GNU bug report logs - #28505
26.0.60; Crash in Fmove_point_visually

Previous Next

Package: emacs;

Reported by: Benjamin Riefenstahl <b.riefenstahl <at> turtle-trading.net>

Date: Mon, 18 Sep 2017 20:10:02 UTC

Severity: normal

Found in version 26.0.60

Done: Benjamin Riefenstahl <b.riefenstahl <at> turtle-trading.net>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Benjamin Riefenstahl <b.riefenstahl <at> turtle-trading.net>
To: Eli Zaretskii <eliz <at> gnu.org>
Cc: 28505 <at> debbugs.gnu.org
Subject: bug#28505: 26.0.60; Crash in Fmove_point_visually
Date: Tue, 19 Sep 2017 18:13:05 +0200

>> From: Benjamin Riefenstahl <b.riefenstahl <at> turtle-trading.net>
>> Date: Mon, 18 Sep 2017 23:02:12 +0200
>> 
>> So I recompiled with -O0 and after reading the code I added a few more
>> "p"s in GDB.  I see that "w->current_matrix" has "rows_allocated = 1,
>> nrows = 1", but still "row" was initialized from "rows" and than
>> incremented by "dir" (1).  Is that as it should be?

Eli Zaretskii writes:
> Yes, but the incremented value is then checked for validity with this
> snippet:
>
> 	  if (row < MATRIX_FIRST_TEXT_ROW (w->current_matrix)
> 	      || row > MATRIX_BOTTOM_TEXT_ROW (w->current_matrix, w))
> 	    goto simulate_display;

MATRIX_BOTTON_TEXT_ROW calculates "rows + nrows" (plus the mode-line,
but this is the minibuffer, so it does not have a mode-line).  So
despite the name of the macro the result points *after* the bottom row,
not *at* it.  Should that comparison be "row >= BOTTOM"?  I'll try that.
The macro seems to be misnamed though if that is the problem.

benny

This bug report was last modified 7 years and 303 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #28505 26.0.60; Crash in Fmove_point_visually

GNU bug report logs - #28505
26.0.60; Crash in Fmove_point_visually