From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Eli Zaretskii Newsgroups: gmane.emacs.bugs Subject: bug#18438: 24.4.50; assertion failed in bidi.c Date: Fri, 10 Oct 2014 10:19:57 +0300 Message-ID: <837g08bdcy.fsf@gnu.org> References: <4745242cd3e424a6c4d5db0e8d3e33d0@amuri.net> <83h9zrlzc8.fsf@gnu.org> <54297FDB.6090606@cornell.edu> <837g0mmkf3.fsf@gnu.org> <6b19fab333f3d362ae61b30b299d7206@amuri.net> <83iok5ku74.fsf@gnu.org> <88ccbe34bf58322ae4b2a5657390c041@amuri.net> <83ppe1itu9.fsf@gnu.org> Reply-To: Eli Zaretskii NNTP-Posting-Host: plane.gmane.org X-Trace: ger.gmane.org 1412925625 13276 80.91.229.3 (10 Oct 2014 07:20:25 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Fri, 10 Oct 2014 07:20:25 +0000 (UTC) Cc: 18438@debbugs.gnu.org To: aidalgol@amuri.net Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Fri Oct 10 09:20:19 2014 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1XcUUs-0001Rm-P8 for geb-bug-gnu-emacs@m.gmane.org; Fri, 10 Oct 2014 09:20:19 +0200 Original-Received: from localhost ([::1]:46566 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XcUUs-0003wD-9S for geb-bug-gnu-emacs@m.gmane.org; Fri, 10 Oct 2014 03:20:18 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:39126) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XcUUk-0003vb-VT for bug-gnu-emacs@gnu.org; Fri, 10 Oct 2014 03:20:15 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XcUUd-0003sj-U2 for bug-gnu-emacs@gnu.org; Fri, 10 Oct 2014 03:20:10 -0400 Original-Received: from debbugs.gnu.org ([140.186.70.43]:48135) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XcUUd-0003s7-QA for bug-gnu-emacs@gnu.org; Fri, 10 Oct 2014 03:20:03 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.80) (envelope-from ) id 1XcUUc-0006lP-Lg for bug-gnu-emacs@gnu.org; Fri, 10 Oct 2014 03:20:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Eli Zaretskii Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Fri, 10 Oct 2014 07:20:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 18438 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: moreinfo Original-Received: via spool by 18438-submit@debbugs.gnu.org id=B18438.141292558725968 (code B ref 18438); Fri, 10 Oct 2014 07:20:02 +0000 Original-Received: (at 18438) by debbugs.gnu.org; 10 Oct 2014 07:19:47 +0000 Original-Received: from localhost ([127.0.0.1]:39699 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XcUUM-0006kl-8n for submit@debbugs.gnu.org; Fri, 10 Oct 2014 03:19:46 -0400 Original-Received: from mtaout23.012.net.il ([80.179.55.175]:59542) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XcUUI-0006ka-5D for 18438@debbugs.gnu.org; Fri, 10 Oct 2014 03:19:44 -0400 Original-Received: from conversion-daemon.a-mtaout23.012.net.il by a-mtaout23.012.net.il (HyperSendmail v2007.08) id <0ND700B00W75UE00@a-mtaout23.012.net.il> for 18438@debbugs.gnu.org; Fri, 10 Oct 2014 10:19:39 +0300 (IDT) Original-Received: from HOME-C4E4A596F7 ([87.69.4.28]) by a-mtaout23.012.net.il (HyperSendmail v2007.08) with ESMTPA id <0ND700B0TWCRSJ40@a-mtaout23.012.net.il>; Fri, 10 Oct 2014 10:19:39 +0300 (IDT) In-reply-to: X-012-Sender: halo1@inter.net.il X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 140.186.70.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:94368 > Date: Fri, 10 Oct 2014 15:21:53 +1300 > From: aidalgol@amuri.net > Cc: Eli Zaretskii , > > > Could you show the disassembly of this function in its new form? I'd > > like to see if the value of the bidi type being checked is loaded > > into > > the same register as in the original version. > > (gdb) disassemble 'bidi.c'::bidi_check_type > Dump of assembler code for function bidi_check_type: > 0x00000001004f9dd3 <+0>: push %rbp > 0x00000001004f9dd4 <+1>: mov %rsp,%rbp > 0x00000001004f9dd7 <+4>: sub $0x40,%rsp > 0x00000001004f9ddb <+8>: mov %ecx,0x10(%rbp) > 0x00000001004f9dde <+11>: mov 0x55d8db(%rip),%rax > 0x00000001004f9de5 <+18>: movzbl (%rax),%eax > 0x00000001004f9de8 <+21>: xor $0x1,%eax > 0x00000001004f9deb <+24>: test %al,%al > 0x00000001004f9ded <+26>: je 0x1004f9e37 > 0x00000001004f9def <+28>: cmpl $0x17,0x10(%rbp) > 0x00000001004f9df3 <+32>: jbe 0x1004f9e37 Yes, this is the same arrangement as in the original version: passed through ECX, then stored in RBP+0x10. Moreover, the value printed by fprintf is taken from RBP+0x10: > 0x00000001004f9dfa <+39>: mov 0x18(%rax),%rax > 0x00000001004f9dfe <+43>: movl $0x17,0x30(%rsp) > 0x00000001004f9e06 <+51>: movl $0x0,0x28(%rsp) > 0x00000001004f9e0e <+59>: mov 0x10(%rbp),%edx <<<<<<<<<<< > 0x00000001004f9e11 <+62>: mov %edx,0x20(%rsp) <<<<<<<<<<< > 0x00000001004f9e15 <+66>: mov $0x14c,%r9d > 0x00000001004f9e1b <+72>: lea 0x52edde(%rip),%r8 > 0x00000001004f9e22 <+79>: lea 0x52eddf(%rip),%rdx > 0x00000001004f9e29 <+86>: mov %rax,%rcx > 0x00000001004f9e2c <+89>: callq 0x1006b8080 So now I'm no longer sure that my theory about some other thread overwriting registers is valid. But what else could cause this? Hm... can you try the following version instead? I expect it to force GCC to store the value of 'type' in a 64-bit register, and use a 64-bit compare instruction for it. Please show the resulting disassembly, so we are sure this trick succeeded. === modified file 'src/bidi.c' --- src/bidi.c 2014-04-06 15:56:01 +0000 +++ src/bidi.c 2014-10-10 07:12:01 +0000 @@ -326,7 +326,14 @@ bidi_get_type (int ch, bidi_dir_t overri static void bidi_check_type (bidi_type_t type) { - eassert (UNKNOWN_BT <= type && type <= NEUTRAL_ON); + volatile ptrdiff_t qtype = type; + + if (!(suppress_checking || (UNKNOWN_BT <= qtype && qtype <= NEUTRAL_ON))) + { + fprintf (stderr, "\r\n%s:%d: bidi type %d is not in [%d..%d]\r\n", + __FILE__, __LINE__, type, UNKNOWN_BT, NEUTRAL_ON); + emacs_abort (); + } } /* Given a bidi TYPE of a character, return its category. */ > > Also, if you have the backtrace, including from all the other > > threads, > > please post that. > > Attached, but the emacs process died while printing the backtrace for > thread 2, and I have no idea why. I do: it's because you started GDB from the src directory, where it read the .gdbinit file, which causes the "bt" command to call a function in the Emacs process being debugged. To work around this, comment out (by prepending a # to every line) the following few lines in .gdbinit: define hookpost-backtrace set $bt = backtrace_top () if backtrace_p ($bt) echo \n echo Lisp Backtrace:\n xbacktrace end end Then you will still be able to invoke "xbacktrace" by hand, but it won't be invoked automatically by "bt". Thanks.