From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: storm@cua.dk (Kim F. Storm) Newsgroups: gmane.emacs.devel Subject: Re: potential bug in display_mode_element? Date: Mon, 12 Sep 2005 10:04:22 +0200 Message-ID: References: NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: sea.gmane.org 1126516994 10509 80.91.229.2 (12 Sep 2005 09:23:14 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Mon, 12 Sep 2005 09:23:14 +0000 (UTC) Cc: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Sep 12 11:23:12 2005 Return-path: Original-Received: from lists.gnu.org ([199.232.76.165]) by ciao.gmane.org with esmtp (Exim 4.43) id 1EEkVq-000692-MA for ged-emacs-devel@m.gmane.org; Mon, 12 Sep 2005 11:22:07 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1EEkVp-0005wq-Ud for ged-emacs-devel@m.gmane.org; Mon, 12 Sep 2005 05:22:06 -0400 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1EEjOn-0008Sy-B2 for emacs-devel@gnu.org; Mon, 12 Sep 2005 04:10:45 -0400 Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1EEjMq-00084c-UH for emacs-devel@gnu.org; Mon, 12 Sep 2005 04:08:45 -0400 Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1EEjMb-0007va-R0 for emacs-devel@gnu.org; Mon, 12 Sep 2005 04:08:29 -0400 Original-Received: from [195.41.46.235] (helo=pfepa.post.tele.dk) by monty-python.gnu.org with esmtp (Exim 4.34) id 1EEjJU-0007hi-Hl for emacs-devel@gnu.org; Mon, 12 Sep 2005 04:05:16 -0400 Original-Received: from kfs-l.imdomain.dk.cua.dk (unknown [80.165.4.124]) by pfepa.post.tele.dk (Postfix) with SMTP id 0DABF47FF11; Mon, 12 Sep 2005 10:04:37 +0200 (CEST) Original-To: Kenichi Handa In-Reply-To: (Kenichi Handa's message of "Mon, 12 Sep 2005 09:58:52 +0900") User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.0.50 (gnu/linux) X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:42836 Archived-At: Kenichi Handa writes: > I got a bug report for emacs-unicode-2, and it seems that > the same bug exists in HEAD too. The backtrace is this: > and never changed in the while loop. So the only reason I > can think of why the address pointed by list_string becomes > out of bound is that the string data of ELT was relocated in > the loop and the original address was returned to OS. > Actually, display_string is called in the loop, and it will > run Lisp code. > > So, I think we meed this change. What do you think? Bravo!! We definitely need this patch. This is the sort of bug that I've been hunting for re. the crashes in "compact_small_strings" and the free string list. I'm not sure if this patch will fix the crashes though. -- Kim F. Storm http://www.cua.dk