From unknown Fri Aug 22 01:33:52 2025 X-Loop: help-debbugs@gnu.org Subject: bug#17249: 24.3; segfault with certain unicode strings in C locale Resent-From: Richard Hansen Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Sat, 12 Apr 2014 06:12:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 17249 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: To: 17249@debbugs.gnu.org X-Debbugs-Original-To: bug-gnu-emacs@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.139728311231032 (code B ref -1); Sat, 12 Apr 2014 06:12:02 +0000 Received: (at submit) by debbugs.gnu.org; 12 Apr 2014 06:11:52 +0000 Received: from localhost ([127.0.0.1]:45962 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WYrAN-00084R-Ol for submit@debbugs.gnu.org; Sat, 12 Apr 2014 02:11:52 -0400 Received: from eggs.gnu.org ([208.118.235.92]:55340) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WYrAK-000846-Cw for submit@debbugs.gnu.org; Sat, 12 Apr 2014 02:11:49 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1WYrA7-0006UZ-U1 for submit@debbugs.gnu.org; Sat, 12 Apr 2014 02:11:43 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50 autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:59778) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WYrA7-0006UV-QN for submit@debbugs.gnu.org; Sat, 12 Apr 2014 02:11:35 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:57043) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WYrA1-0005jB-49 for bug-gnu-emacs@gnu.org; Sat, 12 Apr 2014 02:11:35 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1WYr9u-0006TZ-QE for bug-gnu-emacs@gnu.org; Sat, 12 Apr 2014 02:11:29 -0400 Received: from smtp.bbn.com ([128.33.1.81]:22128) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WYr9u-0006TJ-M7 for bug-gnu-emacs@gnu.org; Sat, 12 Apr 2014 02:11:22 -0400 Received: from socket.bbn.com ([192.1.120.102]:42068) by smtp.bbn.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.77 (FreeBSD)) (envelope-from ) id 1WYrA2-0001gZ-1f for bug-gnu-emacs@gnu.org; Sat, 12 Apr 2014 02:11:30 -0400 X-Submitted: to socket.bbn.com (Postfix) with ESMTPSA id 077EA3FF89 Received: by datagram.bbn.com (Postfix, from userid 1000) id 71F63188010B; Sat, 12 Apr 2014 02:11:20 -0400 (EDT) From: Richard Hansen Date: Sat, 12 Apr 2014 02:11:20 -0400 Message-ID: <871tx3rsaf.fsf@datagram.bbn.com> MIME-Version: 1.0 Content-Type: text/plain X-detected-operating-system: by eggs.gnu.org: FreeBSD 8.x X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -4.1 (----) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -4.1 (----) I can get emacs to crash with these shell commands: # generate a unicode string printf '\040\314\210\302\273\n' >crash-emacs.txt LC_ALL=C emacs -nw -Q +1:3 crash-emacs.txt If I set LC_ALL=en_US.utf8 then it does not crash. Here is the gdb backtrace: #0 0x0000000000498c20 in char_table_ref (table=, c=c@entry=4194690) at chartab.c:234 tbl = 0xbb5000 val = 4611686018429485125 #1 0x00000000005a679e in composition_compute_stop_pos ( cmp_it=cmp_it@entry=0x7fffffffcf50, charpos=4, charpos@entry=3, bytepos=, bytepos@entry=3, endpos=, endpos@entry=5, string=12124434) at composite.c:1053 start = 3 end = 40 c = 4194690 prop = 839073240292445696 val = #2 0x000000000051bc7e in scan_for_column ( endpos=endpos@entry=0x7fffffffcfe8, goalcol=goalcol@entry=0x7fffffffcff8, prevcol=prevcol@entry=0x7fffffffcff0) at indent.c:595 c = ctl_arrow = true dp = 0x0 multibyte = true cmp_it = { stop_pos = 5, id = -1, ch = -2, rule_idx = 0, lookback = 1, nglyphs = 2, reversed_p = false, charpos = 2, nchars = 1, nbytes = 1, from = 1, to = 2, width = 1 } window = w = 0xba2978 col = 2 prev_col = 1 goal = 2 end = 5 scan = 3 scan_byte = 3 next_boundary = 5 #3 0x000000000051cea1 in Fmove_to_column (column=, force=12124434) at indent.c:990 pos = 5 prev_col = 20186896 col = 2 goal = 2 #4 0x000000000055006d in Ffuncall (nargs=, args=) at eval.c:2781 fun = 8584349 original_fun = 12285586 funcar = numargs = lisp_numargs = val = backtrace = { next = 0x7fffffffd250, function = 12285586, args = 0x7fffffffd160, nargs = 1, debug_on_exit = 0 } internal_args = 0x7fffffffd030 i = #5 0x0000000000584a8b in exec_byte_code (bytestr=12275717, vector=4194690, maxdepth=4611686018695757824, args_template=4611686018430533632, nargs=4611686018695757824, args=0x7fffffffd150) at bytecode.c:900 targets = {0x584ba8 , ... vectorp = 0x8c6fb8 stack = { pc = 0xab5414 "\210\313\262\006\266\002\201Q", byte_string = 9203593, byte_string_start = 0xab5099 "\306 \210\b\203\021", constants = 9203629, next = 0x7fffffffd380 } result = 4611686018429485125 #6 0x000000000054f9bd in funcall_lambda (fun=9203629, nargs=nargs@entry=1, arg_vector=0x8c6f89 , arg_vector@entry=0x7fffffffd2d0) at eval.c:2944 val = syms_left = next = lexenv = count = -26216640712628180 i = optional = rest = #7 0x000000000054feeb in Ffuncall (nargs=2, args=0x7fffffffd2c8) at eval.c:2839 fun = original_fun = 16434802 funcar = numargs = 1 lisp_numargs = val = backtrace = { next = 0x7fffffffd410, function = 16434802, args = 0x7fffffffd2d0, nargs = 1, debug_on_exit = 0 } internal_args = i = #8 0x0000000000584a8b in exec_byte_code (bytestr=12275717, vector=4194690, maxdepth=4611686018695757824, args_template=4611686018430533632, nargs=4611686018695757824, args=0x7fffffffd2c8) at bytecode.c:900 targets = {0x584ba8 , ... vectorp = 0x8c0600 stack = { pc = 0xab7f31 "\210\016H\203\264\005\201\303", byte_string = 9176529, byte_string_start = 0xab7989 "\306 \020\307\021\n\023\307\024\310\311!\211\307=\204\060", constants = 9176565, next = 0x7fffffffd500 } result = 4611686018429485125 #9 0x000000000054f9bd in funcall_lambda (fun=9176565, nargs=nargs@entry=0, arg_vector=0x8c05d1 , arg_vector@entry=0x7fffffffd498) at eval.c:2944 val = syms_left = next = lexenv = count = -26216640712628168 i = optional = rest = #10 0x000000000054feeb in Ffuncall (nargs=1, args=0x7fffffffd490) at eval.c:2839 fun = original_fun = 15567250 funcar = numargs = 0 lisp_numargs = val = backtrace = { next = 0x7fffffffd630, function = 15567250, args = 0x7fffffffd498, nargs = 0, debug_on_exit = 0 } internal_args = i = #11 0x0000000000584a8b in exec_byte_code (bytestr=12275717, vector=4194690, maxdepth=4611686018695757824, args_template=4611686018430533632, nargs=4611686018695757824, args=0x7fffffffd488) at bytecode.c:900 targets = {0x584ba8 , ... vectorp = 0x8bf9d0 stack = { pc = 0xab84b7 "\210)\210\351\352\353\"\210\354\321\355\"\211;\203\256", byte_string = 9173409, byte_string_start = 0xab8422 "\b\203\b", constants = 9173445, next = 0x0 } result = 4611686018429485125 #12 0x000000000054f9bd in funcall_lambda (fun=9173445, fun@entry=9173357, nargs=nargs@entry=0, arg_vector=0x8bf9a1 , arg_vector@entry=0x7fffffffd570) at eval.c:2944 val = syms_left = next = lexenv = count = -26221038759138928 i = optional = rest = #13 0x000000000054effd in apply_lambda (fun=9173357, args=) at eval.c:2887 args_left = 12124434 i = numargs = 0 arg_vector = gcpro1 = tem = sa_count = 3 sa_must_free = #14 0x000000000054f3c2 in eval_sub (form=form@entry=12349798) at eval.c:2218 fun = val = original_fun = 15837026 original_args = 12124434 funcar = backtrace = { next = 0x0, function = 15837026, args = 0x7fffffffd570, nargs = 0, debug_on_exit = 0 } gcpro3 = #15 0x00000000005527cd in Feval (form=12349798, lexical=) at eval.c:2005 count = 2 #16 0x000000000054e5b3 in internal_condition_case ( bfun=bfun@entry=0x4dd600 , handlers=12176114, hfun=hfun@entry=0x4e2290 ) at eval.c:1289 val = c = { tag = 12124434, val = 12124434, next = 0x7fffffffd8b0, gcpro = 0x0, jmp = {{ __jmpbuf = {1, 7163789923458151104, 12124434, 4000, 140737488346000, 1, -7163791675184188736, 7163791299020387008}, __mask_was_saved = 0, __saved_mask = { __val = {17, 0, 140737354130880, 0, 140737354130880, 140737488345136, 140737488345120, 3488983867, 4299206140, 4294967295, 4238103, 4294967295, 67108864, 140737251060432, 140737353872624, 0} } }}, backlist = 0x0, handlerlist = 0x0, lisp_eval_depth = 0, pdlcount = 2, poll_suppress_count = 1, interrupt_input_blocked = 0, byte_stack = 0x0 } h = { handler = 12176114, var = 12124434, chosen_clause = 4294967296, tag = 0x7fffffffd760, next = 0x0 } #17 0x00000000004dd5e6 in top_level_1 (ignore=ignore@entry=12124434) at keyboard.c:1185 No locals. #18 0x000000000054e48e in internal_catch (tag=, func=func@entry=0x4dd580 , arg=12124434) at eval.c:1060 c = { tag = 12171954, val = 12124434, next = 0x0, gcpro = 0x0, jmp = {{ __jmpbuf = {1, 7163789923458151104, 12124434, 4000, 140737488346000, 1, -7163791674762661184, 7163791298990764736}, __mask_was_saved = 0, __saved_mask = { __val = {140737351972645, 400, 5, 0, 0, 0, 0, 227633266711, 5849150, 532575944823, 6198499, 140737488345584, 140737488345592, 0, 140737488345584, 6198499} } }}, backlist = 0x0, handlerlist = 0x0, lisp_eval_depth = 0, pdlcount = 2, poll_suppress_count = 1, interrupt_input_blocked = 0, byte_stack = 0x0 } #19 0x00000000004e1d9f in command_loop () at keyboard.c:1146 No locals. #20 recursive_edit_1 () at keyboard.c:779 count = 1 val = 20186704 #21 0x00000000004e20b4 in Frecursive_edit () at keyboard.c:843 count = 0 buffer = 12124434 #22 0x00000000004171d5 in main (argc=, argv=0x7fffffffdb98) at emacs.c:1528 dummy = 140737353873872 stack_bottom_variable = -15 '\361' do_initial_setlocale = dumping = skip_args = 1 rlim = { rlim_cur = 8720000, rlim_max = 18446744073709551615 } no_loadup = false junk = 0x0 dname_arg = 0x0 ch_to_dir = 0x818
Lisp Backtrace: "move-to-column" (0xffffd160) "command-line-1" (0xffffd2d0) "command-line" (0xffffd498) "normal-top-level" (0xffffd570) In GNU Emacs 24.3.1 (x86_64-pc-linux-gnu, GTK+ Version 3.8.2) of 2013-07-26 on roseapple, modified by Debian Windowing system distributor `The X.Org Foundation', version 11.0.11405000 System Description: Ubuntu 13.10 Configured using: `configure '--build' 'x86_64-linux-gnu' '--build' 'x86_64-linux-gnu' '--prefix=/usr' '--sharedstatedir=/var/lib' '--libexecdir=/usr/lib' '--localstatedir=/var/lib' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--with-pop=yes' '--enable-locallisppath=/etc/emacs24:/etc/emacs:/usr/local/share/emacs/24.3/site-lisp:/usr/local/share/emacs/site-lisp:/usr/share/emacs/24.3/site-lisp:/usr/share/emacs/site-lisp' '--with-crt-dir=/usr/lib/x86_64-linux-gnu' '--with-x=yes' '--with-x-toolkit=gtk3' '--with-toolkit-scroll-bars' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wall' 'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro' 'CPPFLAGS=-D_FORTIFY_SOURCE=2'' Important settings: value of $LC_TIME: en_DK.utf8 value of $LANG: en_US.utf8 locale-coding-system: utf-8-unix default enable-multibyte-characters: t From unknown Fri Aug 22 01:33:52 2025 X-Loop: help-debbugs@gnu.org Subject: bug#17249: 24.3; segfault with certain unicode strings in C locale Resent-From: Eli Zaretskii Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Sat, 12 Apr 2014 07:24:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 17249 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: To: Richard Hansen Cc: 17249@debbugs.gnu.org Reply-To: Eli Zaretskii Received: via spool by 17249-submit@debbugs.gnu.org id=B17249.13972873867311 (code B ref 17249); Sat, 12 Apr 2014 07:24:01 +0000 Received: (at 17249) by debbugs.gnu.org; 12 Apr 2014 07:23:06 +0000 Received: from localhost ([127.0.0.1]:45988 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WYsHK-0001tq-D5 for submit@debbugs.gnu.org; Sat, 12 Apr 2014 03:23:06 -0400 Received: from mtaout22.012.net.il ([80.179.55.172]:35342) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WYsHH-0001tB-2t for 17249@debbugs.gnu.org; Sat, 12 Apr 2014 03:23:04 -0400 Received: from conversion-daemon.a-mtaout22.012.net.il by a-mtaout22.012.net.il (HyperSendmail v2007.08) id <0N3W00200P1HYQ00@a-mtaout22.012.net.il> for 17249@debbugs.gnu.org; Sat, 12 Apr 2014 10:22:56 +0300 (IDT) Received: from HOME-C4E4A596F7 ([87.69.4.28]) by a-mtaout22.012.net.il (HyperSendmail v2007.08) with ESMTPA id <0N3W0028XPU8S540@a-mtaout22.012.net.il>; Sat, 12 Apr 2014 10:22:56 +0300 (IDT) Date: Sat, 12 Apr 2014 10:23:00 +0300 From: Eli Zaretskii In-reply-to: <871tx3rsaf.fsf@datagram.bbn.com> X-012-Sender: halo1@inter.net.il Message-id: <838urbt3jf.fsf@gnu.org> References: <871tx3rsaf.fsf@datagram.bbn.com> X-Spam-Score: 1.0 (+) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.0 (+) > From: Richard Hansen > Date: Sat, 12 Apr 2014 02:11:20 -0400 > > I can get emacs to crash with these shell commands: > > # generate a unicode string > printf '\040\314\210\302\273\n' >crash-emacs.txt > LC_ALL=C emacs -nw -Q +1:3 crash-emacs.txt > > If I set LC_ALL=en_US.utf8 then it does not crash. I can reproduce this in Emacs 24.3, but not with the current development code, so I guess this was already fixed. From unknown Fri Aug 22 01:33:52 2025 X-Loop: help-debbugs@gnu.org Subject: bug#17249: 24.3; segfault with certain unicode strings in C locale Resent-From: Richard Hansen Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Mon, 14 Apr 2014 04:57:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 17249 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: To: Eli Zaretskii Cc: 17249@debbugs.gnu.org Received: via spool by 17249-submit@debbugs.gnu.org id=B17249.139745139817593 (code B ref 17249); Mon, 14 Apr 2014 04:57:02 +0000 Received: (at 17249) by debbugs.gnu.org; 14 Apr 2014 04:56:38 +0000 Received: from localhost ([127.0.0.1]:47680 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WZYwf-0004Zg-Ij for submit@debbugs.gnu.org; Mon, 14 Apr 2014 00:56:38 -0400 Received: from smtp.bbn.com ([128.33.1.81]:46614) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WZYwd-0004ZQ-IU for 17249@debbugs.gnu.org; Mon, 14 Apr 2014 00:56:36 -0400 Received: from socket.bbn.com ([192.1.120.102]:42186) by smtp.bbn.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.77 (FreeBSD)) (envelope-from ) id 1WZYwg-0007kD-BW; Mon, 14 Apr 2014 00:56:38 -0400 X-Submitted: to socket.bbn.com (Postfix) with ESMTPSA id 2EC663FF89 Message-ID: <534B6A7C.4010006@bbn.com> Date: Mon, 14 Apr 2014 00:56:28 -0400 From: Richard Hansen User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0 MIME-Version: 1.0 References: <871tx3rsaf.fsf@datagram.bbn.com> <838urbt3jf.fsf@gnu.org> In-Reply-To: <838urbt3jf.fsf@gnu.org> X-Enigmail-Version: 1.6 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Spam-Score: -3.3 (---) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) On 2014-04-12 03:23, Eli Zaretskii wrote: >> From: Richard Hansen >> Date: Sat, 12 Apr 2014 02:11:20 -0400 >> >> I can get emacs to crash with these shell commands: >> >> # generate a unicode string >> printf '\040\314\210\302\273\n' >crash-emacs.txt >> LC_ALL=C emacs -nw -Q +1:3 crash-emacs.txt >> >> If I set LC_ALL=en_US.utf8 then it does not crash. > > I can reproduce this in Emacs 24.3, but not with the current > development code, so I guess this was already fixed. Thanks for checking! I just did my own testing and agree that this has already been fixed. I checked out the latest emacs-24 branch of the Git repository (git://git.savannah.gnu.org/emacs.git) and could not reproduce the problem. To ensure the crash in 24.3 wasn't due to certain arguments passed to 'configure' (e.g., -fstack-protector in the CFLAGS used by Ubuntu), I checked out the emacs-24.3 tag, ran 'configure' with the same arguments I used to build the tip of the emacs-24 branch, and was still able to reproduce the crash. Thanks, Richard From unknown Fri Aug 22 01:33:52 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.503 (Entity 5.503) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: Richard Hansen Subject: bug#17249: closed (Re: 24.3; segfault with certain unicode strings in C locale) Message-ID: References: <534B7707.4050201@cs.ucla.edu> <871tx3rsaf.fsf@datagram.bbn.com> X-Gnu-PR-Message: they-closed 17249 X-Gnu-PR-Package: emacs Reply-To: 17249@debbugs.gnu.org Date: Mon, 14 Apr 2014 05:51:03 +0000 Content-Type: multipart/mixed; boundary="----------=_1397454663-24500-1" This is a multi-part message in MIME format... ------------=_1397454663-24500-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #17249: 24.3; segfault with certain unicode strings in C locale which was filed against the emacs package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 17249@debbugs.gnu.org. --=20 17249: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D17249 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1397454663-24500-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 17249-done) by debbugs.gnu.org; 14 Apr 2014 05:50:18 +0000 Received: from localhost ([127.0.0.1]:47709 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WZZmb-0006LO-26 for submit@debbugs.gnu.org; Mon, 14 Apr 2014 01:50:17 -0400 Received: from smtp.cs.ucla.edu ([131.179.128.62]:51602) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WZZmY-0006L7-6r for 17249-done@debbugs.gnu.org; Mon, 14 Apr 2014 01:50:14 -0400 Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp.cs.ucla.edu (Postfix) with ESMTP id 7F9CF39E8014 for <17249-done@debbugs.gnu.org>; Sun, 13 Apr 2014 22:50:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at smtp.cs.ucla.edu Received: from smtp.cs.ucla.edu ([127.0.0.1]) by localhost (smtp.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9EwpQmR-MEpR for <17249-done@debbugs.gnu.org>; Sun, 13 Apr 2014 22:49:59 -0700 (PDT) Received: from [192.168.1.9] (pool-108-0-233-62.lsanca.fios.verizon.net [108.0.233.62]) by smtp.cs.ucla.edu (Postfix) with ESMTPSA id B02AD39E8011 for <17249-done@debbugs.gnu.org>; Sun, 13 Apr 2014 22:49:59 -0700 (PDT) Message-ID: <534B7707.4050201@cs.ucla.edu> Date: Sun, 13 Apr 2014 22:49:59 -0700 From: Paul Eggert Organization: UCLA Computer Science Department User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0 MIME-Version: 1.0 To: 17249-done@debbugs.gnu.org Subject: Re: 24.3; segfault with certain unicode strings in C locale Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: -3.3 (---) X-Debbugs-Envelope-To: 17249-done X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Thanks for checking. Since the bug is fixed I'm marking it as done. ------------=_1397454663-24500-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 12 Apr 2014 06:11:52 +0000 Received: from localhost ([127.0.0.1]:45962 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WYrAN-00084R-Ol for submit@debbugs.gnu.org; Sat, 12 Apr 2014 02:11:52 -0400 Received: from eggs.gnu.org ([208.118.235.92]:55340) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WYrAK-000846-Cw for submit@debbugs.gnu.org; Sat, 12 Apr 2014 02:11:49 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1WYrA7-0006UZ-U1 for submit@debbugs.gnu.org; Sat, 12 Apr 2014 02:11:43 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50 autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:59778) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WYrA7-0006UV-QN for submit@debbugs.gnu.org; Sat, 12 Apr 2014 02:11:35 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:57043) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WYrA1-0005jB-49 for bug-gnu-emacs@gnu.org; Sat, 12 Apr 2014 02:11:35 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1WYr9u-0006TZ-QE for bug-gnu-emacs@gnu.org; Sat, 12 Apr 2014 02:11:29 -0400 Received: from smtp.bbn.com ([128.33.1.81]:22128) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WYr9u-0006TJ-M7 for bug-gnu-emacs@gnu.org; Sat, 12 Apr 2014 02:11:22 -0400 Received: from socket.bbn.com ([192.1.120.102]:42068) by smtp.bbn.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.77 (FreeBSD)) (envelope-from ) id 1WYrA2-0001gZ-1f for bug-gnu-emacs@gnu.org; Sat, 12 Apr 2014 02:11:30 -0400 X-Submitted: to socket.bbn.com (Postfix) with ESMTPSA id 077EA3FF89 Received: by datagram.bbn.com (Postfix, from userid 1000) id 71F63188010B; Sat, 12 Apr 2014 02:11:20 -0400 (EDT) From: Richard Hansen To: bug-gnu-emacs@gnu.org Subject: 24.3; segfault with certain unicode strings in C locale Date: Sat, 12 Apr 2014 02:11:20 -0400 Message-ID: <871tx3rsaf.fsf@datagram.bbn.com> MIME-Version: 1.0 Content-Type: text/plain X-detected-operating-system: by eggs.gnu.org: FreeBSD 8.x X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -4.1 (----) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -4.1 (----) I can get emacs to crash with these shell commands: # generate a unicode string printf '\040\314\210\302\273\n' >crash-emacs.txt LC_ALL=C emacs -nw -Q +1:3 crash-emacs.txt If I set LC_ALL=en_US.utf8 then it does not crash. Here is the gdb backtrace: #0 0x0000000000498c20 in char_table_ref (table=, c=c@entry=4194690) at chartab.c:234 tbl = 0xbb5000 val = 4611686018429485125 #1 0x00000000005a679e in composition_compute_stop_pos ( cmp_it=cmp_it@entry=0x7fffffffcf50, charpos=4, charpos@entry=3, bytepos=, bytepos@entry=3, endpos=, endpos@entry=5, string=12124434) at composite.c:1053 start = 3 end = 40 c = 4194690 prop = 839073240292445696 val = #2 0x000000000051bc7e in scan_for_column ( endpos=endpos@entry=0x7fffffffcfe8, goalcol=goalcol@entry=0x7fffffffcff8, prevcol=prevcol@entry=0x7fffffffcff0) at indent.c:595 c = ctl_arrow = true dp = 0x0 multibyte = true cmp_it = { stop_pos = 5, id = -1, ch = -2, rule_idx = 0, lookback = 1, nglyphs = 2, reversed_p = false, charpos = 2, nchars = 1, nbytes = 1, from = 1, to = 2, width = 1 } window = w = 0xba2978 col = 2 prev_col = 1 goal = 2 end = 5 scan = 3 scan_byte = 3 next_boundary = 5 #3 0x000000000051cea1 in Fmove_to_column (column=, force=12124434) at indent.c:990 pos = 5 prev_col = 20186896 col = 2 goal = 2 #4 0x000000000055006d in Ffuncall (nargs=, args=) at eval.c:2781 fun = 8584349 original_fun = 12285586 funcar = numargs = lisp_numargs = val = backtrace = { next = 0x7fffffffd250, function = 12285586, args = 0x7fffffffd160, nargs = 1, debug_on_exit = 0 } internal_args = 0x7fffffffd030 i = #5 0x0000000000584a8b in exec_byte_code (bytestr=12275717, vector=4194690, maxdepth=4611686018695757824, args_template=4611686018430533632, nargs=4611686018695757824, args=0x7fffffffd150) at bytecode.c:900 targets = {0x584ba8 , ... vectorp = 0x8c6fb8 stack = { pc = 0xab5414 "\210\313\262\006\266\002\201Q", byte_string = 9203593, byte_string_start = 0xab5099 "\306 \210\b\203\021", constants = 9203629, next = 0x7fffffffd380 } result = 4611686018429485125 #6 0x000000000054f9bd in funcall_lambda (fun=9203629, nargs=nargs@entry=1, arg_vector=0x8c6f89 , arg_vector@entry=0x7fffffffd2d0) at eval.c:2944 val = syms_left = next = lexenv = count = -26216640712628180 i = optional = rest = #7 0x000000000054feeb in Ffuncall (nargs=2, args=0x7fffffffd2c8) at eval.c:2839 fun = original_fun = 16434802 funcar = numargs = 1 lisp_numargs = val = backtrace = { next = 0x7fffffffd410, function = 16434802, args = 0x7fffffffd2d0, nargs = 1, debug_on_exit = 0 } internal_args = i = #8 0x0000000000584a8b in exec_byte_code (bytestr=12275717, vector=4194690, maxdepth=4611686018695757824, args_template=4611686018430533632, nargs=4611686018695757824, args=0x7fffffffd2c8) at bytecode.c:900 targets = {0x584ba8 , ... vectorp = 0x8c0600 stack = { pc = 0xab7f31 "\210\016H\203\264\005\201\303", byte_string = 9176529, byte_string_start = 0xab7989 "\306 \020\307\021\n\023\307\024\310\311!\211\307=\204\060", constants = 9176565, next = 0x7fffffffd500 } result = 4611686018429485125 #9 0x000000000054f9bd in funcall_lambda (fun=9176565, nargs=nargs@entry=0, arg_vector=0x8c05d1 , arg_vector@entry=0x7fffffffd498) at eval.c:2944 val = syms_left = next = lexenv = count = -26216640712628168 i = optional = rest = #10 0x000000000054feeb in Ffuncall (nargs=1, args=0x7fffffffd490) at eval.c:2839 fun = original_fun = 15567250 funcar = numargs = 0 lisp_numargs = val = backtrace = { next = 0x7fffffffd630, function = 15567250, args = 0x7fffffffd498, nargs = 0, debug_on_exit = 0 } internal_args = i = #11 0x0000000000584a8b in exec_byte_code (bytestr=12275717, vector=4194690, maxdepth=4611686018695757824, args_template=4611686018430533632, nargs=4611686018695757824, args=0x7fffffffd488) at bytecode.c:900 targets = {0x584ba8 , ... vectorp = 0x8bf9d0 stack = { pc = 0xab84b7 "\210)\210\351\352\353\"\210\354\321\355\"\211;\203\256", byte_string = 9173409, byte_string_start = 0xab8422 "\b\203\b", constants = 9173445, next = 0x0 } result = 4611686018429485125 #12 0x000000000054f9bd in funcall_lambda (fun=9173445, fun@entry=9173357, nargs=nargs@entry=0, arg_vector=0x8bf9a1 , arg_vector@entry=0x7fffffffd570) at eval.c:2944 val = syms_left = next = lexenv = count = -26221038759138928 i = optional = rest = #13 0x000000000054effd in apply_lambda (fun=9173357, args=) at eval.c:2887 args_left = 12124434 i = numargs = 0 arg_vector = gcpro1 = tem = sa_count = 3 sa_must_free = #14 0x000000000054f3c2 in eval_sub (form=form@entry=12349798) at eval.c:2218 fun = val = original_fun = 15837026 original_args = 12124434 funcar = backtrace = { next = 0x0, function = 15837026, args = 0x7fffffffd570, nargs = 0, debug_on_exit = 0 } gcpro3 = #15 0x00000000005527cd in Feval (form=12349798, lexical=) at eval.c:2005 count = 2 #16 0x000000000054e5b3 in internal_condition_case ( bfun=bfun@entry=0x4dd600 , handlers=12176114, hfun=hfun@entry=0x4e2290 ) at eval.c:1289 val = c = { tag = 12124434, val = 12124434, next = 0x7fffffffd8b0, gcpro = 0x0, jmp = {{ __jmpbuf = {1, 7163789923458151104, 12124434, 4000, 140737488346000, 1, -7163791675184188736, 7163791299020387008}, __mask_was_saved = 0, __saved_mask = { __val = {17, 0, 140737354130880, 0, 140737354130880, 140737488345136, 140737488345120, 3488983867, 4299206140, 4294967295, 4238103, 4294967295, 67108864, 140737251060432, 140737353872624, 0} } }}, backlist = 0x0, handlerlist = 0x0, lisp_eval_depth = 0, pdlcount = 2, poll_suppress_count = 1, interrupt_input_blocked = 0, byte_stack = 0x0 } h = { handler = 12176114, var = 12124434, chosen_clause = 4294967296, tag = 0x7fffffffd760, next = 0x0 } #17 0x00000000004dd5e6 in top_level_1 (ignore=ignore@entry=12124434) at keyboard.c:1185 No locals. #18 0x000000000054e48e in internal_catch (tag=, func=func@entry=0x4dd580 , arg=12124434) at eval.c:1060 c = { tag = 12171954, val = 12124434, next = 0x0, gcpro = 0x0, jmp = {{ __jmpbuf = {1, 7163789923458151104, 12124434, 4000, 140737488346000, 1, -7163791674762661184, 7163791298990764736}, __mask_was_saved = 0, __saved_mask = { __val = {140737351972645, 400, 5, 0, 0, 0, 0, 227633266711, 5849150, 532575944823, 6198499, 140737488345584, 140737488345592, 0, 140737488345584, 6198499} } }}, backlist = 0x0, handlerlist = 0x0, lisp_eval_depth = 0, pdlcount = 2, poll_suppress_count = 1, interrupt_input_blocked = 0, byte_stack = 0x0 } #19 0x00000000004e1d9f in command_loop () at keyboard.c:1146 No locals. #20 recursive_edit_1 () at keyboard.c:779 count = 1 val = 20186704 #21 0x00000000004e20b4 in Frecursive_edit () at keyboard.c:843 count = 0 buffer = 12124434 #22 0x00000000004171d5 in main (argc=, argv=0x7fffffffdb98) at emacs.c:1528 dummy = 140737353873872 stack_bottom_variable = -15 '\361' do_initial_setlocale = dumping = skip_args = 1 rlim = { rlim_cur = 8720000, rlim_max = 18446744073709551615 } no_loadup = false junk = 0x0 dname_arg = 0x0 ch_to_dir = 0x818
Lisp Backtrace: "move-to-column" (0xffffd160) "command-line-1" (0xffffd2d0) "command-line" (0xffffd498) "normal-top-level" (0xffffd570) In GNU Emacs 24.3.1 (x86_64-pc-linux-gnu, GTK+ Version 3.8.2) of 2013-07-26 on roseapple, modified by Debian Windowing system distributor `The X.Org Foundation', version 11.0.11405000 System Description: Ubuntu 13.10 Configured using: `configure '--build' 'x86_64-linux-gnu' '--build' 'x86_64-linux-gnu' '--prefix=/usr' '--sharedstatedir=/var/lib' '--libexecdir=/usr/lib' '--localstatedir=/var/lib' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--with-pop=yes' '--enable-locallisppath=/etc/emacs24:/etc/emacs:/usr/local/share/emacs/24.3/site-lisp:/usr/local/share/emacs/site-lisp:/usr/share/emacs/24.3/site-lisp:/usr/share/emacs/site-lisp' '--with-crt-dir=/usr/lib/x86_64-linux-gnu' '--with-x=yes' '--with-x-toolkit=gtk3' '--with-toolkit-scroll-bars' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wall' 'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro' 'CPPFLAGS=-D_FORTIFY_SOURCE=2'' Important settings: value of $LC_TIME: en_DK.utf8 value of $LANG: en_US.utf8 locale-coding-system: utf-8-unix default enable-multibyte-characters: t ------------=_1397454663-24500-1--