GNU bug report logs - #27205
25.2; Crash on OS X when writing in org-mode

Previous Next

Package: emacs;

Reported by: Sebastian Gniazdowski <psprint <at> zdharma.org>

Date: Sat, 3 Jun 2017 07:02:01 UTC

Severity: normal

Found in version 25.2

Done: Eli Zaretskii <eliz <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Eli Zaretskii <eliz <at> gnu.org>
To: Sebastian Gniazdowski <psprint <at> zdharma.org>
Cc: 27205 <at> debbugs.gnu.org
Subject: bug#27205: 25.2; Crash on OS X when writing in org-mode
Date: Sat, 03 Jun 2017 11:13:26 +0300

> Date: Sat, 3 Jun 2017 08:22:26 +0200
> From: Sebastian Gniazdowski <psprint <at> zdharma.org>
> 
> I have two stack traces. I think OS X produced one when the crash
> occurred, although function calls aren't the same as lldb backtrace
> done from core. First goes OX backtrace, then lldb's `bt all`. I
> use Spacemacs.
> [...]
> (lldb) bt all
> * thread #1: tid = 0x0000, 0x00007fff868e98ea libsystem_kernel.dylib`__kill + 10, stop reason = signal SIGSTOP
>   * frame #0: 0x00007fff868e98ea libsystem_kernel.dylib`__kill + 10
>     frame #1: 0x00000001000a0f36 Emacs`terminate_due_to_signal + 136
>     frame #2: 0x00000001000b84f5 Emacs`emacs_abort + 19
>     frame #3: 0x00000001001712c3 Emacs`ns_term_shutdown + 122
>     frame #4: 0x00000001000a10f0 Emacs`shut_down_emacs + 261
>     frame #5: 0x00000001000a0f03 Emacs`terminate_due_to_signal + 85
>     frame #6: 0x00000001000b84f5 Emacs`emacs_abort + 19
>     frame #7: 0x000000010008a702 Emacs`bidi_paragraph_init + 885
>     frame #8: 0x000000010001cc34 Emacs`set_iterator_to_next + 1004

I think I fixed this recently on the master branch.  Can you try the
patch below?

diff --git a/src/xdisp.c b/src/xdisp.c
index 1e7cb4ec..7ff37a6 100644
--- a/src/xdisp.c
+++ b/src/xdisp.c
@@ -4999,6 +4999,14 @@ handle_single_display_spec (struct it *it, Lisp_Object spec, Lisp_Object object,
 	{
 	  ptrdiff_t ovendpos = OVERLAY_POSITION (OVERLAY_END (overlay));
 
+	  /* Some borderly-sane Lisp might call us with the current
+	     buffer narrowed so that overlay-end is outside the
+	     POINT_MIN..POINT_MAX region, which will then cause
+	     various assertion violations and crashes down the road,
+	     starting with pop_it when it will attempt to use POSITION
+	     set below.  Prevent that.  */
+	  ovendpos = clip_to_bounds (BEGV, ovendpos, ZV);
+
 	  if (ovendpos > CHARPOS (*position))
 	    SET_TEXT_POS (*position, ovendpos, CHAR_TO_BYTE (ovendpos));
 	}
This bug report was last modified 7 years and 351 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.