From: Adrian Robert <adrian.b.robert@gmail.com>
To: emacs- devel <emacs-devel@gnu.org>
Cc: Markus Triska <markus.triska@gmx.at>
Subject: Re: 23.0.60: segfault in syntax.c: char_quoted
Date: Sun, 20 Jul 2008 13:42:19 -0400 [thread overview]
Message-ID: <2D670EB3-5275-401F-BD40-6BE7C76CFB79@gmail.com> (raw)
In-Reply-To: <57DB9B68-DA64-4BCB-97DD-3F4D9C3AC86B@gmail.com>
[-- Attachment #1: Type: text/plain, Size: 7750 bytes --]
This crash bug also occurs when running under X11 on OS X -- it's not
related to Emacs.app. It cannot be triggered deterministically -- may
depend on where emacs resides in memory. However here is a test case
that reproduces reliably:
emacs -Q syntaxDecBoth.el (attached)
M-x show-paren-mode
C-M-x C-g C-_
repeat the last key sequence a few times to get the crash.
The C backtrace is similar to posted below, but the lisp backtrace
differs:
"scan-sexps" (0xbfffbe08)
"byte-code" (0xbfffc0c4)
"show-paren-function" (0xbfffc9a8)
"apply" (0xbfffc9a4)
"byte-code" (0xbfffcc64)
"timer-event-handler" (0xbfffd42c)
It would be interesting to know if this can be reproduced on other
systems.
On Jun 9, 2008, at 1:22 PM, Adrian Robert wrote:
> I have for a long time received a segfault in syntax.c char_quoted()
> function DEC_BOTH() line as detailed in stack traces below. This is
> in Emacs.app (the "Cocoa" port), and I am not 100% certain that it's
> not due to something there, though I'm uncertain how any code in
> this port could affect GUI syntax, or due to some elisp in my
> environment, or due to the files involved. Unfortunately it is not
> reliably reproducible.
>
> Examining the definition of DEC_BOTH, it seems that calling it when
> charpos or bytepos < 2 will always cause segv. In the crashes below
> they are called when they are 0, from back_comment().
>
> I have patched in Emacs.app by a check for charpos/bytepos<2 in
> char_quoted, but I'm wondering if anyone familiar with the syntax
> code might spot something anomalous in the call stack leading there?
>
>
>
> Program received signal EXC_BAD_ACCESS, Could not access memory.
> Reason: KERN_INVALID_ADDRESS at address: 0x17054fff
> 0x002065b8 in char_quoted (charpos=0, bytepos=0) at syntax.c:302
> 302 DEC_BOTH (charpos, bytepos);
> (gdb) bt
> #0 0x002065b8 in char_quoted (charpos=0, bytepos=0) at syntax.c:302
> #1 0x00209430 in back_comment (from=1, from_byte=1, stop=1,
> comnested=0, comstyle=0, charpos_ptr=0xbfffbca4,
> bytepos_ptr=0xbfffbca0) at syntax.c:587
> #2 0x0021dedc in scan_lists (from=1153, count=-1, depth=1,
> sexpflag=0) at syntax.c:2740
> #3 0x0021f010 in Fscan_lists (from=472480, count=-8, depth=8) at
> syntax.c:2833
> #4 0x001c4d58 in Ffuncall (nargs=4, args=0xbfffc2a0) at eval.c:3054
> #5 0x0022b7f8 in Fbyte_code (bytestr=3538459, vector=3538476,
> maxdepth=40) at bytecode.c:678
> #6 0x001c58a0 in funcall_lambda (fun=3538412, nargs=1,
> arg_vector=0xbfffc624) at eval.c:3239
> #7 0x001c5048 in Ffuncall (nargs=2, args=0xbfffc620) at eval.c:3094
> #8 0x0022b7f8 in Fbyte_code (bytestr=3538355, vector=3538372,
> maxdepth=16) at bytecode.c:678
> #9 0x001c58a0 in funcall_lambda (fun=3538308, nargs=1,
> arg_vector=0xbfffc994) at eval.c:3239
> #10 0x001c5048 in Ffuncall (nargs=2, args=0xbfffc990) at eval.c:3094
> #11 0x0022b7f8 in Fbyte_code (bytestr=54021875, vector=400887652,
> maxdepth=16) at bytecode.c:678
> #12 0x001c3398 in Feval (form=382482037) at eval.c:2385
> #13 0x001c0cd8 in internal_lisp_condition_case (var=25165833,
> bodyform=382482037, handlers=382481989) at eval.c:1460
> #14 0x0022c914 in Fbyte_code (bytestr=53895747, vector=54275588,
> maxdepth=64) at bytecode.c:868
> #15 0x001c58a0 in funcall_lambda (fun=400887940, nargs=0,
> arg_vector=0xbfffd414) at eval.c:3239
> #16 0x001c5048 in Ffuncall (nargs=1, args=0xbfffd410) at eval.c:3094
> #17 0x0022b7f8 in Fbyte_code (bytestr=54413427, vector=401236900,
> maxdepth=48) at bytecode.c:678
> #18 0x001c58a0 in funcall_lambda (fun=401237188, nargs=0,
> arg_vector=0xbfffd794) at eval.c:3239
> #19 0x001c5048 in Ffuncall (nargs=1, args=0xbfffd790) at eval.c:3094
> #20 0x0022b7f8 in Fbyte_code (bytestr=3407483, vector=3407500,
> maxdepth=16) at bytecode.c:678
> #21 0x001c58a0 in funcall_lambda (fun=3407452, nargs=0,
> arg_vector=0xbfffdb04) at eval.c:3239
> #22 0x001c5048 in Ffuncall (nargs=1, args=0xbfffdb00) at eval.c:3094
> #23 0x0022b7f8 in Fbyte_code (bytestr=54480403, vector=401191604,
> maxdepth=48) at bytecode.c:678
> #24 0x001c58a0 in funcall_lambda (fun=401191844, nargs=1,
> arg_vector=0xbfffde84) at eval.c:3239
> #25 0x001c5048 in Ffuncall (nargs=2, args=0xbfffde80) at eval.c:3094
> #26 0x0022b7f8 in Fbyte_code (bytestr=54493075, vector=400949860,
> maxdepth=24) at bytecode.c:678
> #27 0x001c58a0 in funcall_lambda (fun=400949988, nargs=2,
> arg_vector=0xbfffe1f4) at eval.c:3239
> #28 0x001c5048 in Ffuncall (nargs=3, args=0xbfffe1f0) at eval.c:3094
> #29 0x001c3be4 in Fapply (nargs=2, args=0xbfffe2ac) at eval.c:2536
> #30 0x001c42d0 in apply1 (fn=54483113, arg=392999317) at eval.c:2797
> warning: .o file "/Users/arobert/src/EmacsApp/emacs/branches/emacs-
> app/src/callint.o" more recent than executable timestamp
> #31 0x001bb188 in Fcall_interactively (function=54483113,
> record_flag=25165833, keys=55200260) at callint.c:389
> #32 0x001c4d58 in Ffuncall (nargs=4, args=0xbfffe578) at eval.c:3054
> #33 0x001c447c in call3 (fn=25276825, arg1=54483113, arg2=25165833,
> arg3=25165833) at eval.c:2874
> #34 0x0010f24c in Fcommand_execute (cmd=54483113,
> record_flag=25165833, keys=25165833, special=25165833) at keyboard.c:
> 10451
> #35 0x000f9810 in command_loop_1 () at keyboard.c:1915
> #36 0x001c0eb4 in internal_condition_case (bfun=0xf7450
> <command_loop_1>, handlers=25205449, hfun=0xf68e0 <cmd_error>) at
> eval.c:1515
> #37 0x000f6f44 in command_loop_2 () at keyboard.c:1372
> #38 0x001c06d0 in internal_catch (tag=25201521, func=0xf6f04
> <command_loop_2>, arg=25165833) at eval.c:1251
> #39 0x000f6ea8 in command_loop () at keyboard.c:1351
> #40 0x000f60cc in recursive_edit_1 () at keyboard.c:960
> #41 0x000f63ac in Frecursive_edit () at keyboard.c:1022
> #42 0x000f3e44 in main (argc=1, argv=0xbffff1d4) at emacs.c:1808
>
> Lisp Backtrace:
> "scan-lists" (0xbfffc2a4)
> "up-list" (0xbfffc624)
> "backward-up-list" (0xbfffc994)
> "byte-code" (0xbfffcc54)
> "c-guess-basic-syntax" (0xbfffd414)
> "c-indent-line" (0xbfffd794)
> 0x33fe5c warning: .o file "/Users/arobert/src/EmacsApp/emacs/
> branches/emacs-app/src/image.o" more recent than executable timestamp
> PVEC_COMPILED
> "c-indent-command" (0xbfffde84)
> "c-indent-line-or-region" (0xbfffe1f4)
> "call-interactively" (0xbfffe57c)
>
>
> -------------------------------------
>
> Program received signal EXC_BAD_ACCESS, Could not access memory.
> Reason: KERN_INVALID_ADDRESS at address: 0x02f12fff
> 0x002065b8 in char_quoted (charpos=0, bytepos=0) at syntax.c:302
> 302 DEC_BOTH (charpos, bytepos);
> (gdb) bt
> #0 0x002065b8 in char_quoted (charpos=0, bytepos=0) at syntax.c:302
> #1 0x00209430 in back_comment (from=1, from_byte=1, stop=1,
> comnested=0, comstyle=0, charpos_ptr=0xbfff9744,
> bytepos_ptr=0xbfff9748) at syntax.c:587
> #2 0x00216ef4 in Fforward_comment (count=-8) at syntax.c:2376
> #3 0x001c4cc0 in Ffuncall (nargs=2, args=0xbfff9a60) at eval.c:3048
> ...
> #69 0x000f3e44 in main (argc=1, argv=0xbffff1d4) at emacs.c:1808
>
> Lisp Backtrace:
> "forward-comment" (0xbfff9a64)
> "c-backward-sws" (0xbfff9de4)
> "c-font-lock-complex-decl-prepare" (0xbfffa164)
> "font-lock-fontify-keywords-region" (0xbfffa4f4)
> "font-lock-default-fontify-region" (0xbfffa874)
> "font-lock-fontify-region" (0xbfffad58)
> "run-hook-with-args" (0xbfffad54)
> "byte-code" (0xbfffb014)
> "jit-lock-fontify-now" (0xbfffb7d4)
> "jit-lock-function" (0xbfffbf6c)
> "pos-visible-in-window-p" (0xbfffd134)
> "ediff-position-region" (0xbfffd4a4)
> "ediff-recenter-one-window" (0xbfffd834)
> "ediff-recenter" (0xbfffdbb4)
> "ediff-unselect-and-select-difference" (0xbfffdf24)
> "ediff-next-difference" (0xbfffe2d4)
> "call-interactively" (0xbfffe57c)
> (gdb)
[-- Attachment #2: syntaxDecBoth.el --]
[-- Type: application/octet-stream, Size: 47 bytes --]
(while t
(insert "(when t (if t t 'hi))\n"))
[-- Attachment #3: Type: text/plain, Size: 4 bytes --]
next prev parent reply other threads:[~2008-07-20 17:42 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-06-09 17:22 23.0.60: segfault in syntax.c: char_quoted Adrian Robert
2008-07-20 17:42 ` Adrian Robert [this message]
2008-07-20 17:57 ` Lennart Borgman (gmail)
2008-07-21 2:45 ` Adrian Robert
2008-07-22 17:10 ` Stefan Monnier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2D670EB3-5275-401F-BD40-6BE7C76CFB79@gmail.com \
--to=adrian.b.robert@gmail.com \
--cc=emacs-devel@gnu.org \
--cc=markus.triska@gmx.at \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).