From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Gemini Lasswell Newsgroups: gmane.emacs.bugs Subject: bug#33014: 26.1.50; 27.0.50; Fatal error after re-evaluating a thread's function Date: Thu, 18 Oct 2018 17:22:36 -0700 Message-ID: <87woqebx9v.fsf@runbox.com> References: <87d0sh9hje.fsf@runbox.com> <83murjwplq.fsf@gnu.org> <87zhvjc4r3.fsf@runbox.com> <83y3b2uzyt.fsf@gnu.org> <87va65daw9.fsf@runbox.com> <8336t9vi3h.fsf@gnu.org> <87ftx89uqs.fsf@igel.home> <837eijtfw1.fsf@gnu.org> <878t2xd90z.fsf@runbox.com> <83in21snha.fsf@gnu.org> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: blaine.gmane.org 1539908474 31185 195.159.176.226 (19 Oct 2018 00:21:14 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Fri, 19 Oct 2018 00:21:14 +0000 (UTC) User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1.50 (gnu/linux) Cc: 33014@debbugs.gnu.org, schwab@linux-m68k.org To: Eli Zaretskii Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Fri Oct 19 02:21:09 2018 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gDIXN-00080N-Hu for geb-bug-gnu-emacs@m.gmane.org; Fri, 19 Oct 2018 02:21:09 +0200 Original-Received: from localhost ([::1]:45502 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gDIZT-0001XP-V7 for geb-bug-gnu-emacs@m.gmane.org; Thu, 18 Oct 2018 20:23:19 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:36027) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gDIZJ-0001XF-Vz for bug-gnu-emacs@gnu.org; Thu, 18 Oct 2018 20:23:14 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gDIZE-0005UZ-Ru for bug-gnu-emacs@gnu.org; Thu, 18 Oct 2018 20:23:09 -0400 Original-Received: from debbugs.gnu.org ([208.118.235.43]:53443) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1gDIZD-0005Sp-PY for bug-gnu-emacs@gnu.org; Thu, 18 Oct 2018 20:23:04 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1gDIZB-0007gE-WC for bug-gnu-emacs@gnu.org; Thu, 18 Oct 2018 20:23:03 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Gemini Lasswell Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Fri, 19 Oct 2018 00:23:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 33014 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: Original-Received: via spool by 33014-submit@debbugs.gnu.org id=B33014.153990857529497 (code B ref 33014); Fri, 19 Oct 2018 00:23:01 +0000 Original-Received: (at 33014) by debbugs.gnu.org; 19 Oct 2018 00:22:55 +0000 Original-Received: from localhost ([127.0.0.1]:57701 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gDIZ5-0007fh-94 for submit@debbugs.gnu.org; Thu, 18 Oct 2018 20:22:55 -0400 Original-Received: from aibo.runbox.com ([91.220.196.211]:42136) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gDIZ1-0007fS-NK for 33014@debbugs.gnu.org; Thu, 18 Oct 2018 20:22:52 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=runbox.com; s=rbselector1; h=Content-Type:MIME-Version:Message-ID:In-Reply-To:Date: References:Subject:Cc:To:From; bh=qg3AgTa3et/5vZTkJ88GyKWyKeQRaDFViT80arDdgNA=; b=XKAtKMMYJH3jj9Fd7XgWRerVX9 p6wHFGjfkb3PXrwMx40lAYYxgS9g40eHwPqf7mz2kIaeQtG4Jeyzj5gMz1hg+H4MGvDMLkLSIqQpf mulHuEAFlqo04yEtnjJ0IM0/tPlCMm/+FD26xglurzV0V6xGypHWfLtCszf+hUKdgjPQ7fHeljUqM 4bidQvJ2byZyqKMUHf6E0QuqcI/4njF5ud7MD3wQauem9w4EGrlD+rYviF2c4PjTiTwsF1hFoIIDr i7mv8RlkarEZmkxDu8shuAJphyntL7nGGrfxsSiiBOxlp5UviEmKZJOwr1kVBVTKcjyJ1BIV+qR6M tnK0je+A==; Original-Received: from [10.9.9.210] (helo=mailfront10.runbox.com) by mailtransmit03.runbox with esmtp (Exim 4.86_2) (envelope-from ) id 1gDIZ0-0008DP-3s; Fri, 19 Oct 2018 02:22:50 +0200 Original-Received: by mailfront10.runbox.com with esmtpsa (uid:179284 ) (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) id 1gDIYo-0002dO-67; Fri, 19 Oct 2018 02:22:39 +0200 In-Reply-To: <83in21snha.fsf@gnu.org> (Eli Zaretskii's message of "Tue, 16 Oct 2018 22:25:21 +0300") X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:151412 Archived-At: Eli Zaretskii writes: > Anyway, are you saying that stack marking doesn't work in optimized > code? We've been using this technique for the last 17 years without > problems; why would the fact that we have more than one thread change > that? The same arguments you submit are valid for a single-threaded > Emacs, right? Apparently so. I set up a single-threaded situation where I could redefine a function while exec_byte_code was running it, and got a segfault. I've gained some insights from debugging this version of the bug which I will put into a separate email. Here are steps which consistently reproduce it for me: Save the following code to the file 'repro.el', and then run emacs -Q (I'm using master built with -O2 in CFLAGS): ;;; -*- lexical-binding: t -*- (defvar my-var "ok") (defun my-loop-1 () (let ((val 0)) (while t (insert "Now in recursive edit\n") (recursive-edit) (insert (format "Leaving recursive edit: %s\n" my-var)) (let ((things '(a b c d e))) (cond ((= val 0) (message "foo: %s" (last things))) ((= val 1) (message "bar: %s" things)) ((= val 2) (message "baz: %s" (car things))) (t (message "bop: %s" (nth 2 things)))) (setq val (mod (1+ val) 3)))))) (defun my-loop () (interactive) (redraw-display) (my-loop-1)) (defun my-gc-1 () (garbage-collect)) (defun my-gc () (interactive) (my-gc-1)) (provide 'repro) Then, from emacs -Q: C-x C-f repro.el RET C-u M-x byte-compile-file RET repro.el RET C-x b RET M-x my-loop RET C-x b RET M-x eval-buffer RET C-x b RET M-x my-gc RET C-M-c Result: Thread 1 "emacs" received signal SIGSEGV, Segmentation fault. 0x00000000005bca1b in styled_format (nargs=2, args=0x7ffffffeffc8, message=) at editfns.c:3129 3129 unsigned char format_char = *format++; (gdb) bt #0 0x00000000005bca1b in styled_format (nargs=2, args=0x7ffffffeffc8, message=) at editfns.c:3129 #1 0x00000000005ca771 in Ffuncall (nargs=3, args=args@entry=0x7ffffffeffc0) at eval.c:2859 #2 0x0000000000611f00 in exec_byte_code (bytestr=..., vector=..., maxdepth=..., args_template=..., nargs=nargs@entry=0, args=, args@entry=0x31bda38) at bytecode.c:632 #3 0x00000000005cde82 in funcall_lambda (fun=XIL(0x7ffffffeffc0), nargs=nargs@entry=0, arg_vector=0x31bda38, arg_vector@entry=0x7fffffff0240) at eval.c:3060 #4 0x00000000005ca65b in Ffuncall (nargs=1, args=args@entry=0x7fffffff0238) at eval.c:2873 #5 0x0000000000611f00 in exec_byte_code (bytestr=..., vector=..., maxdepth=..., args_template=..., nargs=nargs@entry=0, args=, args@entry=0x31bdaf8) at bytecode.c:632 #6 0x00000000005cde82 in funcall_lambda (fun=XIL(0x7fffffff0238), nargs=nargs@entry=0, arg_vector=0x31bdaf8, arg_vector@entry=0x7fffffff0640) at eval.c:3060 #7 0x00000000005ca65b in Ffuncall (nargs=nargs@entry=1, args=args@entry=0x7fffffff0638) at eval.c:2873 #8 0x00000000005c6653 in Ffuncall_interactively (nargs=1, args=0x7fffffff0638) at callint.c:253 #9 0x00000000005ca771 in Ffuncall (nargs=nargs@entry=2, args=args@entry=0x7fffffff0630) at eval.c:2859 #10 0x00000000005cab2c in Fapply (nargs=nargs@entry=3, args=args@entry=0x7fffffff0630) at eval.c:2432 #11 0x00000000005c6de1 in Fcall_interactively (function=..., record_flag=..., keys=...) at callint.c:340 #12 0x00000000005cc5d7 in funcall_subr (subr=0xcd63c0 , numargs=numargs@entry=3, args=args@entry=0x7fffffff07c0) at eval.c:2939 #13 0x00000000005ca771 in Ffuncall (nargs=4, args=args@entry=0x7fffffff07b8) at eval.c:2859 #14 0x0000000000611f00 in exec_byte_code (bytestr=..., vector=..., maxdepth=..., args_template=..., nargs=nargs@entry=2, args=, args@entry=0x9c3cc8 ) at bytecode.c:632 #15 0x00000000005cde82 in funcall_lambda (fun=XIL(0x7fffffff07b8), nargs=nargs@entry=2, arg_vector=0x9c3cc8 , arg_vector@entry=0x7fffffff0aa8) at eval.c:3060 #16 0x00000000005ca65b in Ffuncall (nargs=3, args=args@entry=0x7fffffff0aa0) at eval.c:2873 #17 0x0000000000611f00 in exec_byte_code (bytestr=..., vector=..., maxdepth=..., args_template=..., nargs=nargs@entry=3, args=, args@entry=0x9c3978 ) at bytecode.c:632 #18 0x00000000005cde82 in funcall_lambda (fun=XIL(0x7fffffff0aa0), nargs=nargs@entry=3, arg_vector=0x9c3978 , arg_vector@entry=0x7fffffff0e90) at eval.c:3060 #19 0x00000000005ca65b in Ffuncall (nargs=nargs@entry=4, args=args@entry=0x7fffffff0e88) at eval.c:2873 #20 0x00000000005c6653 in Ffuncall_interactively (nargs=4, args=0x7fffffff0e88) at callint.c:253 #21 0x00000000005ca771 in Ffuncall (nargs=nargs@entry=5, args=0x7fffffff0e80) at eval.c:2859 #22 0x00000000005caa3a in Fapply (nargs=nargs@entry=3, args=args@entry=0x7fffffff1030) at eval.c:2479 #23 0x00000000005c6de1 in Fcall_interactively (function=..., record_flag=..., keys=...) at callint.c:340 #24 0x00000000005cc5d7 in funcall_subr (subr=0xcd63c0 , numargs=numargs@entry=3, args=args@entry=0x7fffffff11c0) at eval.c:2939 #25 0x00000000005ca771 in Ffuncall (nargs=4, args=args@entry=0x7fffffff11b8) at eval.c:2859 #26 0x0000000000611f00 in exec_byte_code (bytestr=..., vector=..., maxdepth=..., args_template=..., nargs=nargs@entry=1, args=, args@entry=0x9c3cc8 ) at bytecode.c:632 #27 0x00000000005cde82 in funcall_lambda (fun=XIL(0x7fffffff11b8), nargs=nargs@entry=1, arg_vector=0x9c3cc8 , arg_vector@entry=0x7fffffff1478) at eval.c:3060 #28 0x00000000005ca65b in Ffuncall (nargs=nargs@entry=2, args=args@entry=0x7fffffff1470) at eval.c:2873 #29 0x00000000005ca83a in call1 (fn=..., fn@entry=XIL(0x3ff0), arg1=...) at eval.c:2710 #30 0x000000000054f597 in command_loop_1 () at keyboard.c:1451 #31 0x00000000005c975f in internal_condition_case (bfun=bfun@entry=0x54f080 , handlers=..., handlers@entry=XIL(0x53a0), hfun=hfun@entry=0x541d60 ) at eval.c:1373 #32 0x000000000053db88 in command_loop_2 (ignore=..., ignore@entry=XIL(0)) at keyboard.c:1079 #33 0x00000000005c9683 in internal_catch (tag=..., func=func@entry=0x53db60 , arg=..., arg@entry=XIL(0)) at eval.c:1136 #34 0x000000000053ddeb in command_loop () at keyboard.c:1058 #35 0x0000000000541864 in recursive_edit_1 () at keyboard.c:703 #36 0x0000000000541c23 in Frecursive_edit () at keyboard.c:774 #37 0x000000000041e727 in main (argc=, argv=) at emacs.c:1731 Lisp Backtrace: "format" (0xfffeffc8) "my-loop-1" (0xffff0240) "my-loop" (0xffff0640) "funcall-interactively" (0xffff0638) "call-interactively" (0xffff07c0) "command-execute" (0xffff0aa8) "execute-extended-command" (0xffff0e90) "funcall-interactively" (0xffff0e88) "call-interactively" (0xffff11c0) "command-execute" (0xffff1478)