Package: emacs;
Reported by: Matthew Leach <matthew <at> mattleach.net>
Date: Sun, 10 Apr 2016 10:50:01 UTC
Severity: normal
Found in version 25.1.50
Done: Eli Zaretskii <eliz <at> gnu.org>
Bug is archived. No further changes may be made.
Message #11 received at 23259 <at> debbugs.gnu.org (full text, mbox):
From: Matthew Leach <matthew <at> mattleach.net> To: Eli Zaretskii <eliz <at> gnu.org> Cc: 23259 <at> debbugs.gnu.org Subject: Re: bug#23259: 25.1.50; Xerror: "BadLength" on extreme zoom causing emacs to segfault Date: Sun, 10 Apr 2016 16:33:17 +0100
[Message part 1 (text/plain, inline)]
Hi Eli, Eli Zaretskii <eliz <at> gnu.org> writes: >> From: Matthew Leach <matthew <at> mattleach.net> >> Date: Sun, 10 Apr 2016 11:49:12 +0100 >> >> emacs -Q >> open a file, emacs/src/process.c, say. >> C-x C-= >> and keep pressing >> C-= >> >> Emacs will grind to a halt a little but will eventually segfault when >> the zoom is extreme enough. >> >> Attached is the backtrace. It looks as though X has thrown an error, >> maybe we need to limit the amount of zoom that Emacs allows? > > Probably. However, the interesting question is: what values to use as > limits? Maybe limit the zoom before X would crash? Presumably X has an upper bound on how large it can render things since it can yield a BadLength error. However, I've never studied X before. > Also, this backtrace is not useful, since the X errors are by default > asynchronous. Could you please run Emacs in synchronous X mode (see > etc/DEBUG for how), and present the backtrace then? Sure, please see attached. > Also, please tell: > > . what is the maximum value of the scale factor you see on the mode > line before Emacs crashes I can get to about +34 before it crashes. > . what is the value returned by display-pixel-width (display-pixel-width) => 1366 > . what is the values returned by frame-char-width and > frame-char-height (frame-char-width) => 9 (frame-char-height) => 18 Hope this helps. -- Matt
[gdb.txt (text/plain, inline)]
Breakpoint 3 at 0x51dec7: file xterm.c, line 9544.
Starting program: /home/matthew/Development/emacs/src/emacs -xrm "emacs.synchronous: true"
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib/libthread_db.so.1".
[New Thread 0x7fffe8938700 (LWP 25309)]
[New Thread 0x7fffe3b8f700 (LWP 25310)]
[New Thread 0x7fffe3181700 (LWP 25311)]
Thread 1 "emacs" hit Breakpoint 3, x_error_quitter (display=0x1579d40, event=0x7fffffff9aa0) at xterm.c:9544
9544 if (event->error_code == BadName)
#0 x_error_quitter (display=0x1579d40, event=0x7fffffff9aa0) at xterm.c:9544
buf = "\200\231\377\377\377\177", '\000' <repeats 18 times>, "\220\257W\001", '\000' <repeats 12 times>, "$\031\002\361\377\177\000\000\220\333n\002", '\000' <repeats 12 times>, " \000\000\000\000\000\000\000o\341J\364\377\177\000\000\000\000\000\000\000\000\000\000 \000\000\000\000\000\000\000X\300W\001\000\000\000\000\000\000\000\000\001\000\000\000 \300W\001\000\000\000\000\000\212\"\274\235\207Q\364\004\260W\001\000\000\000\000\220\257W\001", '\000' <repeats 12 times>, "\250\257W\001", '\000' <repeats 12 times>, "\001\000\000\000\000\000\000\000 \232\377\377\377\177\000\000Q\275J\364\377\177\000\000\006\000\000\000\001\000\001\000"...
buf1 = "\314\n\000\000\000\000\000\000S\000\000\000\000\000\000\000[\231\000\000\377\177\000\000\020\230\377\377\377\177\000\000\315\n\000\000\000\000\000\000\255\000\000\000\000\000\000\000\020\066\000\000\000\000\000\000Ѐ\377\377\377\177\000\000\315\n\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\030\001\000\000\000\000\000\003\000\000\000\377\177\000\000\020\000\000\000\000\000\000\000P", '\000' <repeats 15 times>, "\003\000\000\000\060", '\000' <repeats 19 times>, "[\000\000\000n\000\000\000O\332J\364\377\177\000\000\300\333n\002\000\000\000\000w\000\000\000|", '\000' <repeats 12 times>, "K4\361\377\177\000\000\020\000\000\000\000\000\000\000\001\001"...
#1 0x000000000051dea7 in x_error_handler (display=0x1579d40, event=0x7fffffff9aa0) at xterm.c:9523
No locals.
#2 0x00007ffff490a87d in _XError () from /usr/lib/libX11.so.6
No symbol table info available.
#3 0x00007ffff49077c7 in ?? () from /usr/lib/libX11.so.6
No symbol table info available.
#4 0x00007ffff4907885 in ?? () from /usr/lib/libX11.so.6
No symbol table info available.
#5 0x00007ffff4908830 in _XReply () from /usr/lib/libX11.so.6
No symbol table info available.
#6 0x00007ffff490411d in XSync () from /usr/lib/libX11.so.6
No symbol table info available.
#7 0x00007ffff49041bb in ?? () from /usr/lib/libX11.so.6
No symbol table info available.
#8 0x00007ffff429a151 in XRenderAddGlyphs () from /usr/lib/libXrender.so.1
No symbol table info available.
#9 0x00007ffff408e9e2 in XftFontLoadGlyphs () from /usr/lib/libXft.so.2
No symbol table info available.
#10 0x00007ffff4090bb3 in XftGlyphRender () from /usr/lib/libXft.so.2
No symbol table info available.
#11 0x00007ffff408a1cc in XftDrawGlyphs () from /usr/lib/libXft.so.2
No symbol table info available.
#12 0x000000000066df26 in xftfont_draw (s=0x7fffffffc5a0, from=0, to=1, x=8, y=6865, with_background=true) at xftfont.c:636
f = 0x12d8680
face = 0x26cab00
xftfont_info = 0x26db8b8
xftface_info = 0x26caad0
xft_draw = 0x1e1df80
code = 0x7fffffffc370
fg = {
pixel = 11674146,
color = {
red = 45746,
green = 8738,
blue = 8738,
alpha = 65535
}
}
bg = {
pixel = 16777215,
color = {
red = 65535,
green = 65535,
blue = 65535,
alpha = 65535
}
}
len = 1
i = 1
#13 0x000000000051044b in x_draw_glyph_string_foreground (s=0x7fffffffc5a0) at xterm.c:1775
font = 0x26db8b8
boff = 0
y = 6865
i = 0
x = 8
#14 0x000000000051473f in x_draw_glyph_string (s=0x7fffffffc5a0) at xterm.c:3528
relief_drawn_p = false
#15 0x00000000004806c9 in draw_glyphs (w=0x12d9690, x=4461, row=0x228bdf0, area=TEXT_AREA, start=0, end=1, hl=DRAW_NORMAL_TEXT, overlaps=0) at xdisp.c:25706
head = 0x7fffffffc5a0
tail = 0x7fffffffc5a0
s = 0x7fffffffc5a0
clip_head = 0x0
clip_tail = 0x0
i = 1
j = 0
x_reached = 4461
last_x = 1358
area_left = 8
f = 0x12d8680
sa_avail = 16382
sa_count = 5
sa_must_free = false
#16 0x00000000004871ff in x_write_glyphs (w=0x12d9690, updated_row=0x228bdf0, start=0x2291000, updated_area=TEXT_AREA, len=1) at xdisp.c:27675
x = 0
hpos = 0
chpos = 0
#17 0x000000000041d635 in update_text_area (w=0x12d9690, updated_row=0x228bdf0, vpos=0) at dispnew.c:3612
current_row = 0x2378570
desired_row = 0x228bdf0
rif = 0x9010c0 <x_redisplay_interface>
changed_p = false
#18 0x000000000041dfff in update_window_line (w=0x12d9690, vpos=0, mouse_face_overwritten_p=0x7fffffffcb2f) at dispnew.c:3855
current_row = 0x2378570
desired_row = 0x228bdf0
rif = 0x9010c0 <x_redisplay_interface>
changed_p = false
#19 0x000000000041d197 in update_window (w=0x12d9690, force_p=true) at dispnew.c:3477
vpos = 0
i = 4
end = 0x228f5f0
mode_line_row = 0x228f5f0
header_line_row = 0x0
changed_p = false
mouse_face_overwritten_p = false
row = 0x228bdf0
yb = 732
n_updated = 0
desired_matrix = 0x168a7b0
paused_p = false
preempt_count = 9
rif = 0x9010c0 <x_redisplay_interface>
#20 0x000000000041c88a in update_window_tree (w=0x12d9690, force_p=true) at dispnew.c:3219
paused_p = false
#21 0x000000000041c4b5 in update_frame (f=0x12d8680, force_p=true, inhibit_hairy_id_p=false) at dispnew.c:3108
paused_p = false
root_window = 0x12d9690
#22 0x0000000000458ad2 in redisplay_internal () at xdisp.c:14010
gcscrollbars = true
f_redisplay_flag = false
f = 0x12d8680
w = 0x12d9690
sw = 0x12d9690
fr = 0x12d8680
pending = false
must_finish = true
match_p = true
tlbufpos = {
charpos = 0,
bytepos = 1
}
tlendpos = {
charpos = 237464,
bytepos = 237464
}
number_of_visible_frames = 1
count = 2
sf = 0x12d8680
polling_stopped_here = true
tail = 17498227
frame = 19760773
consider_all_windows_p = true
update_miniwindow_p = true
#23 0x0000000000456b34 in redisplay () at xdisp.c:13204
No locals.
#24 0x0000000000556e38 in read_char (commandflag=1, map=40660771, prev_event=0, used_mouse_menu=0x7fffffffe36f, end_time=0x0) at keyboard.c:2469
echo_current = false
c = 0
jmpcount = 13028656
local_getcjmp = {{
__jmpbuf = {5552513, 15899701, 140737488347520, 6101750, 17843168, 18673408, 0, 140737488347520},
__mask_was_saved = 5552513,
__saved_mask = {
__val = {17843168, 13028656, 6102329, 0, 140737488347568, 5552513, 18673408, 13028656, 5685754, 0, 140737488347616, 5552513, 40660755, 140737488347712, 6227505, 0}
}
}}
save_jump = {{
__jmpbuf = {0, 0, 0, 0, 0, 0, 0, 25769803776},
__mask_was_saved = 15899696,
__saved_mask = {
__val = {140737488347352, 5556855, 25769803776, 15899701, 0, 15899696, 15899696, 5557072, 29712, 140737488347536, 6647043, 0, 0, 13028656, 6, 0}
}
}}
tem = 40660771
save = 0
previous_echo_area_message = 0
also_record = 0
reread = false
recorded = false
polling_stopped_here = false
orig_kboard = 0x167bf10
#25 0x00000000005640a6 in read_key_sequence (keybuf=0x7fffffffe520, bufsize=30, prompt=0, dont_downcase_last=false, can_return_switch_frame=true, fix_current_buffer=true, prevent_redisplay=false) at keyboard.c:9054
interrupted_kboard = 0x167bf10
interrupted_frame = 0x12d8680
key = 27648
used_mouse_menu = false
echo_local_start = 0
last_real_key_start = 0
keys_local_start = 0
new_binding = 140737488348384
count = 2
t = 0
echo_start = 0
keys_start = 0
current_binding = 40660771
first_event = 0
first_unbound = 31
mock_input = 0
fkey = {
parent = 17484467,
map = 17484467,
start = 0,
end = 0
}
keytran = {
parent = 13295171,
map = 13295171,
start = 0,
end = 0
}
indec = {
parent = 17484483,
map = 17484483,
start = 0,
end = 0
}
shift_translated = false
delayed_switch_frame = 0
original_uppercase = 5552513
original_uppercase_position = -1
dummyflag = false
starting_buffer = 0xf29c30
fake_prefixed_keys = 0
#26 0x000000000055455d in command_loop_1 () at keyboard.c:1357
cmd = 40651341
keybuf = {268435702, 268435702, 140737488348512, 6102489, 12866576, 0, 5556720, 0, 140737488348608, 6104765, 0, 28656, 0, 28656, 13028656, 6099123, 0, 140737488348608, 5552513, 0, 140737488348704, 6227505, 13504947,
2, 13028656, 6226506, 0, 140737488348688, 5552513, 0}
i = 1
prev_modiff = 1424
prev_buffer = 0xf29c30
already_adjusted = false
#27 0x00000000005ebd00 in internal_condition_case (bfun=0x554153 <command_loop_1>, handlers=19296, hfun=0x55393d <cmd_error>) at eval.c:1310
val = 5552513
c = 0x155d810
#28 0x0000000000553e5a in command_loop_2 (ignore=0) at keyboard.c:1099
val = 0
#29 0x00000000005eb620 in internal_catch (tag=46128, func=0x553e31 <command_loop_2>, arg=0) at eval.c:1075
val = 5552513
c = 0x155d6e0
#30 0x0000000000553dfc in command_loop () at keyboard.c:1078
No locals.
#31 0x0000000000553505 in recursive_edit_1 () at keyboard.c:684
count = 1
val = 140737488349088
#32 0x0000000000553699 in Frecursive_edit () at keyboard.c:755
count = 0
buffer = 0
#33 0x000000000055153f in main (argc=3, argv=0x7fffffffe9b8) at emacs.c:1617
dummy = 0
stack_bottom_variable = 0 '\000'
do_initial_setlocale = true
dumping = false
skip_args = 0
rlim = {
rlim_cur = 8720000,
rlim_max = 18446744073709551615
}
no_loadup = false
junk = 0x0
dname_arg = 0x0
ch_to_dir = 0x0
original_pwd = 0x0
Lisp Backtrace:
"redisplay_internal (C function)" (0x0)
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.