From unknown Sun Aug 17 22:01:04 2025
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Mailer: MIME-tools 5.509 (Entity 5.509)
Content-Type: text/plain; charset=utf-8
From: bug#18162 <18162@debbugs.gnu.org>
To: bug#18162 <18162@debbugs.gnu.org>
Subject: Status: 24.3.92; segfault on null face pointer in face_for_char
Reply-To: bug#18162 <18162@debbugs.gnu.org>
Date: Mon, 18 Aug 2025 05:01:04 +0000

retitle 18162 24.3.92; segfault on null face pointer in face_for_char
reassign 18162 emacs
submitter 18162 Ken Raeburn <raeburn@permabit.com>
severity 18162 normal

thanks


From debbugs-submit-bounces@debbugs.gnu.org Thu Jul 31 19:24:43 2014
Received: (at submit) by debbugs.gnu.org; 31 Jul 2014 23:24:43 +0000
Received: from localhost ([127.0.0.1]:53418 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1XCziD-0002SU-Cv
	for submit@debbugs.gnu.org; Thu, 31 Jul 2014 19:24:43 -0400
Received: from eggs.gnu.org ([208.118.235.92]:48951)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <raeburn@permabit.com>) id 1XCziA-0002SG-96
 for submit@debbugs.gnu.org; Thu, 31 Jul 2014 19:24:40 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <raeburn@permabit.com>) id 1XCzi0-0003dJ-3N
 for submit@debbugs.gnu.org; Thu, 31 Jul 2014 19:24:33 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,T_DKIM_INVALID
 autolearn=disabled version=3.3.2
Received: from lists.gnu.org ([2001:4830:134:3::11]:59623)
 by eggs.gnu.org with esmtp (Exim 4.71)
 (envelope-from <raeburn@permabit.com>) id 1XCzhz-0003d9-Ve
 for submit@debbugs.gnu.org; Thu, 31 Jul 2014 19:24:28 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:50416)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <raeburn@permabit.com>) id 1XCzhu-0002mk-Qc
 for bug-gnu-emacs@gnu.org; Thu, 31 Jul 2014 19:24:27 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <raeburn@permabit.com>) id 1XCzhp-0003Ug-Jg
 for bug-gnu-emacs@gnu.org; Thu, 31 Jul 2014 19:24:22 -0400
Received: from mail-qa0-x22c.google.com ([2607:f8b0:400d:c00::22c]:35854)
 by eggs.gnu.org with esmtp (Exim 4.71)
 (envelope-from <raeburn@permabit.com>) id 1XCzhp-0003Sv-CH
 for bug-gnu-emacs@gnu.org; Thu, 31 Jul 2014 19:24:17 -0400
Received: by mail-qa0-f44.google.com with SMTP id f12so3196911qad.3
 for <bug-gnu-emacs@gnu.org>; Thu, 31 Jul 2014 16:24:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=permabit.com; s=google;
 h=from:to:subject:date:message-id:mime-version:content-type;
 bh=Dk4lMizJglCmhLSATI2huSHqGRtHAfZMukDlpkSlXtE=;
 b=gz2MDANiiyEg5z6JX78cj7jf5HM+BdVqM9hHk8Tt1M78OLlzxnm/g13Bi+k0cHWJLM
 zExBd+Tay8KHLq0dFB9xHSNPPljzN9yLZ3j7/BGgKbKjta5D0/ccZrZ3tGPfsJez4XLv
 Zfv6YyQe16OVYZzh6Z8gy6V+j67JXC0IjVAyU=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:from:to:subject:date:message-id:mime-version
 :content-type;
 bh=Dk4lMizJglCmhLSATI2huSHqGRtHAfZMukDlpkSlXtE=;
 b=BrMim7qUkQn451cJ9GyeNHRuthiT/x3hNICkI071wOdwEl18H9I+iMgoBi1V425cqX
 VnW1sgsjiNZDw0P78CZrd7Ea5xvIbmI7KPlJxDBVatgGfn4mtk6bAEztww3Fv3pSCSkC
 vNIPfk2ZBkw3tRbuwWbla//pJb3sf7L/MhF+o0G5awqBLSxk1naAcU1kAAzk7pcLDxLq
 QjgB74iTjgoLRFZQLEfyloriFaXsz6bpOe6Ac94lCcuV4R82XQYf+uftexXEuJaqGUlV
 R1leuszroV4emRrKzpdcqbFcnQrcR4WhwRWkIPg7VINnzOQzx6rjoTDiLpTlsxqDx+ZD
 B8pw==
X-Gm-Message-State: ALoCoQm6SuTFQNAsjzNpA2Xn+ANS7qbaZS4GDtnKrgeF9ebdJo2jatuA/7CGm101sdBY+ph8Nxpu
X-Received: by 10.224.134.201 with SMTP id k9mr2557088qat.59.1406849056090;
 Thu, 31 Jul 2014 16:24:16 -0700 (PDT)
Received: from just-testing.permabit.com (vpn.permabit.com. [66.202.84.2])
 by mx.google.com with ESMTPSA id j110sm7466143qga.40.2014.07.31.16.24.14
 for <multiple recipients>
 (version=TLSv1.2 cipher=RC4-SHA bits=128/128);
 Thu, 31 Jul 2014 16:24:15 -0700 (PDT)
From: Ken Raeburn <raeburn@permabit.com>
To: bug-gnu-emacs@gnu.org
Subject: 24.3.92; segfault on null face pointer in face_for_char
Date: Thu, 31 Jul 2014 19:24:13 -0400
Message-ID: <6ewqatjen6.fsf@just-testing.permabit.com>
MIME-Version: 1.0
Content-Type: text/plain
X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address
 (bad octet value).
X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address
 (bad octet value).
X-Received-From: 2001:4830:134:3::11
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)


Emacs crashed with a seg fault. I was typing into one of several X11
frames at the time, not doing anything particularly interesting as far
as I can tell. I think I was typing into the minibuffer. Unlike my other
crashes, this one doesn't seem to involve multiple displays at all; in
fact I don't think I used that session remotely since starting it.

My source is 24.3.92 plus:
 - Dmitry's patch to font.c (font_list_entities, font_matching_entity)
   to fix one of my earlier problems. 
 - Call delete_keyboard_wait_descriptor in x_connection_closed, before
   we clear dpyinfo->display.
 - Dmitry's patch to emacsclient to canonicalize the display name.

(gdb) bt
#0  0x00007f596c9fbb7b in raise (sig=<optimized out>) at ../nptl/sysdeps/unix/sysv/linux/pt-raise.c:42
#1  0x0000000000519b25 in terminate_due_to_signal (sig=11, backtrace_limit=40) at emacs.c:378
#2  0x0000000000536dfe in handle_fatal_signal (sig=<optimized out>) at sysdep.c:1630
#3  0x0000000000536e63 in deliver_thread_signal (handler=0x536df0 <handle_fatal_signal>, sig=11) at sysdep.c:1604
#4  deliver_fatal_thread_signal (sig=11) at sysdep.c:1642
#5  <signal handler called>
#6  face_for_char (f=0x66f0858, face=0x0, c=8230, pos=-1, object=13137010) at fontset.c:914
#7  0x0000000000619155 in Finternal_char_font (position=<optimized out>, ch=<optimized out>) at fontset.c:1863
#8  0x00000000005a16fe in Ffuncall (nargs=<optimized out>, args=0x7fffbcddcdd8) at eval.c:2818
#9  0x00000000005e055d in exec_byte_code (bytestr=0, vector=0, maxdepth=8230, args_template=25, nargs=3, args=0x0) at bytecode.c:916
#10 0x00000000005a0f92 in funcall_lambda (fun=68493053, nargs=<optimized out>, arg_vector=0x7fffbcddcfa0) at eval.c:3049
#11 0x00000000005a1324 in Ffuncall (nargs=<optimized out>, args=0x7fffbcddcf98) at eval.c:2876
#12 0x00000000005e055d in exec_byte_code (bytestr=0, vector=0, maxdepth=8230, args_template=127, nargs=2, args=0x0) at bytecode.c:916
#13 0x00000000005a0f92 in funcall_lambda (fun=55208949, nargs=<optimized out>, arg_vector=0x7fffbcddd180) at eval.c:3049
#14 0x00000000005a1324 in Ffuncall (nargs=<optimized out>, args=0x7fffbcddd178) at eval.c:2876
#15 0x00000000005e055d in exec_byte_code (bytestr=0, vector=0, maxdepth=8230, args_template=20, nargs=5, args=0x0) at bytecode.c:916
#16 0x00000000005a08a2 in eval_sub (form=<optimized out>) at eval.c:2191
#17 0x000000000059f1a8 in internal_catch (tag=13137010, func=0x5a0010 <eval_sub>, arg=55280886) at eval.c:1118
#18 0x00000000005e0816 in exec_byte_code (bytestr=0, vector=0, maxdepth=8230, args_template=140736362042152, nargs=141, args=0x0) at bytecode.c:1097
#19 0x00000000005a08a2 in eval_sub (form=<optimized out>) at eval.c:2191
#20 0x00000000005a43f9 in internal_lisp_condition_case (var=13137010, bodyform=55280758, handlers=<optimized out>) at eval.c:1323
#21 0x00000000005e0a2f in exec_byte_code (bytestr=0, vector=0, maxdepth=8230, args_template=140736362042680, nargs=143, args=0x0) at bytecode.c:1162
#22 0x00000000005a0f92 in funcall_lambda (fun=55208901, nargs=<optimized out>, arg_vector=0x7fffbcddd710) at eval.c:3049
#23 0x00000000005a1324 in Ffuncall (nargs=<optimized out>, args=0x7fffbcddd708) at eval.c:2876
#24 0x00000000005e055d in exec_byte_code (bytestr=0, vector=0, maxdepth=8230, args_template=13137010, nargs=1, args=0x0) at bytecode.c:916
#25 0x00000000005a0f92 in funcall_lambda (fun=55206941, nargs=<optimized out>, arg_vector=0x7fffbcddd8b0) at eval.c:3049
#26 0x00000000005a1324 in Ffuncall (nargs=<optimized out>, args=0x7fffbcddd8a8) at eval.c:2876
#27 0x00000000005a19a8 in call0 (fn=54172594) at eval.c:2599
#28 0x000000000059f2a2 in internal_condition_case (bfun=0x51f110 <safe_run_hooks_1>, handlers=<optimized out>, hfun=0x51cc40 <safe_run_hooks_error>) at eval.c:1354
#29 0x000000000051cbd9 in safe_run_hook_funcall (nargs=<optimized out>, args=<optimized out>) at keyboard.c:1930
#30 0x000000000059f754 in run_hook_with_args (nargs=1, args=0x7fffbcddd958, funcall=0x51cb90 <safe_run_hook_funcall>) at eval.c:2551
#31 0x000000000052030f in safe_run_hooks (hook=54172594) at keyboard.c:1947
#32 0x000000000052b3e8 in command_loop_1 () at keyboard.c:1573
#33 0x000000000059f2a2 in internal_condition_case (bfun=0x52ae70 <command_loop_1>, handlers=<optimized out>, hfun=0x5200f0 <cmd_error>) at eval.c:1354
#34 0x000000000051cc2e in command_loop_2 (ignore=<optimized out>) at keyboard.c:1177
#35 0x000000000059f1a8 in internal_catch (tag=13137010, func=0x51cc10 <command_loop_2>, arg=13137010) at eval.c:1118
#36 0x000000000051fb7c in command_loop () at keyboard.c:1148
#37 recursive_edit_1 () at keyboard.c:777
#38 0x0000000000551271 in read_minibuf (map=77373078, initial=113165873, prompt=<optimized out>, expflag=false, histvar=<optimized out>, histpos=74575237, defalt=113165969, allow_props=false, inherit_input_method=false) at minibuf.c:674
#39 0x0000000000551a76 in Fread_from_minibuffer (prompt=9342561, initial_contents=113165873, keymap=77373078, read=13137010, hist=13204834, default_value=113165969, inherit_input_method=13137010) at minibuf.c:957
#40 0x00000000005a15b8 in Ffuncall (nargs=<optimized out>, args=0x7fffbcdddd18) at eval.c:2841
#41 0x00000000005e055d in exec_byte_code (bytestr=0, vector=0, maxdepth=8230, args_template=46, nargs=8, args=0x0) at bytecode.c:916
#42 0x00000000005a1324 in Ffuncall (nargs=<optimized out>, args=0x7fffbcddde80) at eval.c:2876
#43 0x000000000054e9e7 in Fcompleting_read (prompt=9342561, collection=13346450, predicate=13203650, require_match=17289890, initial_input=113165873, hist=13204834, def=113165969, inherit_input_method=13137010) at minibuf.c:1674
#44 0x00000000005a17bb in Ffuncall (nargs=<optimized out>, args=0x7fffbcdde050) at eval.c:2848
#45 0x00000000005e055d in exec_byte_code (bytestr=0, vector=0, maxdepth=8230, args_template=140736362045520, nargs=8, args=0x0) at bytecode.c:916
#46 0x00000000005a1324 in Ffuncall (nargs=<optimized out>, args=0x7fffbcdde1f8) at eval.c:2876
#47 0x00000000005e055d in exec_byte_code (bytestr=0, vector=0, maxdepth=8230, args_template=5, nargs=7, args=0x0) at bytecode.c:916
#48 0x00000000005a1324 in Ffuncall (nargs=<optimized out>, args=0x7fffbcdde368) at eval.c:2876
#49 0x00000000005e055d in exec_byte_code (bytestr=0, vector=0, maxdepth=8230, args_template=2, nargs=5, args=0x0) at bytecode.c:916
#50 0x00000000005a1324 in Ffuncall (nargs=<optimized out>, args=0x7fffbcdde4b8) at eval.c:2876
#51 0x00000000005e055d in exec_byte_code (bytestr=0, vector=0, maxdepth=8230, args_template=13137010, nargs=3, args=0x0) at bytecode.c:916
#52 0x00000000005a08a2 in eval_sub (form=<optimized out>) at eval.c:2191
#53 0x00000000005a3311 in Feval (form=9484614, lexical=<optimized out>) at eval.c:2003
#54 0x000000000059c70e in Fcall_interactively (function=13516626, record_flag=13137010, keys=13172029) at callint.c:345
#55 0x00000000005a16c6 in Ffuncall (nargs=<optimized out>, args=0x7fffbcdde818) at eval.c:2822
#56 0x00000000005e055d in exec_byte_code (bytestr=0, vector=0, maxdepth=8230, args_template=108, nargs=4, args=0x0) at bytecode.c:916
#57 0x00000000005a1324 in Ffuncall (nargs=<optimized out>, args=0x7fffbcdde970) at eval.c:2876
#58 0x00000000005a198a in call1 (fn=<optimized out>, arg1=<optimized out>) at eval.c:2614
#59 0x000000000052b3b6 in command_loop_1 () at keyboard.c:1559
#60 0x000000000059f2a2 in internal_condition_case (bfun=0x52ae70 <command_loop_1>, handlers=<optimized out>, hfun=0x5200f0 <cmd_error>) at eval.c:1354
#61 0x000000000051cc2e in command_loop_2 (ignore=<optimized out>) at keyboard.c:1177
#62 0x000000000059f1a8 in internal_catch (tag=13137010, func=0x51cc10 <command_loop_2>, arg=13137010) at eval.c:1118
#63 0x000000000051fc07 in command_loop () at keyboard.c:1156
#64 recursive_edit_1 () at keyboard.c:777
#65 0x000000000051ff55 in Frecursive_edit () at keyboard.c:848
#66 0x0000000000411a95 in main (argc=2, argv=<optimized out>) at emacs.c:1646
You can't do that without a process to debug.
(gdb) fr 6
#6  face_for_char (f=0x66f0858, face=0x0, c=8230, pos=-1, object=13137010) at fontset.c:914
914	  eassert (fontset_id_valid_p (face->fontset));
(gdb) up
#7  0x0000000000619155 in Finternal_char_font (position=<optimized out>, ch=<optimized out>) at fontset.c:1863
1863	  face_id = FACE_FOR_CHAR (f, FACE_FROM_ID (f, face_id), c, pos, Qnil);
(gdb)

The incoming face_id value was optimized out, but since "position" is
nil (from looking in the caller's frame), it should've been assigned
from lookup_basic_face(f,DEFAULT_FACE_ID), and since
Vface_remapping_alist is nil, that would just be DEFAULT_FACE_ID or 0.

c=8230 is HORIZONTAL ELLIPSIS

pos=-1

f->face_cache points to:

$22 = {
  buckets = 0x6122800, 
  f = 0x66f0858, 
  faces_by_id = 0x77a97c0, 
  size = 112, 
  used = 0, 
  menu_face_changed_p = false
}

Since "used" is 0, FACE_FROM_ID returns a null pointer, which gets
passed to FACE_FOR_CHAR and face_for_char, and the latter assumes it's
not a null pointer.

The "buckets" array (1001 entries if I read the code right) is all
null pointers. The "faces_by_id" array isn't all null, but the only
non-null entries are at indices above 90 and it looks like anything
above "used" may just be uninitialized.

The funcall_lambda in stack frame 10 appears to be calling
char-displayable-p (from the doc string filename and offset).
The funcall_lambda in stack frame 13 is calling icomplete-completions.
In frame 22 we're calling icomplete-exhibit.
In frame 25 the COMPILED_DOC_STRING slot is 0.

The recent keys typed (extracted from the recent_keys array) end with:

48, 96, 24, 28, 536871384, 536871384, 96, 24, 28, 96, 24, 18259138,
436, 468, 432, 464

536871384 is 0x8000076 or CHAR_META + v
18259138 is the symbol M-backspace

So:
M-v M-v C-x C-f C-g C-x C-f M-backspace m u l t
Then *splat*.

I do not have any recipe for reproducing this.




In GNU Emacs 24.3.92.1 (x86_64-unknown-linux-gnu, X toolkit, Xaw3d scroll bars)
 of 2014-06-27 on just-testing.permabit.com
Windowing system distributor `The X.Org Foundation', version 11.0.11103000
System Description:	Ubuntu 12.04.4 LTS

Configured using:
 `configure
 --prefix=/permabit/user/raeburn/I64/install/emacs-24.3.92.precise
 --with-x-toolkit=lucid --enable-checking'

Important settings:
  locale-coding-system: nil

Major mode: CPerl

Minor modes in effect:
  shell-dirtrack-mode: t
  rcirc-track-minor-mode: t
  display-time-mode: t
  which-function-mode: t
  icomplete-mode: t
  hideshowvis-minor-mode: t
  desktop-save-mode: t
  jabber-activity-mode: t
  tooltip-mode: t
  electric-indent-mode: t
  mouse-wheel-mode: t
  file-name-shadow-mode: t
  global-font-lock-mode: t
  font-lock-mode: t
  auto-composition-mode: t
  auto-encryption-mode: t
  auto-compression-mode: t
  buffer-read-only: t
  line-number-mode: t
  transient-mark-mode: t
  hs-minor-mode: t

Recent input:
e s s SPC <M-backspace> s u b p r o c e s s SPC t o 
SPC e x e c SPC C-u C-f C-u C-f C-u C-f C-b C-u C-k 
i n SPC b a c k g r o u n d SPC h a s n ' t SPC d o 
n e SPC t h e SPC e x e c SPC y e t <M-backspace> b 
y SPC t h e SPC t i m e SPC p k i l l SPC r u n s . 
<backspace> , SPC s o SPC t h a t SPC p k i l l SPC 
o e <backspace> <backspace> d o e s n ' t SPC f i n 
d SPC t h e SPC p r o c e s s . SPC I f SPC t h a t 
' s SPC t h e SPC c a s e , SPC s l e e p i n g SPC 
a SPC f e w SPC <M-backspace> 1 <backspace> s e c o 
n d SPC o r SPC t w o SPC w o u l d SPC p r o b a b 
l y SPC f i x SPC i t . <return> I t SPC w o u l d 
SPC b e SPC k i n d SPC o f SPC w e i r d SPC f o r 
SPC t h i n g s SPC t o SPC h a p p e n SPC i n SPC 
t h a t SPC o r d e r SPC t h o u g h . <return> C-M-d 
<escape> x r e p o r t - e m <tab> <return>

Recent messages:
Message from NagiosAdmin in system-alerts@conference.chat.permabit.com
Mark saved where search started
Mark set
Mark saved where search started
limershein@chat.permabit.com is now Online
Checking spelling of RECOGNIZEABLE...
Mark set
tomj@chat.permabit.com is now Offline
simon@chat.permabit.com is now Away (I'm not here right now)
limershein@chat.permabit.com is now Offline

Load-path shadows:
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-festival hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-festival
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-chat hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-chat
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-bookmarks hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-bookmarks
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-ahc-presence hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-ahc-presence
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-chatbuffer hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-chatbuffer
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-roster hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-roster
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-core hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-core
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-ft-common hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-ft-common
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-presence hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-presence
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-si-server hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-si-server
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-autoloads hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-autoloads
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-truncate hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-truncate
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-ft-server hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-ft-server
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-conn hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-conn
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-sasl hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-sasl
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/fsm hides /usr/share/emacs/site-lisp/emacs-jabber/fsm
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-ft-client hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-ft-client
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-xmessage hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-xmessage
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-chatstates hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-chatstates
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-export hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-export
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-time hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-time
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-screen hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-screen
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-autoaway hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-autoaway
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-compose hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-compose
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber hides /usr/share/emacs/site-lisp/emacs-jabber/jabber
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-modeline hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-modeline
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-activity hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-activity
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/srv hides /usr/share/emacs/site-lisp/emacs-jabber/srv
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-events hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-events
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-version hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-version
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-feature-neg hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-feature-neg
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-menu hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-menu
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-history hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-history
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-avatar hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-avatar
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-muc hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-muc
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-watch hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-watch
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-xml hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-xml
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-muc-nick-completion hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-muc-nick-completion
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-alert hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-alert
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-osd hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-osd
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-ourversion hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-ourversion
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-si-client hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-si-client
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-util hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-util
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-widget hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-widget
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-vcard hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-vcard
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-keepalive hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-keepalive
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-register hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-register
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-iq hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-iq
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-awesome hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-awesome
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-browse hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-browse
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-ratpoison hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-ratpoison
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-si-common hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-si-common
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-wmii hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-wmii
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-disco hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-disco
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-search hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-search
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-keymap hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-keymap
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-gmail hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-gmail
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-socks5 hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-socks5
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-vcard-avatars hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-vcard-avatars
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-private hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-private
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-sawfish hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-sawfish
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-ahc hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-ahc
/permabit/user/raeburn/.emacs.d/elpa/jabber-20140523.153/jabber-logon hides /usr/share/emacs/site-lisp/emacs-jabber/jabber-logon
~/permabit-emacs/objdump hides /permabit/user/raeburn/elisp/objdump/objdump
~/permabit-emacs/kr-pdoc hides /permabit/user/raeburn/elisp/kr-pdoc
/permabit/user/raeburn/.emacs.d/elpa/systemtap-mode-20121209.1510/systemtap-mode hides /permabit/user/raeburn/elisp/systemtap-mode
/permabit/user/raeburn/.emacs.d/elpa/ssh-20120904.1342/ssh hides /permabit/user/raeburn/elisp/ssh
/permabit/user/raeburn/.emacs.d/elpa/edit-server-20131229.441/edit-server hides /permabit/user/raeburn/elisp/edit-server
~/permabit-emacs/c-fns hides /permabit/user/raeburn/elisp/c-fns
/permabit/user/raeburn/elisp/objdump/loaddefs hides /permabit/user/raeburn/I64/install/emacs-24.3.92.precise/share/emacs/24.3.92/lisp/loaddefs

Features:
(shadow sort mail-extr gnus-msg emacsbug sendmail gud descr-text
help-mode misearch multi-isearch face-remap shell pcomplete grep
jabber-rtt goto-addr jabber-keepalive jabber-ping jabber-bookmarks
jabber-private sasl-digest hmac-md5 hex-util mule-util bug-reference
jka-compr flyspell ispell git-commit-mode server log-edit easy-mmode
pcvs-util add-log sh-script smie executable nroff-mode make-mode
systemtap-mode cc-awk python autorevert filenotify vc-dispatcher vc-svn
vc-git rcirc hideshow cc-langs cc-mode cc-fonts cc-guess cc-menus
cc-cmds edit-server-autoloads info git-rebase-mode-autoloads
git-commit-mode-autoloads popup-autoloads ssh-autoloads
systemtap-mode-autoloads package time which-func warnings imenu
icomplete kr-stuff hideshowvis desktop frameset ses byte-opt bytecomp
byte-compile cconv unsafep browse-url edit-server gnus-demon nntp
gnus-art mm-uu mml2015 epg-config mm-view mml-smime smime password-cache
dig gnus-sum nnoo gnus-group gnus-undo nnmail mail-source gnus-start
gnus-spec gnus-int gnus-range message cl-macs rfc822 mml mml-sec
mm-decode mm-bodies mm-encode mail-parse rfc2231 rfc2047 rfc2045
ietf-drums mailabbrev gmm-utils mailheader gnus-win gnus gnus-ems
nnheader gnus-util mail-utils mm-util mail-prsvr iso-transl kr-dbus
notifications dbus kr-math jabber jabber-awesome jabber-osd jabber-wmii
jabber-xmessage jabber-festival jabber-sawfish jabber-ratpoison
jabber-screen jabber-socks5 jabber-ft-server jabber-si-server
jabber-ft-client jabber-ft-common jabber-si-client jabber-si-common
jabber-feature-neg jabber-truncate jabber-time jabber-autoaway
jabber-vcard-avatars jabber-chatstates jabber-events jabber-vcard
jabber-avatar mailcap jabber-activity jabber-watch jabber-modeline
jabber-ahc-presence jabber-ahc jabber-version jabber-ourversion
jabber-muc-nick-completion hippie-exp jabber-browse jabber-search
jabber-register jabber-roster format-spec jabber-presence time-date
assoc jabber-muc jabber-newdisco jabber-widget jabber-disco wid-edit
jabber-chat ewoc jabber-history jabber-chatbuffer jabber-alert jabber-iq
jabber-keymap jabber-core jabber-sasl sasl sasl-anonymous sasl-login
sasl-plain fsm jabber-logon jabber-conn srv dns starttls tls jabber-xml
xml jabber-menu jabber-util jabber-autoloads idutils derived thingatpt
compile comint ansi-color ring cperl-mode easymenu cc-styles cc-align
cc-engine cc-vars p4 dired kr-message-timestamp advice c-eldoc cl gv
cl-loaddefs cl-lib cc-defs eldoc help-fns timeclock tooltip electric
uniquify ediff-hook vc-hooks lisp-float-type mwheel x-win x-dnd tool-bar
dnd fontset image regexp-opt fringe tabulated-list newcomment lisp-mode
prog-mode register page menu-bar rfn-eshadow timer select scroll-bar
mouse jit-lock font-lock syntax facemenu font-core frame cham georgian
utf-8-lang misc-lang vietnamese tibetan thai tai-viet lao korean
japanese hebrew greek romanian slovak czech european ethiopic indian
cyrillic chinese case-table epa-hook jka-cmpr-hook help simple abbrev
minibuffer nadvice loaddefs button faces cus-face macroexp files
text-properties overlay sha1 md5 base64 format env code-pages mule
custom widget hashtable-print-readable backquote make-network-process
dbusbind gfilenotify dynamic-setting system-font-setting
font-render-setting x-toolkit x multi-tty emacs)

Memory information:
((conses 16 653516 77413)
 (symbols 48 50191 1)
 (miscs 40 88809 7040)
 (strings 32 99387 12399)
 (string-bytes 1 3055253)
 (vectors 16 40112)
 (vector-slots 8 1303460 94829)
 (floats 8 376 468)
 (intervals 56 41734 2747)
 (buffers 960 208)
 (heap 1024 73655 3286))




From debbugs-submit-bounces@debbugs.gnu.org Fri Aug 01 01:57:21 2014
Received: (at 18162) by debbugs.gnu.org; 1 Aug 2014 05:57:22 +0000
Received: from localhost ([127.0.0.1]:53597 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1XD5qD-0003Zq-Ht
	for submit@debbugs.gnu.org; Fri, 01 Aug 2014 01:57:21 -0400
Received: from mtaout21.012.net.il ([80.179.55.169]:50852)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <eliz@gnu.org>) id 1XD5qA-0003ZX-9J
 for 18162@debbugs.gnu.org; Fri, 01 Aug 2014 01:57:20 -0400
Received: from conversion-daemon.a-mtaout21.012.net.il by
 a-mtaout21.012.net.il (HyperSendmail v2007.08) id
 <0N9M00F0051GEP00@a-mtaout21.012.net.il> for 18162@debbugs.gnu.org;
 Fri, 01 Aug 2014 08:57:11 +0300 (IDT)
Received: from HOME-C4E4A596F7 ([87.69.4.28]) by a-mtaout21.012.net.il
 (HyperSendmail v2007.08) with ESMTPA id
 <0N9M00F7E5VAFS00@a-mtaout21.012.net.il>;
 Fri, 01 Aug 2014 08:57:11 +0300 (IDT)
Date: Fri, 01 Aug 2014 08:57:35 +0300
From: Eli Zaretskii <eliz@gnu.org>
Subject: Re: bug#18162: 24.3.92; segfault on null face pointer in face_for_char
In-reply-to: <6ewqatjen6.fsf@just-testing.permabit.com>
X-012-Sender: halo1@inter.net.il
To: Ken Raeburn <raeburn@permabit.com>
Message-id: <838un8sqeo.fsf@gnu.org>
References: <6ewqatjen6.fsf@just-testing.permabit.com>
X-Spam-Score: 1.0 (+)
X-Debbugs-Envelope-To: 18162
Cc: 18162@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: Eli Zaretskii <eliz@gnu.org>
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 1.0 (+)

> From: Ken Raeburn <raeburn@permabit.com>
> Date: Thu, 31 Jul 2014 19:24:13 -0400
> 
> (gdb) fr 6
> #6  face_for_char (f=0x66f0858, face=0x0, c=8230, pos=-1, object=13137010) at fontset.c:914
> 914	  eassert (fontset_id_valid_p (face->fontset));
> (gdb) up
> #7  0x0000000000619155 in Finternal_char_font (position=<optimized out>, ch=<optimized out>) at fontset.c:1863
> 1863	  face_id = FACE_FOR_CHAR (f, FACE_FROM_ID (f, face_id), c, pos, Qnil);
> (gdb)
> 
> The incoming face_id value was optimized out, but since "position" is
> nil (from looking in the caller's frame), it should've been assigned
> from lookup_basic_face(f,DEFAULT_FACE_ID), and since
> Vface_remapping_alist is nil, that would just be DEFAULT_FACE_ID or 0.
> 
> c=8230 is HORIZONTAL ELLIPSIS

Where did the ellipsis character come from?  Did you have some buffer
shown in that frame that could have used this character?  According to
the last keys you show below, you were typing into minibuffer, which
is unlikely to have that character.

> pos=-1
> 
> f->face_cache points to:
> 
> $22 = {
>   buckets = 0x6122800, 
>   f = 0x66f0858, 
>   faces_by_id = 0x77a97c0, 
>   size = 112, 
>   used = 0, 
>   menu_face_changed_p = false
> }
> 
> Since "used" is 0, FACE_FROM_ID returns a null pointer, which gets
> passed to FACE_FOR_CHAR and face_for_char, and the latter assumes it's
> not a null pointer.

Sounds like some code called clear_face_cache, for some reason.  Is f
at all the same frame where you were typing?  If not, the crash could
have nothing to do with what you typed, but with some background
activity on another frame.




From debbugs-submit-bounces@debbugs.gnu.org Fri Aug 01 04:46:41 2014
Received: (at 18162) by debbugs.gnu.org; 1 Aug 2014 08:46:41 +0000
Received: from localhost ([127.0.0.1]:53620 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1XD8U5-0007hu-2M
	for submit@debbugs.gnu.org; Fri, 01 Aug 2014 04:46:41 -0400
Received: from mail-qa0-f45.google.com ([209.85.216.45]:50073)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <raeburn@permabit.com>) id 1XD8U0-0007hc-O4
 for 18162@debbugs.gnu.org; Fri, 01 Aug 2014 04:46:37 -0400
Received: by mail-qa0-f45.google.com with SMTP id cm18so3559965qab.18
 for <18162@debbugs.gnu.org>; Fri, 01 Aug 2014 01:46:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=permabit.com; s=google;
 h=subject:mime-version:content-type:from:in-reply-to:date:cc
 :content-transfer-encoding:message-id:references:to;
 bh=hsOs/WHXxCdvcOSSPjreb2Cv7JWsuft/6USCJjFE1dI=;
 b=W+alsZKGq+TDW//dTMPk+APqeBm9dU/bAlCW7x5q5bOOvh9WYM7ozQezSLI3EBD5Jn
 0BpkoAUjB6AQM96fXS7EoYDvDhwVzSWnOvkv3/pFxKA13rr7cnzMXR+6ITBtOSitPfx6
 F4+sizuOIbViG6yLpIssUohure8eZg0mC8M0Q=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:subject:mime-version:content-type:from
 :in-reply-to:date:cc:content-transfer-encoding:message-id:references
 :to; bh=hsOs/WHXxCdvcOSSPjreb2Cv7JWsuft/6USCJjFE1dI=;
 b=RqMletpxdAMtttmfqGy5GcUAhX5Ioiqgn7/DKMSoOux+GC/oQTvVO137E6Snny1Kqs
 o0T7Q8X/TGl4SPzidjeTHpvrn0ZRTm2VBUuMvgaXiBwnkOfHMjt9n4WgdmvZtMOZry0Y
 W+5fDL1ECBUT36Z70Zc0GJa2L/WCPHyZ+l4jwCZCA/9YYSvGNkOIJ3pJzmYFMXGRSSVy
 kRzaBTPXBkWNt0kyADzK8DFA5ibpbNqFQwLH6NJYwm05LdqWjMJmFdEWmg0rrOJL/I3i
 YMVdopZVRi/58L7r+wC0eRl7k6Hv9/zcysAgOc8UzXvt0tyXaaLChm0HdW/oMZuYv4X9
 yPJg==
X-Gm-Message-State: ALoCoQldBL10ZWD5RVNgo9YJpamkmcraZX+1FSqJzAszyZgFzhcYJiy8hGs2dGIaLRQu9/nNek0l
X-Received: by 10.224.89.10 with SMTP id c10mr6707866qam.51.1406882791041;
 Fri, 01 Aug 2014 01:46:31 -0700 (PDT)
Received: from ?IPv6:2002:328a:b786:1:31e1:7791:7bb:7a01?
 ([2002:328a:b786:1:31e1:7791:7bb:7a01])
 by mx.google.com with ESMTPSA id a8sm14046057qat.28.2014.08.01.01.46.29
 for <multiple recipients>
 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Fri, 01 Aug 2014 01:46:30 -0700 (PDT)
Subject: Re: bug#18162: 24.3.92; segfault on null face pointer in face_for_char
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
Content-Type: text/plain; charset=us-ascii
From: Ken Raeburn <raeburn@permabit.com>
In-Reply-To: <838un8sqeo.fsf@gnu.org>
Date: Fri, 1 Aug 2014 04:46:28 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <B96B9B15-EDE6-4B12-8262-F7BDB7F0921A@permabit.com>
References: <6ewqatjen6.fsf@just-testing.permabit.com> <838un8sqeo.fsf@gnu.org>
To: Eli Zaretskii <eliz@gnu.org>
X-Mailer: Apple Mail (2.1878.6)
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 18162
Cc: 18162@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.7 (/)

On Aug 1, 2014, at 01:57, Eli Zaretskii <eliz@gnu.org> wrote:
>> c=3D8230 is HORIZONTAL ELLIPSIS
>=20
> Where did the ellipsis character come from?  Did you have some buffer
> shown in that frame that could have used this character?  According to
> the last keys you show below, you were typing into minibuffer, which
> is unlikely to have that character.

icomplete-completions checks to see if the ellipsis character is =
displayable or if it should use "..." instead. At the point where it =
does that check, it hasn't decided whether it wants to use an ellipsis =
yet.

> Sounds like some code called clear_face_cache, for some reason.  Is f
> at all the same frame where you were typing?  If not, the crash could
> have nothing to do with what you typed, but with some background
> activity on another frame.

Yes, the current buffer was showing a source file, and I was navigating =
to the parent directory, which has multiple entries starting with =
"mult". That window and the minibuffer window were the only contents of =
the frame.

There is a fair amount of background activity going on (auto-revert-mode =
buffers and emacs-jabber, mainly), but the only bit that might've =
affected the current frame might've been an update to the mode line =
where I've got an indicator of new jabber messages (in a different face =
from the default). So I'm not sure what would've cleared the cache.

Ken=




From debbugs-submit-bounces@debbugs.gnu.org Fri Aug 01 21:52:55 2014
Received: (at 18162) by debbugs.gnu.org; 2 Aug 2014 01:52:55 +0000
Received: from localhost ([127.0.0.1]:54246 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1XDOVC-0003Eq-Ez
	for submit@debbugs.gnu.org; Fri, 01 Aug 2014 21:52:54 -0400
Received: from mail-la0-f42.google.com ([209.85.215.42]:47858)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <raeburn@permabit.com>) id 1XDOV9-0003Eb-Hw
 for 18162@debbugs.gnu.org; Fri, 01 Aug 2014 21:52:52 -0400
Received: by mail-la0-f42.google.com with SMTP id pv20so3818551lab.15
 for <18162@debbugs.gnu.org>; Fri, 01 Aug 2014 18:52:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=permabit.com; s=google;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :cc:content-type;
 bh=zoDXaURjJRXbYmwQ+sPnBhCJtLyWAvoBY6pKG+HAhJg=;
 b=V/oCqELbBZWHGaSw/ltb66wmpppvAKtUDuWuwZlOvJ6kuAGbyFuPXdueC3JnyITmjD
 GU5aZWUINR1kr1VVm3XeqN+ieH8QYnxLtkmusf2/6oo3a3DCbwcWyIocHGx2gFT4A7TP
 jDTGvl/SdKc3vN3wcd01XGPBjslOA8ghN40yw=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:in-reply-to:references:date
 :message-id:subject:from:to:cc:content-type;
 bh=zoDXaURjJRXbYmwQ+sPnBhCJtLyWAvoBY6pKG+HAhJg=;
 b=Djg4tweIVDgt3WRVFFhf5pSdz0R2xUXAK29UqHgktlqRTGlQx7pfqPDJiYBr4VDw5C
 CjKPONeEAVXeCUCDOJIIuyozNQy4aGuTrxx4CNjMNkGqqfEbzmNNdhHnRLSOn9c7G0EJ
 rDMYNTnW8/mF/hd5EvN8w/sl9tHLDJDgD0rUQGbCS0UK3KDPj5BVzOq//FB93keQbLzm
 b4KQjbAID7iY7aiPTqJ6CWZgoA9VsKf0JLRb8I+poQoehz2nMJgSU/wct8YGx2Kai7oP
 W/aTW65pb0PQEzOJ6JFKeUm6+e1NgzuVkalvSiTRSewsI75KCZLG8ooBWmhnKOAnOapy
 qFpA==
X-Gm-Message-State: ALoCoQnlEn0zfAZQQ0AZbHDFxe9pM8VkwtPbwWczsdsuepzgcbkEa7xbyAqmiNwoM9BuLJVjhiSC
MIME-Version: 1.0
X-Received: by 10.112.137.136 with SMTP id qi8mr9328597lbb.41.1406944364871;
 Fri, 01 Aug 2014 18:52:44 -0700 (PDT)
Received: by 10.113.5.37 with HTTP; Fri, 1 Aug 2014 18:52:44 -0700 (PDT)
In-Reply-To: <838un8sqeo.fsf@gnu.org>
References: <6ewqatjen6.fsf@just-testing.permabit.com> <838un8sqeo.fsf@gnu.org>
Date: Fri, 1 Aug 2014 21:52:44 -0400
Message-ID: <CAJJWxE_EbTincYStnxqPVcBXZAbvUXy4nhiahAbmxbMsR_hFMQ@mail.gmail.com>
Subject: Re: bug#18162: 24.3.92; segfault on null face pointer in face_for_char
From: Ken Raeburn <raeburn@permabit.com>
To: Eli Zaretskii <eliz@gnu.org>
Content-Type: multipart/alternative; boundary=089e012287a2165b9c04ff9bc3f2
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 18162
Cc: 18162 <18162@debbugs.gnu.org>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.7 (/)

--089e012287a2165b9c04ff9bc3f2
Content-Type: text/plain; charset=UTF-8

On Fri, Aug 1, 2014 at 1:57 AM, Eli Zaretskii <eliz@gnu.org> wrote:

> Sounds like some code called clear_face_cache, for some reason.  Is f
> at all the same frame where you were typing?  If not, the crash could
> have nothing to do with what you typed, but with some background
> activity on another frame.
>

I just ran Emacs a while under gdb, and it called clear_face_cache while I
wasn't doing anything interesting, just typing into a buffer. It happened
from in redisplay_internal when clear_face_cache_count reached 501. Its
documentation says it's used to "clear the face cache every once in a
while".

--089e012287a2165b9c04ff9bc3f2
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div class=3D"gmail_extra"><div class=3D"gmail_quote">On F=
ri, Aug 1, 2014 at 1:57 AM, Eli Zaretskii <span dir=3D"ltr">&lt;<a href=3D"=
mailto:eliz@gnu.org" target=3D"_blank">eliz@gnu.org</a>&gt;</span> wrote:<b=
r><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:=
1px #ccc solid;padding-left:1ex">
Sounds like some code called clear_face_cache, for some reason. =C2=A0Is f<=
br>
at all the same frame where you were typing? =C2=A0If not, the crash could<=
br>
have nothing to do with what you typed, but with some background<br>
activity on another frame.<br>
</blockquote></div><br></div><div class=3D"gmail_extra">I just ran Emacs a =
while under gdb, and it called clear_face_cache while I wasn&#39;t doing an=
ything interesting, just typing into a buffer. It happened from in redispla=
y_internal when clear_face_cache_count reached 501. Its documentation says =
it&#39;s used to &quot;clear the face cache every once in a while&quot;.</d=
iv>
</div>

--089e012287a2165b9c04ff9bc3f2--




From debbugs-submit-bounces@debbugs.gnu.org Sat Aug 02 02:49:42 2014
Received: (at 18162) by debbugs.gnu.org; 2 Aug 2014 06:49:42 +0000
Received: from localhost ([127.0.0.1]:54365 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1XDT8Q-0002C3-CH
	for submit@debbugs.gnu.org; Sat, 02 Aug 2014 02:49:42 -0400
Received: from mtaout20.012.net.il ([80.179.55.166]:58915)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <eliz@gnu.org>) id 1XDT8N-0002Bl-Fv
 for 18162@debbugs.gnu.org; Sat, 02 Aug 2014 02:49:40 -0400
Received: from conversion-daemon.a-mtaout20.012.net.il by
 a-mtaout20.012.net.il (HyperSendmail v2007.08) id
 <0N9O00I002N1YS00@a-mtaout20.012.net.il> for 18162@debbugs.gnu.org;
 Sat, 02 Aug 2014 09:49:32 +0300 (IDT)
Received: from HOME-C4E4A596F7 ([87.69.4.28]) by a-mtaout20.012.net.il
 (HyperSendmail v2007.08) with ESMTPA id
 <0N9O00I9Z2YKQG70@a-mtaout20.012.net.il>;
 Sat, 02 Aug 2014 09:49:32 +0300 (IDT)
Date: Sat, 02 Aug 2014 09:49:34 +0300
From: Eli Zaretskii <eliz@gnu.org>
Subject: Re: bug#18162: 24.3.92; segfault on null face pointer in face_for_char
In-reply-to: <CAJJWxE_EbTincYStnxqPVcBXZAbvUXy4nhiahAbmxbMsR_hFMQ@mail.gmail.com>
X-012-Sender: halo1@inter.net.il
To: Ken Raeburn <raeburn@permabit.com>
Message-id: <83vbqbqtc1.fsf@gnu.org>
References: <6ewqatjen6.fsf@just-testing.permabit.com> <838un8sqeo.fsf@gnu.org>
 <CAJJWxE_EbTincYStnxqPVcBXZAbvUXy4nhiahAbmxbMsR_hFMQ@mail.gmail.com>
X-Spam-Score: 1.0 (+)
X-Debbugs-Envelope-To: 18162
Cc: 18162@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: Eli Zaretskii <eliz@gnu.org>
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 1.0 (+)

> Date: Fri, 1 Aug 2014 21:52:44 -0400
> From: Ken Raeburn <raeburn@permabit.com>
> Cc: 18162 <18162@debbugs.gnu.org>
> 
> On Fri, Aug 1, 2014 at 1:57 AM, Eli Zaretskii <eliz@gnu.org> wrote:
> 
> > Sounds like some code called clear_face_cache, for some reason.  Is f
> > at all the same frame where you were typing?  If not, the crash could
> > have nothing to do with what you typed, but with some background
> > activity on another frame.
> >
> 
> I just ran Emacs a while under gdb, and it called clear_face_cache while I
> wasn't doing anything interesting, just typing into a buffer. It happened
> from in redisplay_internal when clear_face_cache_count reached 501. Its
> documentation says it's used to "clear the face cache every once in a
> while".

There's nothing wrong with a call to clear_face_cache.  We do this all
the time, as you have discovered.  The problem is if we try using
faces after that without first realizing the basic faces.




From debbugs-submit-bounces@debbugs.gnu.org Sat Aug 02 06:00:45 2014
Received: (at 18162) by debbugs.gnu.org; 2 Aug 2014 10:00:45 +0000
Received: from localhost ([127.0.0.1]:54486 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1XDW7I-0006wz-VX
	for submit@debbugs.gnu.org; Sat, 02 Aug 2014 06:00:45 -0400
Received: from mail-qg0-f52.google.com ([209.85.192.52]:51828)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <raeburn@permabit.com>) id 1XDW7D-0006wd-Ab
 for 18162@debbugs.gnu.org; Sat, 02 Aug 2014 06:00:40 -0400
Received: by mail-qg0-f52.google.com with SMTP id f51so6792004qge.25
 for <18162@debbugs.gnu.org>; Sat, 02 Aug 2014 03:00:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=permabit.com; s=google;
 h=subject:mime-version:content-type:from:in-reply-to:date:cc
 :content-transfer-encoding:message-id:references:to;
 bh=48wStxfkymRUsMNg1cCngV1Cj9JB+6azAkE1mztA8M8=;
 b=DbA5y7hdt7ADInRfNxaPwTyQzf9Aj4zS5rZ1jbLveCxxFnvGtjECoeswS19C3LLIFa
 7L33PXqQcQ40QaHGXqK0EOH49J/C5Cn4ZVDrNR6JbTeOVhE93yrzg8arChaR3LlSWX+1
 k6i3dyW0yytJc7YGI8iFnMLVEKMUxKvuSVxp4=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:subject:mime-version:content-type:from
 :in-reply-to:date:cc:content-transfer-encoding:message-id:references
 :to; bh=48wStxfkymRUsMNg1cCngV1Cj9JB+6azAkE1mztA8M8=;
 b=mxQbMV/STaEHxaiZ7mlwSuvpvgtE5LTTe+EV/kcg5T+aR/YO2mesph3GN5f0GTfgFP
 VOwjudltK0qmt9Tx1q5yWrYzU6/OULOTNwr4BAPaLivmQQkAUzbbbNvabcDIxyDFu5iy
 sNMQSSYzmBVyohgS4sojlV09EBh82LgMg+yAdfwpnJi2gjXxOfaav9B6KiKW5GMhdHvX
 e5SYyfKnUtlRBjxfAW1sB2fplzLnSARE6kjNz22pj2Sx9ucEGilanRWgKyZm8e1gYxZh
 xglI6Dm4HpzJxV0bVOTTLq+EjacGKNNCv1ISQMBFVEbVLi5qZvuYJlVpQ5/4bjFtEVfr
 f60w==
X-Gm-Message-State: ALoCoQk3D/OFtsJNZDsMJv5kOgxUUe62UhwQ9JrSaR7j/bhZP/KnyLYBOQl7nVDffsA7rKghdQeV
X-Received: by 10.224.15.72 with SMTP id j8mr18203518qaa.8.1406973633403;
 Sat, 02 Aug 2014 03:00:33 -0700 (PDT)
Received: from ?IPv6:2002:328a:b786:1:a058:8eb2:5a34:42a5?
 ([2002:328a:b786:1:a058:8eb2:5a34:42a5])
 by mx.google.com with ESMTPSA id c16sm19792548qae.49.2014.08.02.03.00.31
 for <multiple recipients>
 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Sat, 02 Aug 2014 03:00:32 -0700 (PDT)
Subject: Re: bug#18162: 24.3.92; segfault on null face pointer in face_for_char
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
Content-Type: text/plain; charset=us-ascii
From: Ken Raeburn <raeburn@permabit.com>
In-Reply-To: <83vbqbqtc1.fsf@gnu.org>
Date: Sat, 2 Aug 2014 06:00:34 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <0917D61C-D040-44A7-B7D6-B4AD5BDB0BEA@permabit.com>
References: <6ewqatjen6.fsf@just-testing.permabit.com> <838un8sqeo.fsf@gnu.org>
 <CAJJWxE_EbTincYStnxqPVcBXZAbvUXy4nhiahAbmxbMsR_hFMQ@mail.gmail.com>
 <83vbqbqtc1.fsf@gnu.org>
To: Eli Zaretskii <eliz@gnu.org>
X-Mailer: Apple Mail (2.1878.6)
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 18162
Cc: 18162@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.7 (/)

On Aug 2, 2014, at 02:49, Eli Zaretskii <eliz@gnu.org> wrote:
> There's nothing wrong with a call to clear_face_cache.  We do this all
> the time, as you have discovered.  The problem is if we try using
> faces after that without first realizing the basic faces.

Okay, I guess I misread your earlier message as suggesting that that was =
the problem. In any case, starting from that, I've got a recipe that =
seems to be somewhat reliable at triggering the problem:

  emacs -Q
  M-x list-faces-display RET
Type into the scratch buffer:
  (progn (clear-face-cache t) (internal-char-font nil 8230))
Hit C-j to evaluate. This generally works the first time. Move the =
cursor back up to the end of the expression and hit C-j again. The =
second time usually crashes for me.

The use of list-faces-display came about through guesswork and it seems =
to help. The real trick, I think, is to get =
FRAME_DISPLAY_INFO(f)->n_fonts to be large enough to trigger the call to =
free_all_realized_faces.

Ken=




From debbugs-submit-bounces@debbugs.gnu.org Sat Aug 02 06:41:24 2014
Received: (at 18162) by debbugs.gnu.org; 2 Aug 2014 10:41:24 +0000
Received: from localhost ([127.0.0.1]:54494 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1XDWkd-00081I-S4
	for submit@debbugs.gnu.org; Sat, 02 Aug 2014 06:41:24 -0400
Received: from mtaout20.012.net.il ([80.179.55.166]:62612)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <eliz@gnu.org>) id 1XDWkY-00080z-Um
 for 18162@debbugs.gnu.org; Sat, 02 Aug 2014 06:41:20 -0400
Received: from conversion-daemon.a-mtaout20.012.net.il by
 a-mtaout20.012.net.il (HyperSendmail v2007.08) id
 <0N9O00K00DFJPY00@a-mtaout20.012.net.il> for 18162@debbugs.gnu.org;
 Sat, 02 Aug 2014 13:41:10 +0300 (IDT)
Received: from HOME-C4E4A596F7 ([87.69.4.28]) by a-mtaout20.012.net.il
 (HyperSendmail v2007.08) with ESMTPA id
 <0N9O00K3MDOMMZ60@a-mtaout20.012.net.il>;
 Sat, 02 Aug 2014 13:41:10 +0300 (IDT)
Date: Sat, 02 Aug 2014 13:41:12 +0300
From: Eli Zaretskii <eliz@gnu.org>
Subject: Re: bug#18162: 24.3.92; segfault on null face pointer in face_for_char
In-reply-to: <0917D61C-D040-44A7-B7D6-B4AD5BDB0BEA@permabit.com>
X-012-Sender: halo1@inter.net.il
To: Ken Raeburn <raeburn@permabit.com>
Message-id: <83mwbnqilz.fsf@gnu.org>
References: <6ewqatjen6.fsf@just-testing.permabit.com> <838un8sqeo.fsf@gnu.org>
 <CAJJWxE_EbTincYStnxqPVcBXZAbvUXy4nhiahAbmxbMsR_hFMQ@mail.gmail.com>
 <83vbqbqtc1.fsf@gnu.org> <0917D61C-D040-44A7-B7D6-B4AD5BDB0BEA@permabit.com>
X-Spam-Score: 1.0 (+)
X-Debbugs-Envelope-To: 18162
Cc: 18162@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: Eli Zaretskii <eliz@gnu.org>
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 1.0 (+)

> From: Ken Raeburn <raeburn@permabit.com>
> Date: Sat, 2 Aug 2014 06:00:34 -0400
> Cc: 18162@debbugs.gnu.org
> 
>   emacs -Q
>   M-x list-faces-display RET
> Type into the scratch buffer:
>   (progn (clear-face-cache t) (internal-char-font nil 8230))
> Hit C-j to evaluate. This generally works the first time. Move the cursor back up to the end of the expression and hit C-j again. The second time usually crashes for me.

It didn't crash for me.  But then you have a patched Emacs; do you see
the crashes with those patches reverted?

In any case, please tell the details of the crash, as I don't see it
here.




From debbugs-submit-bounces@debbugs.gnu.org Sat Aug 02 08:50:58 2014
Received: (at 18162) by debbugs.gnu.org; 2 Aug 2014 12:50:58 +0000
Received: from localhost ([127.0.0.1]:54568 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1XDYm1-0003vI-Th
	for submit@debbugs.gnu.org; Sat, 02 Aug 2014 08:50:58 -0400
Received: from mtaout20.012.net.il ([80.179.55.166]:49439)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <eliz@gnu.org>) id 1XDYlx-0003v1-6e
 for 18162@debbugs.gnu.org; Sat, 02 Aug 2014 08:50:54 -0400
Received: from conversion-daemon.a-mtaout20.012.net.il by
 a-mtaout20.012.net.il (HyperSendmail v2007.08) id
 <0N9O00L00JBATT00@a-mtaout20.012.net.il> for 18162@debbugs.gnu.org;
 Sat, 02 Aug 2014 15:50:46 +0300 (IDT)
Received: from HOME-C4E4A596F7 ([87.69.4.28]) by a-mtaout20.012.net.il
 (HyperSendmail v2007.08) with ESMTPA id
 <0N9O00LA4JOLTE20@a-mtaout20.012.net.il>;
 Sat, 02 Aug 2014 15:50:46 +0300 (IDT)
Date: Sat, 02 Aug 2014 15:50:48 +0300
From: Eli Zaretskii <eliz@gnu.org>
Subject: Re: bug#18162: 24.3.92; segfault on null face pointer in face_for_char
In-reply-to: <83mwbnqilz.fsf@gnu.org>
X-012-Sender: halo1@inter.net.il
To: raeburn@permabit.com
Message-id: <83iombqclz.fsf@gnu.org>
References: <6ewqatjen6.fsf@just-testing.permabit.com> <838un8sqeo.fsf@gnu.org>
 <CAJJWxE_EbTincYStnxqPVcBXZAbvUXy4nhiahAbmxbMsR_hFMQ@mail.gmail.com>
 <83vbqbqtc1.fsf@gnu.org> <0917D61C-D040-44A7-B7D6-B4AD5BDB0BEA@permabit.com>
 <83mwbnqilz.fsf@gnu.org>
X-Spam-Score: 1.0 (+)
X-Debbugs-Envelope-To: 18162
Cc: 18162@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: Eli Zaretskii <eliz@gnu.org>
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 1.0 (+)

> Date: Sat, 02 Aug 2014 13:41:12 +0300
> From: Eli Zaretskii <eliz@gnu.org>
> Cc: 18162@debbugs.gnu.org
> 
> > From: Ken Raeburn <raeburn@permabit.com>
> > Date: Sat, 2 Aug 2014 06:00:34 -0400
> > Cc: 18162@debbugs.gnu.org
> > 
> >   emacs -Q
> >   M-x list-faces-display RET
> > Type into the scratch buffer:
> >   (progn (clear-face-cache t) (internal-char-font nil 8230))
> > Hit C-j to evaluate. This generally works the first time. Move the cursor back up to the end of the expression and hit C-j again. The second time usually crashes for me.
> 
> It didn't crash for me.

Moreover, even if I force the call to clear_font_cache by invoking
clear-font-cache in the progn, I don't see a crash, and the use count
of the frame's face cache is not zero.

So one way of tracking this down would be to put a breakpoint in
Fclear_face_cache, and when it breaks, step through the function until
it assigns the frame pointer to 'f', and put a watchpoint on
f->face_cache->used, to see which code zeroes it.  My guess would be
that some code calls free_realized_faces (I misremembered earlier:
clear_face_cache doesn't do that).




From debbugs-submit-bounces@debbugs.gnu.org Sun Aug 03 02:51:44 2014
Received: (at 18162) by debbugs.gnu.org; 3 Aug 2014 06:51:45 +0000
Received: from localhost ([127.0.0.1]:55533 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1XDpdw-0002Tk-62
	for submit@debbugs.gnu.org; Sun, 03 Aug 2014 02:51:44 -0400
Received: from mail-qa0-f45.google.com ([209.85.216.45]:44450)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <raeburn@permabit.com>) id 1XDpds-0002TT-UP
 for 18162@debbugs.gnu.org; Sun, 03 Aug 2014 02:51:41 -0400
Received: by mail-qa0-f45.google.com with SMTP id cm18so5601670qab.18
 for <18162@debbugs.gnu.org>; Sat, 02 Aug 2014 23:51:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=permabit.com; s=google;
 h=subject:mime-version:content-type:from:in-reply-to:date:cc
 :content-transfer-encoding:message-id:references:to;
 bh=7aXXLVXY3QIu6ufqbA4Yg0pwoQLZoy9mzbRWg70N7Kw=;
 b=jfi0kJkdD4q6F8TYHQjIVKdT0onroX18SpJkWbIzmBaOmR3xqPX30Tgx3aF9QSVU+n
 2bubbjGYu0WOnscl6bh5FS3hF3c3NMD9U4PpNvuUfQlzJTcOCdZOc8XytKyH+zcHzzkI
 Iv7cFALc9W8mlxQT5sFI11lZxZ2RkohpAxjqI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:subject:mime-version:content-type:from
 :in-reply-to:date:cc:content-transfer-encoding:message-id:references
 :to; bh=7aXXLVXY3QIu6ufqbA4Yg0pwoQLZoy9mzbRWg70N7Kw=;
 b=K4C+UfNobmk77GL7+RAaHtK92x5pNbNDRFBbvMItaFpAaYyjJJu31NM9QA21cC8+D7
 MaVr9LgZLB8u4Z2JJIIF4Xp8oQd5AYpghXjS8FPKCYoSRFZHypw71QDcn+Yc5P2jEWsz
 armurQiD7FUV2MPSAN5Og+jme0T1dxElWuoBirN7cn5LIi9IRmf2U6/4luvjtZYaFLvy
 BTsw2xCEjNt8cZKIFVfWAdoGw8ZaNM06HCG9W5U2Kjcux/beMuaedgdXls7xaF2HsE3C
 qJrBe9M0UwBm42kh0n3ZEwXXsyDsI/R9Ykf2+nCBnMh4ZRNjLeX+aYLkO6uEDXYcVGGg
 7LhQ==
X-Gm-Message-State: ALoCoQmPPDt0o4lxPmBdQ+cP4ppdhpU1bt2nBINNOVN4K0KhJIZmMQM9PKchBhU4PAyiZOPLSuQM
X-Received: by 10.140.83.49 with SMTP id i46mr23226713qgd.22.1407048695025;
 Sat, 02 Aug 2014 23:51:35 -0700 (PDT)
Received: from ?IPv6:2002:328a:b786:1:8c1f:9b51:18c0:afd9?
 ([2002:328a:b786:1:8c1f:9b51:18c0:afd9])
 by mx.google.com with ESMTPSA id x9sm24506857qas.26.2014.08.02.23.51.33
 for <multiple recipients>
 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Sat, 02 Aug 2014 23:51:34 -0700 (PDT)
Subject: Re: bug#18162: 24.3.92; segfault on null face pointer in face_for_char
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
Content-Type: text/plain; charset=us-ascii
From: Ken Raeburn <raeburn@permabit.com>
In-Reply-To: <83iombqclz.fsf@gnu.org>
Date: Sun, 3 Aug 2014 02:51:38 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <CFCB082F-B750-4479-9399-C83D00FAB9A6@permabit.com>
References: <6ewqatjen6.fsf@just-testing.permabit.com> <838un8sqeo.fsf@gnu.org>
 <CAJJWxE_EbTincYStnxqPVcBXZAbvUXy4nhiahAbmxbMsR_hFMQ@mail.gmail.com>
 <83vbqbqtc1.fsf@gnu.org> <0917D61C-D040-44A7-B7D6-B4AD5BDB0BEA@permabit.com>
 <83mwbnqilz.fsf@gnu.org> <83iombqclz.fsf@gnu.org>
To: Eli Zaretskii <eliz@gnu.org>
X-Mailer: Apple Mail (2.1878.6)
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 18162
Cc: 18162@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.7 (/)

I just tested on a machine without any of the patches, and was able to =
reproduce the crash. I'm not sure what else about my environment is =
likely to be different from yours...

On Aug 2, 2014, at 08:50, Eli Zaretskii <eliz@gnu.org> wrote:
> Moreover, even if I force the call to clear_font_cache by invoking
> clear-font-cache in the progn, I don't see a crash, and the use count
> of the frame's face cache is not zero.
>=20
> So one way of tracking this down would be to put a breakpoint in
> Fclear_face_cache, and when it breaks, step through the function until
> it assigns the frame pointer to 'f', and put a watchpoint on
> f->face_cache->used, to see which code zeroes it.  My guess would be
> that some code calls free_realized_faces (I misremembered earlier:
> clear_face_cache doesn't do that).

In the code I'm looking at, clear_face_cache can call =
free_all_realized_faces, but only if FRAME_DISPLAY_INFO(f)->n_fonts is =
larger than 10 for some frame. (And either clear_fonts_p is set, or =
you've made over 500 calls since the last font cache cleaning.) In my =
first evaluation of the lisp code I gave, the n_fonts field had the =
value 7; on the second evaluation it had the value 12, the cache got =
cleared, the null pointer was stored, and Emacs segfaulted.

I've done next to nothing with fonts and faces in Emacs source code, so =
I'm not sure what a good way is to drive up the number. If I run my test =
again without list-faces-display, the font counts I'm seeing are first 4 =
and then 7 for repeated evaluations, as displayed via gdb breakpoint =
commands. If I split the window with C-x 2 then the count goes up to 8 =
(new inactive mode line?). Reducing the font size (C-x -) made it jump =
to 14, and 15 on repeated evaluations, without triggering the problem, =
but when I set the font size back (C-x +) and evaluated the expression =
one more time, I got the crash.

Ken=




From debbugs-submit-bounces@debbugs.gnu.org Sun Aug 03 11:04:35 2014
Received: (at 18162) by debbugs.gnu.org; 3 Aug 2014 15:04:35 +0000
Received: from localhost ([127.0.0.1]:56094 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1XDxKs-0007GY-Lg
	for submit@debbugs.gnu.org; Sun, 03 Aug 2014 11:04:35 -0400
Received: from mtaout22.012.net.il ([80.179.55.172]:64076)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <eliz@gnu.org>) id 1XDxKp-0007GH-EI
 for 18162@debbugs.gnu.org; Sun, 03 Aug 2014 11:04:33 -0400
Received: from conversion-daemon.a-mtaout22.012.net.il by
 a-mtaout22.012.net.il (HyperSendmail v2007.08) id
 <0N9Q00A00K0K6000@a-mtaout22.012.net.il> for 18162@debbugs.gnu.org;
 Sun, 03 Aug 2014 18:04:24 +0300 (IDT)
Received: from HOME-C4E4A596F7 ([87.69.4.28]) by a-mtaout22.012.net.il
 (HyperSendmail v2007.08) with ESMTPA id
 <0N9Q00A9RKJC6Y10@a-mtaout22.012.net.il>;
 Sun, 03 Aug 2014 18:04:24 +0300 (IDT)
Date: Sun, 03 Aug 2014 18:04:29 +0300
From: Eli Zaretskii <eliz@gnu.org>
Subject: Re: bug#18162: 24.3.92; segfault on null face pointer in face_for_char
In-reply-to: <CFCB082F-B750-4479-9399-C83D00FAB9A6@permabit.com>
X-012-Sender: halo1@inter.net.il
To: Ken Raeburn <raeburn@permabit.com>
Message-id: <83bns1r4w2.fsf@gnu.org>
References: <6ewqatjen6.fsf@just-testing.permabit.com> <838un8sqeo.fsf@gnu.org>
 <CAJJWxE_EbTincYStnxqPVcBXZAbvUXy4nhiahAbmxbMsR_hFMQ@mail.gmail.com>
 <83vbqbqtc1.fsf@gnu.org> <0917D61C-D040-44A7-B7D6-B4AD5BDB0BEA@permabit.com>
 <83mwbnqilz.fsf@gnu.org> <83iombqclz.fsf@gnu.org>
 <CFCB082F-B750-4479-9399-C83D00FAB9A6@permabit.com>
X-Spam-Score: 1.0 (+)
X-Debbugs-Envelope-To: 18162
Cc: 18162@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: Eli Zaretskii <eliz@gnu.org>
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 1.0 (+)

> From: Ken Raeburn <raeburn@permabit.com>
> Date: Sun, 3 Aug 2014 02:51:38 -0400
> Cc: 18162@debbugs.gnu.org
> 
> On Aug 2, 2014, at 08:50, Eli Zaretskii <eliz@gnu.org> wrote:
> > Moreover, even if I force the call to clear_font_cache by invoking
> > clear-font-cache in the progn, I don't see a crash, and the use count
> > of the frame's face cache is not zero.
> > 
> > So one way of tracking this down would be to put a breakpoint in
> > Fclear_face_cache, and when it breaks, step through the function until
> > it assigns the frame pointer to 'f', and put a watchpoint on
> > f->face_cache->used, to see which code zeroes it.  My guess would be
> > that some code calls free_realized_faces (I misremembered earlier:
> > clear_face_cache doesn't do that).
> 
> In the code I'm looking at, clear_face_cache can call free_all_realized_faces, but only if FRAME_DISPLAY_INFO(f)->n_fonts is larger than 10 for some frame.

Yes, I meant clear_face_cache doesn't do that directly.  And since
free_realized_faces is called from several other places, it's best not
to assume this particular call is necessarily the culprit.

> (And either clear_fonts_p is set, or you've made over 500 calls since the last font cache cleaning.) In my first evaluation of the lisp code I gave, the n_fonts field had the value 7; on the second evaluation it had the value 12, the cache got cleared, the null pointer was stored, and Emacs segfaulted.
> 
> I've done next to nothing with fonts and faces in Emacs source code, so I'm not sure what a good way is to drive up the number. If I run my test again without list-faces-display, the font counts I'm seeing are first 4 and then 7 for repeated evaluations, as displayed via gdb breakpoint commands. If I split the window with C-x 2 then the count goes up to 8 (new inactive mode line?). Reducing the font size (C-x -) made it jump to 14, and 15 on repeated evaluations, without triggering the problem, but when I set the font size back (C-x +) and evaluated the expression one more time, I got the crash.

Does the patch below help?

=== modified file 'src/fontset.c'
--- src/fontset.c	2014-01-01 07:43:34 +0000
+++ src/fontset.c	2014-08-03 15:00:11 +0000
@@ -1860,6 +1860,8 @@ DEFUN ("internal-char-font", Finternal_c
     return Qnil;
   if (!FRAME_WINDOW_P (f))
     return Qnil;
+  if (FRAME_FACE_CACHE (f)->used == 0)
+    recompute_basic_faces (f);
   face_id = FACE_FOR_CHAR (f, FACE_FROM_ID (f, face_id), c, pos, Qnil);
   face = FACE_FROM_ID (f, face_id);
   if (face->font)





From debbugs-submit-bounces@debbugs.gnu.org Thu Aug 07 00:12:45 2014
Received: (at 18162) by debbugs.gnu.org; 7 Aug 2014 04:12:45 +0000
Received: from localhost ([127.0.0.1]:32967 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1XFF4G-0007HY-Ih
	for submit@debbugs.gnu.org; Thu, 07 Aug 2014 00:12:44 -0400
Received: from mail-qa0-f47.google.com ([209.85.216.47]:47932)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <raeburn@permabit.com>) id 1XFF4D-0007HK-RV
 for 18162@debbugs.gnu.org; Thu, 07 Aug 2014 00:12:42 -0400
Received: by mail-qa0-f47.google.com with SMTP id i13so3408334qae.20
 for <18162@debbugs.gnu.org>; Wed, 06 Aug 2014 21:12:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=permabit.com; s=google;
 h=subject:mime-version:content-type:from:in-reply-to:date:cc
 :content-transfer-encoding:message-id:references:to;
 bh=O1RKnd4DRRHuFquhbbNdvpmfjpVZ2/VfI4UhJsOClU4=;
 b=bOnm5QOLtRPfuYyPBbne3AI6P1BseqdQ8JBioB5aQy7UUBLvX7jIUjkzCTcN/UuoyB
 iNJiyl7jm5YjZtNF94Z5TH2VYOXAIIjsuBOLE/OKRrLtpR6vH6o/8xqdf8wMqu81UtV6
 GUurIS67V8MX4S7ugLCrDK85y1NxiA8DSS3AE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:subject:mime-version:content-type:from
 :in-reply-to:date:cc:content-transfer-encoding:message-id:references
 :to; bh=O1RKnd4DRRHuFquhbbNdvpmfjpVZ2/VfI4UhJsOClU4=;
 b=PzGLpy/XQ5gxmDtXDDwtaYp68TMw7cEmi28Y03DwX/GNghbcOGM9s4d/SPHLM7MFuC
 y/22I6WDMCYydwJ0USziLSjxvjSkIFAlgj+8q8Tx/jlNEJulEwyIMPGB0Zy7qZq498JV
 FUaG6aNVNzmfOrwTQkO2phwdheeGwny8P18L1gVttGesJCamgdLZa79XKSKuhAF44gRH
 g5SEwGAD0h8kgOZZiF6yqSl1Bn2RjHe26o5WbtroAgdp87OOn8HFdvL+jntMt/MsZDZR
 eAPyhwXl0rU0IUFtvprJx2ihUGGNfua7L+4KAn0NhIGU3eGLiCEA/Wp2qrztx4Fq+0Iz
 QnlQ==
X-Gm-Message-State: ALoCoQkPp7R7MuFBBQIkg5UJlppODl5lFpK/1QqAX+TozcXbIahUmMChBZUxcD8W0x3ZzRhr2Pgk
X-Received: by 10.140.51.166 with SMTP id u35mr8243888qga.68.1407384756325;
 Wed, 06 Aug 2014 21:12:36 -0700 (PDT)
Received: from ?IPv6:2002:328a:b786:1:55f7:4638:7afb:2a09?
 ([2002:328a:b786:1:55f7:4638:7afb:2a09])
 by mx.google.com with ESMTPSA id s16sm5163668qay.23.2014.08.06.21.12.33
 for <multiple recipients>
 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Wed, 06 Aug 2014 21:12:34 -0700 (PDT)
Subject: Re: bug#18162: 24.3.92; segfault on null face pointer in face_for_char
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
Content-Type: text/plain; charset=us-ascii
From: Ken Raeburn <raeburn@permabit.com>
In-Reply-To: <83bns1r4w2.fsf@gnu.org>
Date: Thu, 7 Aug 2014 00:12:42 -0400
Content-Transfer-Encoding: 7bit
Message-Id: <929065EB-4A7D-412E-A561-87CE871D7837@permabit.com>
References: <6ewqatjen6.fsf@just-testing.permabit.com> <838un8sqeo.fsf@gnu.org>
 <CAJJWxE_EbTincYStnxqPVcBXZAbvUXy4nhiahAbmxbMsR_hFMQ@mail.gmail.com>
 <83vbqbqtc1.fsf@gnu.org> <0917D61C-D040-44A7-B7D6-B4AD5BDB0BEA@permabit.com>
 <83mwbnqilz.fsf@gnu.org> <83iombqclz.fsf@gnu.org>
 <CFCB082F-B750-4479-9399-C83D00FAB9A6@permabit.com> <83bns1r4w2.fsf@gnu.org>
To: Eli Zaretskii <eliz@gnu.org>
X-Mailer: Apple Mail (2.1878.6)
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 18162
Cc: 18162@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.7 (/)

On Aug 3, 2014, at 11:04, Eli Zaretskii <eliz@gnu.org> wrote:
> Does the patch below help?

Yes, with that patch, so far I'm not able to reproduce the problem. Thanks!

Ken





From debbugs-submit-bounces@debbugs.gnu.org Thu Aug 07 11:19:19 2014
Received: (at 18162) by debbugs.gnu.org; 7 Aug 2014 15:19:19 +0000
Received: from localhost ([127.0.0.1]:34139 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1XFPTK-0000W4-OC
	for submit@debbugs.gnu.org; Thu, 07 Aug 2014 11:19:19 -0400
Received: from mtaout29.012.net.il ([80.179.55.185]:54356)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <eliz@gnu.org>) id 1XFPTH-0000Vn-Ne
 for 18162@debbugs.gnu.org; Thu, 07 Aug 2014 11:19:16 -0400
Received: from conversion-daemon.mtaout29.012.net.il by mtaout29.012.net.il
 (HyperSendmail v2007.08) id <0N9X00B00ZQBXT00@mtaout29.012.net.il> for
 18162@debbugs.gnu.org; Thu, 07 Aug 2014 18:19:11 +0300 (IDT)
Received: from HOME-C4E4A596F7 ([87.69.4.28]) by mtaout29.012.net.il
 (HyperSendmail v2007.08) with ESMTPA id
 <0N9X001CSZVZXLA0@mtaout29.012.net.il>; Thu, 07 Aug 2014 18:19:11 +0300 (IDT)
Date: Thu, 07 Aug 2014 18:19:24 +0300
From: Eli Zaretskii <eliz@gnu.org>
Subject: Re: bug#18162: 24.3.92; segfault on null face pointer in face_for_char
In-reply-to: <929065EB-4A7D-412E-A561-87CE871D7837@permabit.com>
X-012-Sender: halo1@inter.net.il
To: Ken Raeburn <raeburn@permabit.com>
Message-id: <83fvh8nx8j.fsf@gnu.org>
References: <6ewqatjen6.fsf@just-testing.permabit.com> <838un8sqeo.fsf@gnu.org>
 <CAJJWxE_EbTincYStnxqPVcBXZAbvUXy4nhiahAbmxbMsR_hFMQ@mail.gmail.com>
 <83vbqbqtc1.fsf@gnu.org> <0917D61C-D040-44A7-B7D6-B4AD5BDB0BEA@permabit.com>
 <83mwbnqilz.fsf@gnu.org> <83iombqclz.fsf@gnu.org>
 <CFCB082F-B750-4479-9399-C83D00FAB9A6@permabit.com> <83bns1r4w2.fsf@gnu.org>
 <929065EB-4A7D-412E-A561-87CE871D7837@permabit.com>
X-Spam-Score: 1.0 (+)
X-Debbugs-Envelope-To: 18162
Cc: 18162@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: Eli Zaretskii <eliz@gnu.org>
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 1.0 (+)

> From: Ken Raeburn <raeburn@permabit.com>
> Date: Thu, 7 Aug 2014 00:12:42 -0400
> Cc: 18162@debbugs.gnu.org
> 
> On Aug 3, 2014, at 11:04, Eli Zaretskii <eliz@gnu.org> wrote:
> > Does the patch below help?
> 
> Yes, with that patch, so far I'm not able to reproduce the problem. Thanks!

Thanks, committed to the emacs-24 branch.




From debbugs-submit-bounces@debbugs.gnu.org Tue Aug 12 01:41:07 2014
Received: (at control) by debbugs.gnu.org; 12 Aug 2014 05:41:08 +0000
Received: from localhost ([127.0.0.1]:39917 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1XH4pX-00069z-B3
	for submit@debbugs.gnu.org; Tue, 12 Aug 2014 01:41:07 -0400
Received: from fencepost.gnu.org ([208.118.235.10]:34029 ident=Debian-exim)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <rgm@gnu.org>) id 1XH4pW-00069p-1F
 for control@debbugs.gnu.org; Tue, 12 Aug 2014 01:41:06 -0400
Received: from rgm by fencepost.gnu.org with local (Exim 4.71)
 (envelope-from <rgm@gnu.org>) id 1XH4pV-00074n-LF
 for control@debbugs.gnu.org; Tue, 12 Aug 2014 01:41:05 -0400
Date: Tue, 12 Aug 2014 01:41:05 -0400
Message-Id: <E1XH4pV-00074n-LF@fencepost.gnu.org>
Subject: control message for bug 18162
To: <control@debbugs.gnu.org>
X-Mailer: mail (GNU Mailutils 2.1)
From: Glenn Morris <rgm@gnu.org>
X-Spam-Score: -5.7 (-----)
X-Debbugs-Envelope-To: control
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.7 (-----)

close 18162 24.3.93




From unknown Sun Aug 17 22:01:04 2025
Received: (at fakecontrol) by fakecontrolmessage;
To: internal_control@debbugs.gnu.org
From: Debbugs Internal Request <help-debbugs@gnu.org>
Subject: Internal Control
Message-Id: bug archived.
Date: Tue, 09 Sep 2014 11:24:05 +0000
User-Agent: Fakemail v42.6.9

# This is a fake control message.
#
# The action:
# bug archived.
thanks
# This fakemail brought to you by your local debbugs
# administrator