From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Konstantin Kharlamov Newsgroups: gmane.emacs.bugs Subject: bug#61960: 30.0.50; Unexec build reliably crashes during loadup Date: Sun, 02 Jul 2023 04:50:26 +0300 Message-ID: <63f3de6f0cc0d015d2dcbcdd6adc95482dc0c6ad.camel@yandex.ru> References: <62049aa9ffcf9f39fd423fb87cd8dc8e0b77f9b8.camel@yandex.ru> Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="23619"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Evolution 3.48.3 To: 61960@debbugs.gnu.org Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Sun Jul 02 03:51:24 2023 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1qFmFH-0005ui-UL for geb-bug-gnu-emacs@m.gmane-mx.org; Sun, 02 Jul 2023 03:51:24 +0200 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qFmF0-0003Ow-3S; Sat, 01 Jul 2023 21:51:06 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qFmEy-0003Oa-0y for bug-gnu-emacs@gnu.org; Sat, 01 Jul 2023 21:51:04 -0400 Original-Received: from debbugs.gnu.org ([209.51.188.43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1qFmEw-00026K-Mb for bug-gnu-emacs@gnu.org; Sat, 01 Jul 2023 21:51:03 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1qFmEw-0007UL-93 for bug-gnu-emacs@gnu.org; Sat, 01 Jul 2023 21:51:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Konstantin Kharlamov Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Sun, 02 Jul 2023 01:51:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 61960 X-GNU-PR-Package: emacs Original-Received: via spool by 61960-submit@debbugs.gnu.org id=B61960.168826263628752 (code B ref 61960); Sun, 02 Jul 2023 01:51:02 +0000 Original-Received: (at 61960) by debbugs.gnu.org; 2 Jul 2023 01:50:36 +0000 Original-Received: from localhost ([127.0.0.1]:58912 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qFmEV-0007Tf-RJ for submit@debbugs.gnu.org; Sat, 01 Jul 2023 21:50:36 -0400 Original-Received: from forward502a.mail.yandex.net ([178.154.239.82]:40778) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qFmEP-0007TT-Tr for 61960@debbugs.gnu.org; Sat, 01 Jul 2023 21:50:34 -0400 Original-Received: from mail-nwsmtp-smtp-production-main-74.vla.yp-c.yandex.net (mail-nwsmtp-smtp-production-main-74.vla.yp-c.yandex.net [IPv6:2a02:6b8:c0f:5d0f:0:640:79fc:0]) by forward502a.mail.yandex.net (Yandex) with ESMTP id 3B7F55E72F for <61960@debbugs.gnu.org>; Sun, 2 Jul 2023 04:50:27 +0300 (MSK) Original-Received: by mail-nwsmtp-smtp-production-main-74.vla.yp-c.yandex.net (smtp/Yandex) with ESMTPSA id QoESg2DDSW20-nMz0an3U; Sun, 02 Jul 2023 04:50:26 +0300 X-Yandex-Fwd: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1688262627; bh=FB8vToaYXpM8CcFNXxN8PuXVDQkn43NKVwwi0BOrxgQ=; h=In-Reply-To:Date:References:To:From:Subject:Message-ID; b=KZ5lC4q5vKfN+5rK2d1B4+C38OqJL++ejy9MUgj5PRxeNOmvl+cC42HLwjRGNIO7f xSx3bqGMErGXdBjiku1bXXkvVtUcsqs1Zu81gpRoYT/CY9aLynbr2nOWulIirsXPih XJRYs8B2P9Fy6ODKaAFyErmP7xLKLPuaL4voF0J4= Authentication-Results: mail-nwsmtp-smtp-production-main-74.vla.yp-c.yandex.net; dkim=pass header.i=@yandex.ru In-Reply-To: <62049aa9ffcf9f39fd423fb87cd8dc8e0b77f9b8.camel@yandex.ru> X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.bugs:264437 Archived-At: I've found a diff that fixes the build, but whether it's okay is worth disc= ussion: diff --git a/src/gmalloc.c b/src/gmalloc.c index e655d69f660..f49bb01e08b 100644 --- a/src/gmalloc.c +++ b/src/gmalloc.c @@ -1704,7 +1704,7 @@ allocated_via_gmalloc (void *ptr) return false; size_t block =3D BLOCK (ptr); size_t blockmax =3D _heaplimit - 1; - return block <=3D blockmax && _heapinfo[block].busy.type !=3D 0; + return block <=3D blockmax; } /* See the comments near the beginning of this file for explanations Here's what happens: Emacs uses internal stack-based allocator (apparently = allocating with sbrk(), but I'm not sure) along with the system allocator. Whenever a = memory is allocated from the internal allocator, you can't call `free()` on it. When Emacs wants to free memory, it calls `hybrid_free_1()`, which internal= ly determines whether the `ptr` passed belongs to system heap or to Emacs stack. Determining in turn is done by `allocated_via_gmalloc()`. Emacs also keeps the lowest and highest boundary of this stack in variables `_heapbase` and `_heaplimit` accordingly (except the latter is measured in "blocks"). The code in diff `block <=3D blockmax` simply makes sure that th= e `ptr` passed is within the stack-allocated memory, which implies it can't be deal= located with `free()` There's a question though of the right-hand side that I remove, the `_heapinfo[block].busy.type !=3D 0;`. Apparently the `type` should keep som= e memory info, and apparently there's a bug somewhere that screws it up. It is a bug= worth fixing, although for some reason `rr replay` doesn't work for me with `tema= cs` (probably a bug in rr), and without reverse-execution tracking that down wo= uld be very hard. But I would argue that the right-hand side check has no value in this funct= ion, because to determine the source of allocation it's enough to just check whe= ther `ptr` is in _heapbase .. _heaplimit range (barring the fact they're different uni= ts).