From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Thien-Thi Nguyen <ttn@gnu.org>
Newsgroups: gmane.emacs.devel
Subject: Re: Stack clobbering bug
Date: 22 Jul 2006 03:57:08 -0400
Message-ID: <jku05a2ht7.fsf@glug.org>
References: <E1G3muv-0000sF-C9@fencepost.gnu.org> <jkwta772zg.fsf@glug.org>
	<E1G40ny-0007ta-TZ@fencepost.gnu.org>
NNTP-Posting-Host: main.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: sea.gmane.org 1153555079 22869 80.91.229.2 (22 Jul 2006 07:57:59 GMT)
X-Complaints-To: usenet@sea.gmane.org
NNTP-Posting-Date: Sat, 22 Jul 2006 07:57:59 +0000 (UTC)
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sat Jul 22 09:57:54 2006
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([199.232.76.165])
	by ciao.gmane.org with esmtp (Exim 4.43)
	id 1G4CMv-0005Uh-PV
	for ged-emacs-devel@m.gmane.org; Sat, 22 Jul 2006 09:57:50 +0200
Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43)
	id 1G4CMv-0003Vh-6C
	for ged-emacs-devel@m.gmane.org; Sat, 22 Jul 2006 03:57:49 -0400
Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1G4CML-0003VS-Ia
	for emacs-devel@gnu.org; Sat, 22 Jul 2006 03:57:13 -0400
Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1G4CMI-0003UY-JK
	for emacs-devel@gnu.org; Sat, 22 Jul 2006 03:57:11 -0400
Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1G4CMH-0003UM-Oz
	for emacs-devel@gnu.org; Sat, 22 Jul 2006 03:57:09 -0400
Original-Received: from [67.59.132.6] (helo=mail.agora-net.com)
	by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA:32)
	(Exim 4.52) id 1G4CMs-0002zS-BI
	for emacs-devel@gnu.org; Sat, 22 Jul 2006 03:57:46 -0400
Original-Received: from ttn by mail.agora-net.com with local (Exim 4.50)
	id 1G4CMG-00074E-JR
	for emacs-devel@gnu.org; Sat, 22 Jul 2006 03:57:08 -0400
Original-To: emacs-devel@gnu.org
In-Reply-To: <E1G40ny-0007ta-TZ@fencepost.gnu.org>
Original-Lines: 45
User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.4
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:57466
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/57466>

Richard Stallman <rms@gnu.org> writes:

> The first thing to do is x/20xw  $sp
> and then repeat x/20xw a few times
> to see if part of the stack is clobbered with -1.

appended is some gdb output for the latest crash.  i don't
see any -1 (assuming its representation is 0xffffffff).

thi

___________________________________________
(gdb) bt
#0  0x40131d95 in _XSetClipRectangles () from /usr/X11R6/lib/libX11.so.6
Cannot access memory at address 0x8
(gdb) x/20xw $sp
0xbfffe2a8:  0x085c9aa8  0x00000000  0x0805ece8  0x085ef2c0
0xbfffe2b8:  0x00000001  0xbfffe30c  0x0805ecd3  0x00000008
0xbfffe2c8:  0x00000001  0xbfffe30c  0x40131f77  0x085c9aa8
0xbfffe2d8:  0x087ce7c8  0x00000000  0x00000000  0xbfffe354
0xbfffe2e8:  0x00000001  0x00000000  0x40131f3d  0xbfffe414
(gdb) x/20xw
0xbfffe2f8:  0xbfffe354  0xbfffe32c  0x4011d270  0x085c9aa8
0xbfffe308:  0x087ce7c8  0x085ca048  0x4011d212  0x401dbfdc
0xbfffe318:  0x085c9aa8  0x087ce7c8  0x00000000  0x091c7a78
0xbfffe328:  0xbfffe414  0xbfffe35c  0x40131ffb  0x085c9aa8
0xbfffe338:  0x087ce7c8  0x00000000  0x40131fbe  0x091c7a78
(gdb) x/20xw
0xbfffe348:  0xbfffe414  0x00000000  0x00000000  0xbfffe404
0xbfffe358:  0x00000001  0xbfffe3ec  0x080b409e  0x085c9aa8
0xbfffe368:  0x087ce7c8  0x00000000  0xbfffe398  0x00000000
0xbfffe378:  0x00000001  0x085ef2c0  0x080768e1  0x08a7f048
0xbfffe388:  0x08c4b1e0  0xbfffe3bc  0x0805dcb2  0x085ef2c0
(gdb) x/20xw
0xbfffe398:  0x00000000  0xbfffe404  0xbfffe3c8  0x085ef2c0
0xbfffe3a8:  0x00000000  0x091c7a78  0x080768e1  0x085ef2c0
0xbfffe3b8:  0x00000000  0xbfffe3ec  0x0805dddc  0x085ef2c0
0xbfffe3c8:  0x00000001  0xbfffe56c  0x08078958  0x085ef2c0
0xbfffe3d8:  0x00000001  0x00000000  0x0000000c  0x00000000
(gdb) x/20xw
0xbfffe3e8:  0x00000016  0xbfffe56c  0x08078a18  0x085ef2c0
0xbfffe3f8:  0x00000001  0x000003fd  0x00000000  0x00002020
0xbfffe408:  0x00000001  0x085ef2c0  0x00800011  0x00000001
0xbfffe418:  0x000002d7  0x000002e9  0x0000000c  0x0000000c
0xbfffe428:  0x00000016  0x00000000  0x00000000  0x085eefe8