-eshadow timer select scroll-bar mldrag mouse jit-lock
font-lock syntax facemenu font-core frame cham georgian utf-8-lang
misc-lang vietnamese tibetan thai tai-viet lao korean japanese hebrew
greek romanian slovak czech european ethiopic indian cyrillic chinese
case-table epa-hook jka-cmpr-hook help simple abbrev loaddefs button
minibuffer faces cus-face files text-properties overlay md5 base64
format env code-pages mule custom widget hashtable-print-readable
backquote make-network-process dbusbind font-render-setting gtk
x-toolkit x multi-tty emacs)
^ permalink raw reply [flat|nested] 6+ messages in thread
* bug#5609: 23.1.92; segfault in composition_compute_stop_pos
2010-02-20 17:08 bug#5609: 23.1.92; segfault in composition_compute_stop_pos Sven Joachim
@ 2010-02-21 13:16 ` Chong Yidong
2010-02-22 7:54 ` Kenichi Handa
2010-02-25 2:33 ` Kenichi Handa
1 sibling, 1 reply; 6+ messages in thread
From: Chong Yidong @ 2010-02-21 13:16 UTC (permalink / raw)
To: Kenichi Handa; +Cc: Sven Joachim, 5609
Hi Handa-san,
It looks like your changes to composite.c last month may have led to a
bug. Could you take a look? Thanks!
Sven Joachim <svenjoac@gmx.de> wrote:
> During the last weeks I experienced several segfaults, mostly in Dired,
> but unfortunately I did not run Emacs under GDB. This time I did.
> I visited a file named "Makefile" and started an I-search for
> "distcheck" when Emacs segfaulted. This is not reproducible.
> (gdb) xbacktrace
> (gdb) bt full
> #0 0x081e30b4 in composition_compute_stop_pos (cmp_it=0xffffb040,
> charpos=16, bytepos=26,
> endpos=17, string=<value optimized out>) at composite.c:1072
> elt = <value optimized out>
> start = 0
> end = -22168
> c = 14719988
> prop = 0
> val = <value optimized out>
> #1 0x08079548 in reseat_to_string (it=<value optimized out>, s=0x0,
> string=<value optimized out>,
> charpos=0, precision=-8, field_width=17, multibyte=1) at xdisp.c:5613
> No locals.
>
> #2 0x08080031 in display_string (string=0x83ec9f2 "",
> lisp_string=154714081, face_string=<value optimized out>,
> face_string_pos=1, start=0, it=0xffffac88, field_width=17,
> precision=-8, max_x=0, multibyte=1) at xdisp.c:18866
> hpos_at_start = 8
> saved_face_id = 1
> row = 0x8f77368
^ permalink raw reply [flat|nested] 6+ messages in thread
* bug#5609: 23.1.92; segfault in composition_compute_stop_pos
2010-02-21 13:16 ` Chong Yidong
@ 2010-02-22 7:54 ` Kenichi Handa
0 siblings, 0 replies; 6+ messages in thread
From: Kenichi Handa @ 2010-02-22 7:54 UTC (permalink / raw)
To: Chong Yidong; +Cc: svenjoac, 5609
In article <87r5oed905.fsf@stupidchicken.com>, Chong Yidong <cyd@stupidchicken.com> writes:
> Hi Handa-san,
> It looks like your changes to composite.c last month may have led to a
> bug. Could you take a look? Thanks!
Ok, I'll work on it.
---
Kenichi Handa
handa@m17n.org
> Sven Joachim <svenjoac@gmx.de> wrote:
> > During the last weeks I experienced several segfaults, mostly in Dired,
> > but unfortunately I did not run Emacs under GDB. This time I did.
> > I visited a file named "Makefile" and started an I-search for
> > "distcheck" when Emacs segfaulted. This is not reproducible.
> > (gdb) xbacktrace
> > (gdb) bt full
> > #0 0x081e30b4 in composition_compute_stop_pos (cmp_it=0xffffb040,
> > charpos=16, bytepos=26,
> > endpos=17, string=<value optimized out>) at composite.c:1072
> > elt = <value optimized out>
> > start = 0
> > end = -22168
> > c = 14719988
> > prop = 0
> > val = <value optimized out>
> > #1 0x08079548 in reseat_to_string (it=<value optimized out>, s=0x0,
> > string=<value optimized out>,
> > charpos=0, precision=-8, field_width=17, multibyte=1) at xdisp.c:5613
> > No locals.
> >
> > #2 0x08080031 in display_string (string=0x83ec9f2 "",
> > lisp_string=154714081, face_string=<value optimized out>,
> > face_string_pos=1, start=0, it=0xffffac88, field_width=17,
> > precision=-8, max_x=0, multibyte=1) at xdisp.c:18866
> > hpos_at_start = 8
> > saved_face_id = 1
> > row = 0x8f77368
^ permalink raw reply [flat|nested] 6+ messages in thread
* bug#5609: 23.1.92; segfault in composition_compute_stop_pos
2010-02-20 17:08 bug#5609: 23.1.92; segfault in composition_compute_stop_pos Sven Joachim
2010-02-21 13:16 ` Chong Yidong
@ 2010-02-25 2:33 ` Kenichi Handa
2010-02-25 23:30 ` YAMAMOTO Mitsuharu
1 sibling, 1 reply; 6+ messages in thread
From: Kenichi Handa @ 2010-02-25 2:33 UTC (permalink / raw)
To: Sven Joachim; +Cc: svenjoac, 5609
In article <871vgfomwq.fsf@turtle.gmx.de>, Sven Joachim <svenjoac@gmx.de> writes:
> During the last weeks I experienced several segfaults, mostly in Dired,
> but unfortunately I did not run Emacs under GDB. This time I did.
> I visited a file named "Makefile" and started an I-search for
> "distcheck" when Emacs segfaulted. This is not reproducible.
Although I can't reproduce that bug, I found a suspicious
code and just fixed it. Please try the latest version.
---
Kenichi Handa
handa@m17n.org
^ permalink raw reply [flat|nested] 6+ messages in thread
* bug#5609: 23.1.92; segfault in composition_compute_stop_pos
2010-02-25 2:33 ` Kenichi Handa
@ 2010-02-25 23:30 ` YAMAMOTO Mitsuharu
2010-02-26 1:23 ` Kenichi Handa
0 siblings, 1 reply; 6+ messages in thread
From: YAMAMOTO Mitsuharu @ 2010-02-25 23:30 UTC (permalink / raw)
To: Kenichi Handa; +Cc: Sven Joachim, 5609
>>>>> On Thu, 25 Feb 2010 11:33:22 +0900, Kenichi Handa <handa@m17n.org> said:
> In article <871vgfomwq.fsf@turtle.gmx.de>, Sven Joachim
> <svenjoac@gmx.de> writes:
>> During the last weeks I experienced several segfaults, mostly in
>> Dired, but unfortunately I did not run Emacs under GDB. This time
>> I did. I visited a file named "Makefile" and started an I-search
>> for "distcheck" when Emacs segfaulted. This is not reproducible.
> Although I can't reproduce that bug, I found a suspicious code and
> just fixed it. Please try the latest version.
Actually I suspected this out-of-boundary `endpos' value in
http://lists.gnu.org/archive/html/bug-gnu-emacs/2010-01/msg00522.html
I suspect the problematic case is that `charpos + field_width' in
reseat_to_string exceeds the length of the given string. The value of
`field_width' is 12 by default when displaying buffer names.
Also, I guess the upper limit of `endpos' is `SCHARS (it->string)'
instead of `charpos + SCHARS (it->string)' at line 5614 below. Could
you confirm if it is correct?
5611 it->stop_charpos = charpos;
5612 if (s == NULL && it->multibyte_p)
5613 {
5614 EMACS_INT endpos = charpos + SCHARS (it->string);
5615 if (endpos > it->end_charpos)
5616 endpos = it->end_charpos;
5617 composition_compute_stop_pos (&it->cmp_it, charpos, -1, endpos,
5618 it->string);
5619 }
YAMAMOTO Mitsuharu
mituharu@math.s.chiba-u.ac.jp
^ permalink raw reply [flat|nested] 6+ messages in thread
* bug#5609: 23.1.92; segfault in composition_compute_stop_pos
2010-02-25 23:30 ` YAMAMOTO Mitsuharu
@ 2010-02-26 1:23 ` Kenichi Handa
0 siblings, 0 replies; 6+ messages in thread
From: Kenichi Handa @ 2010-02-26 1:23 UTC (permalink / raw)
To: YAMAMOTO Mitsuharu; +Cc: svenjoac, 5609
In article <wlk4u051xc.wl%mituharu@math.s.chiba-u.ac.jp>, YAMAMOTO Mitsuharu <mituharu@math.s.chiba-u.ac.jp> writes:
> Actually I suspected this out-of-boundary `endpos' value in
> http://lists.gnu.org/archive/html/bug-gnu-emacs/2010-01/msg00522.html
> I suspect the problematic case is that `charpos + field_width' in
> reseat_to_string exceeds the length of the given string. The value of
> `field_width' is 12 by default when displaying buffer names.
Ya, at that time, I fixed only some other part related the
same problem.
> Also, I guess the upper limit of `endpos' is `SCHARS (it->string)'
> instead of `charpos + SCHARS (it->string)' at line 5614 below. Could
> you confirm if it is correct?
Of course, you are right! I've just installed a fix.
---
Kenichi Handa
handa@m17n.org
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2010-02-26 1:23 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-02-20 17:08 bug#5609: 23.1.92; segfault in composition_compute_stop_pos Sven Joachim
2010-02-21 13:16 ` Chong Yidong
2010-02-22 7:54 ` Kenichi Handa
2010-02-25 2:33 ` Kenichi Handa
2010-02-25 23:30 ` YAMAMOTO Mitsuharu
2010-02-26 1:23 ` Kenichi Handa
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.