[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#34256: 27.0.50; Crash on draw_glyphs()
From: |
Eli Zaretskii |
Subject: |
bug#34256: 27.0.50; Crash on draw_glyphs() |
Date: |
Fri, 01 Feb 2019 10:41:13 +0200 |
> From: Kaushal Modi <kaushal.modi@gmail.com>
> Date: Thu, 31 Jan 2019 22:25:35 -0500
> Cc: 34256@debbugs.gnu.org
>
> Thread 1 "emacs" hit Hardware watchpoint 6: -location
> s->f->terminal->image_cache->images[0]
>
> Old value = (struct image *) 0x2346430
> New value = (struct image *) 0x0
> free_image (f=f@entry=0x143b1b0, img=img@entry=0x2346430) at image.c:1022
> 1022 if (img->picture)
> (gdb) bt
> #0 free_image (f=f@entry=0x143b1b0, img=img@entry=0x2346430) at
> image.c:1022
> #1 0x00000000006646a1 in clear_image_cache (f=0x143b1b0,
> filter=filter@entry=XIL(0xc5a0)) at image.c:1574
> #2 0x000000000066a35d in Fclear_image_cache (filter=...) at image.c:1658
> [...]
> Lisp Backtrace:
> "clear-image-cache" (0xffff0650)
> "org-display-inline-images" (0xffff0a88)
> "org-mode" (0xffff1020)
> "set-auto-mode-0" (0xffff1308)
> "set-auto-mode" (0xffff17d0)
> "vc-find-revision-no-save" (0xffff1bb0)
> "diff-syntax-fontify-hunk" (0xffff2130)
> "diff-syntax-fontify" (0xffff23f0)
> "diff--font-lock-syntax" (0xffff2788)
> "font-lock-fontify-keywords-region" (0xffff2d40)
> "font-lock-default-fontify-region" (0xffff30b8)
> "font-lock-fontify-region" (0xffff3358)
> 0x4a1a8c0 PVEC_COMPILED
> "run-hook-wrapped" (0xffff37a0)
> "jit-lock--run-functions" (0xffff3ae0)
> "jit-lock-fontify-now" (0xffff3ef8)
> "jit-lock-function" (0xffff4248)
> "redisplay_internal (C function)" (0x0)
Thanks, I think I understand what happened here. Does the patch below
fix the problem? If it doesn't, please repeat the procedure with the
patched Emacs.
diff --git a/src/frame.h b/src/frame.h
index ab3efdf..e0dab51 100644
--- a/src/frame.h
+++ b/src/frame.h
@@ -413,6 +413,10 @@ struct frame
/* Non-zero if this frame's faces need to be recomputed. */
bool_bf face_change : 1;
+ /* Non-zero if this frame's image cache cannot be freed because the
+ frame is in the process of being redisplayed. */
+ bool_bf inhibit_clear_image_cache : 1;
+
/* Bitfield area ends here. */
/* This frame's change stamp, set the last time window change
diff --git a/src/image.c b/src/image.c
index 2014860..342b647 100644
--- a/src/image.c
+++ b/src/image.c
@@ -1554,7 +1554,7 @@ clear_image_cache (struct frame *f, Lisp_Object filter)
{
struct image_cache *c = FRAME_IMAGE_CACHE (f);
- if (c)
+ if (c && !f->inhibit_clear_image_cache)
{
ptrdiff_t i, nfreed = 0;
diff --git a/src/xdisp.c b/src/xdisp.c
index ec8dd86..b43777a 100644
--- a/src/xdisp.c
+++ b/src/xdisp.c
@@ -14440,7 +14440,17 @@ redisplay_internal (void)
FRAME_TERMINAL (f)->condemn_scroll_bars_hook (f);
if (FRAME_VISIBLE_P (f) && !FRAME_OBSCURED_P (f))
- redisplay_windows (FRAME_ROOT_WINDOW (f));
+ {
+
+ /* Don't allow freeing images for this frame as long
+ as the frame's update wasn't completed. This
+ prevents crashes when some Lisp that runs from
+ the various hooks or font-lock decides to clear
+ the frame's image cache, when the images in that
+ cache are referenced by the desired matrix. */
+ f->inhibit_clear_image_cache = true;
+ redisplay_windows (FRAME_ROOT_WINDOW (f));
+ }
/* Remember that the invisible frames need to be redisplayed next
time they're visible. */
else if (!REDISPLAY_SOME_P ())
@@ -14521,6 +14531,7 @@ redisplay_internal (void)
pending |= update_frame (f, false, false);
f->cursor_type_changed = false;
f->updated_p = true;
+ f->inhibit_clear_image_cache = false;
}
}
}
@@ -14548,6 +14559,7 @@ redisplay_internal (void)
}
else if (FRAME_VISIBLE_P (sf) && !FRAME_OBSCURED_P (sf))
{
+ sf->inhibit_clear_image_cache = true;
displayed_buffer = XBUFFER (XWINDOW (selected_window)->contents);
/* Use list_of_error, not Qerror, so that
we catch only errors and don't run the debugger. */
@@ -14603,6 +14615,7 @@ redisplay_internal (void)
XWINDOW (selected_window)->must_be_updated_p = true;
pending = update_frame (sf, false, false);
sf->cursor_type_changed = false;
+ sf->inhibit_clear_image_cache = false;
}
/* We may have called echo_area_display at the top of this
- bug#34256: 27.0.50; Crash on draw_glyphs(),
Eli Zaretskii <=