GNU bug report logs - #1295
Segfault with `M-- M-r' when `scroll-margin' > 0

Previous Next

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 1295 in the body.
You can then email your comments to 1295 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> emacsbugs.donarmstrong.com (full text, mbox):

From: Teemu Likonen <tlikonen <at> iki.fi>
To: bug-gnu-emacs <at> gnu.org
Subject: Segfault with `M-- M-r' when `scroll-margin' > 0
Date: Sun, 02 Nov 2008 15:48:04 +0200

Emacs crashes with segmentation fault when I type command `M-- M-r'
while variable `scroll-margin' has value 1 more more.

Steps to reproduce:

 1. Start Emacs from text terminal:

        $ emacs -Q

 2. Move to Emacs reference manual buffer:

        C-h r

 3. Don't move the cursor. Set the `scroll-margin' variable:

        M-x set-variable RET scroll-margin RET 4 RET

 4. Run command `move-to-window-line' with negative argument:

        M-- M-r

 5. You should see the Emacs frame disappearing and the following error
    message in terminal:

        Fatal error (11)Segmentation fault

I have tried with Emacs version

    GNU Emacs 22.2.1 (i486-pc-linux-gnu, GTK+ Version 2.12.11) of
    2008-10-17 on raven, modified by Debian

and development snapshot version

    GNU Emacs 23.0.60.1 (i486-pc-linux-gnu, GTK+ Version 2.12.11) of
    2008-10-18 on elegiac, modified by Debian


(I'm writing this bug report with 22.2.1 as you can see from the
following automatically inserted information.)


In GNU Emacs 22.2.1 (i486-pc-linux-gnu, GTK+ Version 2.12.11)
 of 2008-10-17 on raven, modified by Debian
Windowing system distributor `The X.Org Foundation', version 11.0.10402000
configured using `configure  '--build=i486-linux-gnu' '--host=i486-linux-gnu' '--prefix=/usr' '--sharedstatedir=/var/lib' '--libexecdir=/usr/lib' '--localstatedir=/var/lib' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--with-pop=yes' '--enable-locallisppath=/etc/emacs22:/etc/emacs:/usr/local/share/emacs/22.2/site-lisp:/usr/local/share/emacs/site-lisp:/usr/share/emacs/22.2/site-lisp:/usr/share/emacs/site-lisp:/usr/share/emacs/22.2/leim' '--with-x=yes' '--with-x-toolkit=gtk' '--with-toolkit-scroll-bars' 'build_alias=i486-linux-gnu' 'host_alias=i486-linux-gnu' 'CFLAGS=-DDEBIAN -g -O2' 'LDFLAGS=-g' 'CPPFLAGS=''

Important settings:
  value of $LC_ALL: nil
  value of $LC_COLLATE: nil
  value of $LC_CTYPE: nil
  value of $LC_MESSAGES: en_US.UTF-8
  value of $LC_MONETARY: nil
  value of $LC_NUMERIC: nil
  value of $LC_TIME: nil
  value of $LANG: fi_FI.UTF-8
  locale-coding-system: utf-8
  default-enable-multibyte-characters: t

Major mode: Info

Minor modes in effect:
  tooltip-mode: t
  mouse-wheel-mode: t
  menu-bar-mode: t
  file-name-shadow-mode: t
  global-font-lock-mode: t
  font-lock-mode: t
  blink-cursor-mode: t
  unify-8859-on-encoding-mode: t
  utf-translate-cjk-mode: t
  auto-compression-mode: t
  column-number-mode: t
  line-number-mode: t
  transient-mark-mode: t

Recent input:
C-h r C-s r e p o <return> <S-iso-lefttab> <return> 
<tab> <tab> <return> <down-mouse-5> <mouse-5> <down-mouse-5> 
<mouse-5> <double-down-mouse-5> <double-mouse-5> u 
<tab> <return> <down-mouse-5> <mouse-5> <double-down-mouse-5> 
<double-mouse-5> <triple-down-mouse-5> <triple-mouse-5> 
<down-mouse-4> <mouse-4> <double-down-mouse-4> <double-mouse-4> 
<down-mouse-4> <mouse-4> <down-mouse-1> <mouse-1> <down-mouse-5> 
<mouse-5> <down-mouse-5> <mouse-5> <double-down-mouse-5> 
<double-mouse-5> <down-mouse-4> <mouse-4> <double-down-mouse-4> 
<double-mouse-4> <triple-down-mouse-4> <triple-mouse-4> 
<triple-down-mouse-4> <triple-mouse-4> <triple-down-mouse-4> 
<triple-mouse-4> <triple-down-mouse-4> <triple-mouse-4> 
<triple-down-mouse-4> <triple-mouse-4> <triple-down-mouse-4> 
<triple-mouse-4> <triple-down-mouse-4> <triple-mouse-4> 
u <tab> <return> <help-echo> <down-mouse-5> <mouse-5> 
<down-mouse-5> <mouse-5> <down-mouse-5> <mouse-5> M-x 
m <backspace> e m a c s - v e r s i o n <return> <down-mouse-5> 
<mouse-5> <down-mouse-5> <mouse-5> <down-mouse-5> <mouse-5> 
<down-mouse-5> <mouse-5> <down-mouse-5> <mouse-5> <down-mouse-5> 
<mouse-5> <down-mouse-5> <mouse-5> <double-down-mouse-5> 
<double-mouse-5> <triple-down-mouse-5> <triple-mouse-5> 
<down-mouse-5> <mouse-5> <down-mouse-4> <mouse-4> <double-down-mouse-4> 
<double-mouse-4> <triple-down-mouse-4> <triple-mouse-4> 
M-x C-g C-x 5 2 <switch-frame> M-x r e p o r t - b 
<tab> u <tab> <tab> <tab> <tab> <switch-frame> <switch-frame> 
<switch-frame> <switch-frame> <switch-frame> <down-mouse-4> 
<mouse-4> <down-mouse-5> <mouse-5> <down-mouse-4> <mouse-4> 
<double-down-mouse-4> <double-mouse-4> <triple-down-mouse-4> 
<triple-mouse-4> <triple-down-mouse-4> <triple-mouse-4> 
<switch-frame> <down-mouse-1> <mouse-movement> <mouse-1> 
<help-echo> <down-mouse-1> <mouse-1> <M-backspace> 
e m a <tab> <return>

Recent messages:
Loading info...done
Loading jka-compr...done
uncompressing emacs.gz...done
uncompressing emacs-1.gz...done
Mark saved where search started
uncompressing emacs-5.gz...done
byte-code: Beginning of buffer [6 times]
GNU Emacs 22.2.1 (i486-pc-linux-gnu, GTK+ Version 2.12.11) of 2008-10-17 on raven, modified by Debian
Quit
Loading emacsbug...done

Message #10 received at 1295 <at> emacsbugs.donarmstrong.com (full text, mbox):

From: Chong Yidong <cyd <at> stupidchicken.com>
To: Martin Rudalics  <rudalics <at> gmx.at>
Cc: 1295 <at> debbugs.gnu.org
Subject: Segfault with `M-- M-r' when `scroll-margin' > 0
Date: Sun, 02 Nov 2008 21:23:45 -0500

> Emacs crashes with segmentation fault when I type command `M-- M-r'
> while variable `scroll-margin' has value 1 more more.
>
>  1. $ emacs -Q
>
>  2. C-h r
>
>  3. Don't move the cursor. Set the `scroll-margin' variable:
>
>         M-x set-variable RET scroll-margin RET 4 RET
>
>  4. M-- M-r
>
>         Fatal error (11)Segmentation fault

Hi Martin,

I think this may be a consequence of your 2008-11-02 checkin to src (I
didn't pinpoint the exact change that caused it, though).

Could you check?

Message #15 received at 1295 <at> emacsbugs.donarmstrong.com (full text, mbox):

From: martin rudalics <rudalics <at> gmx.at>
To: Chong Yidong <cyd <at> stupidchicken.com>
Cc: 1295 <at> debbugs.gnu.org
Subject: Re: Segfault with `M-- M-r' when `scroll-margin' > 0
Date: Mon, 03 Nov 2008 08:16:49 +0100

>> Emacs crashes with segmentation fault when I type command `M-- M-r'
>> while variable `scroll-margin' has value 1 more more.
>>
>>  1. $ emacs -Q
>>
>>  2. C-h r
>>
>>  3. Don't move the cursor. Set the `scroll-margin' variable:
>>
>>         M-x set-variable RET scroll-margin RET 4 RET
>>
>>  4. M-- M-r
>>
>>         Fatal error (11)Segmentation fault
>
> Hi Martin,
>
> I think this may be a consequence of your 2008-11-02 checkin to src (I
> didn't pinpoint the exact change that caused it, though).
>
> Could you check?

The report was for Emacsen built as

    GNU Emacs 22.2.1 (i486-pc-linux-gnu, GTK+ Version 2.12.11) of
    2008-10-17 on raven, modified by Debian

and development snapshot version

    GNU Emacs 23.0.60.1 (i486-pc-linux-gnu, GTK+ Version 2.12.11) of
    2008-10-18 on elegiac, modified by Debian

and I verified here that it crashes with a negative argument for all
versions I keep personally.

BTW, Richard apparently once tried to make `move-to-window-line' handle
scroll margins but failed somehow.

martin

Message #22 received at 1295 <at> emacsbugs.donarmstrong.com (full text, mbox):

From: Chong Yidong <cyd <at> stupidchicken.com>
To: martin rudalics <rudalics <at> gmx.at>
Cc: 1295 <at> debbugs.gnu.org
Subject: Re: Segfault with `M-- M-r' when `scroll-margin' > 0
Date: Mon, 03 Nov 2008 14:40:34 -0500

martin rudalics <rudalics <at> gmx.at> writes:

> The report was for Emacsen built as
>
>     GNU Emacs 22.2.1 (i486-pc-linux-gnu, GTK+ Version 2.12.11) of
>     2008-10-17 on raven, modified by Debian
>
> and development snapshot version
>
>     GNU Emacs 23.0.60.1 (i486-pc-linux-gnu, GTK+ Version 2.12.11) of
>     2008-10-18 on elegiac, modified by Debian
>
> and I verified here that it crashes with a negative argument for all
> versions I keep personally.

Sorry, my bad.  For some reason, reproducing this bug needs a full
bootstrap after reversion.  A simple make recompile/make doesn't track
the bug accurately, which is why it mistakenly pointed to your checkin.

After some more investigation, it looks to me like the bug was
introduced between 2008-10-06 (no crash) and 2008-10-07 (crash).
Weird---there weren't any redisplay changes made at this time.

Message #27 received at 1295 <at> emacsbugs.donarmstrong.com (full text, mbox):

From: Chong Yidong <cyd <at> stupidchicken.com>
To: Teemu Likonen <tlikonen <at> iki.fi>
Cc: martin rudalics <rudalics <at> gmx.at>, 1295 <at> debbugs.gnu.org
Subject: Re: Segfault with `M-- M-r' when `scroll-margin' > 0
Date: Mon, 03 Nov 2008 14:54:58 -0500

Interesting.  This bug appears to be due to an interaction between Emacs
and the window manager's size hints.  At least, I can't reproduce it
with the latest CVS changes from today, in which a correction has been
made to how Emacs sends size hints to the window manager:

2008-11-03  Chong Yidong  <cyd <at> stupidchicken.com>

	* term/x-win.el (x-initialize-window-system): Call
	x-wm-set-size-hint after initialization.

Could you see whether the problem is fixed for you?

Message #32 received at 1295 <at> emacsbugs.donarmstrong.com (full text, mbox):

From: Teemu Likonen <tlikonen <at> iki.fi>
To: Chong Yidong <cyd <at> stupidchicken.com>
Cc: martin rudalics <rudalics <at> gmx.at>, 1295 <at> debbugs.gnu.org
Subject: Re: Segfault with `M-- M-r' when `scroll-margin' > 0
Date: Mon, 03 Nov 2008 23:40:51 +0200

Chong Yidong (2008-11-03 14:54 -0500) wrote:

> Interesting.  This bug appears to be due to an interaction between Emacs
> and the window manager's size hints.  At least, I can't reproduce it
> with the latest CVS changes from today, in which a correction has been
> made to how Emacs sends size hints to the window manager:
>
> 2008-11-03  Chong Yidong  <cyd <at> stupidchicken.com>
>
> 	* term/x-win.el (x-initialize-window-system): Call
> 	x-wm-set-size-hint after initialization.
>
> Could you see whether the problem is fixed for you?

I'm not able to compile Emacs myself. For development versions I depend
on prepackaged snapshots[1]. Sorry. I'll try it when a new snapshot becomes
available.

----------
 1. http://emacs.orebokech.com/

Message #37 received at 1295 <at> emacsbugs.donarmstrong.com (full text, mbox):

From: martin rudalics <rudalics <at> gmx.at>
To: Chong Yidong <cyd <at> stupidchicken.com>
Cc: Teemu Likonen <tlikonen <at> iki.fi>, 1295 <at> debbugs.gnu.org
Subject: Re: Segfault with `M-- M-r' when `scroll-margin' > 0
Date: Tue, 04 Nov 2008 08:36:16 +0100

> Interesting.  This bug appears to be due to an interaction between Emacs
> and the window manager's size hints.  At least, I can't reproduce it
> with the latest CVS changes from today, in which a correction has been
> made to how Emacs sends size hints to the window manager:
>
> 2008-11-03  Chong Yidong  <cyd <at> stupidchicken.com>
>
> 	* term/x-win.el (x-initialize-window-system): Call
> 	x-wm-set-size-hint after initialization.
>
> Could you see whether the problem is fixed for you?

Still crashes here.  But just before crashing, display of the center line
of the window gets garbled now.  So it appears related to these size hints.

martin

Message #42 received at submit <at> emacsbugs.donarmstrong.com (full text, mbox):

From: "Richard M. Stallman" <rms <at> gnu.org>
To: martin rudalics <rudalics <at> gmx.at>, 1295 <at> debbugs.gnu.org
Cc: cyd <at> stupidchicken.com, bug-submit-list <at> donarmstrong.com, tlikonen <at> iki.fi,
        1295 <at> debbugs.gnu.org, bug-gnu-emacs <at> gnu.org
Subject: Re: bug#1295: Segfault with `M-- M-r' when `scroll-margin' > 0
Date: Tue, 04 Nov 2008 15:44:55 -0500

     > 2008-11-03  Chong Yidong  <cyd <at> stupidchicken.com>
     >
     > 	* term/x-win.el (x-initialize-window-system): Call
     > 	x-wm-set-size-hint after initialization.
     >
     > Could you see whether the problem is fixed for you?

    Still crashes here.  But just before crashing, display of the center line
    of the window gets garbled now.  So it appears related to these size hints.

If we think that a bug in Lisp code causes a crash,
we should think about whether there's a bug in the C code
which it is triggering.

Message #52 received at 1295 <at> emacsbugs.donarmstrong.com (full text, mbox):

From: martin rudalics <rudalics <at> gmx.at>
To: rms <at> gnu.org
Cc: 1295 <at> debbugs.gnu.org, cyd <at> stupidchicken.com, tlikonen <at> iki.fi
Subject: Re: bug#1295: Segfault with `M-- M-r' when `scroll-margin' > 0
Date: Wed, 05 Nov 2008 08:22:46 +0100

> If we think that a bug in Lisp code causes a crash,
> we should think about whether there's a bug in the C code
> which it is triggering.

It's a bug in C.  With the OP's recipe I get:

Program received signal SIGSEGV, Segmentation fault.
0x01028412 in try_window_reusing_current_matrix (w=0x3784600) at xdisp.c:14471
(gdb) bt
#0  0x01028412 in try_window_reusing_current_matrix (w=0x3784600) at xdisp.c:14471
#1  0x0102c328 in redisplay_window (window=58213892, just_this_one_p=1) at xdisp.c:13764
#2  0x0102dd61 in redisplay_window_1 (window=58213892) at xdisp.c:12249
#3  0x01009d1b in internal_condition_case_1 (bfun=0x102dd34 <redisplay_window_1>, arg=58213892, handlers=43976013, hfun=0x101d96a <redisplay_window_error>) at eval.c:1559
#4  0x0102f775 in redisplay_internal (preserve_echo_area=2732) at xdisp.c:11867
#5  0x0105946f in read_char (commandflag=1, nmaps=2, maps=0x82fb20, prev_event=43993089, used_mouse_menu=0x82fb68, end_time=0x0) at keyboard.c:2649
#6  0x0105c47d in read_key_sequence (keybuf=0x82fcb0, bufsize=30, prompt=43993089, dont_downcase_last=0, can_return_switch_frame=1, fix_current_buffer=1) at keyboard.c:9344
#7  0x0105e342 in command_loop_1 () at keyboard.c:1621
#8  0x01009fae in internal_condition_case (bfun=0x105e190 <command_loop_1>, handlers=44056841, hfun=0x105773c <cmd_error>) at eval.c:1511
#9  0x01051cca in command_loop_2 () at keyboard.c:1338
#10 0x01009ee3 in internal_catch (tag=2732, func=0x1051ca7 <command_loop_2>, arg=43993089) at eval.c:1247
#11 0x01051ad7 in command_loop () at keyboard.c:1317
#12 0x01051b70 in recursive_edit_1 () at keyboard.c:942
#13 0x01051c91 in Frecursive_edit () at keyboard.c:1004
#14 0x01002e46 in main (argc=2, argv=0xa327e0) at emacs.c:1777
(gdb)

martin

Message #57 received at 1295-done <at> emacsbugs.donarmstrong.com (full text, mbox):

From: Chong Yidong <cyd <at> stupidchicken.com>
To: Teemu Likonen <tlikonen <at> iki.fi>
Cc: 1295-done <at> debbugs.gnu.org
Subject: Re: Segfault with `M-- M-r' when `scroll-margin' > 0
Date: Thu, 06 Nov 2008 19:30:12 -0500

> Emacs crashes with segmentation fault when I type command `M-- M-r'
> while variable `scroll-margin' has value 1 more more.

I've checked in a fix that should solve this problem.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.