GNU bug report logs - #16603
24.3.50; Segfault when viewing a backtrace

Previous Next

Package: emacs;

Reported by: Lars Ingebrigtsen <larsi <at> gnus.org>

Date: Fri, 31 Jan 2014 02:22:02 UTC

Severity: normal

Found in version 24.3.50

Fixed in version 24.4

Done: Lars Ingebrigtsen <larsi <at> gnus.org>

Bug is archived. No further changes may be made.

Full log

Message #8 received at 16603 <at> debbugs.gnu.org (full text, mbox):

From: Dmitry Antipov <dmantipov <at> yandex.ru>
To: Lars Ingebrigtsen <larsi <at> gnus.org>
Cc: 16603 <at> debbugs.gnu.org
Subject: Re: bug#16603: 24.3.50; Segfault when viewing a backtrace
Date: Fri, 31 Jan 2014 11:03:16 +0400

On 01/31/2014 06:20 AM, Lars Ingebrigtsen wrote:

> (require 'gnus-group)
> (setq debug-on-error t)
> (gnus-read-ephemeral-emacs-bug-group 16577)
>
> Choose Rotem's article, and my Emacs crashes:

Reproduced.  With the only extra eassert:

=== modified file 'src/eval.c'
--- src/eval.c	2014-01-25 03:48:29 +0000
+++ src/eval.c	2014-01-31 06:49:49 +0000
@@ -3191,6 +3191,7 @@
 void
 record_unwind_protect (void (*function) (Lisp_Object), Lisp_Object arg)
 {
+  eassert (specpdl_ptr < specpdl + specpdl_size);
   specpdl_ptr->unwind.kind = SPECPDL_UNWIND;
   specpdl_ptr->unwind.func = function;
   specpdl_ptr->unwind.arg = arg;

I got the following backtrace:

#14 0x00000000005eafb9 in die (msg=0x70d440 "specpdl_ptr < specpdl + specpdl_size", file=0x70c498 "../../trunk/src/eval.c",
    line=3194) at ../../trunk/src/alloc.c:6761
#15 0x000000000060d987 in record_unwind_protect (function=0x605b1a <restore_stack_limits>, arg=...) at ../../trunk/src/eval.c:3194
#16 0x0000000000605c1f in call_debugger (arg=...) at ../../trunk/src/eval.c:290
#17 0x0000000000609b3b in maybe_call_debugger (conditions=..., sig=..., data=...) at ../../trunk/src/eval.c:1724
#18 0x00000000006093a5 in Fsignal (error_symbol=..., data=...) at ../../trunk/src/eval.c:1542
#19 0x00000000006094be in xsignal (error_symbol=..., data=...) at ../../trunk/src/eval.c:1579
#20 0x00000000006096e3 in signal_error (s=0x70d008 "Variable binding depth exceeds max-specpdl-size", arg=...)
    at ../../trunk/src/eval.c:1634
#21 0x000000000060a6f6 in grow_specpdl () at ../../trunk/src/eval.c:2023
#22 0x000000000060a7e3 in record_in_backtrace (function=..., args=0x7ffffff78020, nargs=1) at ../../trunk/src/eval.c:2042
#23 0x000000000060c383 in Ffuncall (nargs=2, args=0x7ffffff78018) at ../../trunk/src/eval.c:2754

IIUC this is a kind of chicken-egg problem: when we're running out of specpdl
stack, we want to run a debugger, which, in turn, needs some specpdl space to run.

Dmitry
This bug report was last modified 11 years and 108 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.