GNU bug report logs - #22818
25.0.91; nextstep/Emacs.app Crash ns_compute_glyph_string_overhangs

Previous Next

Package: emacs;

Reported by: "Aaron S. Hawley" <aaron.s.hawley <at> gmail.com>

Date: Fri, 26 Feb 2016 13:43:02 UTC

Severity: normal

Tags: moreinfo

Found in version 25.0.91

Done: Lars Ingebrigtsen <larsi <at> gnus.org>

Bug is archived. No further changes may be made.

Full log

Message #25 received at 22818 <at> debbugs.gnu.org (full text, mbox):

From: Eli Zaretskii <eliz <at> gnu.org>
To: Alan Third <alan <at> idiocy.org>
Cc: 22818 <at> debbugs.gnu.org, josh <at> berdine.net
Subject: Re: bug#22818: 25.1.1 Emacs.app crash
 ns_compute_glyph_string_overhangs
Date: Sat, 19 Nov 2016 12:27:27 +0200

> Date: Sat, 19 Nov 2016 10:07:03 +0000
> From: Alan Third <alan <at> idiocy.org>
> Cc: Josh Berdine <josh <at> berdine.net>, 22818 <at> debbugs.gnu.org
> 
> On Sat, Nov 19, 2016 at 09:07:50AM +0200, Eli Zaretskii wrote:
> > Can you convert the address in frame #0 into line numbers?  Judging by
> > the faulting address, 0xd0, some pointer in
> > ns_compute_glyph_string_overhangs is a null pointer, but it's hard to
> > tell which one without the line number information.
> 
> I finally managed to replicate this on my own build:
> 
> (lldb) run -Q ~/test-file
> Process 66588 launched: '/Users/alan/src/emacs/emacs-25/nextstep/Emacs.app/Contents/MacOS/Emacs' (x86_64)
> Process 66588 stopped
> * thread #1: tid = 0x154600, 0x00000001002c0940 Emacs`ns_compute_glyph_string_overhangs(s=0x00007fff5fbfb6f0) + 224 at nsterm.m:2681, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0xd0)
>     frame #0: 0x00000001002c0940 Emacs`ns_compute_glyph_string_overhangs(s=0x00007fff5fbfb6f0) + 224 at nsterm.m:2681
>    2678	  else
>    2679	    {
>    2680	      s->left_overhang = 0;
> -> 2681	      if (EQ (font->driver->type, Qns))
>    2682	        s->right_overhang = ((struct nsfont_info *)font)->ital ?
>    2683	          FONT_HEIGHT (font) * 0.2 : 0;
>    2684	      else
> (lldb) bt all
> * thread #1: tid = 0x154600, 0x00000001002c0940 Emacs`ns_compute_glyph_string_overhangs(s=0x00007fff5fbfb6f0) + 224 at nsterm.m:2681, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0xd0)
>   * frame #0: 0x00000001002c0940 Emacs`ns_compute_glyph_string_overhangs(s=0x00007fff5fbfb6f0) + 224 at nsterm.m:2681
>     frame #1: 0x0000000100058e7c Emacs`draw_glyphs(w=0x000000010204f430, x=570, row=0x000000010240e100, area=TEXT_AREA, start=0, end=52, hl=DRAW_NORMAL_TEXT, overlaps=0) + 3324 at xdisp.c:25673

So the question now becomes: how did that glyph_string got a NULL
font?  The answer is somewhere in the code that generates glyph
strings as part of the call to BUILD_GLYPH_STRINGS.  Can you try
figuring out why does that happen, by stepping through the code in
BUILD_GLYPH_STRINGS?

> (lldb) frame variable
> (glyph_string *) s = 0x00007fff5fbfb6f0
> (font *) font = 0x0000000000000000
> 
> (lldb) frame variable *s
> (glyph_string) *s = {
>   x = 10
>   y = 16
>   ybase = 30
>   width = 11
>   background_width = 11
>   height = 20
>   left_overhang = 0
>   right_overhang = 0
>   f = 0x0000000102050430
>   w = 0x000000010204f430
>   display = 0x0000000000000000
>   window = 1
>   row = 0x000000010240e100
>   area = TEXT_AREA
>   char2b = 0x0000000000000000
>   nchars = 1
>   hl = DRAW_NORMAL_TEXT
>   face = 0x000000010153b400

What kind of face is s->face?

Thanks.
This bug report was last modified 3 years and 34 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.