[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#37671: 27.0.50; Segmentation fault with --fg-daemon on Linux
From: |
Frank Terbeck |
Subject: |
bug#37671: 27.0.50; Segmentation fault with --fg-daemon on Linux |
Date: |
Sat, 01 Feb 2020 03:43:13 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (gnu/linux) |
Eli Zaretskii wrote:
> (I assume that you still have the crashed session in the debugger.)
Okay, new chance. :)
I've updated my laptop's emacs to master, emacs-26.1-8984-g46fefb09745
in particular. I'm back to the build settings of the initial bug report:
./configure --prefix=/opt/emacs \
--with-x-toolkit=lucid \
--with-cairo \
--with-libsystemd \
CFLAGS='-ggdb3 -O0' \
LDFLAGS='-ggdb3'
This time, the crash doesn't seem to be on exactly the same line as be-
fore, but a little earlier. Still in ‘show_mouse_face()’, though:
Thread 1 "emacs-28.0.50" received signal SIGSEGV, Segmentation fault.
show_mouse_face (hlinfo=0x555556d00830, draw=DRAW_NORMAL_TEXT) at xdisp.c:31447
31447 && hlinfo->mouse_face_end_row < w->current_matrix->nrows)
(gdb) bt
#0 0x00005555556247d0 in show_mouse_face (hlinfo=0x555556d00830,
draw=DRAW_NORMAL_TEXT) at xdisp.c:31447
#1 0x0000555555624c90 in clear_mouse_face (hlinfo=0x555556d00830) at
xdisp.c:31579
#2 0x0000555555705a54 in handle_one_xevent (dpyinfo=0x555556d00780,
event=0x7fffffffcd10, finish=0x7fffffffcddc, hold_quit=0x7fffffffce00) at
xterm.c:8783
#3 0x0000555555706f05 in XTread_socket (terminal=0x5555563a66f0,
hold_quit=0x7fffffffce00) at xterm.c:9365
#4 0x000055555576471e in gobble_input () at keyboard.c:6891
#5 0x0000555555764bb9 in handle_async_input () at keyboard.c:7128
#6 0x0000555555764bd8 in process_pending_signals () at keyboard.c:7142
#7 0x0000555555764c18 in unblock_input_to (level=0) at keyboard.c:7157
#8 0x0000555555764c3c in unblock_input () at keyboard.c:7176
#9 0x00005555559ac163 in xg_select (fds_lim=18, rfds=0x7fffffffd710,
wfds=0x7fffffffd690, efds=0x0, timeout=0x7fffffffd670, sigmask=0x0) at
xgselect.c:163
#10 0x00005555558f7a08 in wait_reading_process_output (time_limit=30, nsecs=0,
read_kbd=-1, do_display=true, wait_for_cell=0x0, wait_proc=0x0,
just_wait_proc=0) at process.c:5571
#11 0x00005555555a69a3 in sit_for (timeout=0x7a, reading=true,
display_option=1) at dispnew.c:6045
#12 0x000055555575bbe6 in read_char (commandflag=1, map=0x555559b00f53,
prev_event=0x0, used_mouse_menu=0x7fffffffdcbf, end_time=0x0) at keyboard.c:2738
#13 0x000055555576a4bb in read_key_sequence (keybuf=0x7fffffffdec0, prompt=0x0,
dont_downcase_last=false, can_return_switch_frame=true,
fix_current_buffer=true, prevent_redisplay=false) at keyboard.c:9553
#14 0x00005555557583b5 in command_loop_1 () at keyboard.c:1350
#15 0x0000555555875019 in internal_condition_case (bfun=0x555555757f6f
<command_loop_1>, handlers=0x90, hfun=0x555555757705 <cmd_error>) at eval.c:1355
#16 0x0000555555757c34 in command_loop_2 (ignore=0x0) at keyboard.c:1091
#17 0x00005555558748ce in internal_catch (tag=0xd500, func=0x555555757c07
<command_loop_2>, arg=0x0) at eval.c:1116
#18 0x0000555555757bd2 in command_loop () at keyboard.c:1070
#19 0x00005555557572d4 in recursive_edit_1 () at keyboard.c:714
#20 0x0000555555757458 in Frecursive_edit () at keyboard.c:786
#21 0x000055555574fa8e in main (argc=3, argv=0x7fffffffe398) at emacs.c:2054
(gdb) list 31447
31427 #if defined (HAVE_GPM) || defined (MSDOS) || defined (WINDOWSNT)
31428 tty_draw_row_with_mouse_face (w, row, start_hpos, end_hpos, draw);
31429 #endif
31430 }
31431
31432 /* Display the active region described by mouse_face_* according to
DRAW. */
31433
31434 static void
31435 show_mouse_face (Mouse_HLInfo *hlinfo, enum draw_glyphs_face draw)
31436 {
31437 struct window *w = XWINDOW (hlinfo->mouse_face_window);
31438 struct frame *f = XFRAME (WINDOW_FRAME (w));
31439
31440 if (/* If window is in the process of being destroyed, don't bother
31441 to do anything. */
31442 w->current_matrix != NULL
31443 /* Don't update mouse highlight if hidden. */
31444 && (draw != DRAW_MOUSE_FACE || !hlinfo->mouse_face_hidden)
31445 /* Recognize when we are called to operate on rows that don't
exist
31446 anymore. This can happen when a window is split. */
31447 && hlinfo->mouse_face_end_row < w->current_matrix->nrows)
31448 {
31449 bool phys_cursor_on_p = w->phys_cursor_on_p;
31450 struct glyph_row *row, *first, *last;
31451
31452 first = MATRIX_ROW (w->current_matrix,
hlinfo->mouse_face_beg_row);
31453 last = MATRIX_ROW (w->current_matrix, hlinfo->mouse_face_end_row);
31454
31455 for (row = first; row <= last && row->enabled_p; ++row)
31456 {
31457 int start_hpos, end_hpos, start_x;
31458
31459 /* For all but the first row, the highlight starts at column
0. */
31460 if (row == first)
31461 {
31462 /* R2L rows have BEG and END in reversed order, but the
31463 screen drawing geometry is always left to right. So
31464 we need to mirror the beginning and end of the
31465 highlighted area in R2L rows. */
31466 if (!row->reversed_p)
(gdb) p *hlinfo
$9 = {mouse_face_beg_row = 16,
mouse_face_beg_col = 21,
mouse_face_beg_x = 252,
mouse_face_end_row = 16,
mouse_face_end_col = 35,
mouse_face_end_x = 420,
mouse_face_window = 0x5555571b9bc5,
mouse_face_face_id = 52,
mouse_face_overlay = 0x0,
mouse_face_mouse_frame = 0x5555589ff5d0,
mouse_face_mouse_x = 401,
mouse_face_mouse_y = 425,
mouse_face_past_end = false,
mouse_face_defer = false,
mouse_face_hidden = false}
(gdb) p *f
$10 = {header = {size = 285941742698496},
name = 0x55573dc812400000,
icon_name = 0xfffffffffe000055,
title = 0xfffffffffeffffff,
parent_frame = 0xfffffffffeffffff,
focus_frame = 0xfffffffffeffffff,
root_window = 0xfffffffffeffffff,
selected_window = 0xfffffffffeffffff,
old_selected_window = 0xfffffffffeffffff,
minibuffer_window = 0xfffffffffeffffff,
param_alist = 0xfffffffffeffffff,
scroll_bars = 0xfffffffffeffffff,
condemned_scroll_bars = 0xfffffffffeffffff,
menu_bar_items = 0xfffffffffeffffff,
face_alist = 0xfffffffffeffffff,
menu_bar_vector = 0xfffffffffeffffff,
buffer_predicate = 0xfffffffffeffffff,
buffer_list = 0xfffffffffeffffff,
buried_buffer_list = 0xfffffffffeffffff,
tab_bar_window = 0xfffffffffeffffff,
desired_tab_bar_string = 0xfffffffffeffffff,
current_tab_bar_string = 0xfffffffffeffffff,
tool_bar_window = 0xfffffffffeffffff,
desired_tool_bar_string = 0xfffffffffeffffff,
current_tool_bar_string = 0xfffffffffeffffff,
font_data = 0xfffffffffeffffff,
tab_bar_items = 0xfffffffffeffffff,
tool_bar_items = 0xfffffffffeffffff,
face_cache = 0xfffffffffeffffff,
last_tab_bar_item = -16777217,
last_tool_bar_item = -1,
menu_bar_items_used = -16777217,
namebuf = 0xfffffffffeffffff <error: Cannot access memory at address
0xfffffffffeffffff>,
shell_position = 0xfffffffffeffffff <error: Cannot access memory at
address 0xfffffffffeffffff>,
current_pool = 0x86ffffff,
desired_pool = 0x8a000000,
desired_matrix = 0x8e000000,
current_matrix = 0x92000000,
glyphs_initialized_p = false,
resized_p = false,
default_face_done_p = false,
already_hscrolled_p = false,
updated_p = false,
minimize_tab_bar_window_p = false,
minimize_tool_bar_window_p = false,
fonts_changed = false,
cursor_type_changed = false,
redisplay = false,
external_menu_bar = false,
visible = 0,
iconified = false,
garbaged = false,
wants_modeline = false,
auto_raise = false,
auto_lower = false,
no_split = false,
explicit_name = false,
window_change = false,
window_state_change = false,
mouse_moved = false,
pointer_invisible = false,
frozen_window_starts = false,
output_method = output_msdos_raw,
tooltip = true,
want_fullscreen = FULLSCREEN_NONE,
vertical_scroll_bar_type = vertical_scroll_bar_none,
horizontal_scroll_bars = false,
undecorated = false,
override_redirect = false,
skip_taskbar = false,
no_focus_on_map = false,
no_accept_focus = false,
z_group = z_group_none,
no_special_glyphs = false,
new_pixelwise = false,
can_set_window_size = false,
after_make_frame = false,
tab_bar_redisplayed = false,
tab_bar_resized = false,
tool_bar_redisplayed = false,
tool_bar_resized = false,
inhibit_horizontal_resize = false,
inhibit_vertical_resize = false,
face_change = false,
inhibit_clear_image_cache = false,
change_stamp = -1711276032,
number_of_windows = 2650800128,
tab_bar_lines = -1577058304,
tab_bar_height = 0,
n_tab_bar_rows = -1509949440,
n_tab_bar_items = 0,
tool_bar_lines = -1442840576,
tool_bar_height = 0,
n_tool_bar_rows = -1375731712,
n_tool_bar_items = 0,
decode_mode_spec_buffer = 0xb2000000 <error: Cannot access memory at
address 0xb2000000>,
insert_line_cost = 0xb6000000,
delete_line_cost = 0xba000000,
insert_n_lines_cost = 0xbe000000,
delete_n_lines_cost = 0xc2000000,
text_cols = -973078528,
text_lines = 0,
total_cols = -905969664,
total_lines = 0,
text_width = -838860800,
text_height = 0,
new_width = -771751936,
new_height = 0,
left_pos = -704643072,
top_pos = 0,
pixel_width = -637534208,
pixel_height = 0,
win_gravity = -570425344,
size_hint_flags = 0,
border_width = -503316480,
internal_border_width = 0,
right_divider_width = -436207616,
bottom_divider_width = 0,
left_fringe_width = -369098752,
right_fringe_width = 0,
fringe_cols = -301989888,
menu_bar_lines = 0,
menu_bar_height = -234881024,
column_width = 0,
line_height = -167772160,
terminal = 0xfa000000,
output_data = {tty = 0xfe000000,
x = 0xfe000000,
w32 = 0xfe000000,
ns = 0xfe000000},
font_driver_list = 0x102000000,
wait_event_type = -33554432,
desired_cursor = NO_CURSOR,
cursor_width = 150994943,
blink_off_cursor = FILLED_BOX_CURSOR,
blink_off_cursor_width = -1610612736,
config_scroll_bar_width = 146312,
config_scroll_bar_cols = 0,
config_scroll_bar_height = 0,
config_scroll_bar_lines = 1912602624,
cost_calculation_baud_rate = -33554432,
alpha = {-1.9563002257081385e-103, -1.9604024332027206e-103},
gamma = 4.9734297101505695e-316,
extra_line_spacing = -2080374784,
background_pixel = 85,
foreground_pixel = 6755399524941824}
(gdb) p *w
$11 = {header = {size = 4611686018444431360},
frame = 0x55555a41c842,
next = 0xda,
prev = 0xd6,
parent = 0xc2,
normal_lines = 0xde,
normal_cols = 0xca,
new_total = 0xa6,
new_normal = 0xb2,
new_pixel = 0xae,
contents = 0xba,
old_buffer = 0xb6,
start = 0xa2,
pointm = 0xbe,
old_pointm = 0xaa,
temslot = 0x86,
vertical_scroll_bar = 0x92,
vertical_scroll_bar_type = 0x8e,
horizontal_scroll_bar = 0x9a,
horizontal_scroll_bar_type = 0x96,
display_table = 0x82,
dedicated = 0x9e,
redisplay_end_trigger = 0x8a,
combination_limit = 0x66,
window_parameters = 0x72,
mode_line_help_echo = 0x6e,
current_matrix = 0x7a,
desired_matrix = 0x76,
prev_buffers = 0x46,
next_buffers = 0x52,
use_time = 78,
sequence_number = 90,
change_stamp = 86,
pixel_left = 0,
pixel_top = 0,
left_col = 0,
top_line = 0,
pixel_width = 0,
pixel_height = 0,
old_pixel_width = 0,
old_pixel_height = 0,
old_body_pixel_width = 0,
old_body_pixel_height = 0,
total_cols = 0,
total_lines = 0,
hscroll = 0,
min_hscroll = 0,
hscroll_whole = 0,
last_modified = 0,
last_overlay_modified = 0,
last_point = 0,
base_line_number = 0,
base_line_pos = 0,
column_number_displayed = 0,
nrows_scale_factor = 0,
ncols_scale_factor = 0,
cursor = {x = 0,
y = 0,
hpos = 0,
vpos = 0},
phys_cursor = {x = 0,
y = 0,
hpos = 0,
vpos = 0},
output_cursor = {x = 0,
y = 0,
hpos = 0,
vpos = 0},
last_cursor_vpos = 0,
phys_cursor_type = FILLED_BOX_CURSOR,
phys_cursor_width = 0,
phys_cursor_ascent = 0,
phys_cursor_height = 0,
left_fringe_width = 0,
right_fringe_width = 0,
left_margin_cols = 0,
right_margin_cols = 0,
scroll_bar_width = 0,
scroll_bar_height = 0,
mode_line_height = 0,
header_line_height = 0,
tab_line_height = 0,
window_end_pos = 0,
window_end_vpos = 0,
mini = false,
horizontal = false,
update_mode_line = false,
last_had_star = false,
start_at_line_beg = false,
force_start = false,
optional_new_start = false,
phys_cursor_on_p = false,
cursor_off_p = false,
last_cursor_off_p = false,
must_be_updated_p = false,
pseudo_window_p = false,
fringes_outside_margins = false,
fringes_persistent = false,
scroll_bars_persistent = false,
window_end_valid = false,
redisplay = false,
suspend_auto_hscroll = false,
vscroll = 0,
window_end_bytepos = 0}
The values involved in the expression that is indicated in the segfault
are these:
(gdb) p w->current_matrix
$12 = (struct glyph_matrix *) 0x7a
(gdb) p draw
$13 = DRAW_NORMAL_TEXT
(gdb) p hlinfo->mouse_face_hidden
$14 = false
(gdb) p hlinfo->mouse_face_end_row
$15 = 16
(gdb) p w->current_matrix->nrows
Cannot access memory at address 0x92
(gdb) p w->current_matrix
$17 = (struct glyph_matrix *) 0x7a
I'll try to keep this instance of segfaulted emacs in gdb running for as
long as I can this time. I hope some of the above helps. If you need me
to dig up anything else, let me know.
Regards, Frank