From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Paul Eggert Newsgroups: gmane.emacs.bugs Subject: bug#8344: (substring ...) crashes on large vectors Date: Sun, 27 Mar 2011 02:09:58 -0700 Organization: UCLA Computer Science Department Message-ID: <4D8EFEE6.10100@cs.ucla.edu> References: <4D8CDC3A.4010705@cs.ucla.edu> <4D8D0DB6.4040206@cs.ucla.edu> <4D8E9E93.80303@cs.ucla.edu> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Trace: dough.gmane.org 1301218647 1309 80.91.229.12 (27 Mar 2011 09:37:27 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Sun, 27 Mar 2011 09:37:27 +0000 (UTC) Cc: 8344@debbugs.gnu.org To: Andreas Schwab Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Sun Mar 27 11:37:23 2011 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1Q3mPR-0000GK-73 for geb-bug-gnu-emacs@m.gmane.org; Sun, 27 Mar 2011 11:37:21 +0200 Original-Received: from localhost ([127.0.0.1]:49580 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q3mPQ-0003Tn-10 for geb-bug-gnu-emacs@m.gmane.org; Sun, 27 Mar 2011 05:37:20 -0400 Original-Received: from [140.186.70.92] (port=52701 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q3mPJ-0003Sb-Rn for bug-gnu-emacs@gnu.org; Sun, 27 Mar 2011 05:37:16 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q3mPF-0004BF-83 for bug-gnu-emacs@gnu.org; Sun, 27 Mar 2011 05:37:10 -0400 Original-Received: from debbugs.gnu.org ([140.186.70.43]:56711) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q3mPF-0004B9-52 for bug-gnu-emacs@gnu.org; Sun, 27 Mar 2011 05:37:09 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.69) (envelope-from ) id 1Q3lzx-0005ME-Ur; Sun, 27 Mar 2011 05:11:01 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Paul Eggert Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-To: owner@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Sun, 27 Mar 2011 09:11:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 8344 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: Original-Received: via spool by 8344-submit@debbugs.gnu.org id=B8344.130121701020524 (code B ref 8344); Sun, 27 Mar 2011 09:11:01 +0000 Original-Received: (at 8344) by debbugs.gnu.org; 27 Mar 2011 09:10:10 +0000 Original-Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q3lz7-0005Kz-Q9 for submit@debbugs.gnu.org; Sun, 27 Mar 2011 05:10:10 -0400 Original-Received: from smtp.cs.ucla.edu ([131.179.128.62]) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Q3lz4-0005KR-Ai for 8344@debbugs.gnu.org; Sun, 27 Mar 2011 05:10:08 -0400 Original-Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp.cs.ucla.edu (Postfix) with ESMTP id E058D39E80F2; Sun, 27 Mar 2011 02:09:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at smtp.cs.ucla.edu Original-Received: from smtp.cs.ucla.edu ([127.0.0.1]) by localhost (smtp.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4K-DF32rOLVd; Sun, 27 Mar 2011 02:09:59 -0700 (PDT) Original-Received: from [192.168.1.10] (pool-71-189-109-235.lsanca.fios.verizon.net [71.189.109.235]) by smtp.cs.ucla.edu (Postfix) with ESMTPSA id 0758239E80E0; Sun, 27 Mar 2011 02:09:58 -0700 (PDT) User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.14) Gecko/20110223 Thunderbird/3.1.8 In-Reply-To: X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.11 Precedence: list Resent-Date: Sun, 27 Mar 2011 05:11:01 -0400 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-Received-From: 140.186.70.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:45394 Archived-At: On 03/27/2011 12:52 AM, Andreas Schwab wrote: > That should perhaps be converted to use SAFE_ALLOCA. Thanks, here's a patch for that, which I'll throw into the pile of patches I'm testing. * callproc.c (Fcall_process, Fcall_process_region): Use SAFE_ALLOCA instead of alloca (Bug#8344). === modified file 'src/callproc.c' --- src/callproc.c 2011-03-27 02:12:36 +0000 +++ src/callproc.c 2011-03-27 08:59:56 +0000 @@ -189,6 +189,7 @@ char buf[CALLPROC_BUFFER_SIZE_MAX]; int bufsize = CALLPROC_BUFFER_SIZE_MIN; int count = SPECPDL_INDEX (); + volatile USE_SAFE_ALLOCA; const unsigned char **volatile new_argv_volatile; register const unsigned char **new_argv; @@ -242,7 +243,7 @@ val = Qraw_text; else { - args2 = (Lisp_Object *) alloca ((nargs + 1) * sizeof *args2); + SAFE_ALLOCA (args2, Lisp_Object *, (nargs + 1) * sizeof *args2); args2[0] = Qcall_process; for (i = 0; i < nargs; i++) args2[i + 1] = args[i]; coding_systems = Ffind_operation_coding_system (nargs + 1, args2); @@ -372,8 +373,9 @@ && SREF (path, 1) == ':') path = Fsubstring (path, make_number (2), Qnil); - new_argv_volatile = new_argv = (const unsigned char **) - alloca ((nargs > 4 ? nargs - 2 : 2) * sizeof (char *)); + SAFE_ALLOCA (new_argv, const unsigned char **, + (nargs > 4 ? nargs - 2 : 2) * sizeof *new_argv); + new_argv_volatile = new_argv; if (nargs > 4) { register size_t i; @@ -645,7 +647,7 @@ { size_t i; - args2 = (Lisp_Object *) alloca ((nargs + 1) * sizeof *args2); + SAFE_ALLOCA (args2, Lisp_Object *, (nargs + 1) * sizeof *args2); args2[0] = Qcall_process; for (i = 0; i < nargs; i++) args2[i + 1] = args[i]; coding_systems @@ -809,6 +811,7 @@ when exiting. */ call_process_exited = 1; + SAFE_FREE (); unbind_to (count, Qnil); if (synch_process_termsig) @@ -897,30 +900,35 @@ #endif } - pattern = Fexpand_file_name (Vtemp_file_name_pattern, tmpdir); - tempfile = (char *) alloca (SBYTES (pattern) + 1); - memcpy (tempfile, SDATA (pattern), SBYTES (pattern) + 1); - coding_systems = Qt; + { + USE_SAFE_ALLOCA; + pattern = Fexpand_file_name (Vtemp_file_name_pattern, tmpdir); + SAFE_ALLOCA (tempfile, char *, SBYTES (pattern) + 1); + memcpy (tempfile, SDATA (pattern), SBYTES (pattern) + 1); + coding_systems = Qt; #ifdef HAVE_MKSTEMP - { - int fd; + { + int fd; - BLOCK_INPUT; - fd = mkstemp (tempfile); - UNBLOCK_INPUT; - if (fd == -1) - report_file_error ("Failed to open temporary file", - Fcons (Vtemp_file_name_pattern, Qnil)); - else - close (fd); - } + BLOCK_INPUT; + fd = mkstemp (tempfile); + UNBLOCK_INPUT; + if (fd == -1) + report_file_error ("Failed to open temporary file", + Fcons (Vtemp_file_name_pattern, Qnil)); + else + close (fd); + } #else - mktemp (tempfile); + mktemp (tempfile); #endif - filename_string = build_string (tempfile); - GCPRO1 (filename_string); + filename_string = build_string (tempfile); + GCPRO1 (filename_string); + SAFE_FREE (); + } + start = args[0]; end = args[1]; /* Decide coding-system of the contents of the temporary file. */ @@ -930,11 +938,13 @@ val = Qraw_text; else { - args2 = (Lisp_Object *) alloca ((nargs + 1) * sizeof *args2); + USE_SAFE_ALLOCA; + SAFE_ALLOCA (args2, Lisp_Object *, (nargs + 1) * sizeof *args2); args2[0] = Qcall_process_region; for (i = 0; i < nargs; i++) args2[i + 1] = args[i]; coding_systems = Ffind_operation_coding_system (nargs + 1, args2); val = CONSP (coding_systems) ? XCDR (coding_systems) : Qnil; + SAFE_FREE (); } val = complement_process_encoding_system (val);