From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: "Aaron S. Hawley" Newsgroups: gmane.emacs.bugs Subject: bug#22818: 25.0.91; nextstep/Emacs.app Crash ns_compute_glyph_string_overhangs Date: Fri, 26 Feb 2016 08:41:52 -0500 Message-ID: NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary=047d7bd75cec3a050b052cac7687 X-Trace: ger.gmane.org 1456494203 15320 80.91.229.3 (26 Feb 2016 13:43:23 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Fri, 26 Feb 2016 13:43:23 +0000 (UTC) To: 22818@debbugs.gnu.org Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Fri Feb 26 14:43:14 2016 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1aZIfp-0001t4-8U for geb-bug-gnu-emacs@m.gmane.org; Fri, 26 Feb 2016 14:43:13 +0100 Original-Received: from localhost ([::1]:49886 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aZIfo-00042B-MF for geb-bug-gnu-emacs@m.gmane.org; Fri, 26 Feb 2016 08:43:12 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:40844) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aZIfj-00041o-6S for bug-gnu-emacs@gnu.org; Fri, 26 Feb 2016 08:43:08 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1aZIfe-0003wM-RD for bug-gnu-emacs@gnu.org; Fri, 26 Feb 2016 08:43:07 -0500 Original-Received: from debbugs.gnu.org ([208.118.235.43]:49902) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aZIfe-0003wI-MV for bug-gnu-emacs@gnu.org; Fri, 26 Feb 2016 08:43:02 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84) (envelope-from ) id 1aZIfe-0002BP-IT for bug-gnu-emacs@gnu.org; Fri, 26 Feb 2016 08:43:02 -0500 X-Loop: help-debbugs@gnu.org Resent-From: "Aaron S. Hawley" Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Fri, 26 Feb 2016 13:43:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 22818 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: X-Debbugs-Original-To: bug-gnu-emacs Original-Received: via spool by submit@debbugs.gnu.org id=B.14564941308313 (code B ref -1); Fri, 26 Feb 2016 13:43:02 +0000 Original-Received: (at submit) by debbugs.gnu.org; 26 Feb 2016 13:42:10 +0000 Original-Received: from localhost ([127.0.0.1]:47026 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84) (envelope-from ) id 1aZIen-0002A1-Nr for submit@debbugs.gnu.org; Fri, 26 Feb 2016 08:42:10 -0500 Original-Received: from eggs.gnu.org ([208.118.235.92]:49496) by debbugs.gnu.org with esmtp (Exim 4.84) (envelope-from ) id 1aZIel-00029m-UV for submit@debbugs.gnu.org; Fri, 26 Feb 2016 08:42:08 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1aZIea-0003UO-Nh for submit@debbugs.gnu.org; Fri, 26 Feb 2016 08:42:02 -0500 Original-Received: from lists.gnu.org ([2001:4830:134:3::11]:59314) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aZIea-0003UJ-KK for submit@debbugs.gnu.org; Fri, 26 Feb 2016 08:41:56 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:40441) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aZIeZ-0003g8-7V for bug-gnu-emacs@gnu.org; Fri, 26 Feb 2016 08:41:56 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1aZIeY-0003TW-1C for bug-gnu-emacs@gnu.org; Fri, 26 Feb 2016 08:41:55 -0500 Original-Received: from mail-ig0-x235.google.com ([2607:f8b0:4001:c05::235]:35383) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aZIeX-0003TG-QU for bug-gnu-emacs@gnu.org; Fri, 26 Feb 2016 08:41:53 -0500 Original-Received: by mail-ig0-x235.google.com with SMTP id hb3so34592860igb.0 for ; Fri, 26 Feb 2016 05:41:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to; bh=dbGeQP6QatRxqdsV4ALa57axjuUq5pve44t+US992As=; b=VmEQRX7bMoF5utZfMHfB8JSpOaBrxRjMVGyJsbjFmTF6H5vUFa7LFPwUqd07tS6eLf /xBAb16YztUqjQj3UCbMHFyLTTPWVogF/Fl9miijvV/9VENNBbZQbtSMbL51xuwG9sN2 q/i3NoCd2ZhduU/CmEfv8yeYB/JZylb80swl3kxdE5HDdJjckPo2FTemBNAJEnl1RWmC 0UGAPRxE18UToSyJe39QoBsJAnU1re3xv6YBwVos9p+JqAaS1bRjAlholydKvsCCWCgy fofZm+MvnVQgL56njGx2ySv5sndcxXaWFDmnGJluD8kyvqQ7KgYE2SOMBH5WazVGlO7Y 1vDw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to; bh=dbGeQP6QatRxqdsV4ALa57axjuUq5pve44t+US992As=; b=aBFB+1l4d43iJtsB9gXKiYQBOw6zOPAntWKPegyVfs7RVOF5n3UPUZHpqipHwB/8Jk NYO6hPBa7btMxkN04y9cGecALj0n2Lz+0w74gs3+wPpKIx9HZrX6Wg43Skf4+Zrpo7jx GW3n4F4FtvrlydMoxNWZjvJxGdOlJu53vMo2p6xz0PitdHxlS3/vIL7u+pwQATUZAIFY c9cJ5LpJpBtz2mjYIR+xc5ijqtFaAExh9ABpD1pzn2IXD8AXCmzETC8ecE5F3YdanSdd /lZq+ozYlWUovOeSLTgS6iD8r9vhoKLZNu+oeeYpeo7dYU2J2kMYfcn1IS2MR60e4Qkn I6IQ== X-Gm-Message-State: AD7BkJJZF97QZyg8n/MiPyD9xaoNJ+yMmH6P05l6sLpUpO4mkJqOePcmg8hqS7ygtDPn1B0vmHlWbT1p0ewWWw== X-Received: by 10.50.64.179 with SMTP id p19mr2719457igs.25.1456494113017; Fri, 26 Feb 2016 05:41:53 -0800 (PST) Original-Received: by 10.107.129.134 with HTTP; Fri, 26 Feb 2016 05:41:52 -0800 (PST) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:113882 Archived-At: --047d7bd75cec3a050b052cac7687 Content-Type: text/plain; charset=UTF-8 Hello, I'm using Emacs 25.0.91 pretest as built by David Caldwell at emacsforosx.com, and it crashes after opening a 104 byte file with UTF-8 characters that causes Emacs to crash. Admittedly, the file contains malformed data that I copied from elsewhere. This will make it hard to determine what it should do, but at least it shows a problem with the existing code. I was able to confirm the issue with Emacs trunk, and have included a GDB backtrace below. To reproduce, unpack the attached zip file, and open the UTF-8 text file as follows: /Applications/Emacs.app/Contents/MacOS/Emacs -Q test-file A segmentation fault occurs, and Mac OS complains that "Emacs quit unexpectedly." This issues exists with Emacs 24.5, as well. However, it doesn't occur if you use the terminal/tty version of Emacs. Also attached is patch that shows where the segfault occurs and avoids triggering it because a font struct is NULL. Although avoiding a crash, it likely doesn't do the right thing -- it only treats the symptoms and not the cause. Perhaps opening on another platform (GNU/Linux?) would help to learn what the right thing to do is. Thanks for Emacs, Aaron $ gdb --args ./nextstep/Emacs.app/Contents/MacOS/Emacs -Q test-file GNU gdb (GDB) 7.10.1 Copyright (C) 2015 Free Software Foundation, Inc. Reading symbols from ./nextstep/Emacs.app/Contents/MacOS/Emacs...done. (gdb) run Starting program: .nextstep/Emacs.app/Contents/MacOS/Emacs -Q test-file [New Thread 0x1713 of process 58247] [New Thread 0x1803 of process 58247] [New Thread 0x1903 of process 58247] [New Thread 0x1a03 of process 58247] [New Thread 0x1b03 of process 58247] [New Thread 0x1c0b of process 58247] [New Thread 0x1d13 of process 58247] Error while mapping shared library sections: cl_kernels: No such file or directory. Error while mapping shared library sections: cl_kernels: No such file or directory. [New Thread 0x1e33 of process 58247] Program received signal SIGSEGV, Segmentation fault. ns_compute_glyph_string_overhangs (s=0x7fff5fbfd690) at nsterm.m:2551 2551 if (EQ (font->driver->type, Qns)) (gdb) backtrace #0 ns_compute_glyph_string_overhangs (s=0x7fff5fbfd690) at nsterm.m:2551 #1 0x000000010003a6c7 in draw_glyphs (w=0x101036208, x=, row=0x101992d00, area=TEXT_AREA, start=0, end=52, hl=, overlaps=) at xdisp.c:25534 #2 0x0000000100039916 in x_write_glyphs (w=0x23a, updated_row=0x0, start=, updated_area=, len=52) at xdisp.c:27630 #3 0x000000010000ab96 in update_text_area (w=, updated_row=0x23b, vpos=) at dispnew.c:3608 #4 update_window_line (w=0x43007877a76c9b44, vpos=26815744, mouse_face_overwritten_p=0x7fff5fbfdb87) at dispnew.c:3851 #5 0x0000000100006bde in update_window (w=0x43007877a76c9b44, force_p=) at dispnew.c:3473 #6 0x00000001000052d4 in update_window_tree (w=, force_p=) at dispnew.c:3215 #7 0x000000010000511c in update_frame (f=0x43007877a76c9b44, force_p=, inhibit_hairy_id_p=false) at dispnew.c:3104 #8 0x0000000100028ca6 in redisplay_internal () at xdisp.c:13963 #9 0x00000001000c44e4 in read_char (commandflag=1, map=4320568723, prev_event=0, used_mouse_menu=0x7fff5fbff5ef, end_time=0x0) at keyboard.c:2466 #10 0x00000001000c1d1e in read_key_sequence (keybuf=, bufsize=30, prompt=, dont_downcase_last=, can_return_switch_frame=, fix_current_buffer=, prevent_redisplay=) at keyboard.c:9045 #11 0x00000001000c054d in command_loop_1 () at keyboard.c:1347 #12 0x000000010013d886 in internal_condition_case (bfun=0x7fff5fbfd690, handlers=, hfun=) at eval.c:1309 #13 0x00000001000d1560 in command_loop_2 (ignore=) at keyboard.c:1089 #14 0x000000010013d3f6 in internal_catch (tag=, func=0x7fff5fbfd690, arg=4827991255846525764) at eval.c:1074 #15 0x00000001000bf77e in command_loop () at keyboard.c:1068 #16 0x00000001000bf699 in recursive_edit_1 () at keyboard.c:674 #17 0x00000001000bf8bc in Frecursive_edit () at keyboard.c:745 #18 0x00000001000be3c0 in main (argc=, argv=) at emacs.c:1610 --- src/nsterm.m | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/nsterm.m b/src/nsterm.m index 43d1377..adce35e 100644 --- a/src/nsterm.m +++ b/src/nsterm.m @@ -2532,6 +2532,9 @@ ns_compute_glyph_string_overhangs (struct glyph_string *s) { struct font *font = s->font; + if (!font) + return; + if (s->char2b) { struct font_metrics metrics; --047d7bd75cec3a050b052cac7687 Content-Type: text/plain; charset=US-ASCII; name="emacs-ns_compute_glyph_string_overhangs-crash.diff" Content-Disposition: attachment; filename="emacs-ns_compute_glyph_string_overhangs-crash.diff" Content-Transfer-Encoding: base64 X-Attachment-Id: f_il3qvjf11 RnJvbSBlMDc1MDg4NzgzNmI1ZDgwZmE2ODE1MjZmNWNkNDYzY2M3ZDAyNGE2IE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiAiQWFyb24gUy4gSGF3bGV5IiA8YWFyb24ucy5oYXdsZXlAZ21h aWwuY29tPgpEYXRlOiBUaHUsIDI1IEZlYiAyMDE2IDEzOjUzOjM5IC0wNTAwClN1YmplY3Q6IFtQ QVRDSF0gbmV4dHN0ZXAvRW1hY3MuYXBwIENyYXNoIG5zX2NvbXB1dGVfZ2x5cGhfc3RyaW5nX292 ZXJoYW5ncwoKKiBuc3Rlcm0ubSAobnNfY29tcHV0ZV9nbHlwaF9zdHJpbmdfb3ZlcmhhbmdzKTog QXZvaWQgY3Jhc2ggd2hlbgpnbHlwaF9zdHJpbmctPmZvbnQgaXMgTlVMTC4KLS0tCiBzcmMvbnN0 ZXJtLm0gfCAzICsrKwogMSBmaWxlIGNoYW5nZWQsIDMgaW5zZXJ0aW9ucygrKQoKZGlmZiAtLWdp dCBhL3NyYy9uc3Rlcm0ubSBiL3NyYy9uc3Rlcm0ubQppbmRleCA0M2QxMzc3Li5hZGNlMzVlIDEw MDY0NAotLS0gYS9zcmMvbnN0ZXJtLm0KKysrIGIvc3JjL25zdGVybS5tCkBAIC0yNTMyLDYgKzI1 MzIsOSBAQCBuc19jb21wdXRlX2dseXBoX3N0cmluZ19vdmVyaGFuZ3MgKHN0cnVjdCBnbHlwaF9z dHJpbmcgKnMpCiB7CiAgIHN0cnVjdCBmb250ICpmb250ID0gcy0+Zm9udDsKIAorICBpZiAoIWZv bnQpCisgICAgcmV0dXJuOworCiAgIGlmIChzLT5jaGFyMmIpCiAgICAgewogICAgICAgc3RydWN0 IGZvbnRfbWV0cmljcyBtZXRyaWNzOwotLSAKMi4zLjAgKEFwcGxlIEdpdC01NCkKCg== --047d7bd75cec3a050b052cac7687 Content-Type: application/zip; name="test-file.zip" Content-Disposition: attachment; filename="test-file.zip" Content-Transfer-Encoding: base64 X-Attachment-Id: f_il3qw1641 UEsDBBQACAAIAAJzWUgAAAAAAAAAAAAAAAAJABAAdGVzdC1maWxlVVgMAONXz1bTVM9W9gEUAEWM MQqAMBRDd0/xj2oHRa2IFsQ7ONvBofyLJNCjGERwSEjCIw1XTgyvRzgXRs4oTEpaUXBbzX3Nh3EX 1bGVRm44TUBSEcSBAddHwDXoA27/3QNQSwcIpJd3tlIAAABoAAAAUEsBAhUDFAAIAAgAAnNZSKSX d7ZSAAAAaAAAAAkADAAAAAAAAAAAQKSBAAAAAHRlc3QtZmlsZVVYCADjV89W01TPVlBLBQYAAAAA AQABAEMAAACZAAAAAAA= --047d7bd75cec3a050b052cac7687--