From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED.blaine.gmane.org!not-for-mail From: "Daniel Colascione" Newsgroups: gmane.emacs.bugs Subject: bug#34655: 26.1.92; Segfault in module with --module-assertions Date: Thu, 21 Mar 2019 13:48:28 -0700 Message-ID: <54c0397230795ccc3701339de617d887.squirrel@dancol.org> References: <874l8r1t3a.fsf@tcd.ie> <8336oamu3y.fsf@gnu.org> <87h8c1cv6l.fsf@tcd.ie> <83lg1dwhse.fsf@gnu.org> <87va0h12js.fsf@tcd.ie> <835zsgw3ui.fsf@gnu.org> <87ef7486h0.fsf@tcd.ie> <83r2b4ul1c.fsf@gnu.org> <831s30upqd.fsf@gnu.org> <83o964t4de.fsf@gnu.org> <83lg18t3ar.fsf@gnu.org> <83k1gst26h.fsf@gnu.org> Mime-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit Injection-Info: blaine.gmane.org; posting-host="blaine.gmane.org:195.159.176.226"; logging-data="139884"; mail-complaints-to="usenet@blaine.gmane.org" User-Agent: SquirrelMail/1.4.23 [SVN] Cc: "Basil L. Contovounesios" , 34655@debbugs.gnu.org, Stefan Monnier To: "Philipp Stephani" Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Thu Mar 21 21:56:04 2019 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([209.51.188.17]) by blaine.gmane.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:256) (Exim 4.89) (envelope-from ) id 1h74jL-000aEe-80 for geb-bug-gnu-emacs@m.gmane.org; Thu, 21 Mar 2019 21:56:04 +0100 Original-Received: from localhost ([127.0.0.1]:46711 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h74jK-0006Yq-4T for geb-bug-gnu-emacs@m.gmane.org; Thu, 21 Mar 2019 16:56:02 -0400 Original-Received: from eggs.gnu.org ([209.51.188.92]:48790) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h74gl-0004cF-EY for bug-gnu-emacs@gnu.org; Thu, 21 Mar 2019 16:53:27 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1h74cZ-0003YQ-TE for bug-gnu-emacs@gnu.org; Thu, 21 Mar 2019 16:49:05 -0400 Original-Received: from debbugs.gnu.org ([209.51.188.43]:40169) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1h74cY-0003XN-BY for bug-gnu-emacs@gnu.org; Thu, 21 Mar 2019 16:49:03 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1h74cY-0004in-3C for bug-gnu-emacs@gnu.org; Thu, 21 Mar 2019 16:49:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: "Daniel Colascione" Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Thu, 21 Mar 2019 20:49:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 34655 X-GNU-PR-Package: emacs Original-Received: via spool by 34655-submit@debbugs.gnu.org id=B34655.155320132418122 (code B ref 34655); Thu, 21 Mar 2019 20:49:02 +0000 Original-Received: (at 34655) by debbugs.gnu.org; 21 Mar 2019 20:48:44 +0000 Original-Received: from localhost ([127.0.0.1]:53713 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1h74cG-0004iE-8N for submit@debbugs.gnu.org; Thu, 21 Mar 2019 16:48:44 -0400 Original-Received: from dancol.org ([96.126.100.184]:34532) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1h74cE-0004i5-85 for 34655@debbugs.gnu.org; Thu, 21 Mar 2019 16:48:42 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=dancol.org; s=x; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:To:From:Subject:Date:References:In-Reply-To:Message-ID; bh=xeRwJWVbqxeqSPUtDfF39AYHV+qxuYyiBZ9r+7Tq8z4=; b=laAC5E+RtV5EbUTRKlK2F8ikQicnudZ8LdBSlWayQKsUKptbovOenSQW+8/adAPCfiX7vLgi8hZ3aD+keKhi7+LeYEFjoxHN9iN7kFxJnN6xwnqfUj/QI+5IY8ki0yOsJo4k9J326omPJ+yDTN9S9O7DFX4MZOlxChyIFuyOfXJ1Yk8lT0hwHfmOmUkmET0w/iVS9wGeMzANPdGl4Ihqzlv91fnXoSRytC3G8m8n++y8GmcDLAYCUQb9cTDc0YnuIuj7LJ7BWRO1bitoW+ASSBtiYvyJte4N7a/oReWS1PKzQ3ocyCP+rZDcJbM5Ve24UQPB8YzQ1qvbKYO/bcX4Fw==; Original-Received: from localhost ([127.0.0.1] helo=dancol.org) by dancol.org with esmtp (Exim 4.84_2) (envelope-from ) id 1h74c0-0005o3-Ej; Thu, 21 Mar 2019 13:48:28 -0700 Original-Received: from 127.0.0.1 (SquirrelMail authenticated user dancol) by dancol.org with HTTP; Thu, 21 Mar 2019 13:48:28 -0700 In-Reply-To: X-Priority: 3 (Normal) Importance: Normal X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.51.188.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:156588 Archived-At: > Am Do., 21. März 2019 um 21:14 Uhr schrieb Eli Zaretskii : >> >> > From: Philipp Stephani >> > Date: Thu, 21 Mar 2019 21:01:43 +0100 >> > Cc: Stefan Monnier , "Basil L. >> Contovounesios" , 34655@debbugs.gnu.org, >> > Daniel Colascione >> > >> > Am Do., 21. März 2019 um 20:50 Uhr schrieb Eli Zaretskii >> : >> > > >> > > > From: Philipp Stephani >> > > > Date: Thu, 21 Mar 2019 20:37:24 +0100 >> > > > Cc: Stefan Monnier , "Basil L. >> Contovounesios" , 34655@debbugs.gnu.org >> > > > >> > > > Let's go back to the known good state first, and then discuss how >> to >> > > > go from there. >> > > >> > > I don't see why that is better than discuss first and then go to >> where >> > > we decide to go. It's not like Emacs 27 will be released any time >> > > soon, so there's no rush. >> > >> > For one, it becomes harder and harder to revert commits the older they >> > get. Also such discussions tend to turn into endless debates about the >> > "perfect" solution until one side gives up, without improving >> > anything. I strongly prefer fixing actual bugs that affect users in >> > practice and then discussing (or not discussing) the gold-plating >> > steps later. >> >> I also prefer fixing bugs (which is why I spent several hours looking >> into Basil's crash, when no one else was replying to that bug report), >> but this is a community project, so we should discuss first and act >> later. Especially when controversial issues are involved. > > Well, as you can see, these discussions seem to lead nowhere, and both > bug#34655 and bug#31238 remain unfixed. > >> >> > > > We can't get stack marking to work, even theoretically. >> > > > >> > > > A module is free to do >> > > > >> > > > emacs_value x = ...; >> > > > uintptr_t y = ((uintrptr_t) x) ^ 0x123456u; >> > > > (garbage-collect) >> > > > emacs_value z = (emacs_value) (y ^ 0x123456u); >> > > > ... use z ... >> > > > >> > > > During the garbage collection, x isn't on the stack anywhere >> > > >> > > Why do you think x isn't on the stack in this case? >> > >> > Because the compiler reused the stack slot for something else? >> >> How can it? You are using the same pointer later. > > Assume I don't use x later, and only y is on the stack during GC. > >> Garbage collection >> cannot happen unless you call an Emacs function, such as Ffuncall. >> Calling a function means that even if the pointer to a Lisp object was >> in a register, it will be put on the stack when calling Emacs. > > No matter whether y here is in a register or on the stack, it's not a > Lisp_Value, so the GC can't find it. > >> >> > Because the module is written in a language that doesn't use the stack >> > in a way that the garbage collector expects? >> >> Which language is that, and how can it use the emacs-module machinery? > > Go, for example. It uses green threads with its own stack management > and calling conventions. The GC couldn't ever find such a stack. > >> >> > > Moreover, emacs_value is actually a pointer to a Lisp object, so >> this >> > > object is also somewhere on the stack, right? >> >> No answer? > > An emacs_value in the current implementation *is* a Lisp_Object cast > to emacs_value. If the emacs_value is not on the stack, then there's > no way to find the Lisp_Object. > >> >> > We do something very specific with the stack: we make sure that >> > Lisp_Objects are never manipulated in a way similar to the above, and >> > we use the C language. >> >> If worse comes to worst, we can request module writers to adhere to >> the same discipline. We already request them to do/not to do quite a >> few extraordinary things. > > No we can't. Modules can contain arbitrary code and call arbitrary > libraries, which we can't ever control. We need to work with > everything that provides a C-compatible interface. Modules can contain arbitrary code, but they don't have to do arbitrary things with that code. Right now, the contract between modules and Emacs is something like "any value that, I, Emacs, can't find on an Emacs-findable thread is fair game for memory reclaimation." In practice, that works okay most of the time, but if we have to deal with environments that can't guarantee that Emacs values remain on the C stack, we can extend the contract with something like "I, module, am handing you, Emacs, an array of emacs_values, and in addition to my stack, you should check this array before considering a value dead" --- that is, we could just provide a way for a module to associate a bunch of additional GC roots with a given context. Then something like Go could stick any temporary Emacs values in this array. Or we could just have these environments create permanent references.