GNU bug report logs - #21802
25.0.50; segfault in regex.c triggered by an isearch

Previous Next

Package: emacs;

Reported by: Dima Kogan <dima <at> secretsauce.net>

Date: Sun, 1 Nov 2015 09:37:02 UTC

Severity: normal

Merged with 21688

Found in version 25.0.50

Done: Paul Eggert <eggert <at> cs.ucla.edu>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Dima Kogan <dima <at> secretsauce.net>
To: 21802 <at> debbugs.gnu.org
Subject: bug#21802: 25.0.50; segfault in regex.c triggered by an isearch
Date: Sun, 01 Nov 2015 01:36:45 -0800

[Message part 1 (text/plain, inline)]
Hi. I'm running a recent emacs built from git:

  https://github.com/emacs-mirror/emacs/commit/6e2a402

I'm on a Debian machine, running the GTK build of emacs. Segfault
recipe:

1. emacs -Q /tmp/feedgnuplot (source attached)
2. M-x cperl-mode
3. C-s last if /^exit/ C-s

   Type out the string "last if /^exit/". It may crash while you're
   typing it, or it may reach the end of the string in the match on line
   431. Hit C-s again after you typed it. If it didn't crash already,
   the extra C-s makes it crash.

I haven't done any debugging other than to look at the backtrace.
Relevant chunks:

    #0  0x00007ffff03f8107 in __GI_raise (sig=sig <at> entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
    #1  0x00007ffff03f94e8 in __GI_abort () at abort.c:89
    #2  0x000000000053c3e5 in re_match_2_internal (bufp=bufp <at> entry=0xb93fc0, string1=string1 <at> entry=0x28bbca0 "#!/usr/bi:HiRes qw( usleep gettimeofday tv_interval );\nuse IO::Handle;\nuse List::Util qw( "..., size1=size1 <at> entry=0, strinrnings;\nuse Getopt::Long;\nuse Time::HiRes qw( usleep gettimeofday tv_interval );\nuse IO::Handle;\nuse List::Util
    #3  0x0000000000543b52 in re_search_2 (bufp=bufp <at> entry=0xb93fc0, str1=str1 <at> entry=0x28bbca0 "#!/usr/bin/perl\n\npackeep gettimeofday tv_interval );\nuse IO::Handle;\nuse List::Util qw( "..., size1=size1 <at> entry=0, str2=str2 <at> entry=0x2:Long;\nuse Time::HiRes qw( usleep gettimeofday tv_interval );\nuse IO::Handle;\nuse List::Util qw( "..., size2=siz
    #4  0x0000000000539522 in search_buffer (string=string <at> entry=42306836, pos=<optimized out>, pos_byte=<optimized out
        at search.c:1265
    #5  0x0000000000539e8f in search_command (string=42306836, bound=<optimized out>, noerror=44160, count=<optimized o
    #6  0x000000000053a08b in Fre_search_forward (regexp=<optimized out>, bound=<optimized out>, noerror=<optimized out

The significant-looking pieces are in regex.c and search.c.


[feedgnuplot (application/octet-stream, attachment)]
This bug report was last modified 9 years and 239 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.