From: Ken Raeburn <raeburn@permabit.com>
To: Eli Zaretskii <eliz@gnu.org>
Cc: 18162@debbugs.gnu.org
Subject: bug#18162: 24.3.92; segfault on null face pointer in face_for_char
Date: Sun, 3 Aug 2014 02:51:38 -0400 [thread overview]
Message-ID: <CFCB082F-B750-4479-9399-C83D00FAB9A6@permabit.com> (raw)
In-Reply-To: <83iombqclz.fsf@gnu.org>
I just tested on a machine without any of the patches, and was able to reproduce the crash. I'm not sure what else about my environment is likely to be different from yours...
On Aug 2, 2014, at 08:50, Eli Zaretskii <eliz@gnu.org> wrote:
> Moreover, even if I force the call to clear_font_cache by invoking
> clear-font-cache in the progn, I don't see a crash, and the use count
> of the frame's face cache is not zero.
>
> So one way of tracking this down would be to put a breakpoint in
> Fclear_face_cache, and when it breaks, step through the function until
> it assigns the frame pointer to 'f', and put a watchpoint on
> f->face_cache->used, to see which code zeroes it. My guess would be
> that some code calls free_realized_faces (I misremembered earlier:
> clear_face_cache doesn't do that).
In the code I'm looking at, clear_face_cache can call free_all_realized_faces, but only if FRAME_DISPLAY_INFO(f)->n_fonts is larger than 10 for some frame. (And either clear_fonts_p is set, or you've made over 500 calls since the last font cache cleaning.) In my first evaluation of the lisp code I gave, the n_fonts field had the value 7; on the second evaluation it had the value 12, the cache got cleared, the null pointer was stored, and Emacs segfaulted.
I've done next to nothing with fonts and faces in Emacs source code, so I'm not sure what a good way is to drive up the number. If I run my test again without list-faces-display, the font counts I'm seeing are first 4 and then 7 for repeated evaluations, as displayed via gdb breakpoint commands. If I split the window with C-x 2 then the count goes up to 8 (new inactive mode line?). Reducing the font size (C-x -) made it jump to 14, and 15 on repeated evaluations, without triggering the problem, but when I set the font size back (C-x +) and evaluated the expression one more time, I got the crash.
Ken
next prev parent reply other threads:[~2014-08-03 6:51 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-07-31 23:24 bug#18162: 24.3.92; segfault on null face pointer in face_for_char Ken Raeburn
2014-08-01 5:57 ` Eli Zaretskii
2014-08-01 8:46 ` Ken Raeburn
2014-08-02 1:52 ` Ken Raeburn
2014-08-02 6:49 ` Eli Zaretskii
2014-08-02 10:00 ` Ken Raeburn
2014-08-02 10:41 ` Eli Zaretskii
2014-08-02 12:50 ` Eli Zaretskii
2014-08-03 6:51 ` Ken Raeburn [this message]
2014-08-03 15:04 ` Eli Zaretskii
2014-08-07 4:12 ` Ken Raeburn
2014-08-07 15:19 ` Eli Zaretskii
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CFCB082F-B750-4479-9399-C83D00FAB9A6@permabit.com \
--to=raeburn@permabit.com \
--cc=18162@debbugs.gnu.org \
--cc=eliz@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.