From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!.POSTED!not-for-mail
From: Vibhav Pant <vibhavp@gmail.com>
Newsgroups: gmane.emacs.devel
Subject: Re: Critical bytecode bug with hash tables while dumping emacs.
Date: Fri, 27 Jan 2017 13:45:57 +0000
Message-ID: <CA+T2Sh284rJRkDkJL0WEXD4sfAGmV1E7ZvRMETSSn7kb-heQfg@mail.gmail.com>
References: <CA+T2Sh1jbBv2q4+8FXaZnZ0eLKM1W2vvTFKq-0EWv01rMLwQWg@mail.gmail.com>
	<66c98f41-e9b3-2aa7-a2a2-4595dd4ee653@cs.ucla.edu>
	<CA+T2Sh2fD7x9F4n+euwRkuCWWhCw2_mvsTjeeoTS91kMLHYMkQ@mail.gmail.com>
NNTP-Posting-Host: blaine.gmane.org
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary=001a11471f8a14f694054713b0d8
X-Trace: blaine.gmane.org 1485526202 12526 195.159.176.226 (27 Jan 2017 14:10:02 GMT)
X-Complaints-To: usenet@blaine.gmane.org
NNTP-Posting-Date: Fri, 27 Jan 2017 14:10:02 +0000 (UTC)
Cc: Emacs development discussions <emacs-devel@gnu.org>
To: Paul Eggert <eggert@cs.ucla.edu>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Jan 27 15:09:53 2017
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by blaine.gmane.org with esmtp (Exim 4.84_2)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1cX7Dr-0002H6-SM
	for ged-emacs-devel@m.gmane.org; Fri, 27 Jan 2017 15:09:52 +0100
Original-Received: from localhost ([::1]:45606 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1cX7Dv-0002Q5-Ch
	for ged-emacs-devel@m.gmane.org; Fri, 27 Jan 2017 09:09:55 -0500
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:33547)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <vibhavp@gmail.com>) id 1cX6qx-00053l-PI
	for emacs-devel@gnu.org; Fri, 27 Jan 2017 08:46:12 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <vibhavp@gmail.com>) id 1cX6qw-00041w-Gg
	for emacs-devel@gnu.org; Fri, 27 Jan 2017 08:46:11 -0500
Original-Received: from mail-yb0-x236.google.com ([2607:f8b0:4002:c09::236]:33862)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <vibhavp@gmail.com>) id 1cX6qw-0003yg-BT
	for emacs-devel@gnu.org; Fri, 27 Jan 2017 08:46:10 -0500
Original-Received: by mail-yb0-x236.google.com with SMTP id j82so67413616ybg.1
	for <emacs-devel@gnu.org>; Fri, 27 Jan 2017 05:46:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=mime-version:references:in-reply-to:from:date:message-id:subject:to
	:cc; bh=KZ3bTvQlA8iSJtG4s9LBYN3+g9LnFWfahWFHnSm1cNM=;
	b=tRQMkLqo+cL1eA5/si6mQXJJZ+CasBqrkrDiOjCx1LYczJFVEFHdX8AE/411lpc5u7
	tZTLA6Y/1xZz07Zulb+Legx2nFhp3eqRJNyPdjvwdZuP2GYaWy9c8hhOGdprUVqWr2yh
	9uNqQPtqawbQSaOP6jLxs7XMoYU+ebcFHmdiNhGZqb4MvLf3HT1OstPeeM6saIcXk2fU
	TYBL8FiYIPVizzGWXZJH1eIfcUnXmfpy+DkihQP2yltgh2mc3p1qgu1GbbRTQ5Kc1faI
	baAVnwhRCNtu84F27uXl0PsY7/BsEX0eko3Vz/JuT7jqD1qx+6gzBG9McT5/OvIiZcKg
	ZOkw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:mime-version:references:in-reply-to:from:date
	:message-id:subject:to:cc;
	bh=KZ3bTvQlA8iSJtG4s9LBYN3+g9LnFWfahWFHnSm1cNM=;
	b=WLv1SjmmLVm6pqzv5bur9E0TklfgdjY7Y9Qr7fhMhoCQgu2Xl5tk+lfG1YdzV6M4LK
	A6jsOk0TtEnIYqZc2ZK8SYR/oNzctHr9IpNQlSWa6hbc20RlO4HsTyiTrkQIO9Dg05uO
	r5XbsVh9J4Wz8zQ7K8Nhhrjc9E0UzursR3HT9M8yqzDqL0JAxAf20afMhz5ucYfNn/+n
	fP1HyjvS/1ecrxQpzmcLVMQtuM1WvnfvNWwJuoYjaYOfiq5IbzhWAxlwmeMyWpGQ82T1
	iW5HiLG8+Bxbygxm2ZbsgYj0c8tI385WiHWOEeKwWZa38NNhizB6PkC1PqkhVOXeCU3C
	O+UQ==
X-Gm-Message-State: AIkVDXJ7IxXedq5oTdMaMcvVdmct5XY/vC13+ofXEagam+Gw6uoGUY71R6eDPBzZqBDWFl+hZPTTGn8s8cDxwg==
X-Received: by 10.37.192.144 with SMTP id c138mr1686156ybf.123.1485524767619; 
	Fri, 27 Jan 2017 05:46:07 -0800 (PST)
In-Reply-To: <CA+T2Sh2fD7x9F4n+euwRkuCWWhCw2_mvsTjeeoTS91kMLHYMkQ@mail.gmail.com>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2607:f8b0:4002:c09::236
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel/>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: "Emacs-devel" <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Xref: news.gmane.org gmane.emacs.devel:211640
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/211640>

--001a11471f8a14f694054713b0d8
Content-Type: multipart/alternative; boundary=001a11471f8a14f68f054713b0d6

--001a11471f8a14f68f054713b0d6
Content-Type: text/plain; charset=UTF-8

Also, this one line patch crashes temacs with a SIGSEGV - the hash table
contents
are possibly getting corrupted because of a bad memory write.

On Fri, Jan 27, 2017 at 12:27 AM Vibhav Pant <vibhavp@gmail.com> wrote:

> On Thu, Jan 26, 2017 at 11:03 PM, Paul Eggert <eggert@cs.ucla.edu> wrote:
> > In that case the bug is not critical, right? One way to address the
> problem
> > is to say that code should not print hash tables before dumping.
>
> It's critical in the sense that any code loaded from loadup.el is
> effectively
> prohibited from using printed hash tables in any way. I've recently been
> working on adding a new 'switch` bytecode op (@ branch
> feature/byte-switch),
> which uses hash tables generated during compile time (so the constant
> vector
> stores printed hash tables) as jump tables. This bug breaks switch
> entirely.
>
> > we're planning to redo dumping anyway and can address this problem (if
> it still
> > occurs) then.
>
> I suspect this bug is related to purecopy, which I suppose isn't a part of
> the
> redo (or is it? I don't know much about the new dumping code). If anyone
> has any
> ideas about this issue, I'd appreciate some pointers on where to start.
>
> Thanks,
> Vibhav
> --
> Vibhav Pant
> vibhavp@gmail.com
>

--001a11471f8a14f68f054713b0d6
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Also, this one line patch crashes temacs with a SIGSEGV - =
the hash table contents<div>are possibly getting corrupted because of a bad=
 memory write.<div><br><div class=3D"gmail_quote"><div dir=3D"ltr">On Fri, =
Jan 27, 2017 at 12:27 AM Vibhav Pant &lt;<a href=3D"mailto:vibhavp@gmail.co=
m">vibhavp@gmail.com</a>&gt; wrote:<br></div><blockquote class=3D"gmail_quo=
te" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"=
>On Thu, Jan 26, 2017 at 11:03 PM, Paul Eggert &lt;<a href=3D"mailto:eggert=
@cs.ucla.edu" class=3D"gmail_msg" target=3D"_blank">eggert@cs.ucla.edu</a>&=
gt; wrote:<br class=3D"gmail_msg">
&gt; In that case the bug is not critical, right? One way to address the pr=
oblem<br class=3D"gmail_msg">
&gt; is to say that code should not print hash tables before dumping.<br cl=
ass=3D"gmail_msg">
<br class=3D"gmail_msg">
It&#39;s critical in the sense that any code loaded from loadup.el is effec=
tively<br class=3D"gmail_msg">
prohibited from using printed hash tables in any way. I&#39;ve recently bee=
n<br class=3D"gmail_msg">
working on adding a new &#39;switch` bytecode op (@ branch feature/byte-swi=
tch),<br class=3D"gmail_msg">
which uses hash tables generated during compile time (so the constant vecto=
r<br class=3D"gmail_msg">
stores printed hash tables) as jump tables. This bug breaks switch entirely=
.<br class=3D"gmail_msg">
<br class=3D"gmail_msg">
&gt; we&#39;re planning to redo dumping anyway and can address this problem=
 (if it still<br class=3D"gmail_msg">
&gt; occurs) then.<br class=3D"gmail_msg">
<br class=3D"gmail_msg">
I suspect this bug is related to purecopy, which I suppose isn&#39;t a part=
 of the<br class=3D"gmail_msg">
redo (or is it? I don&#39;t know much about the new dumping code). If anyon=
e has any<br class=3D"gmail_msg">
ideas about this issue, I&#39;d appreciate some pointers on where to start.=
<br class=3D"gmail_msg">
<br class=3D"gmail_msg">
Thanks,<br class=3D"gmail_msg">
Vibhav<br class=3D"gmail_msg">
--<br class=3D"gmail_msg">
Vibhav Pant<br class=3D"gmail_msg">
<a href=3D"mailto:vibhavp@gmail.com" class=3D"gmail_msg" target=3D"_blank">=
vibhavp@gmail.com</a><br class=3D"gmail_msg">
</blockquote></div></div></div></div>

--001a11471f8a14f68f054713b0d6--
--001a11471f8a14f694054713b0d8
Content-Type: text/x-patch; charset=US-ASCII; name="wrong-hash-table.patch"
Content-Disposition: attachment; filename="wrong-hash-table.patch"
Content-Transfer-Encoding: base64
Content-ID: <159e02c8f8b6d056c091>
X-Attachment-Id: 159e02c8f8b6d056c091

ZGlmZiAtLWdpdCBhL2xpc3AvY3VzdG9tLmVsIGIvbGlzcC9jdXN0b20uZWwKaW5kZXggNzBiNjgz
OWRiMy4uYmVjY2IyYjU0NSAxMDA2NDQKLS0tIGEvbGlzcC9jdXN0b20uZWwKKysrIGIvbGlzcC9j
dXN0b20uZWwKQEAgLTE0NSw2ICsxNDUsOCBAQCBjdXN0b20tZGVjbGFyZS12YXJpYWJsZQogYHN0
YW5kYXJkLXZhbHVlJy4gIEF0IHRoZSBzYW1lIHRpbWUsIFNZTUJPTCdzIHByb3BlcnR5IGBmb3Jj
ZS12YWx1ZScgaXMKIHNldCB0byBuaWwsIGFzIHRoZSB2YWx1ZSBpcyBubyBsb25nZXIgcm9ndWUu
IgogICAocHV0IHN5bWJvbCAnc3RhbmRhcmQtdmFsdWUgKHB1cmVjb3B5IChsaXN0IGRlZmF1bHQp
KSkKKyAgKG1lc3NhZ2UgIiVzIiAjcyhoYXNoLXRhYmxlIHNpemUgNjUgdGVzdCBlcWwgcmVoYXNo
LXNpemUgMS41IHJlaGFzaC10aHJlc2hvbGQgMC44IGRhdGEKKyAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICgxIDIgMyA0IDUgNiA3IDggOSAxIGEgYSBiIGIgYyBjIGQgZCBlIGUgcSBxIHcg
dyByIHIgdCB0KSkpCiAgIDs7IE1heWJlIHRoaXMgb3B0aW9uIHdhcyByb2d1ZSBpbiBhbiBlYXJs
aWVyIHZlcnNpb24uICBJdCBubyBsb25nZXIgaXMuCiAgICh3aGVuIChnZXQgc3ltYm9sICdmb3Jj
ZS12YWx1ZSkKICAgICAocHV0IHN5bWJvbCAnZm9yY2UtdmFsdWUgbmlsKSkK
--001a11471f8a14f694054713b0d8--