Package: emacs;
Reported by: Evan Buswell <ebuswell <at> gmail.com>
Date: Sat, 28 Sep 2013 18:24:06 UTC
Severity: important
Found in version 24.3
Fixed in version 24.4
Done: Glenn Morris <rgm <at> gnu.org>
Bug is archived. No further changes may be made.
View this message in rfc822 format
From: Glenn Morris <rgm <at> gnu.org> To: Evan Buswell <ebuswell <at> gmail.com> Cc: 15480 <at> debbugs.gnu.org Subject: bug#15480: 24.3; reproducible segfault Date: Thu, 10 Oct 2013 17:07:41 -0400
Evan Buswell wrote:
> With the attached file, ctl-space and down arrow twice and alt-w to copy
> the last two lines, ctl-y on the last empty line and boom!
Thanks, I can reproduce this in 24.3 (although I have to add an "undo"
as a last step to get it to crash). I cannot reproduce it in the current
trunk, though, so I guess it is already fixed.
24.3 backtrace follows for reference.
Resembles http://debbugs.gnu.org/13743 ?
Program received signal SIGSEGV, Segmentation fault.
0x0000000000647ea8 in add_properties (plist=22334278, i=0x0, object=14246965)
at textprop.c:378
378 for (tail2 = i->plist; CONSP (tail2); tail2 = Fcdr (XCDR (tail2)))
(gdb) bt full
#0 0x0000000000647ea8 in add_properties (plist=22334278, i=0x0, object=
14246965) at textprop.c:378
tail1 = 22334278
tail2 = 22572470
sym1 = 13149282
val1 = 12927554
changed = 0
found = 0
gcpro1 = {
next = 0x100000001,
var = 0x7fffffff3510,
nvars = 12927554
}
gcpro2 = {
next = 0xd96430,
var = 0xcdc290,
nvars = 14246960
}
gcpro3 = {
next = 0x1011,
var = 0x1006,
nvars = 140737488303264
}
#1 0x000000000064a3e3 in Fadd_text_properties (start=16408, end=16452,
properties=22334278, object=14246965) at textprop.c:1212
i = 0x0
unchanged = 0x7fffffff4c70
s = 4102
len = 1
modified = 0
gcpro1 = {
next = 0xc54272,
var = 0xc81362,
nvars = 140737488303568
}
#2 0x000000000064a464 in Fput_text_property (start=16408, end=16452, property=
13149282, value=12927554, object=12927554) at textprop.c:1229
No locals.
#3 0x00000000005b668a in Fprimitive_undo (n=4, list=22376678) at undo.c:560
beg = 16408
end = 16452
prop = 13149282
val = 12927554
car = 12927554
cdr = 22376694
gcpro1 = {
next = 0x0,
var = 0x11d7141,
nvars = 0
}
gcpro2 = {
next = 0x52571540,
var = 0x2b9ad898,
nvars = 1381438784
}
next = 22376742
count = 12
arg = 1
oldlist = 19870182
did_apply = 0
#4 0x00000000005dd4b9 in Ffuncall (nargs=3, args=0x7fffffff37b8)
at eval.c:2781
fun = 9421869
original_fun = 13111410
funcar = 16591730
numargs = 2
lisp_numargs = 12927554
val = 22499174
backtrace = {
next = 0x7fffffff3c00,
function = 13111410,
args = 0x7fffffff37c0,
nargs = 2,
debug_on_exit = 0
}
internal_args = 0x7fffffff37c0
i = 13059394
#5 0x0000000000624bac in exec_byte_code (bytestr=10342889, vector=10342925,
maxdepth=16, args_template=12927554, nargs=0, args=0x0) at bytecode.c:900
targets = {0x628783,
0x628792,
0x628794,
0x628796,
0x628798,
0x628798,
0x628802,
0x62887c,
0x6243b1,
0x6243b3,
0x6243b5,
0x6243b7,
0x6243b9,
0x6243b9,
0x6243c2,
0x624370,
0x62486b,
0x62486d,
0x62486f,
0x624871,
0x624873,
0x624873,
0x6248bd,
0x62487c,
0x624a90,
0x624a92,
0x624a94,
0x624a96,
0x624a98,
0x624a98,
0x624a2f,
0x624a4f,
0x624b6a,
0x624b6c,
0x624b6e,
0x624b70,
0x624b72,
0x624b72,
0x624b09,
0x624b29,
0x624c4e,
0x624c50,
0x624c52,
0x624c54,
0x624c56,
0x624c56,
0x624bed,
0x624c0d,
0x628783,
0x628783,
0x628783,
0x628783,
0x628783,
0x628783,
0x628783,
0x628783,
0x625d4d,
0x625e87,
0x625eea,
0x625f4d,
0x625fb0,
0x6246ca,
0x624747,
0x626029,
0x62461d,
0x6247bd,
0x626090,
0x626106,
0x626163,
0x6261ee,
0x62624b,
0x626342,
0x626395,
0x62640b,
0x6264a1,
0x6264f4,
0x626547,
0x6265bd,
0x626633,
0x6266a9,
0x62673f,
0x62679c,
0x6267f9,
0x6268f0,
0x62698c,
0x626a28,
0x626c6d,
0x626ce3,
0x626d59,
0x626dcf,
0x626e45,
0x626ea2,
0x626f42,
0x626f9f,
0x626ffc,
0x627059,
0x627189,
0x625988,
0x6271f2,
0x627245,
0x627334,
0x62739d,
0x627406,
0x627459,
0x6274b5,
0x627511,
0x627571,
0x628783,
0x6275ce,
0x62761c,
0x62766a,
0x6276b8,
0x627706,
0x627754,
0x625988,
0x628783,
0x6277a7,
0x6277f5,
0x627848,
0x62789b,
0x627911,
0x627987,
0x6279da,
0x627c43,
0x627cb9,
0x627d2f,
0x627da5,
0x627df3,
0x628783,
0x6258a6,
0x624d29,
0x6244c5,
0x624e54,
0x624fac,
0x6250fb,
0x62580b,
0x625867,
0x6249ce,
0x62593f,
0x6259c4,
0x625a69,
0x625ab2,
0x625b2a,
0x625b80,
0x625c16,
0x625ca6,
0x624cd9,
0x627e46,
0x627edc,
0x627f2f,
0x627f82,
0x627fd5,
0x628028,
0x62809e,
0x628114,
0x62818a,
0x628200,
0x62835e,
0x6283ce,
0x62843e,
0x628491,
0x628501,
0x628571,
0x6285e0,
0x628650,
0x6270b6,
0x627113,
0x6286ad,
0x628721,
0x628783,
0x62524a,
0x62533f,
0x625473,
0x6255a7,
0x6256d9,
0x6262a8,
0x626856,
0x62729a,
0x628920,
0x62899a,
0x628783,
0x628783,
0x628a3e,
0x628783,
0x628783,
0x628783,
0x628783,
0x628783,
0x628783,
0x628783,
0x628783,
0x628783,
0x628ae1 <repeats 64 times>}
count = 11
op = 2
vectorp = 0x9dd218
stack = {
pc = 0xb65076 "\211\020?\205\036",
byte_string = 10342889,
byte_string_start = 0xb65061 "\b<\204\017",
constants = 10342925,
next = 0x7fffffff3cf0
}
top = 0x7fffffff37b8
result = 12927554
#6 0x00000000005ddea4 in funcall_lambda (fun=10342837, nargs=1, arg_vector=
0x9dd20d) at eval.c:3010
val = 16491717
syms_left = 12927554
next = 16217122
lexenv = 12927554
count = 10
i = 1
optional = false
rest = false
#7 0x00000000005dd6a1 in Ffuncall (nargs=2, args=0x7fffffff3c88)
at eval.c:2827
fun = 10342837
original_fun = 16457490
funcar = 17233442
numargs = 1
lisp_numargs = 12927554
val = 15123185
backtrace = {
next = 0x7fffffff40d0,
function = 16457490,
args = 0x7fffffff3c90,
nargs = 1,
debug_on_exit = 0
}
internal_args = 0xa
i = 1
#8 0x0000000000624bac in exec_byte_code (bytestr=10342025, vector=10342061,
maxdepth=20, args_template=12927554, nargs=0, args=0x0) at bytecode.c:900
targets = {0x628783,
0x628792,
0x628794,
0x628796,
0x628798,
0x628798,
0x628802,
0x62887c,
0x6243b1,
0x6243b3,
0x6243b5,
0x6243b7,
0x6243b9,
0x6243b9,
0x6243c2,
0x624370,
0x62486b,
0x62486d,
0x62486f,
0x624871,
0x624873,
0x624873,
0x6248bd,
0x62487c,
0x624a90,
0x624a92,
0x624a94,
0x624a96,
0x624a98,
0x624a98,
0x624a2f,
0x624a4f,
0x624b6a,
0x624b6c,
0x624b6e,
0x624b70,
0x624b72,
0x624b72,
0x624b09,
0x624b29,
0x624c4e,
0x624c50,
0x624c52,
0x624c54,
0x624c56,
0x624c56,
0x624bed,
0x624c0d,
0x628783,
0x628783,
0x628783,
0x628783,
0x628783,
0x628783,
0x628783,
0x628783,
0x625d4d,
0x625e87,
0x625eea,
0x625f4d,
0x625fb0,
0x6246ca,
0x624747,
0x626029,
0x62461d,
0x6247bd,
0x626090,
0x626106,
0x626163,
0x6261ee,
0x62624b,
0x626342,
0x626395,
0x62640b,
0x6264a1,
0x6264f4,
0x626547,
0x6265bd,
0x626633,
0x6266a9,
0x62673f,
0x62679c,
0x6267f9,
0x6268f0,
0x62698c,
0x626a28,
0x626c6d,
0x626ce3,
0x626d59,
0x626dcf,
0x626e45,
0x626ea2,
0x626f42,
0x626f9f,
0x626ffc,
0x627059,
0x627189,
0x625988,
0x6271f2,
0x627245,
0x627334,
0x62739d,
0x627406,
0x627459,
0x6274b5,
0x627511,
0x627571,
0x628783,
0x6275ce,
0x62761c,
0x62766a,
0x6276b8,
0x627706,
0x627754,
0x625988,
0x628783,
0x6277a7,
0x6277f5,
0x627848,
0x62789b,
0x627911,
0x627987,
0x6279da,
0x627c43,
0x627cb9,
0x627d2f,
0x627da5,
0x627df3,
0x628783,
0x6258a6,
0x624d29,
0x6244c5,
0x624e54,
0x624fac,
0x6250fb,
0x62580b,
0x625867,
0x6249ce,
0x62593f,
0x6259c4,
0x625a69,
0x625ab2,
0x625b2a,
0x625b80,
0x625c16,
0x625ca6,
0x624cd9,
0x627e46,
0x627edc,
0x627f2f,
0x627f82,
0x627fd5,
0x628028,
0x62809e,
0x628114,
0x62818a,
0x628200,
0x62835e,
0x6283ce,
0x62843e,
0x628491,
0x628501,
0x628571,
0x6285e0,
0x628650,
0x6270b6,
0x627113,
0x6286ad,
0x628721,
0x628783,
0x62524a,
0x62533f,
0x625473,
0x6255a7,
0x6256d9,
0x6262a8,
0x626856,
0x62729a,
0x628920,
0x62899a,
0x628783,
0x628783,
0x628a3e,
0x628783,
0x628783,
0x628783,
0x628783,
0x628783,
0x628783,
0x628783,
0x628783,
0x628783,
0x628ae1 <repeats 64 times>}
count = 6
op = 1
vectorp = 0x9dceb8
stack = {
pc = 0xb65185 "\210\016 \211\036!@É=\203ß",
byte_string = 10342025,
byte_string_start = 0xb650bb "Æ \030Ç \206\t",
constants = 10342061,
next = 0x0
}
top = 0x7fffffff3c88
result = 18051525
#9 0x00000000005ddea4 in funcall_lambda (fun=10341965, nargs=1, arg_vector=
0x9dcead) at eval.c:3010
val = 139646566613152
syms_left = 12927554
next = 16246338
lexenv = 12927554
count = 5
i = 1
optional = true
rest = false
#10 0x00000000005dd6a1 in Ffuncall (nargs=2, args=0x7fffffff41a0)
at eval.c:2827
fun = 10341965
original_fun = 16457394
funcar = 5497860
numargs = 1
lisp_numargs = 5497858
val = 0
backtrace = {
next = 0x7fffffff4420,
function = 16457394,
args = 0x7fffffff41a8,
nargs = 1,
debug_on_exit = 0
}
internal_args = 0xb66d50
i = 0
#11 0x00000000005d7efa in Fcall_interactively (function=16457394, record_flag=
12927554, keys=12962773) at callint.c:852
val = 12927554
args = 0x7fffffff41a0
visargs = 0x7fffffff4180
specs = 10321865
filter_specs = 10321865
teml = 6147579
up_event = 12927554
enable = 12927554
speccount = 3
next_event = 1
prefix_arg = 12927554
string = 0x7fffffff41c1 "P"
tem = 0x6b7e94 ""
varies = 0x7fffffff4160 ""
i = 2
nargs = 2
mark = 12927554
arg_from_tty = false
gcpro1 = {
next = 0x0,
var = 0x15626d6,
nvars = 12927554
}
gcpro2 = {
next = 0x7fffffff42a0,
var = 0xaa9725,
nvars = 20856114
}
gcpro3 = {
next = 0x0,
var = 0x13e3d32,
nvars = 2
}
gcpro4 = {
next = 0x0,
var = 0x0,
nvars = 2
}
gcpro5 = {
next = 0x0,
var = 0xc54242,
nvars = 140737488306864
}
key_count = 1
record_then_fail = false
save_this_command = 16457394
save_last_command = 16350274
save_this_original_command = 16457394
save_real_this_command = 16457394
#12 0x00000000005dd4e8 in Ffuncall (nargs=4, args=0x7fffffff44c0)
at eval.c:2785
fun = 12280717
original_fun = 13063970
funcar = 0
numargs = 3
lisp_numargs = 731653853
val = 0
backtrace = {
next = 0x0,
function = 13063970,
args = 0x7fffffff44c8,
nargs = 3,
debug_on_exit = 0
}
internal_args = 0x7fffffff44c8
i = 0
#13 0x00000000005dcee8 in call3 (fn=13063970, arg1=16457394, arg2=12927554,
arg3=12927554) at eval.c:2603
ret_ungc_val = 12927554
gcpro1 = {
next = 0x7fffffff4500,
var = 0x9dce4d,
nvars = 4
}
args = {13063970,
16457394,
12927554,
12927554}
#14 0x0000000000550b3b in Fcommand_execute (cmd=16457394, record_flag=
12927554, keys=12927554, special=12927554) at keyboard.c:10241
final = 16457394
tem = 12927554
prefixarg = 12927554
#15 0x000000000053f3ba in command_loop_1 () at keyboard.c:1587
scount = 2
cmd = 16457394
keybuf = {124,
24,
12954352,
12927554,
140737488307696,
6035305,
2822930839,
12927554,
3488983867,
2,
140737488307776,
6037691,
12927554,
13045314,
140737488307856,
13045312,
0,
12765264,
140737488307344,
0,
140737488307936,
6153666,
16329398,
2,
13045314,
12927554,
0,
0,
13045312,
12927554}
i = 1
prev_modiff = 1181
prev_buffer = 0xd96430
already_adjusted = false
#16 0x00000000005da1a3 in internal_condition_case (bfun=
0x53eb5b <command_loop_1>, handlers=12979234, hfun=0x53e463 <cmd_error>)
at eval.c:1289
val = 1
c = {
tag = 12927554,
val = 12927554,
next = 0x7fffffff48f0,
gcpro = 0x0,
jmp = {{
__jmpbuf = {2,
3941429987225596883,
4264864,
140737488309360,
0,
0,
3941429986976035795,
-3941429274858261549},
__mask_was_saved = 0,
__saved_mask = {
__val = {14505314798851290067,
253403070464,
4294967295,
0,
1,
9386280,
0,
0,
0,
0,
254401372128,
1,
0,
139637976727553,
254405547520,
26}
}
}},
backlist = 0x0,
handlerlist = 0x0,
lisp_eval_depth = 0,
pdlcount = 2,
poll_suppress_count = 1,
interrupt_input_blocked = 0,
byte_stack = 0x0
}
h = {
handler = 12979234,
var = 12927554,
chosen_clause = 12979234,
tag = 0x7fffffff4770,
next = 0x0
}
#17 0x000000000053e874 in command_loop_2 (ignore=12927554) at keyboard.c:1168
val = 2
#18 0x00000000005d9b77 in internal_catch (tag=12975074, func=
0x53e84e <command_loop_2>, arg=12927554) at eval.c:1060
c = {
tag = 12975074,
val = 12927554,
next = 0x0,
gcpro = 0x0,
jmp = {{
__jmpbuf = {2,
3941429987141710803,
4264864,
140737488309360,
0,
0,
3941429987217208275,
-3941429273054186541},
__mask_was_saved = 0,
__saved_mask = {
__val = {12927554,
140737488308704,
6036668,
4294967296,
12927554,
12927554,
13147906,
140737488308800,
140737488308808,
13147904,
2,
140737488308704,
12954352,
12317728,
13147906,
13147904}
}
}},
backlist = 0x0,
handlerlist = 0x0,
lisp_eval_depth = 0,
pdlcount = 2,
poll_suppress_count = 1,
interrupt_input_blocked = 0,
byte_stack = 0x0
}
#19 0x000000000053e826 in command_loop () at keyboard.c:1147
No locals.
#20 0x000000000053dfb0 in recursive_edit_1 () at keyboard.c:779
count = 1
val = 5497198
#21 0x000000000053e156 in Frecursive_edit () at keyboard.c:843
count = 0
buffer = 12927554
#22 0x000000000053c13d in main (argc=2, argv=0x7fffffff4c78) at emacs.c:1528
dummy = 254648793885
stack_bottom_variable = 0 '\000'
do_initial_setlocale = true
dumping = false
skip_args = 0
rlim = {
rlim_cur = 33554432,
rlim_max = 18446744073709551615
}
no_loadup = false
junk = 0x0
dname_arg = 0x0
ch_to_dir = 0x3b4a40a6ee "GOMP_STACKSIZE"
Lisp Backtrace:
"primitive-undo" (0xffff37c0)
"undo-more" (0xffff3c90)
"undo" (0xffff41a8)
"call-interactively" (0xffff44c8)
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.