GNU bug report logs - #9999
23.3; menu related segfault when making new frame

Previous Next

Package: emacs;

Reported by: michael_heerdegen <at> web.de

Date: Wed, 9 Nov 2011 00:18:01 UTC

Severity: normal

Found in version 23.3

Done: Jan Djärv <jan.h.d <at> swipnet.se>

Bug is archived. No further changes may be made.

Full log

Message #8 received at 9999 <at> debbugs.gnu.org (full text, mbox):

From: Jan Djärv <jan.h.d <at> swipnet.se>
To: michael_heerdegen <at> web.de
Cc: 9999 <at> debbugs.gnu.org
Subject: Re: bug#9999: 23.3; menu related segfault when making new frame
Date: Thu, 10 Nov 2011 20:43:06 +0100

9 nov 2011 kl. 01:18 skrev Michael Heerdegen:

> Hi,
> 

Hello.

This is what happens for me in the trunk.
x-create-frame is called.  The frame is made official by putting it in Vframe_list.
A signal is raised, so the debugger is called in a new frame.  This is also put in Vframe_list.
When we quit from the debugger, unwind_create_frame is called, and this test is done:

  /* If frame is ``official'', nothing to do.  */
  if (!CONSP (Vframe_list) || !EQ (XCAR (Vframe_list), frame))

But the faulty frame isn't XCAR, the debugger frame is.
So the test fails and  x_free_frame_resources is called and eventually sets  f->output_data.x to NULL.
But the f->output_method is not reset, so when an event comes, we loop over Vframe_list and kaboom happens here:

 if (!FRAME_X_P (f) || FRAME_X_DISPLAY_INFO (f) != dpyinfo) ...

FRAME_X_P only checks if f->output_method is output_x_window, which it is, 
but FRAME_X_DISPLAY_INFO (f) is the same as f->output_data.x->display_info and as x is NULL, this crashes.

So ethier FRAME_X_P needs to be improved (ditto for all terms I guess), or unwind_create_frame needs a better check (also ditto for all terms?).

	Jan D.



> starting with emacs -Q, when I eval the following expression:
> 
> 
> (let* ((pop-up-frames t))
>  (define-key (lookup-key global-map [menu-bar]) [foo]
>    '(menu-item "Foo" ignore :enable (file-exists-p "http://www.foo.com")))
>  (setq default-directory "/")
>  (make-frame))
> 
> 
> Emacs crashs.
> 
> I was able to produce the crash on different hosts.
> 
> I can provide a backtrace if needed.
> 
> 
> In GNU Emacs 23.3.1 (i486-pc-linux-gnu, X toolkit, Xaw3d scroll bars)
> of 2011-10-26 on murphy, modified by Debian
> Windowing system distributor `The X.Org Foundation', version 11.0.11101901
> configured using `configure  '--build' 'i486-linux-gnu' '--build' 'i486-linux-gnu' '--prefix=/usr' '--sharedstatedir=/var/lib' '--libexecdir=/usr/lib' '--localstatedir=/var/lib' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--with-pop=yes' '--enable-locallisppath=/etc/emacs23:/etc/emacs:/usr/local/share/emacs/23.3/site-lisp:/usr/local/share/emacs/site-lisp:/usr/share/emacs/23.3/site-lisp:/usr/share/emacs/site-lisp' '--with-crt-dir=/usr/lib/i386-linux-gnu' '--with-x=yes' '--with-x-toolkit=lucid' '--with-toolkit-scroll-bars' '--without-gconf' 'build_alias=i486-linux-gnu' 'CFLAGS=-DDEBIAN -g -O2''
> 
> Important settings:
>  value of $LC_ALL: de_DE.utf8
>  value of $LC_COLLATE: nil
>  value of $LC_CTYPE: nil
>  value of $LC_MESSAGES: nil
>  value of $LC_MONETARY: nil
>  value of $LC_NUMERIC: nil
>  value of $LC_TIME: C
>  value of $LANG: de_DE.utf8
>  value of $XMODIFIERS: nil
>  locale-coding-system: utf-8-unix
>  default enable-multibyte-characters: t
> v
>
This bug report was last modified 13 years and 255 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.