GNU bug report logs - #21688
25.0.50; abort in regex.c during "align"

Previous Next

Package: emacs;

Reported by: Ken Raeburn <raeburn <at> permabit.com>

Date: Thu, 15 Oct 2015 08:26:01 UTC

Severity: normal

Merged with 21802

Found in version 25.0.50

Done: Paul Eggert <eggert <at> cs.ucla.edu>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Dima Kogan <dima <at> secretsauce.net>
Subject: bug#21802: closed (Re: 25.0.50; abort in regex.c during
 "align",,Previous Next)
Date: Sun, 15 Nov 2015 09:35:04 +0000

[Message part 1 (text/plain, inline)]
Your bug report

#21688: 25.0.50; segfault in regex.c triggered by an isearch

which was filed against the emacs package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 21802 <at> debbugs.gnu.org.

-- 
21688: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=21688
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]
From: Paul Eggert <eggert <at> cs.ucla.edu>
To: 21688-done <at> debbugs.gnu.org
Cc: Ken Raeburn <raeburn <at> permabit.com>,
 Stefan Monnier <monnier <at> IRO.UMontreal.CA>
Subject: Re: 25.0.50; abort in regex.c during "align",,Previous Next
Date: Sun, 15 Nov 2015 01:34:06 -0800

I implemented Stefan's suggestion as emacs-25 commit 
8121757b3ae6cbb7a7bac12b11ac32f243657aee and am marking this bug as done.


[Message part 3 (message/rfc822, inline)]
From: Dima Kogan <dima <at> secretsauce.net>
To: bug-gnu-emacs <at> gnu.org
Subject: 25.0.50; segfault in regex.c triggered by an isearch
Date: Sun, 01 Nov 2015 01:36:45 -0800

[Message part 4 (text/plain, inline)]
Hi. I'm running a recent emacs built from git:

  https://github.com/emacs-mirror/emacs/commit/6e2a402

I'm on a Debian machine, running the GTK build of emacs. Segfault
recipe:

1. emacs -Q /tmp/feedgnuplot (source attached)
2. M-x cperl-mode
3. C-s last if /^exit/ C-s

   Type out the string "last if /^exit/". It may crash while you're
   typing it, or it may reach the end of the string in the match on line
   431. Hit C-s again after you typed it. If it didn't crash already,
   the extra C-s makes it crash.

I haven't done any debugging other than to look at the backtrace.
Relevant chunks:

    #0  0x00007ffff03f8107 in __GI_raise (sig=sig <at> entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
    #1  0x00007ffff03f94e8 in __GI_abort () at abort.c:89
    #2  0x000000000053c3e5 in re_match_2_internal (bufp=bufp <at> entry=0xb93fc0, string1=string1 <at> entry=0x28bbca0 "#!/usr/bi:HiRes qw( usleep gettimeofday tv_interval );\nuse IO::Handle;\nuse List::Util qw( "..., size1=size1 <at> entry=0, strinrnings;\nuse Getopt::Long;\nuse Time::HiRes qw( usleep gettimeofday tv_interval );\nuse IO::Handle;\nuse List::Util
    #3  0x0000000000543b52 in re_search_2 (bufp=bufp <at> entry=0xb93fc0, str1=str1 <at> entry=0x28bbca0 "#!/usr/bin/perl\n\npackeep gettimeofday tv_interval );\nuse IO::Handle;\nuse List::Util qw( "..., size1=size1 <at> entry=0, str2=str2 <at> entry=0x2:Long;\nuse Time::HiRes qw( usleep gettimeofday tv_interval );\nuse IO::Handle;\nuse List::Util qw( "..., size2=siz
    #4  0x0000000000539522 in search_buffer (string=string <at> entry=42306836, pos=<optimized out>, pos_byte=<optimized out
        at search.c:1265
    #5  0x0000000000539e8f in search_command (string=42306836, bound=<optimized out>, noerror=44160, count=<optimized o
    #6  0x000000000053a08b in Fre_search_forward (regexp=<optimized out>, bound=<optimized out>, noerror=<optimized out

The significant-looking pieces are in regex.c and search.c.


[feedgnuplot (application/octet-stream, attachment)]
This bug report was last modified 9 years and 240 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.