From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Stefan Monnier Newsgroups: gmane.emacs.devel Subject: Stack allocation of Lisp objects Date: Wed, 08 Oct 2014 23:11:32 -0400 Message-ID: NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: ger.gmane.org 1412824321 11077 80.91.229.3 (9 Oct 2014 03:12:01 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Thu, 9 Oct 2014 03:12:01 +0000 (UTC) To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Thu Oct 09 05:11:54 2014 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1Xc48u-0006xL-Ow for ged-emacs-devel@m.gmane.org; Thu, 09 Oct 2014 05:11:52 +0200 Original-Received: from localhost ([::1]:39620 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Xc48u-00012g-3c for ged-emacs-devel@m.gmane.org; Wed, 08 Oct 2014 23:11:52 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:40756) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Xc48k-00012Q-EE for emacs-devel@gnu.org; Wed, 08 Oct 2014 23:11:50 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Xc48b-00060G-Ci for emacs-devel@gnu.org; Wed, 08 Oct 2014 23:11:42 -0400 Original-Received: from ironport2-out.teksavvy.com ([206.248.154.181]:59152) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Xc48b-00060C-8q for emacs-devel@gnu.org; Wed, 08 Oct 2014 23:11:33 -0400 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: Au8GAIDvNVNFxKjo/2dsb2JhbABZgwYBg0m5A4hRF3SDAnImGA2IMJ9/shoXjxeEIgSpGYFqg0wh X-IPAS-Result: Au8GAIDvNVNFxKjo/2dsb2JhbABZgwYBg0m5A4hRF3SDAnImGA2IMJ9/shoXjxeEIgSpGYFqg0wh X-IronPort-AV: E=Sophos;i="4.97,753,1389762000"; d="scan'208";a="92055562" Original-Received: from 69-196-168-232.dsl.teksavvy.com (HELO pastel.home) ([69.196.168.232]) by ironport2-out.teksavvy.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 08 Oct 2014 23:11:32 -0400 Original-Received: by pastel.home (Postfix, from userid 20848) id 5A4BF85FE; Wed, 8 Oct 2014 23:11:32 -0400 (EDT) User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.4.50 (gnu/linux) X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 206.248.154.181 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:175158 Archived-At: I started seeing occasional crashes (always during temacs's dump so far), and while they come&go, they are completely reproducible when they're here. So I dug into it, and it looks like a problem with stack allocation: The crash I analyzed was within mark_object while looking at a `cons' whose cdr is nil and whose car is a string whose address is 0xffffcbe0 which IIUC is on the stack. Apparently there's an AUTO_STRING somewhere which we stick into a heap allocated cons cell. So of course, when the GC gets around to scan this cons object, the stack-allocated string is long gone and overwritten by unrelated data => crash. Stefan "going back to USE_STACK_LISP_OBJECTS=false"