GNU bug report logs - #74274
[PATCH] Revert part of d3f8ed730f to avoid segmentation fault

Previous Next

Package: emacs;

Reported by: Gong Qijian <gongqijian <at> gmail.com>

Date: Sat, 9 Nov 2024 01:21:01 UTC

Severity: normal

Tags: patch

Fixed in version 31.1

Done: Gerd Möllmann <gerd.moellmann <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Gong Qijian <gongqijian <at> gmail.com>
To: 74274 <at> debbugs.gnu.org
Cc: Gerd Möllmann <gerd <at> gnu.org>, Gong Qijian <gongqijian <at> gmail.com>
Subject: bug#74274: [PATCH] Revert part of d3f8ed730f to avoid segmentation fault
Date: Fri,  8 Nov 2024 14:31:50 +0800

Patch for branch scratch/tty-child-frames to avoid segmentation fault.

The issue can be triggered by the message function when creating a tty
child frame during the initialization process.

Reproduce:

  $ src/emacs -nw -Q --eval "\
    (progn
      (require 'cl-lib)
      (require 'tty-tip)
      (advice-add 'tty-tip--compute-position :around
       (defun tty-tip--compute-position <at> fix-nil-error (&rest args)
         (cl-letf ((orig-mouse-position (symbol-function #'mouse-position))
                   ((symbol-function #'mouse-position)
                    (lambda ()
                      (if (terminal-parameter nil 'xterm-mouse-x)
                          (funcall orig-mouse-position)
                        (cons (window-frame) (posn-x-y (posn-at-point)))))))
           (apply args))))

      (tty-tip--create-frame \"line1\nline2\")
      (message \"tty-type: %S\" (tty-type)))"
  Fatal error 11: Segmentation fault
  ^[[Ifish: Job 1, 'src/emacs -nw -Q --eval "\…' terminated by signal (pro… (SIGABRT)
  fish: Job Abort, '' terminated by signal  ()

---
 src/term.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/term.c b/src/term.c
index a7f7baa6e3..8aeabd76b7 100644
--- a/src/term.c
+++ b/src/term.c
@@ -781,7 +781,11 @@ tty_write_glyphs (struct frame *f, struct glyph *string, int len)
     {
       /* Identify a run of glyphs with the same face.  */
       int face_id = string->face_id;
-      struct frame *face_id_frame = string->frame;
+      /* FIXME/tty: it happens that a single glyph's frame is NULL.  It
+	 might depend on a tab bar line being present, then switching
+	 from a buffer without header line to one with header line and
+	 opening a child frame.  */
+      struct frame *face_id_frame = string->frame ? string->frame : f;
 
       for (n = 1; n < stringlen; ++n)
 	if (string[n].face_id != face_id || string[n].frame != face_id_frame)
-- 
2.42.0
This bug report was last modified 285 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.