From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Jaime Fournier Newsgroups: gmane.emacs.bugs Subject: bug#18270: Crash in latest emacs-24 branch on ubuntu 14.04 Date: Wed, 20 Aug 2014 19:00:16 -0700 Message-ID: References: <53F5524F.8080804@cs.ucla.edu> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="----BI283QNB3EAB3AP721ZAGCHK0WF0XT" Content-Transfer-Encoding: 8bit X-Trace: ger.gmane.org 1408586552 27167 80.91.229.3 (21 Aug 2014 02:02:32 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Thu, 21 Aug 2014 02:02:32 +0000 (UTC) Cc: 18270@debbugs.gnu.org To: Paul Eggert Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Thu Aug 21 04:02:24 2014 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1XKHhn-0002tN-UT for geb-bug-gnu-emacs@m.gmane.org; Thu, 21 Aug 2014 04:02:24 +0200 Original-Received: from localhost ([::1]:58154 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XKHhn-0003UZ-Jh for geb-bug-gnu-emacs@m.gmane.org; Wed, 20 Aug 2014 22:02:23 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:43282) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XKHhe-0003Ns-4M for bug-gnu-emacs@gnu.org; Wed, 20 Aug 2014 22:02:19 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XKHhS-0005UB-QQ for bug-gnu-emacs@gnu.org; Wed, 20 Aug 2014 22:02:14 -0400 Original-Received: from debbugs.gnu.org ([140.186.70.43]:41633) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XKHhS-0005U6-NF for bug-gnu-emacs@gnu.org; Wed, 20 Aug 2014 22:02:02 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.80) (envelope-from ) id 1XKHhS-0000UI-Ge for bug-gnu-emacs@gnu.org; Wed, 20 Aug 2014 22:02:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Jaime Fournier Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Thu, 21 Aug 2014 02:02:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 18270 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: Original-Received: via spool by 18270-submit@debbugs.gnu.org id=B18270.14085864871811 (code B ref 18270); Thu, 21 Aug 2014 02:02:02 +0000 Original-Received: (at 18270) by debbugs.gnu.org; 21 Aug 2014 02:01:27 +0000 Original-Received: from localhost ([127.0.0.1]:48575 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XKHgp-0000Sy-3y for submit@debbugs.gnu.org; Wed, 20 Aug 2014 22:01:27 -0400 Original-Received: from dns.mauthesis.com ([166.84.6.60]:54402 helo=dns.linbsd.org ident=postfix) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XKHgi-0000Sd-Lv for 18270@debbugs.gnu.org; Wed, 20 Aug 2014 22:01:20 -0400 Original-Received: from [IPV6:2607:fb90:2205:2297:e071:f15d:1bd:4441] (mc60436d0.tmodns.net [208.54.4.198]) by dns.linbsd.org (Postfix) with ESMTP id D3B58163D0B; Wed, 20 Aug 2014 21:59:45 -0400 (EDT) User-Agent: K-9 Mail for Android In-Reply-To: <53F5524F.8080804@cs.ucla.edu> X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 140.186.70.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:92550 Archived-At: ------BI283QNB3EAB3AP721ZAGCHK0WF0XT Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 I can reproduce if I link against gtk3. Not on gtk2/1 On August 20, 2014 6:58:39 PM PDT, Paul Eggert wrote: >The backtrace looks like nonsense, unfortunately, e.g., it shows two >arguments to adjust_decode_mode_spec_buffer, a function that has just >one argument, and it shows xrealloc being called with >size=18446744073709551597, even though the code passed >FRAME_MESSAGE_BUF_SIZE (f) + 1 as the size, and I don't see any way to >get 18446744073709551597 even if overflow is taken into account. > >Can you reproduce the problem? > >Can you compile with '-g3 -O0' and reproduce the problem? -- Sent from my Android device with K-9 Mail. Please excuse my brevity. ------BI283QNB3EAB3AP721ZAGCHK0WF0XT Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit I can reproduce if I link against gtk3. Not on gtk2/1

On August 20, 2014 6:58:39 PM PDT, Paul Eggert <eggert@cs.ucla.edu> wrote:
The backtrace looks like nonsense, unfortunately, e.g., it shows two 
arguments to adjust_decode_mode_spec_buffer, a function that has just 
one argument, and it shows xrealloc being called with 
size=18446744073709551597, even though the code passed 
FRAME_MESSAGE_BUF_SIZE (f) + 1 as the size, and I don't see any way to 
get 18446744073709551597 even if overflow is taken into account.

Can you reproduce the problem?

Can you compile with '-g3 -O0' and reproduce the problem?

--
Sent from my Android device with K-9 Mail. Please excuse my brevity. ------BI283QNB3EAB3AP721ZAGCHK0WF0XT--