From unknown Fri Aug 15 15:32:26 2025
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Mailer: MIME-tools 5.509 (Entity 5.509)
Content-Type: text/plain; charset=utf-8
From: bug#29066 <29066@debbugs.gnu.org>
To: bug#29066 <29066@debbugs.gnu.org>
Subject: Status: 26.0.90; crash in gc involving buffer local symbols
Reply-To: bug#29066 <29066@debbugs.gnu.org>
Date: Fri, 15 Aug 2025 22:32:26 +0000

retitle 29066 26.0.90; crash in gc involving buffer local symbols
reassign 29066 emacs
submitter 29066 Valentin Gatien-Baron <vgatien-baron@janestreet.com>
severity 29066 normal

thanks


From debbugs-submit-bounces@debbugs.gnu.org Mon Oct 30 11:33:31 2017
Received: (at submit) by debbugs.gnu.org; 30 Oct 2017 15:33:31 +0000
Received: from localhost ([127.0.0.1]:42410 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1e9C4A-0004T0-U8
	for submit@debbugs.gnu.org; Mon, 30 Oct 2017 11:33:30 -0400
Received: from eggs.gnu.org ([208.118.235.92]:50351)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <vgatien-baron@janestreet.com>) id 1e9BBi-0001AJ-II
 for submit@debbugs.gnu.org; Mon, 30 Oct 2017 10:37:14 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <vgatien-baron@janestreet.com>) id 1e9BBX-0005FO-34
 for submit@debbugs.gnu.org; Mon, 30 Oct 2017 10:37:09 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,HTML_MESSAGE,
 T_DKIM_INVALID autolearn=disabled version=3.3.2
Received: from lists.gnu.org ([2001:4830:134:3::11]:34727)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <vgatien-baron@janestreet.com>)
 id 1e9BBW-0005FI-O4
 for submit@debbugs.gnu.org; Mon, 30 Oct 2017 10:37:03 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:41302)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <vgatien-baron@janestreet.com>) id 1e9BBQ-00077H-I7
 for bug-gnu-emacs@gnu.org; Mon, 30 Oct 2017 10:37:02 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <vgatien-baron@janestreet.com>) id 1e9BBK-0005Br-Hm
 for bug-gnu-emacs@gnu.org; Mon, 30 Oct 2017 10:36:56 -0400
Received: from mxout3.mail.janestreet.com ([38.105.200.229]:36029)
 by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <vgatien-baron@janestreet.com>)
 id 1e9BBK-0005BH-2K
 for bug-gnu-emacs@gnu.org; Mon, 30 Oct 2017 10:36:50 -0400
Received: from [172.27.56.68] (helo=tot-qpr-mailcore1)
 by mxout3.mail.janestreet.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89)
 (envelope-from <vgatien-baron@janestreet.com>) id 1e9BBH-0003jL-TD
 for bug-gnu-emacs@gnu.org; Mon, 30 Oct 2017 10:36:47 -0400
X-JS-Flow: external
X-JS-Scanner-attachment: (ok) ecaml_bug.diff passed
Received: by tot-qpr-mailcore1 with ocaml/mailcore/mailcore 1.0+136
 (04e1cd915edc) (envelope-from <vgatien-baron@janestreet.com>)
 id BZ9zj_-FdUSQA-bx; 2017-10-30 10:36:47.896785-04:00
Received: from mail-lf0-f69.google.com ([209.85.215.69])
 by mxgoog1.mail.janestreet.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.89)
 (envelope-from <vgatien-baron@janestreet.com>) id 1e9BBH-0003CQ-EL
 for bug-gnu-emacs@gnu.org; Mon, 30 Oct 2017 10:36:47 -0400
Received: by mail-lf0-f69.google.com with SMTP id n69so3956498lfn.18
 for <bug-gnu-emacs@gnu.org>; Mon, 30 Oct 2017 07:36:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=janestreet.com; s=google;
 h=mime-version:from:date:message-id:subject:to:cc;
 bh=aR/9u9Y+Y1ZxyqC8GXczZyo88Xw1v96gfILOJUf0OPo=;
 b=FvdDI3jVNDcHq2lxedNu0pseloidgReJABMZdvnvvuTqEkTuQFhhUHKL8DAJ6cC465
 QiOmvi/ed8xmj/Ogaj8CemH2Q2aV1Cf4xHJqjx+6MhfRvY1PH8OPRCJ5XkBDWa+7cz00
 aR6BBFd2xKlfvQ5ARfPIW/DWRW1mVai330xW0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc;
 bh=aR/9u9Y+Y1ZxyqC8GXczZyo88Xw1v96gfILOJUf0OPo=;
 b=Jqk62DiQhmNvpwXcuYJJ8SdBw47SsHZfDXUlxNN2Z44yqgmZEcaEBsL39RR+qcFkeI
 eNuk+3V9e5fwf14Mt2MUUwE2CPz7BpYVJMCVWjF8E71et7Fb96BJVwQd6ZwGh7nT+NZ4
 3irSCv6le3sJIK1m6YCq7aDzfMnSwlmPpwdR/t63qRSKpfYYjQaErSwFUpXnCVBkT+tb
 IEe+GvLe7yPakGNPB+9y9Ojd8FBJzxdLryPysD04QICK2T87GxZPaDl6spcg3r0cpZSE
 yKl6dFAWPI5HwMikxST2WUhxNgMqwSm9wsRVqHg1bn8yCVLL7Mej8RqxRRGOd2ndPEC0
 KIxQ==
X-Gm-Message-State: AMCzsaWh+9g4UD7EDL/ERs+fQj/pM2+ODZ1+rys5g+ESdI6piI0hZ5uJ
 KZZvajW37QXGIh4FFFB5YgpNxAuVYT1mIOtD77y00rH3/rNSiRVxBbTU+lGz3c+iVF6VAPxkFZa
 2XYJvxAKlPItbALNY83GKHsKplVakzQ==
X-Received: by 10.25.151.206 with SMTP id z197mr2915061lfd.3.1509374204709;
 Mon, 30 Oct 2017 07:36:44 -0700 (PDT)
X-Google-Smtp-Source: ABhQp+SAA/6zRkg7p9Ds1bC5gS52lMXmSQyLGb+2uPONltXOu8hagNYyd70D/QFcxHejKFR6JFgqhisDPPNEfhKDlNI=
X-Received: by 10.25.151.206 with SMTP id z197mr2915025lfd.3.1509374203097;
 Mon, 30 Oct 2017 07:36:43 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.25.234.11 with HTTP; Mon, 30 Oct 2017 07:36:41 -0700 (PDT)
From: Valentin Gatien-Baron <vgatien-baron@janestreet.com>
Date: Mon, 30 Oct 2017 10:36:41 -0400
Message-ID: <CAFd54qNxFhwTVC-ttTWzn1d3hJQ83kEwDa-Kka1T+SAk-y9V7Q@mail.gmail.com>
Subject: 26.0.90; crash in gc involving buffer local symbols
To: bug-gnu-emacs@gnu.org
Content-Type: multipart/mixed; boundary="001a11401d8035b3b7055cc491df"
X-JS-Exim-Data-Received: 2017-10-30 10:36:47-0400
X-JS-Processed-by: mailcore
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
 [fuzzy]
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x
X-Received-From: 2001:4830:134:3::11
X-Debbugs-Envelope-To: submit
X-Mailman-Approved-At: Mon, 30 Oct 2017 11:33:29 -0400
Cc: Mark Shinwell <mshinwell@janestreet.com>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>

--001a11401d8035b3b7055cc491df
Content-Type: multipart/alternative; boundary="001a11401d8035b3b0055cc491dd"

--001a11401d8035b3b0055cc491dd
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

The following invocation of emacs aborts with double-free:

$ installed/bin/emacs -Q -L . -batch --eval '(progn (message "before")
(make-local-variable (make-symbol "\
s")) (kill-buffer) (garbage-collect) (garbage-collect) (message "after"))'
before
*** Error in `installed/bin/emacs': double free or corruption (!prev):
0x00000000014bff10 ***
=3D=3D=3D=3D=3D=3D=3D Backtrace: =3D=3D=3D=3D=3D=3D=3D=3D=3D
/lib64/libc.so.6(+0x7c619)[0x7efd02c32619]
installed/bin/emacs[0x4e3fa1]
installed/bin/emacs[0x4e917a]
installed/bin/emacs[0x5006bc]
installed/bin/emacs[0x500780]
installed/bin/emacs[0x500439]
installed/bin/emacs[0x503d30]
installed/bin/emacs[0x500de6]
installed/bin/emacs[0x538e31]
installed/bin/emacs[0x500d63]
installed/bin/emacs[0x538e31]
installed/bin/emacs[0x500d63]
installed/bin/emacs[0x538e31]
installed/bin/emacs[0x4ffe73]
installed/bin/emacs[0x5001a7]
installed/bin/emacs[0x503d30]
installed/bin/emacs[0x4ff454]
installed/bin/emacs[0x49093c]
installed/bin/emacs[0x4ff404]
installed/bin/emacs[0x48e446]
installed/bin/emacs[0x4928fe]
installed/bin/emacs[0x492c15]
installed/bin/emacs[0x406df3]
/lib64/libc.so.6(__libc_start_main+0xf5)[0x7efd02bd7c05]
installed/bin/emacs[0x4079de]

In emacs-26, running this in gdb prevents the error so I don't have a
backtrace (though I have seen such a backtrace on a different machine
with different build options for emacs). In emacs 25.2, though, the
same error happens and there the backtrace is:

(gdb) bt full
#0  0x00007ffff20a11f7 in raise () from /lib64/libc.so.6
No symbol table info available.
#1  0x00007ffff20a28e8 in abort () from /lib64/libc.so.6
No symbol table info available.
#2  0x00007ffff20e0f47 in __libc_message () from /lib64/libc.so.6
No symbol table info available.
#3  0x00007ffff20e8619 in _int_free () from /lib64/libc.so.6
No symbol table info available.
#4  0x00000000005358d1 in sweep_symbols () at alloc.c:6839
        this_free =3D <optimized out>
        sym =3D 0xd667b0
        end =3D 0xd667e0
        sblk =3D 0xd66720
        sprev =3D <optimized out>
        lim =3D <optimized out>
        num_free =3D <optimized out>
        num_used =3D 1087
#5  0x000000000053b76a in gc_sweep () at alloc.c:6982
No locals.
#6  garbage_collect_1 (end=3D<optimized out>) at alloc.c:5799
        nextb =3D <optimized out>
        stack_top_variable =3D 0 '\000'
        i =3D <optimized out>
        message_p =3D false
        count =3D <optimized out>
        start =3D {tv_sec =3D 1509372540, tv_nsec =3D 974388982}
        retval =3D 0
        tot_before =3D 0
        total =3D {12342819, 12341875, 12341619, 12341299, 12340147,
12340035, 12339907, 12339715,
          12339571, 12337939, 12337091}
#7  0x000000000053c0d9 in Fgarbage_collect () at alloc.c:5983
        end =3D 0x7fffffffd348
#8  0x0000000000551c2b in eval_sub (form=3D<optimized out>) at eval.c:2169
        i =3D <optimized out>
        maxargs =3D 0
        args_left =3D 0
        numargs =3D <optimized out>
        fun =3D 11669013
        val =3D <optimized out>
        original_fun =3D <optimized out>
        original_args =3D 0
        funcar =3D <optimized out>
        count =3D 13
        argvals =3D {0, 0, 12067264, 0, 14009168, 176093659181, 0, 40}
#9  0x0000000000551ead in Fprogn (body=3D16724163) at eval.c:431
        val =3D <optimized out>
#10 0x0000000000551b11 in eval_sub (form=3D<optimized out>) at eval.c:2125
        args_left =3D 16725811
        numargs =3D <optimized out>
        fun =3D 11695045
        val =3D <optimized out>
        original_fun =3D 37680
        original_args =3D 16725811
        funcar =3D <optimized out>
        count =3D 12
        argvals =3D {0, 0, 12274656, 4611686019484352512, 1, 4599230,
20285716, 5508133}
#11 0x0000000000553712 in Feval (form=3D16725891, lexical=3D<optimized out>=
) at
eval.c:1994
        count =3D 11
#12 0x0000000000552648 in Ffuncall (nargs=3D<optimized out>,
args=3D0x7fffffffd588) at eval.c:2702
        internal_argbuf =3D {16725891, 0, 0, 4599230, 9895560, 5508133, 22,
9893584}
        fun =3D 11696197
        original_fun =3D <optimized out>
        funcar =3D <optimized out>
        numargs =3D <optimized out>
        lisp_numargs =3D 6
        val =3D <optimized out>
        internal_args =3D 0x7fffffffd590
        count =3D 10
#13 0x000000000058941d in exec_byte_code (bytestr=3D<optimized out>,
vector=3D9893581,
    maxdepth=3D<optimized out>, args_template=3D<optimized out>,
nargs=3D<optimized out>, args=3D<optimized out>)
    at bytecode.c:880
        targets =3D {0x5894ba <exec_byte_code+874>, 0x58b452
<exec_byte_code+8962>,
          0x58b457 <exec_byte_code+8967>, 0x58b45c <exec_byte_code+8972>,
0x589282 <exec_byte_code+306>,
          0x589288 <exec_byte_code+312>, 0x58952e <exec_byte_code+990>,
0x5895ad <exec_byte_code+1117>,
          0x5895a3 <exec_byte_code+1107>, 0x5895a8 <exec_byte_code+1112>,
0x589573 <exec_byte_code+1059>,
          0x589578 <exec_byte_code+1064>, 0x5892c1 <exec_byte_code+369>,
0x5892c8 <exec_byte_code+376>,
          0x5896e9 <exec_byte_code+1433>, 0x58957d <exec_byte_code+1069>,
0x589908 <exec_byte_code+1976>,
          0x58990d <exec_byte_code+1981>, 0x589879 <exec_byte_code+1833>,
0x58987e <exec_byte_code+1838>,
          0x589334 <exec_byte_code+484>, 0x589338 <exec_byte_code+488>,
0x589820 <exec_byte_code+1744>,
          0x5897fa <exec_byte_code+1706>, 0x5896ae <exec_byte_code+1374>,
0x5896b3 <exec_byte_code+1379>,
          0x5896b8 <exec_byte_code+1384>, 0x5896c5 <exec_byte_code+1397>,
0x5893b4 <exec_byte_code+612>,
          0x5893b8 <exec_byte_code+616>, 0x589865 <exec_byte_code+1813>,
0x589688 <exec_byte_code+1336>,
          0x589679 <exec_byte_code+1321>, 0x58967e <exec_byte_code+1326>,
0x589683 <exec_byte_code+1331>,
          0x58964e <exec_byte_code+1278>, 0x5893f9 <exec_byte_code+681>,
0x589400 <exec_byte_code+688>,
          0x5896d5 <exec_byte_code+1413>, 0x589653 <exec_byte_code+1283>,
0x58a53f <exec_byte_code+5103>,
---Type <return> to continue, or q <return> to quit---
          0x58a544 <exec_byte_code+5108>, 0x58a549 <exec_byte_code+5113>,
0x58a514 <exec_byte_code+5060>,
          0x589443 <exec_byte_code+755>, 0x589448 <exec_byte_code+760>,
0x58a4d6 <exec_byte_code+4998>,
          0x58a519 <exec_byte_code+5065>, 0x58a944 <exec_byte_code+6132>,
0x58a77d <exec_byte_code+5677>,
          0x58a70b <exec_byte_code+5563>, 0x5894ba <exec_byte_code+874>,
0x5894ba <exec_byte_code+874>,
          0x5894ba <exec_byte_code+874>, 0x5894ba <exec_byte_code+874>,
0x5894ba <exec_byte_code+874>,
          0x589d04 <exec_byte_code+2996>, 0x589d90 <exec_byte_code+3136>,
0x589dc7 <exec_byte_code+3191>,
          0x589e01 <exec_byte_code+3249>, 0x589e3b <exec_byte_code+3307>,
0x5897bb <exec_byte_code+1643>,
          0x589883 <exec_byte_code+1843>, 0x589e81 <exec_byte_code+3377>,
0x589773 <exec_byte_code+1571>,
          0x5898c0 <exec_byte_code+1904>, 0x589eb3 <exec_byte_code+3427>,
0x589ef0 <exec_byte_code+3488>,
          0x589f22 <exec_byte_code+3538>, 0x589f5f <exec_byte_code+3599>,
0x589f98 <exec_byte_code+3656>,
          0x58a022 <exec_byte_code+3794>, 0x58a054 <exec_byte_code+3844>,
0x58a091 <exec_byte_code+3905>,
          0x58a0dc <exec_byte_code+3980>, 0x58a10e <exec_byte_code+4030>,
0x58a140 <exec_byte_code+4080>,
          0x58a17d <exec_byte_code+4141>, 0x58a1ba <exec_byte_code+4202>,
0x58a1f7 <exec_byte_code+4263>,
          0x58a23e <exec_byte_code+4334>, 0x58a277 <exec_byte_code+4391>,
0x58a2b0 <exec_byte_code+4448>,
          0x58a33d <exec_byte_code+4589>, 0x58a380 <exec_byte_code+4656>,
0x58a3c7 <exec_byte_code+4727>,
          0x58a494 <exec_byte_code+4932>, 0x58a410 <exec_byte_code+4800>,
0x58a452 <exec_byte_code+4866>,
          0x589bb4 <exec_byte_code+2660>, 0x589bf6 <exec_byte_code+2726>,
0x589c2f <exec_byte_code+2783>,
          0x589c71 <exec_byte_code+2849>, 0x58b195 <exec_byte_code+8261>,
0x58b1ce <exec_byte_code+8318>,
          0x58b207 <exec_byte_code+8375>, 0x58afea <exec_byte_code+7834>,
0x589489 <exec_byte_code+825>,
          0x58b02b <exec_byte_code+7899>, 0x58b059 <exec_byte_code+7945>,
0x58b0e1 <exec_byte_code+8081>,
          0x58b122 <exec_byte_code+8146>, 0x58b163 <exec_byte_code+8211>,
0x58ac6d <exec_byte_code+6941>,
          0x58ac9d <exec_byte_code+6989>, 0x58accd <exec_byte_code+7037>,
0x58ad05 <exec_byte_code+7093>,
          0x5894ba <exec_byte_code+874>, 0x58ad39 <exec_byte_code+7145>,
0x58ad69 <exec_byte_code+7193>,
          0x58ad99 <exec_byte_code+7241>, 0x58adc9 <exec_byte_code+7289>,
0x58adf9 <exec_byte_code+7337>,
          0x58ae29 <exec_byte_code+7385>, 0x589489 <exec_byte_code+825>,
0x5894ba <exec_byte_code+874>,
          0x58ae5b <exec_byte_code+7435>, 0x58ae9d <exec_byte_code+7501>,
0x58aecf <exec_byte_code+7551>,
          0x58af01 <exec_byte_code+7601>, 0x58af3e <exec_byte_code+7662>,
0x58af7b <exec_byte_code+7723>,
          0x58ac0e <exec_byte_code+6846>, 0x58ac30 <exec_byte_code+6880>,
0x58b63e <exec_byte_code+9454>,
          0x58b67b <exec_byte_code+9515>, 0x58b60e <exec_byte_code+9406>,
0x58b735 <exec_byte_code+9701>,
          0x5894ba <exec_byte_code+874>, 0x58aada <exec_byte_code+6538>,
0x58a555 <exec_byte_code+5125>,
          0x5896fd <exec_byte_code+1453>, 0x58a5e4 <exec_byte_code+5268>,
0x58a825 <exec_byte_code+5845>,
          0x58a896 <exec_byte_code+5958>, 0x589b72 <exec_byte_code+2594>,
0x58a801 <exec_byte_code+5809>,
          0x589834 <exec_byte_code+1764>, 0x5894fd <exec_byte_code+941>,
0x589912 <exec_byte_code+1986>,
          0x58a698 <exec_byte_code+5448>, 0x58a6c9 <exec_byte_code+5497>,
0x58abbf <exec_byte_code+6767>,
          0x58ab2d <exec_byte_code+6621>, 0x58ab74 <exec_byte_code+6692>,
0x589caa <exec_byte_code+2906>,
          0x58a4ea <exec_byte_code+5018>, 0x58b6b8 <exec_byte_code+9576>,
0x58b703 <exec_byte_code+9651>,
          0x58b465 <exec_byte_code+8981>, 0x58b497 <exec_byte_code+9031>,
0x58b4c9 <exec_byte_code+9081>,
          0x58b4fb <exec_byte_code+9131>, 0x58b538 <exec_byte_code+9192>,
0x58b575 <exec_byte_code+9253>,
          0x58b5b2 <exec_byte_code+9314>, 0x58b5ef <exec_byte_code+9375>,
0x58b279 <exec_byte_code+8489>,
          0x58b2b6 <exec_byte_code+8550>, 0x58b2f3 <exec_byte_code+8611>,
0x58b325 <exec_byte_code+8661>,
          0x58b362 <exec_byte_code+8722>, 0x58b39f <exec_byte_code+8783>,
0x58b3dc <exec_byte_code+8844>,
          0x58b419 <exec_byte_code+8905>, 0x58b240 <exec_byte_code+8432>,
0x58afad <exec_byte_code+7773>,
          0x589975 <exec_byte_code+2085>, 0x5899be <exec_byte_code+2158>,
0x5894ba <exec_byte_code+874>,
          0x58a784 <exec_byte_code+5684>, 0x58aa0f <exec_byte_code+6335>,
0x58a975 <exec_byte_code+6181>,
          0x58aa76 <exec_byte_code+6438>, 0x589adc <exec_byte_code+2444>,
0x589fd1 <exec_byte_code+3713>,
          0x58a2e9 <exec_byte_code+4505>, 0x58b08d <exec_byte_code+7997>,
0x589606 <exec_byte_code+1206>,
          0x5899f8 <exec_byte_code+2216>, 0x5894ba <exec_byte_code+874>,
0x5894ba <exec_byte_code+874>,
          0x589a54 <exec_byte_code+2308>, 0x5894ba <exec_byte_code+874>,
0x5894ba <exec_byte_code+874>,
          0x5894ba <exec_byte_code+874>, 0x5894ba <exec_byte_code+874>,
0x5894ba <exec_byte_code+874>,
          0x5894ba <exec_byte_code+874>, 0x5894ba <exec_byte_code+874>,
0x5894ba <exec_byte_code+874>,
          0x5894ba <exec_byte_code+874>, 0x589aa2 <exec_byte_code+2386>
<repeats 64 times>}
        count =3D 8
        op =3D 1
        vectorp =3D 0x96f6d0 <pure+1225200>
        stack =3D {
          pc =3D 0xaaa4a8 <pure+2514888>
"\210\202L\003\016A=E6=9D=83\317\001\313\347\350\016C\"\003\206m\001\n\211A=
\022\242\211\262\r\313\332\036D\322\003\003\003#)\266\203\203\211\001\006\n=
\327\313O\262\v=DA=B2\001\351\352\006\f!!\262\v\211\203\252\001\314\016E\00=
6\fC\"\026E\006\t\203\313\001\016E\262\n\202\313\001\006\t\203\301\001\006\=
t\006\v\006\vAB\241\210\006\tA\262\n\202\313\001\006\n\016EB\211\026E\262\n=
\210\202L\003\016A=EB=9D=83\367\001\352\002\206\340\001\n\211A\022\242!\351=
\001!\354\001!\203\355\001\211\262\002\355\002\313\332#\266\003\202L\003\01=
6A=EE=9D=83\027\002\352\002\206\b\002\n\211A\022\242!\351\001!\355\001\313=
=DA=89$\266\003\202L\003\016",
<incomplete sequence \357\232>..., byte_string =3D 9893548,
          byte_string_start =3D 0xaaa355 <pure+2514549> "\306
\210\b\203\021", next =3D 0x7fffffffd900}
        top =3D 0x7fffffffd680
        result =3D <optimized out>
        type =3D <optimized out>
#14 0x00000000005523c3 in Ffuncall (nargs=3D<optimized out>,
args=3D0x7fffffffd818) at eval.c:2760
        fun =3D <optimized out>
        original_fun =3D 8587296
        funcar =3D <optimized out>
        numargs =3D <optimized out>
        lisp_numargs =3D 6
        val =3D <optimized out>
        internal_args =3D <optimized out>
        count =3D 7
#15 0x000000000058941d in exec_byte_code (bytestr=3D<optimized out>,
vector=3D9870557,
    maxdepth=3D<optimized out>, args_template=3D<optimized out>,
nargs=3D<optimized out>, args=3D<optimized out>)
    at bytecode.c:880
        targets =3D {0x5894ba <exec_byte_code+874>, 0x58b452
<exec_byte_code+8962>,
          0x58b457 <exec_byte_code+8967>, 0x58b45c <exec_byte_code+8972>,
0x589282 <exec_byte_code+306>,
          0x589288 <exec_byte_code+312>, 0x58952e <exec_byte_code+990>,
0x5895ad <exec_byte_code+1117>,
          0x5895a3 <exec_byte_code+1107>, 0x5895a8 <exec_byte_code+1112>,
0x589573 <exec_byte_code+1059>,
          0x589578 <exec_byte_code+1064>, 0x5892c1 <exec_byte_code+369>,
0x5892c8 <exec_byte_code+376>,
          0x5896e9 <exec_byte_code+1433>, 0x58957d <exec_byte_code+1069>,
0x589908 <exec_byte_code+1976>,
          0x58990d <exec_byte_code+1981>, 0x589879 <exec_byte_code+1833>,
0x58987e <exec_byte_code+1838>,
---Type <return> to continue, or q <return> to quit---
          0x589334 <exec_byte_code+484>, 0x589338 <exec_byte_code+488>,
0x589820 <exec_byte_code+1744>,
          0x5897fa <exec_byte_code+1706>, 0x5896ae <exec_byte_code+1374>,
0x5896b3 <exec_byte_code+1379>,
          0x5896b8 <exec_byte_code+1384>, 0x5896c5 <exec_byte_code+1397>,
0x5893b4 <exec_byte_code+612>,
          0x5893b8 <exec_byte_code+616>, 0x589865 <exec_byte_code+1813>,
0x589688 <exec_byte_code+1336>,
          0x589679 <exec_byte_code+1321>, 0x58967e <exec_byte_code+1326>,
0x589683 <exec_byte_code+1331>,
          0x58964e <exec_byte_code+1278>, 0x5893f9 <exec_byte_code+681>,
0x589400 <exec_byte_code+688>,
          0x5896d5 <exec_byte_code+1413>, 0x589653 <exec_byte_code+1283>,
0x58a53f <exec_byte_code+5103>,
          0x58a544 <exec_byte_code+5108>, 0x58a549 <exec_byte_code+5113>,
0x58a514 <exec_byte_code+5060>,
          0x589443 <exec_byte_code+755>, 0x589448 <exec_byte_code+760>,
0x58a4d6 <exec_byte_code+4998>,
          0x58a519 <exec_byte_code+5065>, 0x58a944 <exec_byte_code+6132>,
0x58a77d <exec_byte_code+5677>,
          0x58a70b <exec_byte_code+5563>, 0x5894ba <exec_byte_code+874>,
0x5894ba <exec_byte_code+874>,
          0x5894ba <exec_byte_code+874>, 0x5894ba <exec_byte_code+874>,
0x5894ba <exec_byte_code+874>,
          0x589d04 <exec_byte_code+2996>, 0x589d90 <exec_byte_code+3136>,
0x589dc7 <exec_byte_code+3191>,
          0x589e01 <exec_byte_code+3249>, 0x589e3b <exec_byte_code+3307>,
0x5897bb <exec_byte_code+1643>,
          0x589883 <exec_byte_code+1843>, 0x589e81 <exec_byte_code+3377>,
0x589773 <exec_byte_code+1571>,
          0x5898c0 <exec_byte_code+1904>, 0x589eb3 <exec_byte_code+3427>,
0x589ef0 <exec_byte_code+3488>,
          0x589f22 <exec_byte_code+3538>, 0x589f5f <exec_byte_code+3599>,
0x589f98 <exec_byte_code+3656>,
          0x58a022 <exec_byte_code+3794>, 0x58a054 <exec_byte_code+3844>,
0x58a091 <exec_byte_code+3905>,
          0x58a0dc <exec_byte_code+3980>, 0x58a10e <exec_byte_code+4030>,
0x58a140 <exec_byte_code+4080>,
          0x58a17d <exec_byte_code+4141>, 0x58a1ba <exec_byte_code+4202>,
0x58a1f7 <exec_byte_code+4263>,
          0x58a23e <exec_byte_code+4334>, 0x58a277 <exec_byte_code+4391>,
0x58a2b0 <exec_byte_code+4448>,
          0x58a33d <exec_byte_code+4589>, 0x58a380 <exec_byte_code+4656>,
0x58a3c7 <exec_byte_code+4727>,
          0x58a494 <exec_byte_code+4932>, 0x58a410 <exec_byte_code+4800>,
0x58a452 <exec_byte_code+4866>,
          0x589bb4 <exec_byte_code+2660>, 0x589bf6 <exec_byte_code+2726>,
0x589c2f <exec_byte_code+2783>,
          0x589c71 <exec_byte_code+2849>, 0x58b195 <exec_byte_code+8261>,
0x58b1ce <exec_byte_code+8318>,
          0x58b207 <exec_byte_code+8375>, 0x58afea <exec_byte_code+7834>,
0x589489 <exec_byte_code+825>,
          0x58b02b <exec_byte_code+7899>, 0x58b059 <exec_byte_code+7945>,
0x58b0e1 <exec_byte_code+8081>,
          0x58b122 <exec_byte_code+8146>, 0x58b163 <exec_byte_code+8211>,
0x58ac6d <exec_byte_code+6941>,
          0x58ac9d <exec_byte_code+6989>, 0x58accd <exec_byte_code+7037>,
0x58ad05 <exec_byte_code+7093>,
          0x5894ba <exec_byte_code+874>, 0x58ad39 <exec_byte_code+7145>,
0x58ad69 <exec_byte_code+7193>,
          0x58ad99 <exec_byte_code+7241>, 0x58adc9 <exec_byte_code+7289>,
0x58adf9 <exec_byte_code+7337>,
          0x58ae29 <exec_byte_code+7385>, 0x589489 <exec_byte_code+825>,
0x5894ba <exec_byte_code+874>,
          0x58ae5b <exec_byte_code+7435>, 0x58ae9d <exec_byte_code+7501>,
0x58aecf <exec_byte_code+7551>,
          0x58af01 <exec_byte_code+7601>, 0x58af3e <exec_byte_code+7662>,
0x58af7b <exec_byte_code+7723>,
          0x58ac0e <exec_byte_code+6846>, 0x58ac30 <exec_byte_code+6880>,
0x58b63e <exec_byte_code+9454>,
          0x58b67b <exec_byte_code+9515>, 0x58b60e <exec_byte_code+9406>,
0x58b735 <exec_byte_code+9701>,
          0x5894ba <exec_byte_code+874>, 0x58aada <exec_byte_code+6538>,
0x58a555 <exec_byte_code+5125>,
          0x5896fd <exec_byte_code+1453>, 0x58a5e4 <exec_byte_code+5268>,
0x58a825 <exec_byte_code+5845>,
          0x58a896 <exec_byte_code+5958>, 0x589b72 <exec_byte_code+2594>,
0x58a801 <exec_byte_code+5809>,
          0x589834 <exec_byte_code+1764>, 0x5894fd <exec_byte_code+941>,
0x589912 <exec_byte_code+1986>,
          0x58a698 <exec_byte_code+5448>, 0x58a6c9 <exec_byte_code+5497>,
0x58abbf <exec_byte_code+6767>,
          0x58ab2d <exec_byte_code+6621>, 0x58ab74 <exec_byte_code+6692>,
0x589caa <exec_byte_code+2906>,
          0x58a4ea <exec_byte_code+5018>, 0x58b6b8 <exec_byte_code+9576>,
0x58b703 <exec_byte_code+9651>,
          0x58b465 <exec_byte_code+8981>, 0x58b497 <exec_byte_code+9031>,
0x58b4c9 <exec_byte_code+9081>,
          0x58b4fb <exec_byte_code+9131>, 0x58b538 <exec_byte_code+9192>,
0x58b575 <exec_byte_code+9253>,
          0x58b5b2 <exec_byte_code+9314>, 0x58b5ef <exec_byte_code+9375>,
0x58b279 <exec_byte_code+8489>,
          0x58b2b6 <exec_byte_code+8550>, 0x58b2f3 <exec_byte_code+8611>,
0x58b325 <exec_byte_code+8661>,
          0x58b362 <exec_byte_code+8722>, 0x58b39f <exec_byte_code+8783>,
0x58b3dc <exec_byte_code+8844>,
          0x58b419 <exec_byte_code+8905>, 0x58b240 <exec_byte_code+8432>,
0x58afad <exec_byte_code+7773>,
          0x589975 <exec_byte_code+2085>, 0x5899be <exec_byte_code+2158>,
0x5894ba <exec_byte_code+874>,
          0x58a784 <exec_byte_code+5684>, 0x58aa0f <exec_byte_code+6335>,
0x58a975 <exec_byte_code+6181>,
          0x58aa76 <exec_byte_code+6438>, 0x589adc <exec_byte_code+2444>,
0x589fd1 <exec_byte_code+3713>,
          0x58a2e9 <exec_byte_code+4505>, 0x58b08d <exec_byte_code+7997>,
0x589606 <exec_byte_code+1206>,
          0x5899f8 <exec_byte_code+2216>, 0x5894ba <exec_byte_code+874>,
0x5894ba <exec_byte_code+874>,
          0x589a54 <exec_byte_code+2308>, 0x5894ba <exec_byte_code+874>,
0x5894ba <exec_byte_code+874>,
          0x5894ba <exec_byte_code+874>, 0x5894ba <exec_byte_code+874>,
0x5894ba <exec_byte_code+874>,
          0x5894ba <exec_byte_code+874>, 0x5894ba <exec_byte_code+874>,
0x5894ba <exec_byte_code+874>,
          0x5894ba <exec_byte_code+874>, 0x589aa2 <exec_byte_code+2386>
<repeats 64 times>}
        count =3D 7
        op =3D 1
        vectorp =3D 0x969ce0 <pure+1202176>
        stack =3D {
          pc =3D 0xaacef4 <pure+2525716>
"\210\307\016@\211\203k\006\211@\002\204d\006\211;\203d\006\201",
<incomplete sequence \316>, byte_string =3D 9870524,
          byte_string_start =3D 0xaac8d3 <pure+2524147> "\306
\020\307\021\n\023\307\024\310\311!\211\307=3D\204\060", next =3D
0x7fffffffdab0}
        top =3D 0x7fffffffd818
        result =3D <optimized out>
        type =3D <optimized out>
#16 0x00000000005523c3 in Ffuncall (nargs=3D<optimized out>,
args=3D0x7fffffffda10) at eval.c:2760
        fun =3D <optimized out>
        original_fun =3D 8586560
        funcar =3D <optimized out>
        numargs =3D <optimized out>
        lisp_numargs =3D 2
        val =3D <optimized out>
        internal_args =3D <optimized out>
        count =3D 6
#17 0x000000000058941d in exec_byte_code (bytestr=3D<optimized out>,
vector=3D9866565,
    maxdepth=3D<optimized out>, args_template=3D<optimized out>,
nargs=3D<optimized out>, args=3D<optimized out>)
    at bytecode.c:880
        targets =3D {0x5894ba <exec_byte_code+874>, 0x58b452
<exec_byte_code+8962>,
          0x58b457 <exec_byte_code+8967>, 0x58b45c <exec_byte_code+8972>,
0x589282 <exec_byte_code+306>,
          0x589288 <exec_byte_code+312>, 0x58952e <exec_byte_code+990>,
0x5895ad <exec_byte_code+1117>,
          0x5895a3 <exec_byte_code+1107>, 0x5895a8 <exec_byte_code+1112>,
0x589573 <exec_byte_code+1059>,
---Type <return> to continue, or q <return> to quit---
          0x589578 <exec_byte_code+1064>, 0x5892c1 <exec_byte_code+369>,
0x5892c8 <exec_byte_code+376>,
          0x5896e9 <exec_byte_code+1433>, 0x58957d <exec_byte_code+1069>,
0x589908 <exec_byte_code+1976>,
          0x58990d <exec_byte_code+1981>, 0x589879 <exec_byte_code+1833>,
0x58987e <exec_byte_code+1838>,
          0x589334 <exec_byte_code+484>, 0x589338 <exec_byte_code+488>,
0x589820 <exec_byte_code+1744>,
          0x5897fa <exec_byte_code+1706>, 0x5896ae <exec_byte_code+1374>,
0x5896b3 <exec_byte_code+1379>,
          0x5896b8 <exec_byte_code+1384>, 0x5896c5 <exec_byte_code+1397>,
0x5893b4 <exec_byte_code+612>,
          0x5893b8 <exec_byte_code+616>, 0x589865 <exec_byte_code+1813>,
0x589688 <exec_byte_code+1336>,
          0x589679 <exec_byte_code+1321>, 0x58967e <exec_byte_code+1326>,
0x589683 <exec_byte_code+1331>,
          0x58964e <exec_byte_code+1278>, 0x5893f9 <exec_byte_code+681>,
0x589400 <exec_byte_code+688>,
          0x5896d5 <exec_byte_code+1413>, 0x589653 <exec_byte_code+1283>,
0x58a53f <exec_byte_code+5103>,
          0x58a544 <exec_byte_code+5108>, 0x58a549 <exec_byte_code+5113>,
0x58a514 <exec_byte_code+5060>,
          0x589443 <exec_byte_code+755>, 0x589448 <exec_byte_code+760>,
0x58a4d6 <exec_byte_code+4998>,
          0x58a519 <exec_byte_code+5065>, 0x58a944 <exec_byte_code+6132>,
0x58a77d <exec_byte_code+5677>,
          0x58a70b <exec_byte_code+5563>, 0x5894ba <exec_byte_code+874>,
0x5894ba <exec_byte_code+874>,
          0x5894ba <exec_byte_code+874>, 0x5894ba <exec_byte_code+874>,
0x5894ba <exec_byte_code+874>,
          0x589d04 <exec_byte_code+2996>, 0x589d90 <exec_byte_code+3136>,
0x589dc7 <exec_byte_code+3191>,
          0x589e01 <exec_byte_code+3249>, 0x589e3b <exec_byte_code+3307>,
0x5897bb <exec_byte_code+1643>,
          0x589883 <exec_byte_code+1843>, 0x589e81 <exec_byte_code+3377>,
0x589773 <exec_byte_code+1571>,
          0x5898c0 <exec_byte_code+1904>, 0x589eb3 <exec_byte_code+3427>,
0x589ef0 <exec_byte_code+3488>,
          0x589f22 <exec_byte_code+3538>, 0x589f5f <exec_byte_code+3599>,
0x589f98 <exec_byte_code+3656>,
          0x58a022 <exec_byte_code+3794>, 0x58a054 <exec_byte_code+3844>,
0x58a091 <exec_byte_code+3905>,
          0x58a0dc <exec_byte_code+3980>, 0x58a10e <exec_byte_code+4030>,
0x58a140 <exec_byte_code+4080>,
          0x58a17d <exec_byte_code+4141>, 0x58a1ba <exec_byte_code+4202>,
0x58a1f7 <exec_byte_code+4263>,
          0x58a23e <exec_byte_code+4334>, 0x58a277 <exec_byte_code+4391>,
0x58a2b0 <exec_byte_code+4448>,
          0x58a33d <exec_byte_code+4589>, 0x58a380 <exec_byte_code+4656>,
0x58a3c7 <exec_byte_code+4727>,
          0x58a494 <exec_byte_code+4932>, 0x58a410 <exec_byte_code+4800>,
0x58a452 <exec_byte_code+4866>,
          0x589bb4 <exec_byte_code+2660>, 0x589bf6 <exec_byte_code+2726>,
0x589c2f <exec_byte_code+2783>,
          0x589c71 <exec_byte_code+2849>, 0x58b195 <exec_byte_code+8261>,
0x58b1ce <exec_byte_code+8318>,
          0x58b207 <exec_byte_code+8375>, 0x58afea <exec_byte_code+7834>,
0x589489 <exec_byte_code+825>,
          0x58b02b <exec_byte_code+7899>, 0x58b059 <exec_byte_code+7945>,
0x58b0e1 <exec_byte_code+8081>,
          0x58b122 <exec_byte_code+8146>, 0x58b163 <exec_byte_code+8211>,
0x58ac6d <exec_byte_code+6941>,
          0x58ac9d <exec_byte_code+6989>, 0x58accd <exec_byte_code+7037>,
0x58ad05 <exec_byte_code+7093>,
          0x5894ba <exec_byte_code+874>, 0x58ad39 <exec_byte_code+7145>,
0x58ad69 <exec_byte_code+7193>,
          0x58ad99 <exec_byte_code+7241>, 0x58adc9 <exec_byte_code+7289>,
0x58adf9 <exec_byte_code+7337>,
          0x58ae29 <exec_byte_code+7385>, 0x589489 <exec_byte_code+825>,
0x5894ba <exec_byte_code+874>,
          0x58ae5b <exec_byte_code+7435>, 0x58ae9d <exec_byte_code+7501>,
0x58aecf <exec_byte_code+7551>,
          0x58af01 <exec_byte_code+7601>, 0x58af3e <exec_byte_code+7662>,
0x58af7b <exec_byte_code+7723>,
          0x58ac0e <exec_byte_code+6846>, 0x58ac30 <exec_byte_code+6880>,
0x58b63e <exec_byte_code+9454>,
          0x58b67b <exec_byte_code+9515>, 0x58b60e <exec_byte_code+9406>,
0x58b735 <exec_byte_code+9701>,
          0x5894ba <exec_byte_code+874>, 0x58aada <exec_byte_code+6538>,
0x58a555 <exec_byte_code+5125>,
          0x5896fd <exec_byte_code+1453>, 0x58a5e4 <exec_byte_code+5268>,
0x58a825 <exec_byte_code+5845>,
          0x58a896 <exec_byte_code+5958>, 0x589b72 <exec_byte_code+2594>,
0x58a801 <exec_byte_code+5809>,
          0x589834 <exec_byte_code+1764>, 0x5894fd <exec_byte_code+941>,
0x589912 <exec_byte_code+1986>,
          0x58a698 <exec_byte_code+5448>, 0x58a6c9 <exec_byte_code+5497>,
0x58abbf <exec_byte_code+6767>,
          0x58ab2d <exec_byte_code+6621>, 0x58ab74 <exec_byte_code+6692>,
0x589caa <exec_byte_code+2906>,
          0x58a4ea <exec_byte_code+5018>, 0x58b6b8 <exec_byte_code+9576>,
0x58b703 <exec_byte_code+9651>,
          0x58b465 <exec_byte_code+8981>, 0x58b497 <exec_byte_code+9031>,
0x58b4c9 <exec_byte_code+9081>,
          0x58b4fb <exec_byte_code+9131>, 0x58b538 <exec_byte_code+9192>,
0x58b575 <exec_byte_code+9253>,
          0x58b5b2 <exec_byte_code+9314>, 0x58b5ef <exec_byte_code+9375>,
0x58b279 <exec_byte_code+8489>,
          0x58b2b6 <exec_byte_code+8550>, 0x58b2f3 <exec_byte_code+8611>,
0x58b325 <exec_byte_code+8661>,
          0x58b362 <exec_byte_code+8722>, 0x58b39f <exec_byte_code+8783>,
0x58b3dc <exec_byte_code+8844>,
          0x58b419 <exec_byte_code+8905>, 0x58b240 <exec_byte_code+8432>,
0x58afad <exec_byte_code+7773>,
          0x589975 <exec_byte_code+2085>, 0x5899be <exec_byte_code+2158>,
0x5894ba <exec_byte_code+874>,
          0x58a784 <exec_byte_code+5684>, 0x58aa0f <exec_byte_code+6335>,
0x58a975 <exec_byte_code+6181>,
          0x58aa76 <exec_byte_code+6438>, 0x589adc <exec_byte_code+2444>,
0x589fd1 <exec_byte_code+3713>,
          0x58a2e9 <exec_byte_code+4505>, 0x58b08d <exec_byte_code+7997>,
0x589606 <exec_byte_code+1206>,
          0x5899f8 <exec_byte_code+2216>, 0x5894ba <exec_byte_code+874>,
0x5894ba <exec_byte_code+874>,
          0x589a54 <exec_byte_code+2308>, 0x5894ba <exec_byte_code+874>,
0x5894ba <exec_byte_code+874>,
          0x5894ba <exec_byte_code+874>, 0x5894ba <exec_byte_code+874>,
0x5894ba <exec_byte_code+874>,
          0x5894ba <exec_byte_code+874>, 0x5894ba <exec_byte_code+874>,
0x5894ba <exec_byte_code+874>,
          0x5894ba <exec_byte_code+874>, 0x589aa2 <exec_byte_code+2386>
<repeats 64 times>}
        count =3D 5
        op =3D 0
        vectorp =3D 0x968d48 <pure+1198184>
        stack =3D {pc =3D 0xaad5d8 <pure+2527480>
"\210)\210\375\376\377\"\210\201H", byte_string =3D 9866532,
          byte_string_start =3D 0xaad464 <pure+2527108> "\b\203\b", next =
=3D
0x0}
        top =3D 0x7fffffffda10
        result =3D <optimized out>
        type =3D <optimized out>
#18 0x000000000055166b in apply_lambda (fun=3D9866485, args=3D0, count=3D4)=
 at
eval.c:2800
        args_left =3D 0
        i =3D <optimized out>
        numargs =3D 0
        arg_vector =3D 0x7fffffffdb00
        tem =3D <optimized out>
        sa_avail =3D <optimized out>
        sa_count =3D 5
        sa_must_free =3D false
#19 0x0000000000551936 in eval_sub (form=3D<optimized out>) at eval.c:2247
        fun =3D <optimized out>
        val =3D <optimized out>
        original_fun =3D 8584864
        original_args =3D 0
        funcar =3D <optimized out>
        count =3D 4
---Type <return> to continue, or q <return> to quit---
        argvals =3D {0, 0, 12274656, 3840, 1, 4599230, 140737488346536,
5508133}
#20 0x0000000000553712 in Feval (form=3D17463347, lexical=3D<optimized out>=
) at
eval.c:1994
        count =3D 3
#21 0x00000000005512aa in internal_condition_case (bfun=3D0x4e2ae0
<top_level_2>, handlers=3D<optimized out>,
    hfun=3D0x4eb100 <cmd_error>) at eval.c:1315
        val =3D <optimized out>
        c =3D 0x104c
#22 0x00000000004eb0bc in top_level_1 (ignore=3D<optimized out>) at
keyboard.c:1129
No locals.
#23 0x0000000000551338 in internal_catch (tag=3D<optimized out>,
func=3D0x4eb060 <top_level_1>, arg=3D0)
    at eval.c:1080
        val =3D 0
        c =3D 0x104c
#24 0x00000000004eae56 in command_loop () at keyboard.c:1090
No locals.
#25 0x00000000004eaef5 in recursive_edit_1 () at keyboard.c:697
        count =3D 1
        val =3D <optimized out>
#26 0x00000000004eb035 in Frecursive_edit () at keyboard.c:768
        count =3D 0
        buffer =3D <optimized out>
#27 0x00000000004dc82e in main (argc=3D<optimized out>, argv=3D<optimized o=
ut>)
at emacs.c:1629
        dummy =3D 4251459
        stack_bottom_variable =3D 0 '\000'
        do_initial_setlocale =3D <optimized out>
        dumping =3D <optimized out>
        skip_args =3D 1
        rlim =3D {rlim_cur =3D 20480000, rlim_max =3D 18446744073709551615}
        no_loadup =3D false
        junk =3D 0x0
        dname_arg =3D 0x0
        ch_to_dir =3D 0x0
        original_pwd =3D 0x7 <Address 0x7 out of bounds>


What a colleague (CC'ed) thinks happens is:

This looks like it might be a bug in the emacs GC.  Since the symbol is
buffer-local, it has an auxiliary "SYMBOL_BLV" structure, allocated
using [malloc], attached to it. The first garbage collection can be seen
to be freeing this structure and changing the name (stored in the
"function" member) to [Vdead] (in sweep_symbols in alloc.c).

The symbols are stored in some kind of list of blocks.  If any given
block becomes full of free symbols as a result of the sweeping, it may
be freed by the next garbage-collect call (see [sweep_symbols] again in
alloc.c).  However this clearly does not always happen as seen by the
comments in the code.  As such surely something has to be done, after
freeing a symbol's blv structure and marking it dead, to make sure that
a subsequent sweeping phase on the same block of symbols doesn't try to
free the symbol's blv structure a second time.

There seems to be no protection against this at the moment which is why
we suspect a bug.  The attached patch adds such protection and we
confirm it stops the issue, both in the example above and in the
original unreduced code.



In GNU Emacs 26.0.90 (build 1, x86_64-pc-linux-gnu)
 of 2017-10-30 built on igm-qws-u12051a
Repository revision: 46540a1c7adb1b89b6c2f6c9150fe8680c3a5fba
System Description:     CentOS Linux release 7.4.1708 (Core)

Recent messages:
For information about GNU Emacs and the GNU system, type C-h C-a.
Making completion list...
apropos-read-pattern: Command attempted to use minibuffer while in
minibuffer

Configured using:
 'configure --with-gnutls=3Dno --without-x --without-gsettings
 --without-gpm --without-dbus --without-gconf --without-selinux
 --without-imagemagick --with-gif=3Dno --with-modules --disable-acl
 -prefix /home/vgatien-baron/local/clones/emacs/installed'

Configured features:
JPEG SOUND NOTIFY LIBXML2 ZLIB MODULES

Important settings:
  value of $LANG: en_US.utf8
  locale-coding-system: utf-8-unix

Major mode: Lisp Interaction

Minor modes in effect:
  tooltip-mode: t
  global-eldoc-mode: t
  eldoc-mode: t
  electric-indent-mode: t
  file-name-shadow-mode: t
  global-font-lock-mode: t
  font-lock-mode: t
  auto-composition-mode: t
  auto-encryption-mode: t
  auto-compression-mode: t
  line-number-mode: t
  transient-mark-mode: t

Load-path shadows:
None found.

Features:
(shadow sort mail-extr apropos emacsbug message rmc puny dired
dired-loaddefs format-spec rfc822 mml mml-sec epa derived epg gnus-util
rmail rmail-loaddefs mm-decode mm-bodies mm-encode mail-parse rfc2231
mailabbrev gmm-utils mailheader sendmail regexp-opt rfc2047 rfc2045
ietf-drums mm-util mail-prsvr mail-utils term/xterm xterm time-date
elec-pair warnings finder-inf info tool-bar zenburn-theme-autoloads
package easymenu epg-config url-handlers url-parse auth-source cl-seq
eieio eieio-core cl-macs eieio-loaddefs password-cache url-vars seq
byte-opt gv bytecomp byte-compile cconv cl-loaddefs cl-lib mule-util
tooltip eldoc electric uniquify ediff-hook vc-hooks lisp-float-type
tabulated-list replace newcomment text-mode elisp-mode lisp-mode
prog-mode register page menu-bar rfn-eshadow isearch timer select mouse
jit-lock font-lock syntax facemenu font-core term/tty-colors frame
cl-generic cham georgian utf-8-lang misc-lang vietnamese tibetan thai
tai-viet lao korean japanese eucjp-ms cp51932 hebrew greek romanian
slovak czech european ethiopic indian cyrillic chinese composite
charscript charprop case-table epa-hook jka-cmpr-hook help simple abbrev
obarray minibuffer cl-preloaded nadvice loaddefs button faces cus-face
macroexp files text-properties overlay sha1 md5 base64 format env
code-pages mule custom widget hashtable-print-readable backquote inotify
multi-tty make-network-process emacs)

Memory information:
((conses 16 179056 9590)
 (symbols 48 24756 1)
 (miscs 40 36 144)
 (strings 32 53443 1520)
 (string-bytes 1 1383070)
 (vectors 16 18475)
 (vector-slots 8 545400 4472)
 (floats 8 51 765)
 (intervals 56 225 0)
 (buffers 992 14)
 (heap 1024 24122 1231))

--001a11401d8035b3b0055cc491dd
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div class=3D"gmail_default"><div class=3D"gmail_default">=
<span style=3D"font-family:arial,helvetica,sans-serif">The following invoca=
tion of emacs aborts with double-free:</span><br></div><div class=3D"gmail_=
default"><font face=3D"arial, helvetica, sans-serif"><br></font></div><div =
class=3D"gmail_default"><font face=3D"arial, helvetica, sans-serif">$ insta=
lled/bin/emacs -Q -L . -batch --eval &#39;(progn (message &quot;before&quot=
;) (make-local-variable (make-symbol &quot;\</font></div><div class=3D"gmai=
l_default"><font face=3D"arial, helvetica, sans-serif">s&quot;)) (kill-buff=
er) (garbage-collect) (garbage-collect) (message &quot;after&quot;))&#39;</=
font></div><div class=3D"gmail_default"><font face=3D"arial, helvetica, san=
s-serif">before</font></div><div class=3D"gmail_default"><font face=3D"aria=
l, helvetica, sans-serif">*** Error in `installed/bin/emacs&#39;: double fr=
ee or corruption (!prev): 0x00000000014bff10 ***</font></div><div class=3D"=
gmail_default"><font face=3D"arial, helvetica, sans-serif">=3D=3D=3D=3D=3D=
=3D=3D Backtrace: =3D=3D=3D=3D=3D=3D=3D=3D=3D</font></div><div class=3D"gma=
il_default"><font face=3D"arial, helvetica, sans-serif">/lib64/libc.so.6(+0=
x7c619)[0x7efd02c32619]</font></div><div class=3D"gmail_default"><font face=
=3D"arial, helvetica, sans-serif">installed/bin/emacs[0x4e3fa1]</font></div=
><div class=3D"gmail_default"><font face=3D"arial, helvetica, sans-serif">i=
nstalled/bin/emacs[0x4e917a]</font></div><div class=3D"gmail_default"><font=
 face=3D"arial, helvetica, sans-serif">installed/bin/emacs[0x5006bc]</font>=
</div><div class=3D"gmail_default"><font face=3D"arial, helvetica, sans-ser=
if">installed/bin/emacs[0x500780]</font></div><div class=3D"gmail_default">=
<font face=3D"arial, helvetica, sans-serif">installed/bin/emacs[0x500439]</=
font></div><div class=3D"gmail_default"><font face=3D"arial, helvetica, san=
s-serif">installed/bin/emacs[0x503d30]</font></div><div class=3D"gmail_defa=
ult"><font face=3D"arial, helvetica, sans-serif">installed/bin/emacs[0x500d=
e6]</font></div><div class=3D"gmail_default"><font face=3D"arial, helvetica=
, sans-serif">installed/bin/emacs[0x538e31]</font></div><div class=3D"gmail=
_default"><font face=3D"arial, helvetica, sans-serif">installed/bin/emacs[0=
x500d63]</font></div><div class=3D"gmail_default"><font face=3D"arial, helv=
etica, sans-serif">installed/bin/emacs[0x538e31]</font></div><div class=3D"=
gmail_default"><font face=3D"arial, helvetica, sans-serif">installed/bin/em=
acs[0x500d63]</font></div><div class=3D"gmail_default"><font face=3D"arial,=
 helvetica, sans-serif">installed/bin/emacs[0x538e31]</font></div><div clas=
s=3D"gmail_default"><font face=3D"arial, helvetica, sans-serif">installed/b=
in/emacs[0x4ffe73]</font></div><div class=3D"gmail_default"><font face=3D"a=
rial, helvetica, sans-serif">installed/bin/emacs[0x5001a7]</font></div><div=
 class=3D"gmail_default"><font face=3D"arial, helvetica, sans-serif">instal=
led/bin/emacs[0x503d30]</font></div><div class=3D"gmail_default"><font face=
=3D"arial, helvetica, sans-serif">installed/bin/emacs[0x4ff454]</font></div=
><div class=3D"gmail_default"><font face=3D"arial, helvetica, sans-serif">i=
nstalled/bin/emacs[0x49093c]</font></div><div class=3D"gmail_default"><font=
 face=3D"arial, helvetica, sans-serif">installed/bin/emacs[0x4ff404]</font>=
</div><div class=3D"gmail_default"><font face=3D"arial, helvetica, sans-ser=
if">installed/bin/emacs[0x48e446]</font></div><div class=3D"gmail_default">=
<font face=3D"arial, helvetica, sans-serif">installed/bin/emacs[0x4928fe]</=
font></div><div class=3D"gmail_default"><font face=3D"arial, helvetica, san=
s-serif">installed/bin/emacs[0x492c15]</font></div><div class=3D"gmail_defa=
ult"><font face=3D"arial, helvetica, sans-serif">installed/bin/emacs[0x406d=
f3]</font></div><div class=3D"gmail_default"><font face=3D"arial, helvetica=
, sans-serif">/lib64/libc.so.6(__libc_start_main+0xf5)[0x7efd02bd7c05]</fon=
t></div><div class=3D"gmail_default"><font face=3D"arial, helvetica, sans-s=
erif">installed/bin/emacs[0x4079de]</font></div><div class=3D"gmail_default=
"><font face=3D"arial, helvetica, sans-serif"><br></font></div><div class=
=3D"gmail_default"><font face=3D"arial, helvetica, sans-serif">In emacs-26,=
 running this in gdb prevents the error so I don&#39;t have a</font></div><=
div class=3D"gmail_default"><font face=3D"arial, helvetica, sans-serif">bac=
ktrace (though I have seen such a backtrace on a different machine</font></=
div><div class=3D"gmail_default"><font face=3D"arial, helvetica, sans-serif=
">with different build options for emacs). In emacs 25.2, though, the</font=
></div><div class=3D"gmail_default"><font face=3D"arial, helvetica, sans-se=
rif">same error happens and there the backtrace is:</font></div><div class=
=3D"gmail_default"><font face=3D"arial, helvetica, sans-serif"><br></font><=
/div><div class=3D"gmail_default"><font face=3D"arial, helvetica, sans-seri=
f">(gdb) bt full</font></div><div class=3D"gmail_default"><div class=3D"gma=
il_default">#0=C2=A0 0x00007ffff20a11f7 in raise () from /lib64/libc.so.6</=
div><div class=3D"gmail_default">No symbol table info available.</div><div =
class=3D"gmail_default">#1=C2=A0 0x00007ffff20a28e8 in abort () from /lib64=
/libc.so.6</div><div class=3D"gmail_default">No symbol table info available=
.</div><div class=3D"gmail_default">#2=C2=A0 0x00007ffff20e0f47 in __libc_m=
essage () from /lib64/libc.so.6</div><div class=3D"gmail_default">No symbol=
 table info available.</div><div class=3D"gmail_default">#3=C2=A0 0x00007ff=
ff20e8619 in _int_free () from /lib64/libc.so.6</div><div class=3D"gmail_de=
fault">No symbol table info available.</div><div class=3D"gmail_default">#4=
=C2=A0 0x00000000005358d1 in sweep_symbols () at alloc.c:6839</div><div cla=
ss=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 this_free =3D &lt;optimize=
d out&gt;</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 sym=
 =3D 0xd667b0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0=
 end =3D 0xd667e0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =
=C2=A0 sblk =3D 0xd66720</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =
=C2=A0 =C2=A0 sprev =3D &lt;optimized out&gt;</div><div class=3D"gmail_defa=
ult">=C2=A0 =C2=A0 =C2=A0 =C2=A0 lim =3D &lt;optimized out&gt;</div><div cl=
ass=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 num_free =3D &lt;optimize=
d out&gt;</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 num=
_used =3D 1087</div><div class=3D"gmail_default">#5=C2=A0 0x000000000053b76=
a in gc_sweep () at alloc.c:6982</div><div class=3D"gmail_default">No local=
s.</div><div class=3D"gmail_default">#6=C2=A0 garbage_collect_1 (end=3D&lt;=
optimized out&gt;) at alloc.c:5799</div><div class=3D"gmail_default">=C2=A0=
 =C2=A0 =C2=A0 =C2=A0 nextb =3D &lt;optimized out&gt;</div><div class=3D"gm=
ail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 stack_top_variable =3D 0 &#39;\000=
&#39;</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 i =3D &=
lt;optimized out&gt;</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0=
 =C2=A0 message_p =3D false</div><div class=3D"gmail_default">=C2=A0 =C2=A0=
 =C2=A0 =C2=A0 count =3D &lt;optimized out&gt;</div><div class=3D"gmail_def=
ault">=C2=A0 =C2=A0 =C2=A0 =C2=A0 start =3D {tv_sec =3D 1509372540, tv_nsec=
 =3D 974388982}</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=
=A0 retval =3D 0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=
=A0 tot_before =3D 0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0=
 =C2=A0 total =3D {12342819, 12341875, 12341619, 12341299, 12340147, 123400=
35, 12339907, 12339715,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A0 12339571, 12337939, 12337091}</div><div class=3D"g=
mail_default">#7=C2=A0 0x000000000053c0d9 in Fgarbage_collect () at alloc.c=
:5983</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 end =3D=
 0x7fffffffd348</div><div class=3D"gmail_default">#8=C2=A0 0x0000000000551c=
2b in eval_sub (form=3D&lt;optimized out&gt;) at eval.c:2169</div><div clas=
s=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 i =3D &lt;optimized out&gt;=
</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 maxargs =3D =
0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 args_left =
=3D 0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 numargs=
 =3D &lt;optimized out&gt;</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =
=C2=A0 =C2=A0 fun =3D 11669013</div><div class=3D"gmail_default">=C2=A0 =C2=
=A0 =C2=A0 =C2=A0 val =3D &lt;optimized out&gt;</div><div class=3D"gmail_de=
fault">=C2=A0 =C2=A0 =C2=A0 =C2=A0 original_fun =3D &lt;optimized out&gt;</=
div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 original_args =
=3D 0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 funcar =
=3D &lt;optimized out&gt;</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =
=C2=A0 =C2=A0 count =3D 13</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =
=C2=A0 =C2=A0 argvals =3D {0, 0, 12067264, 0, 14009168, 176093659181, 0, 40=
}</div><div class=3D"gmail_default">#9=C2=A0 0x0000000000551ead in Fprogn (=
body=3D16724163) at eval.c:431</div><div class=3D"gmail_default">=C2=A0 =C2=
=A0 =C2=A0 =C2=A0 val =3D &lt;optimized out&gt;</div><div class=3D"gmail_de=
fault">#10 0x0000000000551b11 in eval_sub (form=3D&lt;optimized out&gt;) at=
 eval.c:2125</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =
args_left =3D 16725811</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=
=A0 =C2=A0 numargs =3D &lt;optimized out&gt;</div><div class=3D"gmail_defau=
lt">=C2=A0 =C2=A0 =C2=A0 =C2=A0 fun =3D 11695045</div><div class=3D"gmail_d=
efault">=C2=A0 =C2=A0 =C2=A0 =C2=A0 val =3D &lt;optimized out&gt;</div><div=
 class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 original_fun =3D 37680=
</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 original_arg=
s =3D 16725811</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=
=A0 funcar =3D &lt;optimized out&gt;</div><div class=3D"gmail_default">=C2=
=A0 =C2=A0 =C2=A0 =C2=A0 count =3D 12</div><div class=3D"gmail_default">=C2=
=A0 =C2=A0 =C2=A0 =C2=A0 argvals =3D {0, 0, 12274656, 4611686019484352512, =
1, 4599230, 20285716, 5508133}</div><div class=3D"gmail_default">#11 0x0000=
000000553712 in Feval (form=3D16725891, lexical=3D&lt;optimized out&gt;) at=
 eval.c:1994</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =
count =3D 11</div><div class=3D"gmail_default">#12 0x0000000000552648 in Ff=
uncall (nargs=3D&lt;optimized out&gt;, args=3D0x7fffffffd588) at eval.c:270=
2</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 internal_ar=
gbuf =3D {16725891, 0, 0, 4599230, 9895560, 5508133, 22, 9893584}</div><div=
 class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 fun =3D 11696197</div>=
<div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 original_fun =3D &=
lt;optimized out&gt;</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0=
 =C2=A0 funcar =3D &lt;optimized out&gt;</div><div class=3D"gmail_default">=
=C2=A0 =C2=A0 =C2=A0 =C2=A0 numargs =3D &lt;optimized out&gt;</div><div cla=
ss=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 lisp_numargs =3D 6</div><d=
iv class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 val =3D &lt;optimize=
d out&gt;</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 int=
ernal_args =3D 0x7fffffffd590</div><div class=3D"gmail_default">=C2=A0 =C2=
=A0 =C2=A0 =C2=A0 count =3D 10</div><div class=3D"gmail_default">#13 0x0000=
00000058941d in exec_byte_code (bytestr=3D&lt;optimized out&gt;, vector=3D9=
893581,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 maxdepth=3D&l=
t;optimized out&gt;, args_template=3D&lt;optimized out&gt;, nargs=3D&lt;opt=
imized out&gt;, args=3D&lt;optimized out&gt;)</div><div class=3D"gmail_defa=
ult">=C2=A0 =C2=A0 at bytecode.c:880</div><div class=3D"gmail_default">=C2=
=A0 =C2=A0 =C2=A0 =C2=A0 targets =3D {0x5894ba &lt;exec_byte_code+874&gt;, =
0x58b452 &lt;exec_byte_code+8962&gt;,=C2=A0</div><div class=3D"gmail_defaul=
t">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b457 &lt;exec_byte_code+8967&gt;,=
 0x58b45c &lt;exec_byte_code+8972&gt;, 0x589282 &lt;exec_byte_code+306&gt;,=
=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
 0x589288 &lt;exec_byte_code+312&gt;, 0x58952e &lt;exec_byte_code+990&gt;, =
0x5895ad &lt;exec_byte_code+1117&gt;,=C2=A0</div><div class=3D"gmail_defaul=
t">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5895a3 &lt;exec_byte_code+1107&gt;,=
 0x5895a8 &lt;exec_byte_code+1112&gt;, 0x589573 &lt;exec_byte_code+1059&gt;=
,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 0x589578 &lt;exec_byte_code+1064&gt;, 0x5892c1 &lt;exec_byte_code+369&g=
t;, 0x5892c8 &lt;exec_byte_code+376&gt;,=C2=A0</div><div class=3D"gmail_def=
ault">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5896e9 &lt;exec_byte_code+1433&g=
t;, 0x58957d &lt;exec_byte_code+1069&gt;, 0x589908 &lt;exec_byte_code+1976&=
gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 0x58990d &lt;exec_byte_code+1981&gt;, 0x589879 &lt;exec_byte_code+18=
33&gt;, 0x58987e &lt;exec_byte_code+1838&gt;,=C2=A0</div><div class=3D"gmai=
l_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589334 &lt;exec_byte_code+4=
84&gt;, 0x589338 &lt;exec_byte_code+488&gt;, 0x589820 &lt;exec_byte_code+17=
44&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0=
 =C2=A0 0x5897fa &lt;exec_byte_code+1706&gt;, 0x5896ae &lt;exec_byte_code+1=
374&gt;, 0x5896b3 &lt;exec_byte_code+1379&gt;,=C2=A0</div><div class=3D"gma=
il_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5896b8 &lt;exec_byte_code+=
1384&gt;, 0x5896c5 &lt;exec_byte_code+1397&gt;, 0x5893b4 &lt;exec_byte_code=
+612&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 0x5893b8 &lt;exec_byte_code+616&gt;, 0x589865 &lt;exec_byte_code=
+1813&gt;, 0x589688 &lt;exec_byte_code+1336&gt;,=C2=A0</div><div class=3D"g=
mail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589679 &lt;exec_byte_cod=
e+1321&gt;, 0x58967e &lt;exec_byte_code+1326&gt;, 0x589683 &lt;exec_byte_co=
de+1331&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 0x58964e &lt;exec_byte_code+1278&gt;, 0x5893f9 &lt;exec_byte_=
code+681&gt;, 0x589400 &lt;exec_byte_code+688&gt;,=C2=A0</div><div class=3D=
"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5896d5 &lt;exec_byte_c=
ode+1413&gt;, 0x589653 &lt;exec_byte_code+1283&gt;, 0x58a53f &lt;exec_byte_=
code+5103&gt;,=C2=A0</div><div class=3D"gmail_default">---Type &lt;return&g=
t; to continue, or q &lt;return&gt; to quit---</div><div class=3D"gmail_def=
ault">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a544 &lt;exec_byte_code+5108&g=
t;, 0x58a549 &lt;exec_byte_code+5113&gt;, 0x58a514 &lt;exec_byte_code+5060&=
gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 0x589443 &lt;exec_byte_code+755&gt;, 0x589448 &lt;exec_byte_code+760=
&gt;, 0x58a4d6 &lt;exec_byte_code+4998&gt;,=C2=A0</div><div class=3D"gmail_=
default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a519 &lt;exec_byte_code+506=
5&gt;, 0x58a944 &lt;exec_byte_code+6132&gt;, 0x58a77d &lt;exec_byte_code+56=
77&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0=
 =C2=A0 0x58a70b &lt;exec_byte_code+5563&gt;, 0x5894ba &lt;exec_byte_code+8=
74&gt;, 0x5894ba &lt;exec_byte_code+874&gt;,=C2=A0</div><div class=3D"gmail=
_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5894ba &lt;exec_byte_code+87=
4&gt;, 0x5894ba &lt;exec_byte_code+874&gt;, 0x5894ba &lt;exec_byte_code+874=
&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 0x589d04 &lt;exec_byte_code+2996&gt;, 0x589d90 &lt;exec_byte_code+31=
36&gt;, 0x589dc7 &lt;exec_byte_code+3191&gt;,=C2=A0</div><div class=3D"gmai=
l_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589e01 &lt;exec_byte_code+3=
249&gt;, 0x589e3b &lt;exec_byte_code+3307&gt;, 0x5897bb &lt;exec_byte_code+=
1643&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 0x589883 &lt;exec_byte_code+1843&gt;, 0x589e81 &lt;exec_byte_cod=
e+3377&gt;, 0x589773 &lt;exec_byte_code+1571&gt;,=C2=A0</div><div class=3D"=
gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5898c0 &lt;exec_byte_co=
de+1904&gt;, 0x589eb3 &lt;exec_byte_code+3427&gt;, 0x589ef0 &lt;exec_byte_c=
ode+3488&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 0x589f22 &lt;exec_byte_code+3538&gt;, 0x589f5f &lt;exec_byte_=
code+3599&gt;, 0x589f98 &lt;exec_byte_code+3656&gt;,=C2=A0</div><div class=
=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a022 &lt;exec_byt=
e_code+3794&gt;, 0x58a054 &lt;exec_byte_code+3844&gt;, 0x58a091 &lt;exec_by=
te_code+3905&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0 0x58a0dc &lt;exec_byte_code+3980&gt;, 0x58a10e &lt;exec_b=
yte_code+4030&gt;, 0x58a140 &lt;exec_byte_code+4080&gt;,=C2=A0</div><div cl=
ass=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a17d &lt;exec_=
byte_code+4141&gt;, 0x58a1ba &lt;exec_byte_code+4202&gt;, 0x58a1f7 &lt;exec=
_byte_code+4263&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 0x58a23e &lt;exec_byte_code+4334&gt;, 0x58a277 &lt;exe=
c_byte_code+4391&gt;, 0x58a2b0 &lt;exec_byte_code+4448&gt;,=C2=A0</div><div=
 class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a33d &lt;ex=
ec_byte_code+4589&gt;, 0x58a380 &lt;exec_byte_code+4656&gt;, 0x58a3c7 &lt;e=
xec_byte_code+4727&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A0 0x58a494 &lt;exec_byte_code+4932&gt;, 0x58a410 &lt=
;exec_byte_code+4800&gt;, 0x58a452 &lt;exec_byte_code+4866&gt;,=C2=A0</div>=
<div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589bb4 &l=
t;exec_byte_code+2660&gt;, 0x589bf6 &lt;exec_byte_code+2726&gt;, 0x589c2f &=
lt;exec_byte_code+2783&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =
=C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589c71 &lt;exec_byte_code+2849&gt;, 0x58b195 =
&lt;exec_byte_code+8261&gt;, 0x58b1ce &lt;exec_byte_code+8318&gt;,=C2=A0</d=
iv><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b207=
 &lt;exec_byte_code+8375&gt;, 0x58afea &lt;exec_byte_code+7834&gt;, 0x58948=
9 &lt;exec_byte_code+825&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=
=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b02b &lt;exec_byte_code+7899&gt;, 0x58b=
059 &lt;exec_byte_code+7945&gt;, 0x58b0e1 &lt;exec_byte_code+8081&gt;,=C2=
=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x=
58b122 &lt;exec_byte_code+8146&gt;, 0x58b163 &lt;exec_byte_code+8211&gt;, 0=
x58ac6d &lt;exec_byte_code+6941&gt;,=C2=A0</div><div class=3D"gmail_default=
">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58ac9d &lt;exec_byte_code+6989&gt;, =
0x58accd &lt;exec_byte_code+7037&gt;, 0x58ad05 &lt;exec_byte_code+7093&gt;,=
=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
 0x5894ba &lt;exec_byte_code+874&gt;, 0x58ad39 &lt;exec_byte_code+7145&gt;,=
 0x58ad69 &lt;exec_byte_code+7193&gt;,=C2=A0</div><div class=3D"gmail_defau=
lt">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58ad99 &lt;exec_byte_code+7241&gt;=
, 0x58adc9 &lt;exec_byte_code+7289&gt;, 0x58adf9 &lt;exec_byte_code+7337&gt=
;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 0x58ae29 &lt;exec_byte_code+7385&gt;, 0x589489 &lt;exec_byte_code+825&g=
t;, 0x5894ba &lt;exec_byte_code+874&gt;,=C2=A0</div><div class=3D"gmail_def=
ault">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58ae5b &lt;exec_byte_code+7435&g=
t;, 0x58ae9d &lt;exec_byte_code+7501&gt;, 0x58aecf &lt;exec_byte_code+7551&=
gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 0x58af01 &lt;exec_byte_code+7601&gt;, 0x58af3e &lt;exec_byte_code+76=
62&gt;, 0x58af7b &lt;exec_byte_code+7723&gt;,=C2=A0</div><div class=3D"gmai=
l_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58ac0e &lt;exec_byte_code+6=
846&gt;, 0x58ac30 &lt;exec_byte_code+6880&gt;, 0x58b63e &lt;exec_byte_code+=
9454&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 0x58b67b &lt;exec_byte_code+9515&gt;, 0x58b60e &lt;exec_byte_cod=
e+9406&gt;, 0x58b735 &lt;exec_byte_code+9701&gt;,=C2=A0</div><div class=3D"=
gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5894ba &lt;exec_byte_co=
de+874&gt;, 0x58aada &lt;exec_byte_code+6538&gt;, 0x58a555 &lt;exec_byte_co=
de+5125&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 0x5896fd &lt;exec_byte_code+1453&gt;, 0x58a5e4 &lt;exec_byte_=
code+5268&gt;, 0x58a825 &lt;exec_byte_code+5845&gt;,=C2=A0</div><div class=
=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a896 &lt;exec_byt=
e_code+5958&gt;, 0x589b72 &lt;exec_byte_code+2594&gt;, 0x58a801 &lt;exec_by=
te_code+5809&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0 0x589834 &lt;exec_byte_code+1764&gt;, 0x5894fd &lt;exec_b=
yte_code+941&gt;, 0x589912 &lt;exec_byte_code+1986&gt;,=C2=A0</div><div cla=
ss=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a698 &lt;exec_b=
yte_code+5448&gt;, 0x58a6c9 &lt;exec_byte_code+5497&gt;, 0x58abbf &lt;exec_=
byte_code+6767&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 0x58ab2d &lt;exec_byte_code+6621&gt;, 0x58ab74 &lt;exe=
c_byte_code+6692&gt;, 0x589caa &lt;exec_byte_code+2906&gt;,=C2=A0</div><div=
 class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a4ea &lt;ex=
ec_byte_code+5018&gt;, 0x58b6b8 &lt;exec_byte_code+9576&gt;, 0x58b703 &lt;e=
xec_byte_code+9651&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A0 0x58b465 &lt;exec_byte_code+8981&gt;, 0x58b497 &lt=
;exec_byte_code+9031&gt;, 0x58b4c9 &lt;exec_byte_code+9081&gt;,=C2=A0</div>=
<div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b4fb &l=
t;exec_byte_code+9131&gt;, 0x58b538 &lt;exec_byte_code+9192&gt;, 0x58b575 &=
lt;exec_byte_code+9253&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =
=C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b5b2 &lt;exec_byte_code+9314&gt;, 0x58b5ef =
&lt;exec_byte_code+9375&gt;, 0x58b279 &lt;exec_byte_code+8489&gt;,=C2=A0</d=
iv><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b2b6=
 &lt;exec_byte_code+8550&gt;, 0x58b2f3 &lt;exec_byte_code+8611&gt;, 0x58b32=
5 &lt;exec_byte_code+8661&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=
=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b362 &lt;exec_byte_code+8722&gt;, 0x58b=
39f &lt;exec_byte_code+8783&gt;, 0x58b3dc &lt;exec_byte_code+8844&gt;,=C2=
=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x=
58b419 &lt;exec_byte_code+8905&gt;, 0x58b240 &lt;exec_byte_code+8432&gt;, 0=
x58afad &lt;exec_byte_code+7773&gt;,=C2=A0</div><div class=3D"gmail_default=
">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589975 &lt;exec_byte_code+2085&gt;, =
0x5899be &lt;exec_byte_code+2158&gt;, 0x5894ba &lt;exec_byte_code+874&gt;,=
=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
 0x58a784 &lt;exec_byte_code+5684&gt;, 0x58aa0f &lt;exec_byte_code+6335&gt;=
, 0x58a975 &lt;exec_byte_code+6181&gt;,=C2=A0</div><div class=3D"gmail_defa=
ult">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58aa76 &lt;exec_byte_code+6438&gt=
;, 0x589adc &lt;exec_byte_code+2444&gt;, 0x589fd1 &lt;exec_byte_code+3713&g=
t;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 0x58a2e9 &lt;exec_byte_code+4505&gt;, 0x58b08d &lt;exec_byte_code+7997&=
gt;, 0x589606 &lt;exec_byte_code+1206&gt;,=C2=A0</div><div class=3D"gmail_d=
efault">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5899f8 &lt;exec_byte_code+2216=
&gt;, 0x5894ba &lt;exec_byte_code+874&gt;, 0x5894ba &lt;exec_byte_code+874&=
gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 0x589a54 &lt;exec_byte_code+2308&gt;, 0x5894ba &lt;exec_byte_code+87=
4&gt;, 0x5894ba &lt;exec_byte_code+874&gt;,=C2=A0</div><div class=3D"gmail_=
default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5894ba &lt;exec_byte_code+874=
&gt;, 0x5894ba &lt;exec_byte_code+874&gt;, 0x5894ba &lt;exec_byte_code+874&=
gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 0x5894ba &lt;exec_byte_code+874&gt;, 0x5894ba &lt;exec_byte_code+874=
&gt;, 0x5894ba &lt;exec_byte_code+874&gt;,=C2=A0</div><div class=3D"gmail_d=
efault">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5894ba &lt;exec_byte_code+874&=
gt;, 0x589aa2 &lt;exec_byte_code+2386&gt; &lt;repeats 64 times&gt;}</div><d=
iv class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 count =3D 8</div><di=
v class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 op =3D 1</div><div cl=
ass=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 vectorp =3D 0x96f6d0 &lt;=
pure+1225200&gt;</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=
=A0 stack =3D {</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 pc =3D 0xaaa4a8 &lt;pure+2514888&gt; &quot;\210\202L\003\016A=E6=
=9D=83\317\001\313\347\350\016C\&quot;\003\206m\001\n\211A\022\242\211\262\=
r\313\332\036D\322\003\003\003#)\266\203\203\211\001\006\n\327\313O\262\v=
=DA=B2\001\351\352\006\f!!\262\v\211\203\252\001\314\016E\006\fC\&quot;\026=
E\006\t\203\313\001\016E\262\n\202\313\001\006\t\203\301\001\006\t\006\v\00=
6\vAB\241\210\006\tA\262\n\202\313\001\006\n\016EB\211\026E\262\n\210\202L\=
003\016A=EB=9D=83\367\001\352\002\206\340\001\n\211A\022\242!\351\001!\354\=
001!\203\355\001\211\262\002\355\002\313\332#\266\003\202L\003\016A=EE=9D=
=83\027\002\352\002\206\b\002\n\211A\022\242!\351\001!\355\001\313=DA=89$\2=
66\003\202L\003\016&quot;, &lt;incomplete sequence \357\232&gt;..., byte_st=
ring =3D 9893548,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0 byte_string_start =3D 0xaaa355 &lt;pure+2514549&gt; &quot=
;\306 \210\b\203\021&quot;, next =3D 0x7fffffffd900}</div><div class=3D"gma=
il_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 top =3D 0x7fffffffd680</div><div cl=
ass=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 result =3D &lt;optimized =
out&gt;</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 type =
=3D &lt;optimized out&gt;</div><div class=3D"gmail_default">#14 0x000000000=
05523c3 in Ffuncall (nargs=3D&lt;optimized out&gt;, args=3D0x7fffffffd818) =
at eval.c:2760</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=
=A0 fun =3D &lt;optimized out&gt;</div><div class=3D"gmail_default">=C2=A0 =
=C2=A0 =C2=A0 =C2=A0 original_fun =3D 8587296</div><div class=3D"gmail_defa=
ult">=C2=A0 =C2=A0 =C2=A0 =C2=A0 funcar =3D &lt;optimized out&gt;</div><div=
 class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 numargs =3D &lt;optimi=
zed out&gt;</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 l=
isp_numargs =3D 6</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =
=C2=A0 val =3D &lt;optimized out&gt;</div><div class=3D"gmail_default">=C2=
=A0 =C2=A0 =C2=A0 =C2=A0 internal_args =3D &lt;optimized out&gt;</div><div =
class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 count =3D 7</div><div c=
lass=3D"gmail_default">#15 0x000000000058941d in exec_byte_code (bytestr=3D=
&lt;optimized out&gt;, vector=3D9870557,=C2=A0</div><div class=3D"gmail_def=
ault">=C2=A0 =C2=A0 maxdepth=3D&lt;optimized out&gt;, args_template=3D&lt;o=
ptimized out&gt;, nargs=3D&lt;optimized out&gt;, args=3D&lt;optimized out&g=
t;)</div><div class=3D"gmail_default">=C2=A0 =C2=A0 at bytecode.c:880</div>=
<div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 targets =3D {0x589=
4ba &lt;exec_byte_code+874&gt;, 0x58b452 &lt;exec_byte_code+8962&gt;,=C2=A0=
</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b=
457 &lt;exec_byte_code+8967&gt;, 0x58b45c &lt;exec_byte_code+8972&gt;, 0x58=
9282 &lt;exec_byte_code+306&gt;,=C2=A0</div><div class=3D"gmail_default">=
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589288 &lt;exec_byte_code+312&gt;, 0x5=
8952e &lt;exec_byte_code+990&gt;, 0x5895ad &lt;exec_byte_code+1117&gt;,=C2=
=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x=
5895a3 &lt;exec_byte_code+1107&gt;, 0x5895a8 &lt;exec_byte_code+1112&gt;, 0=
x589573 &lt;exec_byte_code+1059&gt;,=C2=A0</div><div class=3D"gmail_default=
">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589578 &lt;exec_byte_code+1064&gt;, =
0x5892c1 &lt;exec_byte_code+369&gt;, 0x5892c8 &lt;exec_byte_code+376&gt;,=
=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
 0x5896e9 &lt;exec_byte_code+1433&gt;, 0x58957d &lt;exec_byte_code+1069&gt;=
, 0x589908 &lt;exec_byte_code+1976&gt;,=C2=A0</div><div class=3D"gmail_defa=
ult">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58990d &lt;exec_byte_code+1981&gt=
;, 0x589879 &lt;exec_byte_code+1833&gt;, 0x58987e &lt;exec_byte_code+1838&g=
t;,=C2=A0</div><div class=3D"gmail_default">---Type &lt;return&gt; to conti=
nue, or q &lt;return&gt; to quit---</div><div class=3D"gmail_default">=C2=
=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589334 &lt;exec_byte_code+484&gt;, 0x5893=
38 &lt;exec_byte_code+488&gt;, 0x589820 &lt;exec_byte_code+1744&gt;,=C2=A0<=
/div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5897=
fa &lt;exec_byte_code+1706&gt;, 0x5896ae &lt;exec_byte_code+1374&gt;, 0x589=
6b3 &lt;exec_byte_code+1379&gt;,=C2=A0</div><div class=3D"gmail_default">=
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5896b8 &lt;exec_byte_code+1384&gt;, 0x=
5896c5 &lt;exec_byte_code+1397&gt;, 0x5893b4 &lt;exec_byte_code+612&gt;,=C2=
=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x=
5893b8 &lt;exec_byte_code+616&gt;, 0x589865 &lt;exec_byte_code+1813&gt;, 0x=
589688 &lt;exec_byte_code+1336&gt;,=C2=A0</div><div class=3D"gmail_default"=
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589679 &lt;exec_byte_code+1321&gt;, 0=
x58967e &lt;exec_byte_code+1326&gt;, 0x589683 &lt;exec_byte_code+1331&gt;,=
=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
 0x58964e &lt;exec_byte_code+1278&gt;, 0x5893f9 &lt;exec_byte_code+681&gt;,=
 0x589400 &lt;exec_byte_code+688&gt;,=C2=A0</div><div class=3D"gmail_defaul=
t">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5896d5 &lt;exec_byte_code+1413&gt;,=
 0x589653 &lt;exec_byte_code+1283&gt;, 0x58a53f &lt;exec_byte_code+5103&gt;=
,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 0x58a544 &lt;exec_byte_code+5108&gt;, 0x58a549 &lt;exec_byte_code+5113&=
gt;, 0x58a514 &lt;exec_byte_code+5060&gt;,=C2=A0</div><div class=3D"gmail_d=
efault">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589443 &lt;exec_byte_code+755&=
gt;, 0x589448 &lt;exec_byte_code+760&gt;, 0x58a4d6 &lt;exec_byte_code+4998&=
gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 0x58a519 &lt;exec_byte_code+5065&gt;, 0x58a944 &lt;exec_byte_code+61=
32&gt;, 0x58a77d &lt;exec_byte_code+5677&gt;,=C2=A0</div><div class=3D"gmai=
l_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a70b &lt;exec_byte_code+5=
563&gt;, 0x5894ba &lt;exec_byte_code+874&gt;, 0x5894ba &lt;exec_byte_code+8=
74&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0=
 =C2=A0 0x5894ba &lt;exec_byte_code+874&gt;, 0x5894ba &lt;exec_byte_code+87=
4&gt;, 0x5894ba &lt;exec_byte_code+874&gt;,=C2=A0</div><div class=3D"gmail_=
default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589d04 &lt;exec_byte_code+299=
6&gt;, 0x589d90 &lt;exec_byte_code+3136&gt;, 0x589dc7 &lt;exec_byte_code+31=
91&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0=
 =C2=A0 0x589e01 &lt;exec_byte_code+3249&gt;, 0x589e3b &lt;exec_byte_code+3=
307&gt;, 0x5897bb &lt;exec_byte_code+1643&gt;,=C2=A0</div><div class=3D"gma=
il_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589883 &lt;exec_byte_code+=
1843&gt;, 0x589e81 &lt;exec_byte_code+3377&gt;, 0x589773 &lt;exec_byte_code=
+1571&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 0x5898c0 &lt;exec_byte_code+1904&gt;, 0x589eb3 &lt;exec_byte_cod=
e+3427&gt;, 0x589ef0 &lt;exec_byte_code+3488&gt;,=C2=A0</div><div class=3D"=
gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589f22 &lt;exec_byte_co=
de+3538&gt;, 0x589f5f &lt;exec_byte_code+3599&gt;, 0x589f98 &lt;exec_byte_c=
ode+3656&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 0x58a022 &lt;exec_byte_code+3794&gt;, 0x58a054 &lt;exec_byte_=
code+3844&gt;, 0x58a091 &lt;exec_byte_code+3905&gt;,=C2=A0</div><div class=
=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a0dc &lt;exec_byt=
e_code+3980&gt;, 0x58a10e &lt;exec_byte_code+4030&gt;, 0x58a140 &lt;exec_by=
te_code+4080&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0 0x58a17d &lt;exec_byte_code+4141&gt;, 0x58a1ba &lt;exec_b=
yte_code+4202&gt;, 0x58a1f7 &lt;exec_byte_code+4263&gt;,=C2=A0</div><div cl=
ass=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a23e &lt;exec_=
byte_code+4334&gt;, 0x58a277 &lt;exec_byte_code+4391&gt;, 0x58a2b0 &lt;exec=
_byte_code+4448&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 0x58a33d &lt;exec_byte_code+4589&gt;, 0x58a380 &lt;exe=
c_byte_code+4656&gt;, 0x58a3c7 &lt;exec_byte_code+4727&gt;,=C2=A0</div><div=
 class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a494 &lt;ex=
ec_byte_code+4932&gt;, 0x58a410 &lt;exec_byte_code+4800&gt;, 0x58a452 &lt;e=
xec_byte_code+4866&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A0 0x589bb4 &lt;exec_byte_code+2660&gt;, 0x589bf6 &lt=
;exec_byte_code+2726&gt;, 0x589c2f &lt;exec_byte_code+2783&gt;,=C2=A0</div>=
<div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589c71 &l=
t;exec_byte_code+2849&gt;, 0x58b195 &lt;exec_byte_code+8261&gt;, 0x58b1ce &=
lt;exec_byte_code+8318&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =
=C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b207 &lt;exec_byte_code+8375&gt;, 0x58afea =
&lt;exec_byte_code+7834&gt;, 0x589489 &lt;exec_byte_code+825&gt;,=C2=A0</di=
v><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b02b =
&lt;exec_byte_code+7899&gt;, 0x58b059 &lt;exec_byte_code+7945&gt;, 0x58b0e1=
 &lt;exec_byte_code+8081&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=
=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b122 &lt;exec_byte_code+8146&gt;, 0x58b=
163 &lt;exec_byte_code+8211&gt;, 0x58ac6d &lt;exec_byte_code+6941&gt;,=C2=
=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x=
58ac9d &lt;exec_byte_code+6989&gt;, 0x58accd &lt;exec_byte_code+7037&gt;, 0=
x58ad05 &lt;exec_byte_code+7093&gt;,=C2=A0</div><div class=3D"gmail_default=
">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5894ba &lt;exec_byte_code+874&gt;, 0=
x58ad39 &lt;exec_byte_code+7145&gt;, 0x58ad69 &lt;exec_byte_code+7193&gt;,=
=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
 0x58ad99 &lt;exec_byte_code+7241&gt;, 0x58adc9 &lt;exec_byte_code+7289&gt;=
, 0x58adf9 &lt;exec_byte_code+7337&gt;,=C2=A0</div><div class=3D"gmail_defa=
ult">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58ae29 &lt;exec_byte_code+7385&gt=
;, 0x589489 &lt;exec_byte_code+825&gt;, 0x5894ba &lt;exec_byte_code+874&gt;=
,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 0x58ae5b &lt;exec_byte_code+7435&gt;, 0x58ae9d &lt;exec_byte_code+7501&=
gt;, 0x58aecf &lt;exec_byte_code+7551&gt;,=C2=A0</div><div class=3D"gmail_d=
efault">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58af01 &lt;exec_byte_code+7601=
&gt;, 0x58af3e &lt;exec_byte_code+7662&gt;, 0x58af7b &lt;exec_byte_code+772=
3&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 0x58ac0e &lt;exec_byte_code+6846&gt;, 0x58ac30 &lt;exec_byte_code+68=
80&gt;, 0x58b63e &lt;exec_byte_code+9454&gt;,=C2=A0</div><div class=3D"gmai=
l_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b67b &lt;exec_byte_code+9=
515&gt;, 0x58b60e &lt;exec_byte_code+9406&gt;, 0x58b735 &lt;exec_byte_code+=
9701&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 0x5894ba &lt;exec_byte_code+874&gt;, 0x58aada &lt;exec_byte_code=
+6538&gt;, 0x58a555 &lt;exec_byte_code+5125&gt;,=C2=A0</div><div class=3D"g=
mail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5896fd &lt;exec_byte_cod=
e+1453&gt;, 0x58a5e4 &lt;exec_byte_code+5268&gt;, 0x58a825 &lt;exec_byte_co=
de+5845&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 0x58a896 &lt;exec_byte_code+5958&gt;, 0x589b72 &lt;exec_byte_=
code+2594&gt;, 0x58a801 &lt;exec_byte_code+5809&gt;,=C2=A0</div><div class=
=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589834 &lt;exec_byt=
e_code+1764&gt;, 0x5894fd &lt;exec_byte_code+941&gt;, 0x589912 &lt;exec_byt=
e_code+1986&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0 0x58a698 &lt;exec_byte_code+5448&gt;, 0x58a6c9 &lt;exec_b=
yte_code+5497&gt;, 0x58abbf &lt;exec_byte_code+6767&gt;,=C2=A0</div><div cl=
ass=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58ab2d &lt;exec_=
byte_code+6621&gt;, 0x58ab74 &lt;exec_byte_code+6692&gt;, 0x589caa &lt;exec=
_byte_code+2906&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 0x58a4ea &lt;exec_byte_code+5018&gt;, 0x58b6b8 &lt;exe=
c_byte_code+9576&gt;, 0x58b703 &lt;exec_byte_code+9651&gt;,=C2=A0</div><div=
 class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b465 &lt;ex=
ec_byte_code+8981&gt;, 0x58b497 &lt;exec_byte_code+9031&gt;, 0x58b4c9 &lt;e=
xec_byte_code+9081&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A0 0x58b4fb &lt;exec_byte_code+9131&gt;, 0x58b538 &lt=
;exec_byte_code+9192&gt;, 0x58b575 &lt;exec_byte_code+9253&gt;,=C2=A0</div>=
<div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b5b2 &l=
t;exec_byte_code+9314&gt;, 0x58b5ef &lt;exec_byte_code+9375&gt;, 0x58b279 &=
lt;exec_byte_code+8489&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =
=C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b2b6 &lt;exec_byte_code+8550&gt;, 0x58b2f3 =
&lt;exec_byte_code+8611&gt;, 0x58b325 &lt;exec_byte_code+8661&gt;,=C2=A0</d=
iv><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b362=
 &lt;exec_byte_code+8722&gt;, 0x58b39f &lt;exec_byte_code+8783&gt;, 0x58b3d=
c &lt;exec_byte_code+8844&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=
=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b419 &lt;exec_byte_code+8905&gt;, 0x58b=
240 &lt;exec_byte_code+8432&gt;, 0x58afad &lt;exec_byte_code+7773&gt;,=C2=
=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x=
589975 &lt;exec_byte_code+2085&gt;, 0x5899be &lt;exec_byte_code+2158&gt;, 0=
x5894ba &lt;exec_byte_code+874&gt;,=C2=A0</div><div class=3D"gmail_default"=
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a784 &lt;exec_byte_code+5684&gt;, 0=
x58aa0f &lt;exec_byte_code+6335&gt;, 0x58a975 &lt;exec_byte_code+6181&gt;,=
=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
 0x58aa76 &lt;exec_byte_code+6438&gt;, 0x589adc &lt;exec_byte_code+2444&gt;=
, 0x589fd1 &lt;exec_byte_code+3713&gt;,=C2=A0</div><div class=3D"gmail_defa=
ult">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a2e9 &lt;exec_byte_code+4505&gt=
;, 0x58b08d &lt;exec_byte_code+7997&gt;, 0x589606 &lt;exec_byte_code+1206&g=
t;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 0x5899f8 &lt;exec_byte_code+2216&gt;, 0x5894ba &lt;exec_byte_code+874&g=
t;, 0x5894ba &lt;exec_byte_code+874&gt;,=C2=A0</div><div class=3D"gmail_def=
ault">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589a54 &lt;exec_byte_code+2308&g=
t;, 0x5894ba &lt;exec_byte_code+874&gt;, 0x5894ba &lt;exec_byte_code+874&gt=
;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 0x5894ba &lt;exec_byte_code+874&gt;, 0x5894ba &lt;exec_byte_code+874&gt=
;, 0x5894ba &lt;exec_byte_code+874&gt;,=C2=A0</div><div class=3D"gmail_defa=
ult">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5894ba &lt;exec_byte_code+874&gt;=
, 0x5894ba &lt;exec_byte_code+874&gt;, 0x5894ba &lt;exec_byte_code+874&gt;,=
=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
 0x5894ba &lt;exec_byte_code+874&gt;, 0x589aa2 &lt;exec_byte_code+2386&gt; =
&lt;repeats 64 times&gt;}</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =
=C2=A0 =C2=A0 count =3D 7</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =
=C2=A0 =C2=A0 op =3D 1</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=
=A0 =C2=A0 vectorp =3D 0x969ce0 &lt;pure+1202176&gt;</div><div class=3D"gma=
il_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 stack =3D {</div><div class=3D"gmai=
l_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 pc =3D 0xaacef4 &lt;pure+2525=
716&gt; &quot;\210\307\016@\211\203k\006\211@\002\204d\006\211;\203d\006\20=
1&quot;, &lt;incomplete sequence \316&gt;, byte_string =3D 9870524,=C2=A0</=
div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 byte_st=
ring_start =3D 0xaac8d3 &lt;pure+2524147&gt; &quot;\306 \020\307\021\n\023\=
307\024\310\311!\211\307=3D\204\060&quot;, next =3D 0x7fffffffdab0}</div><d=
iv class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 top =3D 0x7fffffffd8=
18</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 result =3D=
 &lt;optimized out&gt;</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=
=A0 =C2=A0 type =3D &lt;optimized out&gt;</div><div class=3D"gmail_default"=
>#16 0x00000000005523c3 in Ffuncall (nargs=3D&lt;optimized out&gt;, args=3D=
0x7fffffffda10) at eval.c:2760</div><div class=3D"gmail_default">=C2=A0 =C2=
=A0 =C2=A0 =C2=A0 fun =3D &lt;optimized out&gt;</div><div class=3D"gmail_de=
fault">=C2=A0 =C2=A0 =C2=A0 =C2=A0 original_fun =3D 8586560</div><div class=
=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 funcar =3D &lt;optimized out=
&gt;</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 numargs =
=3D &lt;optimized out&gt;</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =
=C2=A0 =C2=A0 lisp_numargs =3D 2</div><div class=3D"gmail_default">=C2=A0 =
=C2=A0 =C2=A0 =C2=A0 val =3D &lt;optimized out&gt;</div><div class=3D"gmail=
_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 internal_args =3D &lt;optimized out&g=
t;</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 count =3D =
6</div><div class=3D"gmail_default">#17 0x000000000058941d in exec_byte_cod=
e (bytestr=3D&lt;optimized out&gt;, vector=3D9866565,=C2=A0</div><div class=
=3D"gmail_default">=C2=A0 =C2=A0 maxdepth=3D&lt;optimized out&gt;, args_tem=
plate=3D&lt;optimized out&gt;, nargs=3D&lt;optimized out&gt;, args=3D&lt;op=
timized out&gt;)</div><div class=3D"gmail_default">=C2=A0 =C2=A0 at bytecod=
e.c:880</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 targe=
ts =3D {0x5894ba &lt;exec_byte_code+874&gt;, 0x58b452 &lt;exec_byte_code+89=
62&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0=
 =C2=A0 0x58b457 &lt;exec_byte_code+8967&gt;, 0x58b45c &lt;exec_byte_code+8=
972&gt;, 0x589282 &lt;exec_byte_code+306&gt;,=C2=A0</div><div class=3D"gmai=
l_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589288 &lt;exec_byte_code+3=
12&gt;, 0x58952e &lt;exec_byte_code+990&gt;, 0x5895ad &lt;exec_byte_code+11=
17&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0=
 =C2=A0 0x5895a3 &lt;exec_byte_code+1107&gt;, 0x5895a8 &lt;exec_byte_code+1=
112&gt;, 0x589573 &lt;exec_byte_code+1059&gt;,=C2=A0</div><div class=3D"gma=
il_default">---Type &lt;return&gt; to continue, or q &lt;return&gt; to quit=
---</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x=
589578 &lt;exec_byte_code+1064&gt;, 0x5892c1 &lt;exec_byte_code+369&gt;, 0x=
5892c8 &lt;exec_byte_code+376&gt;,=C2=A0</div><div class=3D"gmail_default">=
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5896e9 &lt;exec_byte_code+1433&gt;, 0x=
58957d &lt;exec_byte_code+1069&gt;, 0x589908 &lt;exec_byte_code+1976&gt;,=
=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
 0x58990d &lt;exec_byte_code+1981&gt;, 0x589879 &lt;exec_byte_code+1833&gt;=
, 0x58987e &lt;exec_byte_code+1838&gt;,=C2=A0</div><div class=3D"gmail_defa=
ult">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589334 &lt;exec_byte_code+484&gt;=
, 0x589338 &lt;exec_byte_code+488&gt;, 0x589820 &lt;exec_byte_code+1744&gt;=
,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 0x5897fa &lt;exec_byte_code+1706&gt;, 0x5896ae &lt;exec_byte_code+1374&=
gt;, 0x5896b3 &lt;exec_byte_code+1379&gt;,=C2=A0</div><div class=3D"gmail_d=
efault">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5896b8 &lt;exec_byte_code+1384=
&gt;, 0x5896c5 &lt;exec_byte_code+1397&gt;, 0x5893b4 &lt;exec_byte_code+612=
&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 0x5893b8 &lt;exec_byte_code+616&gt;, 0x589865 &lt;exec_byte_code+181=
3&gt;, 0x589688 &lt;exec_byte_code+1336&gt;,=C2=A0</div><div class=3D"gmail=
_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589679 &lt;exec_byte_code+13=
21&gt;, 0x58967e &lt;exec_byte_code+1326&gt;, 0x589683 &lt;exec_byte_code+1=
331&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 0x58964e &lt;exec_byte_code+1278&gt;, 0x5893f9 &lt;exec_byte_cod=
e+681&gt;, 0x589400 &lt;exec_byte_code+688&gt;,=C2=A0</div><div class=3D"gm=
ail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5896d5 &lt;exec_byte_code=
+1413&gt;, 0x589653 &lt;exec_byte_code+1283&gt;, 0x58a53f &lt;exec_byte_cod=
e+5103&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 0x58a544 &lt;exec_byte_code+5108&gt;, 0x58a549 &lt;exec_byte_=
code+5113&gt;, 0x58a514 &lt;exec_byte_code+5060&gt;,=C2=A0</div><div class=
=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589443 &lt;exec_byt=
e_code+755&gt;, 0x589448 &lt;exec_byte_code+760&gt;, 0x58a4d6 &lt;exec_byte=
_code+4998&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0 0x58a519 &lt;exec_byte_code+5065&gt;, 0x58a944 &lt;exec_b=
yte_code+6132&gt;, 0x58a77d &lt;exec_byte_code+5677&gt;,=C2=A0</div><div cl=
ass=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a70b &lt;exec_=
byte_code+5563&gt;, 0x5894ba &lt;exec_byte_code+874&gt;, 0x5894ba &lt;exec_=
byte_code+874&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 0x5894ba &lt;exec_byte_code+874&gt;, 0x5894ba &lt;exec=
_byte_code+874&gt;, 0x5894ba &lt;exec_byte_code+874&gt;,=C2=A0</div><div cl=
ass=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589d04 &lt;exec_=
byte_code+2996&gt;, 0x589d90 &lt;exec_byte_code+3136&gt;, 0x589dc7 &lt;exec=
_byte_code+3191&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 0x589e01 &lt;exec_byte_code+3249&gt;, 0x589e3b &lt;exe=
c_byte_code+3307&gt;, 0x5897bb &lt;exec_byte_code+1643&gt;,=C2=A0</div><div=
 class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589883 &lt;ex=
ec_byte_code+1843&gt;, 0x589e81 &lt;exec_byte_code+3377&gt;, 0x589773 &lt;e=
xec_byte_code+1571&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A0 0x5898c0 &lt;exec_byte_code+1904&gt;, 0x589eb3 &lt=
;exec_byte_code+3427&gt;, 0x589ef0 &lt;exec_byte_code+3488&gt;,=C2=A0</div>=
<div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589f22 &l=
t;exec_byte_code+3538&gt;, 0x589f5f &lt;exec_byte_code+3599&gt;, 0x589f98 &=
lt;exec_byte_code+3656&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =
=C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a022 &lt;exec_byte_code+3794&gt;, 0x58a054 =
&lt;exec_byte_code+3844&gt;, 0x58a091 &lt;exec_byte_code+3905&gt;,=C2=A0</d=
iv><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a0dc=
 &lt;exec_byte_code+3980&gt;, 0x58a10e &lt;exec_byte_code+4030&gt;, 0x58a14=
0 &lt;exec_byte_code+4080&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=
=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a17d &lt;exec_byte_code+4141&gt;, 0x58a=
1ba &lt;exec_byte_code+4202&gt;, 0x58a1f7 &lt;exec_byte_code+4263&gt;,=C2=
=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x=
58a23e &lt;exec_byte_code+4334&gt;, 0x58a277 &lt;exec_byte_code+4391&gt;, 0=
x58a2b0 &lt;exec_byte_code+4448&gt;,=C2=A0</div><div class=3D"gmail_default=
">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a33d &lt;exec_byte_code+4589&gt;, =
0x58a380 &lt;exec_byte_code+4656&gt;, 0x58a3c7 &lt;exec_byte_code+4727&gt;,=
=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
 0x58a494 &lt;exec_byte_code+4932&gt;, 0x58a410 &lt;exec_byte_code+4800&gt;=
, 0x58a452 &lt;exec_byte_code+4866&gt;,=C2=A0</div><div class=3D"gmail_defa=
ult">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589bb4 &lt;exec_byte_code+2660&gt=
;, 0x589bf6 &lt;exec_byte_code+2726&gt;, 0x589c2f &lt;exec_byte_code+2783&g=
t;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 0x589c71 &lt;exec_byte_code+2849&gt;, 0x58b195 &lt;exec_byte_code+8261&=
gt;, 0x58b1ce &lt;exec_byte_code+8318&gt;,=C2=A0</div><div class=3D"gmail_d=
efault">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b207 &lt;exec_byte_code+8375=
&gt;, 0x58afea &lt;exec_byte_code+7834&gt;, 0x589489 &lt;exec_byte_code+825=
&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 0x58b02b &lt;exec_byte_code+7899&gt;, 0x58b059 &lt;exec_byte_code+79=
45&gt;, 0x58b0e1 &lt;exec_byte_code+8081&gt;,=C2=A0</div><div class=3D"gmai=
l_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b122 &lt;exec_byte_code+8=
146&gt;, 0x58b163 &lt;exec_byte_code+8211&gt;, 0x58ac6d &lt;exec_byte_code+=
6941&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 0x58ac9d &lt;exec_byte_code+6989&gt;, 0x58accd &lt;exec_byte_cod=
e+7037&gt;, 0x58ad05 &lt;exec_byte_code+7093&gt;,=C2=A0</div><div class=3D"=
gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5894ba &lt;exec_byte_co=
de+874&gt;, 0x58ad39 &lt;exec_byte_code+7145&gt;, 0x58ad69 &lt;exec_byte_co=
de+7193&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 0x58ad99 &lt;exec_byte_code+7241&gt;, 0x58adc9 &lt;exec_byte_=
code+7289&gt;, 0x58adf9 &lt;exec_byte_code+7337&gt;,=C2=A0</div><div class=
=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58ae29 &lt;exec_byt=
e_code+7385&gt;, 0x589489 &lt;exec_byte_code+825&gt;, 0x5894ba &lt;exec_byt=
e_code+874&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0 0x58ae5b &lt;exec_byte_code+7435&gt;, 0x58ae9d &lt;exec_b=
yte_code+7501&gt;, 0x58aecf &lt;exec_byte_code+7551&gt;,=C2=A0</div><div cl=
ass=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58af01 &lt;exec_=
byte_code+7601&gt;, 0x58af3e &lt;exec_byte_code+7662&gt;, 0x58af7b &lt;exec=
_byte_code+7723&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 0x58ac0e &lt;exec_byte_code+6846&gt;, 0x58ac30 &lt;exe=
c_byte_code+6880&gt;, 0x58b63e &lt;exec_byte_code+9454&gt;,=C2=A0</div><div=
 class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b67b &lt;ex=
ec_byte_code+9515&gt;, 0x58b60e &lt;exec_byte_code+9406&gt;, 0x58b735 &lt;e=
xec_byte_code+9701&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A0 0x5894ba &lt;exec_byte_code+874&gt;, 0x58aada &lt;=
exec_byte_code+6538&gt;, 0x58a555 &lt;exec_byte_code+5125&gt;,=C2=A0</div><=
div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5896fd &lt=
;exec_byte_code+1453&gt;, 0x58a5e4 &lt;exec_byte_code+5268&gt;, 0x58a825 &l=
t;exec_byte_code+5845&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =
=C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a896 &lt;exec_byte_code+5958&gt;, 0x589b72 =
&lt;exec_byte_code+2594&gt;, 0x58a801 &lt;exec_byte_code+5809&gt;,=C2=A0</d=
iv><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589834=
 &lt;exec_byte_code+1764&gt;, 0x5894fd &lt;exec_byte_code+941&gt;, 0x589912=
 &lt;exec_byte_code+1986&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=
=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a698 &lt;exec_byte_code+5448&gt;, 0x58a=
6c9 &lt;exec_byte_code+5497&gt;, 0x58abbf &lt;exec_byte_code+6767&gt;,=C2=
=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x=
58ab2d &lt;exec_byte_code+6621&gt;, 0x58ab74 &lt;exec_byte_code+6692&gt;, 0=
x589caa &lt;exec_byte_code+2906&gt;,=C2=A0</div><div class=3D"gmail_default=
">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a4ea &lt;exec_byte_code+5018&gt;, =
0x58b6b8 &lt;exec_byte_code+9576&gt;, 0x58b703 &lt;exec_byte_code+9651&gt;,=
=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
 0x58b465 &lt;exec_byte_code+8981&gt;, 0x58b497 &lt;exec_byte_code+9031&gt;=
, 0x58b4c9 &lt;exec_byte_code+9081&gt;,=C2=A0</div><div class=3D"gmail_defa=
ult">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b4fb &lt;exec_byte_code+9131&gt=
;, 0x58b538 &lt;exec_byte_code+9192&gt;, 0x58b575 &lt;exec_byte_code+9253&g=
t;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 0x58b5b2 &lt;exec_byte_code+9314&gt;, 0x58b5ef &lt;exec_byte_code+9375&=
gt;, 0x58b279 &lt;exec_byte_code+8489&gt;,=C2=A0</div><div class=3D"gmail_d=
efault">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b2b6 &lt;exec_byte_code+8550=
&gt;, 0x58b2f3 &lt;exec_byte_code+8611&gt;, 0x58b325 &lt;exec_byte_code+866=
1&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 0x58b362 &lt;exec_byte_code+8722&gt;, 0x58b39f &lt;exec_byte_code+87=
83&gt;, 0x58b3dc &lt;exec_byte_code+8844&gt;,=C2=A0</div><div class=3D"gmai=
l_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58b419 &lt;exec_byte_code+8=
905&gt;, 0x58b240 &lt;exec_byte_code+8432&gt;, 0x58afad &lt;exec_byte_code+=
7773&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 0x589975 &lt;exec_byte_code+2085&gt;, 0x5899be &lt;exec_byte_cod=
e+2158&gt;, 0x5894ba &lt;exec_byte_code+874&gt;,=C2=A0</div><div class=3D"g=
mail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a784 &lt;exec_byte_cod=
e+5684&gt;, 0x58aa0f &lt;exec_byte_code+6335&gt;, 0x58a975 &lt;exec_byte_co=
de+6181&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 0x58aa76 &lt;exec_byte_code+6438&gt;, 0x589adc &lt;exec_byte_=
code+2444&gt;, 0x589fd1 &lt;exec_byte_code+3713&gt;,=C2=A0</div><div class=
=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x58a2e9 &lt;exec_byt=
e_code+4505&gt;, 0x58b08d &lt;exec_byte_code+7997&gt;, 0x589606 &lt;exec_by=
te_code+1206&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0 0x5899f8 &lt;exec_byte_code+2216&gt;, 0x5894ba &lt;exec_b=
yte_code+874&gt;, 0x5894ba &lt;exec_byte_code+874&gt;,=C2=A0</div><div clas=
s=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x589a54 &lt;exec_by=
te_code+2308&gt;, 0x5894ba &lt;exec_byte_code+874&gt;, 0x5894ba &lt;exec_by=
te_code+874&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0 0x5894ba &lt;exec_byte_code+874&gt;, 0x5894ba &lt;exec_by=
te_code+874&gt;, 0x5894ba &lt;exec_byte_code+874&gt;,=C2=A0</div><div class=
=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x5894ba &lt;exec_byt=
e_code+874&gt;, 0x5894ba &lt;exec_byte_code+874&gt;, 0x5894ba &lt;exec_byte=
_code+874&gt;,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0=
 =C2=A0 =C2=A0 0x5894ba &lt;exec_byte_code+874&gt;, 0x589aa2 &lt;exec_byte_=
code+2386&gt; &lt;repeats 64 times&gt;}</div><div class=3D"gmail_default">=
=C2=A0 =C2=A0 =C2=A0 =C2=A0 count =3D 5</div><div class=3D"gmail_default">=
=C2=A0 =C2=A0 =C2=A0 =C2=A0 op =3D 0</div><div class=3D"gmail_default">=C2=
=A0 =C2=A0 =C2=A0 =C2=A0 vectorp =3D 0x968d48 &lt;pure+1198184&gt;</div><di=
v class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 stack =3D {pc =3D 0xa=
ad5d8 &lt;pure+2527480&gt; &quot;\210)\210\375\376\377\&quot;\210\201H&quot=
;, byte_string =3D 9866532,=C2=A0</div><div class=3D"gmail_default">=C2=A0 =
=C2=A0 =C2=A0 =C2=A0 =C2=A0 byte_string_start =3D 0xaad464 &lt;pure+2527108=
&gt; &quot;\b\203\b&quot;, next =3D 0x0}</div><div class=3D"gmail_default">=
=C2=A0 =C2=A0 =C2=A0 =C2=A0 top =3D 0x7fffffffda10</div><div class=3D"gmail=
_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 result =3D &lt;optimized out&gt;</div=
><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 type =3D &lt;opti=
mized out&gt;</div><div class=3D"gmail_default">#18 0x000000000055166b in a=
pply_lambda (fun=3D9866485, args=3D0, count=3D4) at eval.c:2800</div><div c=
lass=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 args_left =3D 0</div><di=
v class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 i =3D &lt;optimized o=
ut&gt;</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 numarg=
s =3D 0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 arg_v=
ector =3D 0x7fffffffdb00</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =
=C2=A0 =C2=A0 tem =3D &lt;optimized out&gt;</div><div class=3D"gmail_defaul=
t">=C2=A0 =C2=A0 =C2=A0 =C2=A0 sa_avail =3D &lt;optimized out&gt;</div><div=
 class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 sa_count =3D 5</div><d=
iv class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 sa_must_free =3D fal=
se</div><div class=3D"gmail_default">#19 0x0000000000551936 in eval_sub (fo=
rm=3D&lt;optimized out&gt;) at eval.c:2247</div><div class=3D"gmail_default=
">=C2=A0 =C2=A0 =C2=A0 =C2=A0 fun =3D &lt;optimized out&gt;</div><div class=
=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 val =3D &lt;optimized out&gt=
;</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 original_fu=
n =3D 8584864</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0=
 original_args =3D 0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0=
 =C2=A0 funcar =3D &lt;optimized out&gt;</div><div class=3D"gmail_default">=
=C2=A0 =C2=A0 =C2=A0 =C2=A0 count =3D 4</div><div class=3D"gmail_default">-=
--Type &lt;return&gt; to continue, or q &lt;return&gt; to quit---</div><div=
 class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 argvals =3D {0, 0, 122=
74656, 3840, 1, 4599230, 140737488346536, 5508133}</div><div class=3D"gmail=
_default">#20 0x0000000000553712 in Feval (form=3D17463347, lexical=3D&lt;o=
ptimized out&gt;) at eval.c:1994</div><div class=3D"gmail_default">=C2=A0 =
=C2=A0 =C2=A0 =C2=A0 count =3D 3</div><div class=3D"gmail_default">#21 0x00=
000000005512aa in internal_condition_case (bfun=3D0x4e2ae0 &lt;top_level_2&=
gt;, handlers=3D&lt;optimized out&gt;,=C2=A0</div><div class=3D"gmail_defau=
lt">=C2=A0 =C2=A0 hfun=3D0x4eb100 &lt;cmd_error&gt;) at eval.c:1315</div><d=
iv class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 val =3D &lt;optimize=
d out&gt;</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 c =
=3D 0x104c</div><div class=3D"gmail_default">#22 0x00000000004eb0bc in top_=
level_1 (ignore=3D&lt;optimized out&gt;) at keyboard.c:1129</div><div class=
=3D"gmail_default">No locals.</div><div class=3D"gmail_default">#23 0x00000=
00000551338 in internal_catch (tag=3D&lt;optimized out&gt;, func=3D0x4eb060=
 &lt;top_level_1&gt;, arg=3D0)</div><div class=3D"gmail_default">=C2=A0 =C2=
=A0 at eval.c:1080</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =
=C2=A0 val =3D 0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=
=A0 c =3D 0x104c</div><div class=3D"gmail_default">#24 0x00000000004eae56 i=
n command_loop () at keyboard.c:1090</div><div class=3D"gmail_default">No l=
ocals.</div><div class=3D"gmail_default">#25 0x00000000004eaef5 in recursiv=
e_edit_1 () at keyboard.c:697</div><div class=3D"gmail_default">=C2=A0 =C2=
=A0 =C2=A0 =C2=A0 count =3D 1</div><div class=3D"gmail_default">=C2=A0 =C2=
=A0 =C2=A0 =C2=A0 val =3D &lt;optimized out&gt;</div><div class=3D"gmail_de=
fault">#26 0x00000000004eb035 in Frecursive_edit () at keyboard.c:768</div>=
<div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 count =3D 0</div><=
div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 buffer =3D &lt;opti=
mized out&gt;</div><div class=3D"gmail_default">#27 0x00000000004dc82e in m=
ain (argc=3D&lt;optimized out&gt;, argv=3D&lt;optimized out&gt;) at emacs.c=
:1629</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 dummy =
=3D 4251459</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 s=
tack_bottom_variable =3D 0 &#39;\000&#39;</div><div class=3D"gmail_default"=
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 do_initial_setlocale =3D &lt;optimized out&gt;=
</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 dumping =3D =
&lt;optimized out&gt;</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=
=A0 =C2=A0 skip_args =3D 1</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =
=C2=A0 =C2=A0 rlim =3D {rlim_cur =3D 20480000, rlim_max =3D 184467440737095=
51615}</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 no_loa=
dup =3D false</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0=
 junk =3D 0x0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0=
 dname_arg =3D 0x0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =
=C2=A0 ch_to_dir =3D 0x0</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =
=C2=A0 =C2=A0 original_pwd =3D 0x7 &lt;Address 0x7 out of bounds&gt;</div><=
div><br></div><div><br></div><div><div>What a colleague (CC&#39;ed) thinks =
happens is:<br></div><div><br></div><div>This looks like it might be a bug =
in the emacs GC.=C2=A0 Since the symbol is</div><div>buffer-local, it has a=
n auxiliary &quot;SYMBOL_BLV&quot; structure, allocated</div><div>using [ma=
lloc], attached to it. The first garbage collection can be seen</div><div>t=
o be freeing this structure and changing the name (stored in the</div><div>=
&quot;function&quot; member) to [Vdead] (in sweep_symbols in alloc.c).</div=
><div><br></div><div>The symbols are stored in some kind of list of blocks.=
=C2=A0 If any given</div><div>block becomes full of free symbols as a resul=
t of the sweeping, it may</div><div>be freed by the next garbage-collect ca=
ll (see [sweep_symbols] again in</div><div>alloc.c).=C2=A0 However this cle=
arly does not always happen as seen by the</div><div>comments in the code.=
=C2=A0 As such surely something has to be done, after</div><div>freeing a s=
ymbol&#39;s blv structure and marking it dead, to make sure that</div><div>=
a subsequent sweeping phase on the same block of symbols doesn&#39;t try to=
</div><div>free the symbol&#39;s blv structure a second time.</div><div><br=
></div><div>There seems to be no protection against this at the moment whic=
h is why</div><div>we suspect a bug.=C2=A0 The attached patch adds such pro=
tection and we</div><div>confirm it stops the issue, both in the example ab=
ove and in the</div><div>original unreduced code.</div><div><br></div><div>=
<br></div><div><br></div><div>In GNU Emacs 26.0.90 (build 1, x86_64-pc-linu=
x-gnu)</div><div>=C2=A0of 2017-10-30 built on igm-qws-u12051a</div><div>Rep=
ository revision: 46540a1c7adb1b89b6c2f6c9150fe8680c3a5fba</div><div>System=
 Description:=C2=A0 =C2=A0 =C2=A0CentOS Linux release 7.4.1708 (Core)</div>=
<div><br></div><div>Recent messages:</div><div>For information about GNU Em=
acs and the GNU system, type C-h C-a.</div><div>Making completion list...</=
div><div>apropos-read-pattern: Command attempted to use minibuffer while in=
 minibuffer</div><div><br></div><div>Configured using:</div><div>=C2=A0&#39=
;configure --with-gnutls=3Dno --without-x --without-gsettings</div><div>=C2=
=A0--without-gpm --without-dbus --without-gconf --without-selinux</div><div=
>=C2=A0--without-imagemagick --with-gif=3Dno --with-modules --disable-acl</=
div><div>=C2=A0-prefix /home/vgatien-baron/local/clones/emacs/installed&#39=
;</div><div><br></div><div>Configured features:</div><div>JPEG SOUND NOTIFY=
 LIBXML2 ZLIB MODULES</div><div><br></div><div>Important settings:</div><di=
v>=C2=A0 value of $LANG: en_US.utf8</div></div><div><div>=C2=A0 locale-codi=
ng-system: utf-8-unix</div><div><br></div><div>Major mode: Lisp Interaction=
</div><div><br></div><div>Minor modes in effect:</div><div>=C2=A0 tooltip-m=
ode: t</div><div>=C2=A0 global-eldoc-mode: t</div><div>=C2=A0 eldoc-mode: t=
</div><div>=C2=A0 electric-indent-mode: t</div><div>=C2=A0 file-name-shadow=
-mode: t</div><div>=C2=A0 global-font-lock-mode: t</div><div>=C2=A0 font-lo=
ck-mode: t</div><div>=C2=A0 auto-composition-mode: t</div><div>=C2=A0 auto-=
encryption-mode: t</div><div>=C2=A0 auto-compression-mode: t</div><div>=C2=
=A0 line-number-mode: t</div><div>=C2=A0 transient-mark-mode: t</div><div><=
br></div><div>Load-path shadows:</div><div>None found.</div><div><br></div>=
<div>Features:</div><div>(shadow sort mail-extr apropos emacsbug message rm=
c puny dired</div><div>dired-loaddefs format-spec rfc822 mml mml-sec epa de=
rived epg gnus-util</div><div>rmail rmail-loaddefs mm-decode mm-bodies mm-e=
ncode mail-parse rfc2231</div><div>mailabbrev gmm-utils mailheader sendmail=
 regexp-opt rfc2047 rfc2045</div><div>ietf-drums mm-util mail-prsvr mail-ut=
ils term/xterm xterm time-date</div><div>elec-pair warnings finder-inf info=
 tool-bar zenburn-theme-autoloads</div><div>package easymenu epg-config url=
-handlers url-parse auth-source cl-seq</div><div>eieio eieio-core cl-macs e=
ieio-loaddefs password-cache url-vars seq</div><div>byte-opt gv bytecomp by=
te-compile cconv cl-loaddefs cl-lib mule-util</div><div>tooltip eldoc elect=
ric uniquify ediff-hook vc-hooks lisp-float-type</div><div>tabulated-list r=
eplace newcomment text-mode elisp-mode lisp-mode</div><div>prog-mode regist=
er page menu-bar rfn-eshadow isearch timer select mouse</div><div>jit-lock =
font-lock syntax facemenu font-core term/tty-colors frame</div><div>cl-gene=
ric cham georgian utf-8-lang misc-lang vietnamese tibetan thai</div><div>ta=
i-viet lao korean japanese eucjp-ms cp51932 hebrew greek romanian</div><div=
>slovak czech european ethiopic indian cyrillic chinese composite</div><div=
>charscript charprop case-table epa-hook jka-cmpr-hook help simple abbrev</=
div><div>obarray minibuffer cl-preloaded nadvice loaddefs button faces cus-=
face</div><div>macroexp files text-properties overlay sha1 md5 base64 forma=
t env</div><div>code-pages mule custom widget hashtable-print-readable back=
quote inotify</div><div>multi-tty make-network-process emacs)</div><div><br=
></div><div>Memory information:</div><div>((conses 16 179056 9590)</div><di=
v>=C2=A0(symbols 48 24756 1)</div><div>=C2=A0(miscs 40 36 144)</div><div>=
=C2=A0(strings 32 53443 1520)</div><div>=C2=A0(string-bytes 1 1383070)</div=
><div>=C2=A0(vectors 16 18475)</div><div>=C2=A0(vector-slots 8 545400 4472)=
</div><div>=C2=A0(floats 8 51 765)</div><div>=C2=A0(intervals 56 225 0)</di=
v><div>=C2=A0(buffers 992 14)</div><div>=C2=A0(heap 1024 24122 1231))</div>=
</div><div><br></div></div></div></div>

--001a11401d8035b3b0055cc491dd--

--001a11401d8035b3b7055cc491df
Content-Type: text/plain; charset="US-ASCII"; name="ecaml_bug.diff"
Content-Disposition: attachment; filename="ecaml_bug.diff"
Content-Transfer-Encoding: base64
X-Attachment-Id: f_j9eaaz120

ZGlmZiAtLWdpdCBhL3NyYy9hbGxvYy5jIGIvc3JjL2FsbG9jLmMKaW5kZXggNjhiZWU3NzI4Yy4u
NjFjZTAwMmEzZiAxMDA2NDQKLS0tIGEvc3JjL2FsbG9jLmMKKysrIGIvc3JjL2FsbG9jLmMKQEAg
LTY4MzMsMjEgKzY4MzMsMjggQEAgc3dlZXBfc3ltYm9scyAodm9pZCkKIAogICAgICAgZm9yICg7
IHN5bSA8IGVuZDsgKytzeW0pCiAgICAgICAgIHsKLSAgICAgICAgICBpZiAoIXN5bS0+cy5nY21h
cmtiaXQpCisgICAgICAgICAgaWYgKHN5bS0+cy5mdW5jdGlvbiAhPSBWZGVhZCkKICAgICAgICAg
ICAgIHsKLSAgICAgICAgICAgICAgaWYgKHN5bS0+cy5yZWRpcmVjdCA9PSBTWU1CT0xfTE9DQUxJ
WkVEKQotICAgICAgICAgICAgICAgIHhmcmVlIChTWU1CT0xfQkxWICgmc3ltLT5zKSk7Ci0gICAg
ICAgICAgICAgIHN5bS0+cy5uZXh0ID0gc3ltYm9sX2ZyZWVfbGlzdDsKLSAgICAgICAgICAgICAg
c3ltYm9sX2ZyZWVfbGlzdCA9ICZzeW0tPnM7Ci0gICAgICAgICAgICAgIHN5bWJvbF9mcmVlX2xp
c3QtPmZ1bmN0aW9uID0gVmRlYWQ7Ci0gICAgICAgICAgICAgICsrdGhpc19mcmVlOworICAgICAg
ICAgICAgICBpZiAoIXN5bS0+cy5nY21hcmtiaXQpCisgICAgICAgICAgICAgICAgeworICAgICAg
ICAgICAgICAgICAgaWYgKHN5bS0+cy5yZWRpcmVjdCA9PSBTWU1CT0xfTE9DQUxJWkVEKQorICAg
ICAgICAgICAgICAgICAgICB4ZnJlZSAoU1lNQk9MX0JMViAoJnN5bS0+cykpOworICAgICAgICAg
ICAgICAgICAgc3ltLT5zLm5leHQgPSBzeW1ib2xfZnJlZV9saXN0OworICAgICAgICAgICAgICAg
ICAgc3ltYm9sX2ZyZWVfbGlzdCA9ICZzeW0tPnM7CisgICAgICAgICAgICAgICAgICBzeW1ib2xf
ZnJlZV9saXN0LT5mdW5jdGlvbiA9IFZkZWFkOworICAgICAgICAgICAgICAgICAgKyt0aGlzX2Zy
ZWU7CisgICAgICAgICAgICAgICAgfQorICAgICAgICAgICAgICBlbHNlCisgICAgICAgICAgICAg
ICAgeworICAgICAgICAgICAgICAgICAgKytudW1fdXNlZDsKKyAgICAgICAgICAgICAgICAgIHN5
bS0+cy5nY21hcmtiaXQgPSAwOworICAgICAgICAgICAgICAgICAgLyogQXR0ZW1wdCB0byBjYXRj
aCBib2d1cyBvYmplY3RzLiAgKi8KKyAgICAgICAgICAgICAgICAgIGVhc3NlcnQgKHZhbGlkX2xp
c3Bfb2JqZWN0X3AgKHN5bS0+cy5mdW5jdGlvbikpOworICAgICAgICAgICAgICAgIH0KICAgICAg
ICAgICAgIH0KICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICB7Ci0gICAgICAgICAgICAgICsr
bnVtX3VzZWQ7Ci0gICAgICAgICAgICAgIHN5bS0+cy5nY21hcmtiaXQgPSAwOwotICAgICAgICAg
ICAgICAvKiBBdHRlbXB0IHRvIGNhdGNoIGJvZ3VzIG9iamVjdHMuICAqLwotICAgICAgICAgICAg
ICBlYXNzZXJ0ICh2YWxpZF9saXNwX29iamVjdF9wIChzeW0tPnMuZnVuY3Rpb24pKTsKKyAgICAg
ICAgICAgICAgZWFzc2VydCAoIXN5bS0+cy5nY21hcmtiaXQpOwogICAgICAgICAgICAgfQogICAg
ICAgICB9CiAK
--001a11401d8035b3b7055cc491df--




From debbugs-submit-bounces@debbugs.gnu.org Mon Oct 30 16:38:35 2017
Received: (at 29066) by debbugs.gnu.org; 30 Oct 2017 20:38:35 +0000
Received: from localhost ([127.0.0.1]:42728 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1e9GpO-0007kN-Sf
	for submit@debbugs.gnu.org; Mon, 30 Oct 2017 16:38:35 -0400
Received: from eggs.gnu.org ([208.118.235.92]:51864)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eliz@gnu.org>) id 1e9GpN-0007k8-8F
 for 29066@debbugs.gnu.org; Mon, 30 Oct 2017 16:38:33 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <eliz@gnu.org>) id 1e9GpH-000528-3u
 for 29066@debbugs.gnu.org; Mon, 30 Oct 2017 16:38:28 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:57486)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <eliz@gnu.org>)
 id 1e9GpC-000506-2X; Mon, 30 Oct 2017 16:38:22 -0400
Received: from [176.228.60.248] (port=4255 helo=home-c4e4a596f7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <eliz@gnu.org>)
 id 1e9GpB-0002mh-GB; Mon, 30 Oct 2017 16:38:21 -0400
Date: Mon, 30 Oct 2017 22:38:06 +0200
Message-Id: <83a808tlqp.fsf@gnu.org>
From: Eli Zaretskii <eliz@gnu.org>
To: Valentin Gatien-Baron <vgatien-baron@janestreet.com>
In-reply-to: <CAFd54qNxFhwTVC-ttTWzn1d3hJQ83kEwDa-Kka1T+SAk-y9V7Q@mail.gmail.com>
 (message from Valentin Gatien-Baron on Mon, 30 Oct 2017 10:36:41
 -0400)
Subject: Re: bug#29066: 26.0.90; crash in gc involving buffer local symbols
References: <CAFd54qNxFhwTVC-ttTWzn1d3hJQ83kEwDa-Kka1T+SAk-y9V7Q@mail.gmail.com>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: 29066
Cc: 29066@debbugs.gnu.org, mshinwell@janestreet.com
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Reply-To: Eli Zaretskii <eliz@gnu.org>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)

> From: Valentin Gatien-Baron <vgatien-baron@janestreet.com>
> Date: Mon, 30 Oct 2017 10:36:41 -0400
> Cc: Mark Shinwell <mshinwell@janestreet.com>
> 
> $ installed/bin/emacs -Q -L . -batch --eval '(progn (message "before") (make-local-variable (make-symbol "\
> s")) (kill-buffer) (garbage-collect) (garbage-collect) (message "after"))'
> before
> *** Error in `installed/bin/emacs': double free or corruption (!prev): 0x00000000014bff10 ***

Thanks.

Does the below fix the problem?

diff --git a/src/alloc.c b/src/alloc.c
index d9d7485..11afdfd 100644
--- a/src/alloc.c
+++ b/src/alloc.c
@@ -7024,7 +7024,9 @@ sweep_symbols (void)
         {
           if (!sym->s.gcmarkbit)
             {
-              if (sym->s.redirect == SYMBOL_LOCALIZED)
+              if (sym->s.redirect == SYMBOL_LOCALIZED
+		  /* Already freed?  */
+		  && !EQ (sym->s.function, Vdead))
                 xfree (SYMBOL_BLV (&sym->s));
               sym->s.next = symbol_free_list;
               symbol_free_list = &sym->s;




From debbugs-submit-bounces@debbugs.gnu.org Mon Oct 30 18:11:59 2017
Received: (at 29066) by debbugs.gnu.org; 30 Oct 2017 22:11:59 +0000
Received: from localhost ([127.0.0.1]:42809 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1e9IHn-0001bY-8l
	for submit@debbugs.gnu.org; Mon, 30 Oct 2017 18:11:59 -0400
Received: from mxout3.mail.janestreet.com ([38.105.200.229]:42971)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <vgatien-baron@janestreet.com>) id 1e9IAQ-0001Q4-2w
 for 29066@debbugs.gnu.org; Mon, 30 Oct 2017 18:04:22 -0400
Received: from [172.27.56.68] (helo=tot-qpr-mailcore1)
 by mxout3.mail.janestreet.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89)
 (envelope-from <vgatien-baron@janestreet.com>) id 1e9IAK-0004iY-KY
 for 29066@debbugs.gnu.org; Mon, 30 Oct 2017 18:04:16 -0400
X-JS-Flow: external
X-JS-Scanner-attachment: (ok) No attachments
Received: by tot-qpr-mailcore1 with ocaml/mailcore/mailcore 1.0+136
 (04e1cd915edc) (envelope-from <vgatien-baron@janestreet.com>)
 id BZ96Hg-FdUSQA-S2; 2017-10-30 18:04:16.606799-04:00
Received: from mail-lf0-f69.google.com ([209.85.215.69])
 by mxgoog1.mail.janestreet.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.89)
 (envelope-from <vgatien-baron@janestreet.com>) id 1e9IAK-0000iL-IT
 for 29066@debbugs.gnu.org; Mon, 30 Oct 2017 18:04:16 -0400
Received: by mail-lf0-f69.google.com with SMTP id j98so4370944lfi.0
 for <29066@debbugs.gnu.org>; Mon, 30 Oct 2017 15:04:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=janestreet.com; s=google;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc; bh=+Mu6udci/3HlI4i0TGj3DBUaYwIef/NvsXehuCVCnyk=;
 b=rCcCVAqg5ydRL6zdB/dsoFPIQiArqEAlHMV9d9TMKIigBMXDv/tTPRFAIpdoiGV/z+
 00/LxK6CuBHH5AmlOiSPrp46wMYRk3bQGkKgGgVmCqC02MCiPbs1wpxNw2XksKHzHxYL
 Koh4Qau4pEj7u2k81ECbnkNwD5S9zUEWe4/Bc=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc;
 bh=+Mu6udci/3HlI4i0TGj3DBUaYwIef/NvsXehuCVCnyk=;
 b=fswxVTpf0b4tPmF0/s19vp/T0rd7I68KqQBiIiBUx8Vy24zNiGFKwJN3+YYBaYbl5/
 YxlyckTq10LJ5xmgeLREBtIREkXAKRwDAU/3Qq45bzGBqCWlSbr4DCjOsVTId1uuEjdY
 NOvYEQ0oPghFe+jiPu2AELSK1LdalGl6KMnkQ9es4y2OOD5rnSKLGAS2FqPjPs7RD+lR
 vocbcu/f6LjW8WlQ/uWVjR1MRb85BzPsGa20EXtkLPnqsNMG+hNpqQlXP1PcHVqqQDVd
 5Y8dIXhgXg/9/5WHZBdB5WkebWRiHYpaFyzlasY5m3mZRKYQg5jVA7EmSTzAP+6u4Cck
 H40Q==
X-Gm-Message-State: AMCzsaXymlczl4FDBvyevt48XoeRw+xZKgSq2tlPxgej/OqUC14K7DDl
 bVVUs7KXoRgFJPxpLljCnmD85h1sg5x25VnTEsuQfs3a2cOt/ZRmUhOjIfPkYUmBleov20iGvzF
 T3wAKmdr9ECsn15EbB8+UPGpKhfqhUQ==
X-Received: by 10.25.16.28 with SMTP id f28mr3426233lfi.133.1509401055515;
 Mon, 30 Oct 2017 15:04:15 -0700 (PDT)
X-Google-Smtp-Source: ABhQp+QukbvupOya7ZZx/iLSw274Bq1isvw/lcBXLtOcVeOHaei/bRzPHpMqvBuyLXEOtJdWPVbIl+ZY5yfSbvFvkR4=
X-Received: by 10.25.16.28 with SMTP id f28mr3426230lfi.133.1509401055329;
 Mon, 30 Oct 2017 15:04:15 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.25.234.11 with HTTP; Mon, 30 Oct 2017 15:04:14 -0700 (PDT)
In-Reply-To: <83a808tlqp.fsf@gnu.org>
References: <CAFd54qNxFhwTVC-ttTWzn1d3hJQ83kEwDa-Kka1T+SAk-y9V7Q@mail.gmail.com>
 <83a808tlqp.fsf@gnu.org>
From: Valentin Gatien-Baron <vgatien-baron@janestreet.com>
Date: Mon, 30 Oct 2017 18:04:14 -0400
Message-ID: <CAFd54qOEYm2UAG+cFjcEmRR0pHZJzy=1eyfonQTnYsRVE=NCfQ@mail.gmail.com>
Subject: Re: bug#29066: 26.0.90; crash in gc involving buffer local symbols
To: Eli Zaretskii <eliz@gnu.org>
Content-Type: multipart/alternative; boundary="001a113f8fa4ba1ed5055ccad13f"
X-JS-Exim-Data-Received: 2017-10-30 18:04:16-0400
X-JS-Processed-by: mailcore
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 29066
X-Mailman-Approved-At: Mon, 30 Oct 2017 18:11:57 -0400
Cc: 29066@debbugs.gnu.org, Mark Shinwell <mshinwell@janestreet.com>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -2.3 (--)

--001a113f8fa4ba1ed5055ccad13f
Content-Type: text/plain; charset="UTF-8"

Yes, it fixes the problem.

I also checked the following works, and seems better to me (stop having
dangling pointers, instead of being careful with them):

diff --git a/src/alloc.c b/src/alloc.c
index da0c3ad4b3..44dfa95cf5 100644
--- a/src/alloc.c
+++ b/src/alloc.c
@@ -7030,8 +7030,10 @@ sweep_symbols (void)
         {
           if (!sym->s.gcmarkbit)
             {
-              if (sym->s.redirect == SYMBOL_LOCALIZED)
+              if (sym->s.redirect == SYMBOL_LOCALIZED) {
                 xfree (SYMBOL_BLV (&sym->s));
+                sym->s.val.blv = NULL;
+              }
               sym->s.next = symbol_free_list;
               symbol_free_list = &sym->s;
               symbol_free_list->function = Vdead;


On Mon, Oct 30, 2017 at 4:38 PM, Eli Zaretskii <eliz@gnu.org> wrote:

> > From: Valentin Gatien-Baron <vgatien-baron@janestreet.com>
> > Date: Mon, 30 Oct 2017 10:36:41 -0400
> > Cc: Mark Shinwell <mshinwell@janestreet.com>
> >
> > $ installed/bin/emacs -Q -L . -batch --eval '(progn (message "before")
> (make-local-variable (make-symbol "\
> > s")) (kill-buffer) (garbage-collect) (garbage-collect) (message
> "after"))'
> > before
> > *** Error in `installed/bin/emacs': double free or corruption (!prev):
> 0x00000000014bff10 ***
>
> Thanks.
>
> Does the below fix the problem?
>
> diff --git a/src/alloc.c b/src/alloc.c
> index d9d7485..11afdfd 100644
> --- a/src/alloc.c
> +++ b/src/alloc.c
> @@ -7024,7 +7024,9 @@ sweep_symbols (void)
>          {
>            if (!sym->s.gcmarkbit)
>              {
> -              if (sym->s.redirect == SYMBOL_LOCALIZED)
> +              if (sym->s.redirect == SYMBOL_LOCALIZED
> +                 /* Already freed?  */
> +                 && !EQ (sym->s.function, Vdead))
>                  xfree (SYMBOL_BLV (&sym->s));
>                sym->s.next = symbol_free_list;
>                symbol_free_list = &sym->s;
>

--001a113f8fa4ba1ed5055ccad13f
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div class=3D"gmail_default" style=3D"font-family:arial,he=
lvetica,sans-serif">Yes, it fixes the problem.</div><div class=3D"gmail_def=
ault" style=3D"font-family:arial,helvetica,sans-serif"><br></div><div class=
=3D"gmail_default" style=3D"font-family:arial,helvetica,sans-serif">I also =
checked the following works, and seems better to me (stop having dangling p=
ointers, instead of being careful with them):</div><div class=3D"gmail_defa=
ult" style=3D"font-family:arial,helvetica,sans-serif"><br></div><div class=
=3D"gmail_default" style=3D"font-family:arial,helvetica,sans-serif"><div cl=
ass=3D"gmail_default"><div class=3D"gmail_default">diff --git a/src/alloc.c=
 b/src/alloc.c</div><div class=3D"gmail_default">index da0c3ad4b3..44dfa95c=
f5 100644</div><div class=3D"gmail_default">--- a/src/alloc.c</div><div cla=
ss=3D"gmail_default">+++ b/src/alloc.c</div><div class=3D"gmail_default">@@=
 -7030,8 +7030,10 @@ sweep_symbols (void)</div><div class=3D"gmail_default"=
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0{</div><div class=3D"gmail_default">=C2=
=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0if (!sym-&gt;s.gcmarkbit)</div><div c=
lass=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0{</d=
iv><div class=3D"gmail_default">-=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 if (sym-&gt;s.redirect =3D=3D SYMBOL_LOCALIZED)</div><div class=3D"g=
mail_default">+=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 if (sym-&gt=
;s.redirect =3D=3D SYMBOL_LOCALIZED) {</div><div class=3D"gmail_default">=
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0xfree (SYMBOL=
_BLV (&amp;sym-&gt;s));</div><div class=3D"gmail_default">+=C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 sym-&gt;s.val.blv =3D NULL;</div>=
<div class=3D"gmail_default">+=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 }</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0sym-&gt;s.next =3D symbol_free_list;</div><div class=3D=
"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0symb=
ol_free_list =3D &amp;sym-&gt;s;</div><div class=3D"gmail_default">=C2=A0 =
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0symbol_free_list-&gt;functi=
on =3D Vdead;</div><div><br></div></div></div><div class=3D"gmail_extra"><b=
r><div class=3D"gmail_quote">On Mon, Oct 30, 2017 at 4:38 PM, Eli Zaretskii=
 <span dir=3D"ltr">&lt;<a href=3D"mailto:eliz@gnu.org" target=3D"_blank">el=
iz@gnu.org</a>&gt;</span> wrote:<br><blockquote class=3D"gmail_quote" style=
=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding=
-left:1ex">&gt; From: Valentin Gatien-Baron &lt;<a href=3D"mailto:vgatien-b=
aron@janestreet.com">vgatien-baron@janestreet.com</a>&gt;<br>
&gt; Date: Mon, 30 Oct 2017 10:36:41 -0400<br>
&gt; Cc: Mark Shinwell &lt;<a href=3D"mailto:mshinwell@janestreet.com">mshi=
nwell@janestreet.com</a>&gt;<br>
&gt;<br>
&gt; $ installed/bin/emacs -Q -L . -batch --eval &#39;(progn (message &quot=
;before&quot;) (make-local-variable (make-symbol &quot;\<br>
&gt; s&quot;)) (kill-buffer) (garbage-collect) (garbage-collect) (message &=
quot;after&quot;))&#39;<br>
&gt; before<br>
&gt; *** Error in `installed/bin/emacs&#39;: double free or corruption (!pr=
ev): 0x00000000014bff10 ***<br>
<br>
Thanks.<br>
<br>
Does the below fix the problem?<br>
<br>
diff --git a/src/alloc.c b/src/alloc.c<br>
index d9d7485..11afdfd 100644<br>
--- a/src/alloc.c<br>
+++ b/src/alloc.c<br>
@@ -7024,7 +7024,9 @@ sweep_symbols (void)<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0{<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0if (!sym-&gt;s.gcmarkbit)<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0{<br>
-=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 if (sym-&gt;s.redirect =
=3D=3D SYMBOL_LOCALIZED)<br>
+=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 if (sym-&gt;s.redirect =
=3D=3D SYMBOL_LOCALIZED<br>
+=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0/* Already f=
reed?=C2=A0 */<br>
+=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0&amp;&amp; !=
EQ (sym-&gt;s.function, Vdead))<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0xfree (SYMBOL=
_BLV (&amp;sym-&gt;s));<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0sym-&gt;s.next =3D s=
ymbol_free_list;<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0symbol_free_list =3D=
 &amp;sym-&gt;s;<br>
</blockquote></div><br></div></div>

--001a113f8fa4ba1ed5055ccad13f--




From debbugs-submit-bounces@debbugs.gnu.org Mon Oct 30 23:40:24 2017
Received: (at 29066) by debbugs.gnu.org; 31 Oct 2017 03:40:24 +0000
Received: from localhost ([127.0.0.1]:43067 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1e9NPc-00053v-6S
	for submit@debbugs.gnu.org; Mon, 30 Oct 2017 23:40:24 -0400
Received: from eggs.gnu.org ([208.118.235.92]:41986)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eliz@gnu.org>) id 1e9NPa-00053h-Fa
 for 29066@debbugs.gnu.org; Mon, 30 Oct 2017 23:40:22 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <eliz@gnu.org>) id 1e9NPU-0003fm-Dj
 for 29066@debbugs.gnu.org; Mon, 30 Oct 2017 23:40:17 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:35029)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <eliz@gnu.org>)
 id 1e9NPO-0003Zk-Sj; Mon, 30 Oct 2017 23:40:10 -0400
Received: from [176.228.60.248] (port=4589 helo=home-c4e4a596f7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <eliz@gnu.org>)
 id 1e9NPO-0002lg-9n; Mon, 30 Oct 2017 23:40:10 -0400
Date: Tue, 31 Oct 2017 05:39:56 +0200
Message-Id: <838tfst27n.fsf@gnu.org>
From: Eli Zaretskii <eliz@gnu.org>
To: Valentin Gatien-Baron <vgatien-baron@janestreet.com>
In-reply-to: <CAFd54qOEYm2UAG+cFjcEmRR0pHZJzy=1eyfonQTnYsRVE=NCfQ@mail.gmail.com>
 (message from Valentin Gatien-Baron on Mon, 30 Oct 2017 18:04:14
 -0400)
Subject: Re: bug#29066: 26.0.90; crash in gc involving buffer local symbols
References: <CAFd54qNxFhwTVC-ttTWzn1d3hJQ83kEwDa-Kka1T+SAk-y9V7Q@mail.gmail.com>
 <83a808tlqp.fsf@gnu.org>
 <CAFd54qOEYm2UAG+cFjcEmRR0pHZJzy=1eyfonQTnYsRVE=NCfQ@mail.gmail.com>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: 29066
Cc: 29066@debbugs.gnu.org, mshinwell@janestreet.com
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Reply-To: Eli Zaretskii <eliz@gnu.org>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)

> From: Valentin Gatien-Baron <vgatien-baron@janestreet.com>
> Date: Mon, 30 Oct 2017 18:04:14 -0400
> Cc: 29066@debbugs.gnu.org,
> 	Mark Shinwell <mshinwell@janestreet.com>
> 
> Yes, it fixes the problem.

Thanks.

> I also checked the following works, and seems better to me (stop having dangling pointers, instead of being
> careful with them):
> 
> diff --git a/src/alloc.c b/src/alloc.c
> index da0c3ad4b3..44dfa95cf5 100644
> --- a/src/alloc.c
> +++ b/src/alloc.c
> @@ -7030,8 +7030,10 @@ sweep_symbols (void)
>          {
>            if (!sym->s.gcmarkbit)
>              {
> -              if (sym->s.redirect == SYMBOL_LOCALIZED)
> +              if (sym->s.redirect == SYMBOL_LOCALIZED) {
>                  xfree (SYMBOL_BLV (&sym->s));
> +                sym->s.val.blv = NULL;
> +              }

That was my first attempt, but various macros like SYMBOL_BLV and
SET_SYMBOL_BLV insist on val.blv being non-NULL.  I guess you've built
Emacs without --enable-checking, so you don't see the effect of that,
but if you do, you will have assertion violations with your patch.




From debbugs-submit-bounces@debbugs.gnu.org Tue Oct 31 02:32:20 2017
Received: (at 29066) by debbugs.gnu.org; 31 Oct 2017 06:32:20 +0000
Received: from localhost ([127.0.0.1]:43109 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1e9Q60-000139-37
	for submit@debbugs.gnu.org; Tue, 31 Oct 2017 02:32:20 -0400
Received: from mail-out.m-online.net ([212.18.0.10]:56808)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <whitebox@nefkom.net>) id 1e9Q5y-000131-8S
 for 29066@debbugs.gnu.org; Tue, 31 Oct 2017 02:32:18 -0400
Received: from frontend01.mail.m-online.net (unknown [192.168.8.182])
 by mail-out.m-online.net (Postfix) with ESMTP id 3yR1jX51SCz1qv30;
 Tue, 31 Oct 2017 07:32:16 +0100 (CET)
Received: from localhost (dynscan1.mnet-online.de [192.168.6.70])
 by mail.m-online.net (Postfix) with ESMTP id 3yR1jX3bgcz1tSmT;
 Tue, 31 Oct 2017 07:32:16 +0100 (CET)
X-Virus-Scanned: amavisd-new at mnet-online.de
Received: from mail.mnet-online.de ([192.168.8.182])
 by localhost (dynscan1.mail.m-online.net [192.168.6.70]) (amavisd-new,
 port 10024)
 with ESMTP id 0Fq0kq1GFG34; Tue, 31 Oct 2017 07:32:15 +0100 (CET)
X-Auth-Info: hJStsnwGePhEtTsQnrxonRTzWvZTSlFtHPOtXSGCbc66+4Xb22ujzV2Jpt+xaGNi
Received: from localhost (ppp-188-174-147-245.dynamic.mnet-online.de
 [188.174.147.245])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mail.mnet-online.de (Postfix) with ESMTPSA;
 Tue, 31 Oct 2017 07:32:15 +0100 (CET)
Received: by localhost (Postfix, from userid 1000)
 id C09CA2C110B; Tue, 31 Oct 2017 07:32:14 +0100 (CET)
From: Andreas Schwab <schwab@linux-m68k.org>
To: Eli Zaretskii <eliz@gnu.org>
Subject: Re: bug#29066: 26.0.90; crash in gc involving buffer local symbols
References: <CAFd54qNxFhwTVC-ttTWzn1d3hJQ83kEwDa-Kka1T+SAk-y9V7Q@mail.gmail.com>
 <83a808tlqp.fsf@gnu.org>
 <CAFd54qOEYm2UAG+cFjcEmRR0pHZJzy=1eyfonQTnYsRVE=NCfQ@mail.gmail.com>
 <838tfst27n.fsf@gnu.org>
X-Yow: I have no actual hairline...
Date: Tue, 31 Oct 2017 07:32:14 +0100
In-Reply-To: <838tfst27n.fsf@gnu.org> (Eli Zaretskii's message of "Tue, 31 Oct
 2017 05:39:56 +0200")
Message-ID: <87efpjzv2p.fsf@linux-m68k.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 29066
Cc: 29066@debbugs.gnu.org, mshinwell@janestreet.com,
 Valentin Gatien-Baron <vgatien-baron@janestreet.com>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.7 (/)

On Okt 31 2017, Eli Zaretskii <eliz@gnu.org> wrote:

>> I also checked the following works, and seems better to me (stop having dangling pointers, instead of being
>> careful with them):
>> 
>> diff --git a/src/alloc.c b/src/alloc.c
>> index da0c3ad4b3..44dfa95cf5 100644
>> --- a/src/alloc.c
>> +++ b/src/alloc.c
>> @@ -7030,8 +7030,10 @@ sweep_symbols (void)
>>          {
>>            if (!sym->s.gcmarkbit)
>>              {
>> -              if (sym->s.redirect == SYMBOL_LOCALIZED)
>> +              if (sym->s.redirect == SYMBOL_LOCALIZED) {
>>                  xfree (SYMBOL_BLV (&sym->s));
>> +                sym->s.val.blv = NULL;
>> +              }
>
> That was my first attempt, but various macros like SYMBOL_BLV and
> SET_SYMBOL_BLV insist on val.blv being non-NULL.

SET_SYMBOL_BLV doesn't.  And calling SYMBOL_BLV with a freed symbol is a
bug anyway.

Andreas.

-- 
Andreas Schwab, schwab@linux-m68k.org
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756  01D3 44D5 214B 8276 4ED5
"And now for something completely different."




From debbugs-submit-bounces@debbugs.gnu.org Tue Oct 31 10:52:54 2017
Received: (at 29066) by debbugs.gnu.org; 31 Oct 2017 14:52:54 +0000
Received: from localhost ([127.0.0.1]:44346 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1e9XuQ-00046e-44
	for submit@debbugs.gnu.org; Tue, 31 Oct 2017 10:52:54 -0400
Received: from mxout3.mail.janestreet.com ([38.105.200.229]:55514)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <vgatien-baron@janestreet.com>) id 1e9XuN-00046N-RE
 for 29066@debbugs.gnu.org; Tue, 31 Oct 2017 10:52:52 -0400
Received: from [172.27.56.68] (helo=tot-qpr-mailcore1)
 by mxout3.mail.janestreet.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89)
 (envelope-from <vgatien-baron@janestreet.com>) id 1e9XuI-0000qN-FG
 for 29066@debbugs.gnu.org; Tue, 31 Oct 2017 10:52:46 -0400
X-JS-Flow: external
X-JS-Scanner-attachment: (ok) No attachments
Received: by tot-qpr-mailcore1 with ocaml/mailcore/mailcore 1.0+136
 (04e1cd915edc) (envelope-from <vgatien-baron@janestreet.com>)
 id BZ-I4--FdUSQA-Od; 2017-10-31 10:52:46.466622-04:00
Received: from mail-lf0-f71.google.com ([209.85.215.71])
 by mxgoog1.mail.janestreet.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.89)
 (envelope-from <vgatien-baron@janestreet.com>) id 1e9XuI-0001Eh-AE
 for 29066@debbugs.gnu.org; Tue, 31 Oct 2017 10:52:46 -0400
Received: by mail-lf0-f71.google.com with SMTP id 75so5061767lfx.15
 for <29066@debbugs.gnu.org>; Tue, 31 Oct 2017 07:52:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=janestreet.com; s=google;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc; bh=EPa58Lw4rNdYTExawNipAbJODgSTdUT/Mi5CLzeZgRY=;
 b=TPXttA/HE6XeEldO8jGUpNp5FVGFx2B14QTGJvLnAXuerL1yXEPbmwHE8xRyL3uhcS
 3FAzeNKHKrRs2wPUD+oUPBqQhuDE24vBHpT/oze0fLsPhCyguvNVfwURDxwgjdd0fS9v
 r20vK1ThMDDp4j+f2bdYib90Bv1NZL0Nk2bkg=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc;
 bh=EPa58Lw4rNdYTExawNipAbJODgSTdUT/Mi5CLzeZgRY=;
 b=e5fPmkvr+5SldnmMuzkBWRTELrnnVwbAFpiIATp5eJXwkQJaP/6/97xP8qF0xcFIQ4
 O83mRvyS4N437tuMYSBaoOYDYvJmuwLYpAhYeb7dWUffm3VdelKzXeSdjz6rtxQr505k
 mZXlhncHifE5GGyslLbGbI/aqzbteUwdIL0wJruS6jb/i33FPHh5k9MjQTyA71IM9v3S
 ozzkUFhZXxnMI1MvmgNxfdhf8INWjgPpZITOPPYxqxwtmDgwZgp8iMq2zCS30PReW94j
 X3XhOmJbJIzdDUdm94ZjNisK3lTYcBRhu+gzi4ihLUQsnitQ4AByeT5raAUH741j4caU
 hHJQ==
X-Gm-Message-State: AMCzsaXuMiyuuGgnLpYyMYc2y+e89XvOiSdaT0OBO5N3ALMxFaQtz12I
 N4F9chuy/MDPwOvG15W5x9w8AaweHVusgbW5y3qGLf7c10iIE2ZmWQJt93P10zWQPwLM0PJckFP
 VkbnBNuXjL8yACDBtTzTXkXAfxyQd/g==
X-Received: by 10.25.16.28 with SMTP id f28mr909786lfi.133.1509461565295;
 Tue, 31 Oct 2017 07:52:45 -0700 (PDT)
X-Google-Smtp-Source: ABhQp+Rm7hJBN3wCeU8XWgr0hiqyYUBOyIeMWd0gqd86r/aXBdaO8Gr51iVCBVVk1aldc697TaR38qCKPp2RsKlGk70=
X-Received: by 10.25.16.28 with SMTP id f28mr909780lfi.133.1509461565087; Tue,
 31 Oct 2017 07:52:45 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.25.234.11 with HTTP; Tue, 31 Oct 2017 07:52:44 -0700 (PDT)
In-Reply-To: <87efpjzv2p.fsf@linux-m68k.org>
References: <CAFd54qNxFhwTVC-ttTWzn1d3hJQ83kEwDa-Kka1T+SAk-y9V7Q@mail.gmail.com>
 <83a808tlqp.fsf@gnu.org>
 <CAFd54qOEYm2UAG+cFjcEmRR0pHZJzy=1eyfonQTnYsRVE=NCfQ@mail.gmail.com>
 <838tfst27n.fsf@gnu.org> <87efpjzv2p.fsf@linux-m68k.org>
From: Valentin Gatien-Baron <vgatien-baron@janestreet.com>
Date: Tue, 31 Oct 2017 10:52:44 -0400
Message-ID: <CAFd54qPr9H1U5Buf+mB0ytf53ewaa3MaAScdRYwYuG=AjzoT-Q@mail.gmail.com>
Subject: Re: bug#29066: 26.0.90; crash in gc involving buffer local symbols
To: Andreas Schwab <schwab@linux-m68k.org>
Content-Type: multipart/alternative; boundary="001a113f8fa463c2e8055cd8e8ce"
X-JS-Exim-Data-Received: 2017-10-31 10:52:46-0400
X-JS-Processed-by: mailcore
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 29066
Cc: Eli Zaretskii <eliz@gnu.org>, 29066@debbugs.gnu.org,
 Mark Shinwell <mshinwell@janestreet.com>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -2.3 (--)

--001a113f8fa463c2e8055cd8e8ce
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Tue, Oct 31, 2017 at 2:32 AM, Andreas Schwab <schwab@linux-m68k.org>
wrote:

> On Okt 31 2017, Eli Zaretskii <eliz@gnu.org> wrote:
>
> >> I also checked the following works, and seems better to me (stop havin=
g
> dangling pointers, instead of being
> >> careful with them):
> >>
> >> diff --git a/src/alloc.c b/src/alloc.c
> >> index da0c3ad4b3..44dfa95cf5 100644
> >> --- a/src/alloc.c
> >> +++ b/src/alloc.c
> >> @@ -7030,8 +7030,10 @@ sweep_symbols (void)
> >>          {
> >>            if (!sym->s.gcmarkbit)
> >>              {
> >> -              if (sym->s.redirect =3D=3D SYMBOL_LOCALIZED)
> >> +              if (sym->s.redirect =3D=3D SYMBOL_LOCALIZED) {
> >>                  xfree (SYMBOL_BLV (&sym->s));
> >> +                sym->s.val.blv =3D NULL;
> >> +              }
> >
> > That was my first attempt, but various macros like SYMBOL_BLV and
> > SET_SYMBOL_BLV insist on val.blv being non-NULL.
>
> SET_SYMBOL_BLV doesn't.  And calling SYMBOL_BLV with a freed symbol is a
> bug anyway.
>

=E2=80=8BSET_SYMBOL_BLV insists that the new value is not NULL, even if it =
asserts
nothing about the current value.

We do call SYMBOL_BLV after freeing, when we re-sweep the symbol, which is
fine because free does nothing when given NULL, but triggers the assertion=
=E2=80=8B.

I would do this, to avoid the assertion failure:

diff --git a/src/alloc.c b/src/alloc.c
index da0c3ad4b3..72550e812b 100644
--- a/src/alloc.c
+++ b/src/alloc.c
@@ -7030,8 +7030,10 @@ sweep_symbols (void)
         {
           if (!sym->s.gcmarkbit)
             {
-              if (sym->s.redirect =3D=3D SYMBOL_LOCALIZED)
+              if (sym->s.redirect =3D=3D SYMBOL_LOCALIZED && sym->s.val.bl=
v) {
                 xfree (SYMBOL_BLV (&sym->s));
+                sym->s.val.blv =3D NULL;
+              }
               sym->s.next =3D symbol_free_list;
               symbol_free_list =3D &sym->s;
               symbol_free_list->function =3D Vdead;

Or changing the redirect type:

diff --git a/src/alloc.c b/src/alloc.c
index da0c3ad4b3..6966d96c6d 100644
--- a/src/alloc.c
+++ b/src/alloc.c
@@ -7030,8 +7030,11 @@ sweep_symbols (void)
         {
           if (!sym->s.gcmarkbit)
             {
-              if (sym->s.redirect =3D=3D SYMBOL_LOCALIZED)
+              if (sym->s.redirect =3D=3D SYMBOL_LOCALIZED) {
                 xfree (SYMBOL_BLV (&sym->s));
+                sym->s.redirect =3D SYMBOL_PLAINVAL;
+                SET_SYMBOL_VAL (&sym->s, Qunbound);
+              }
               sym->s.next =3D symbol_free_list;
               symbol_free_list =3D &sym->s;
               symbol_free_list->function =3D Vdead;

--001a113f8fa463c2e8055cd8e8ce
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div class=3D"gmail_default" style=3D"font-family:arial,he=
lvetica,sans-serif"><br></div><div class=3D"gmail_extra"><br><div class=3D"=
gmail_quote">On Tue, Oct 31, 2017 at 2:32 AM, Andreas Schwab <span dir=3D"l=
tr">&lt;<a href=3D"mailto:schwab@linux-m68k.org" target=3D"_blank">schwab@l=
inux-m68k.org</a>&gt;</span> wrote:<br><blockquote class=3D"gmail_quote" st=
yle=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padd=
ing-left:1ex"><span class=3D"gmail-">On Okt 31 2017, Eli Zaretskii &lt;<a h=
ref=3D"mailto:eliz@gnu.org">eliz@gnu.org</a>&gt; wrote:<br>
<br>
&gt;&gt; I also checked the following works, and seems better to me (stop h=
aving dangling pointers, instead of being<br>
&gt;&gt; careful with them):<br>
&gt;&gt;<br>
&gt;&gt; diff --git a/src/alloc.c b/src/alloc.c<br>
&gt;&gt; index da0c3ad4b3..44dfa95cf5 100644<br>
&gt;&gt; --- a/src/alloc.c<br>
&gt;&gt; +++ b/src/alloc.c<br>
&gt;&gt; @@ -7030,8 +7030,10 @@ sweep_symbols (void)<br>
&gt;&gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 {<br>
&gt;&gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 if (!sym-&gt;s.gcmarkbit)=
<br>
&gt;&gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 {<br>
&gt;&gt; -=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 if (sym-&gt;s.re=
direct =3D=3D SYMBOL_LOCALIZED)<br>
&gt;&gt; +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 if (sym-&gt;s.re=
direct =3D=3D SYMBOL_LOCALIZED) {<br>
&gt;&gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 xfre=
e (SYMBOL_BLV (&amp;sym-&gt;s));<br>
&gt;&gt; +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 sym-&gt;s=
.val.blv =3D NULL;<br>
&gt;&gt; +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 }<br>
&gt;<br>
&gt; That was my first attempt, but various macros like SYMBOL_BLV and<br>
&gt; SET_SYMBOL_BLV insist on val.blv being non-NULL.<br>
<br>
</span>SET_SYMBOL_BLV doesn&#39;t.=C2=A0 And calling SYMBOL_BLV with a free=
d symbol is a<br>
bug anyway.<br></blockquote><div><br></div><div><div class=3D"gmail_default=
" style=3D"font-family:arial,helvetica,sans-serif">=E2=80=8BSET_SYMBOL_BLV =
insists that the new value is not NULL, even if it asserts nothing about th=
e current value.</div></div><div><br></div><div><div class=3D"gmail_default=
" style=3D"font-family:arial,helvetica,sans-serif">We do call SYMBOL_BLV af=
ter freeing, when we re-sweep the symbol, which is fine because free does n=
othing when given NULL, but triggers the assertion=E2=80=8B.<br></div></div=
><div><div class=3D"gmail_default" style=3D"font-family:arial,helvetica,san=
s-serif"><br></div><div class=3D"gmail_default" style=3D"font-family:arial,=
helvetica,sans-serif">I would do this, to avoid the assertion failure:<br><=
/div><div class=3D"gmail_default" style=3D"font-family:arial,helvetica,sans=
-serif"><br></div><div>diff --git a/src/alloc.c b/src/alloc.c</div><div>ind=
ex da0c3ad4b3..72550e812b 100644</div><div>--- a/src/alloc.c</div><div>+++ =
b/src/alloc.c</div><div>@@ -7030,8 +7030,10 @@ sweep_symbols (void)</div><d=
iv>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0{</div><div>=C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0if (!sym-&gt;s.gcmarkbit)</div><div>=C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 =C2=A0{</div><div>-=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 if (sym-&gt;s.redirect =3D=3D SYMBOL_LOCALIZED)</div><div>+=
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 if (sym-&gt;s.redirect =3D=
=3D SYMBOL_LOCALIZED &amp;&amp; sym-&gt;s.val.blv) {</div><div>=C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0xfree (SYMBOL_BLV (&amp=
;sym-&gt;s));</div><div>+=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 sym-&gt;s.val.blv =3D NULL;</div><div>+=C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 }</div><div>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0sym-&gt;s.next =3D symbol_free_list;</div><div>=C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0symbol_free_list =3D &amp;sym-&gt;=
s;</div><div>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0symbol_=
free_list-&gt;function =3D Vdead;</div></div><div><br></div><div><div class=
=3D"gmail_default" style=3D"font-family:arial,helvetica,sans-serif">Or chan=
ging the redirect type:</div><div class=3D"gmail_default" style=3D"font-fam=
ily:arial,helvetica,sans-serif"><br></div><div class=3D"gmail_default" styl=
e=3D"font-family:arial,helvetica,sans-serif"><div class=3D"gmail_default">d=
iff --git a/src/alloc.c b/src/alloc.c</div><div class=3D"gmail_default">ind=
ex da0c3ad4b3..6966d96c6d 100644</div><div class=3D"gmail_default">--- a/sr=
c/alloc.c</div><div class=3D"gmail_default">+++ b/src/alloc.c</div><div cla=
ss=3D"gmail_default">@@ -7030,8 +7030,11 @@ sweep_symbols (void)</div><div =
class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0{</div><div class=
=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0if (!sym-&gt;s.=
gcmarkbit)</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0{</div><div class=3D"gmail_default">-=C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 if (sym-&gt;s.redirect =3D=3D SYMBOL_LOCALI=
ZED)</div><div class=3D"gmail_default">+=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 if (sym-&gt;s.redirect =3D=3D SYMBOL_LOCALIZED) {</div><div c=
lass=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0xfree (SYMBOL_BLV (&amp;sym-&gt;s));</div><div class=3D"gmail_def=
ault">+=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 sym-&gt;s.re=
direct =3D SYMBOL_PLAINVAL;</div><div class=3D"gmail_default">+=C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 SET_SYMBOL_VAL (&amp;sym-&gt;=
s, Qunbound);</div><div class=3D"gmail_default">+=C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A0 }</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0sym-&gt;s.next =3D symbol_free_lis=
t;</div><div class=3D"gmail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0symbol_free_list =3D &amp;sym-&gt;s;</div><div class=3D"gm=
ail_default">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0symbol_=
free_list-&gt;function =3D Vdead;</div><div><br></div></div></div></div></d=
iv></div>

--001a113f8fa463c2e8055cd8e8ce--




From debbugs-submit-bounces@debbugs.gnu.org Tue Oct 31 15:00:02 2017
Received: (at 29066) by debbugs.gnu.org; 31 Oct 2017 19:00:02 +0000
Received: from localhost ([127.0.0.1]:44549 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1e9blZ-0003po-9d
	for submit@debbugs.gnu.org; Tue, 31 Oct 2017 15:00:02 -0400
Received: from eggs.gnu.org ([208.118.235.92]:45552)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eliz@gnu.org>) id 1e9blX-0003pD-Bv
 for 29066@debbugs.gnu.org; Tue, 31 Oct 2017 14:59:59 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <eliz@gnu.org>) id 1e9blP-0005Bb-1M
 for 29066@debbugs.gnu.org; Tue, 31 Oct 2017 14:59:54 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:47640)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <eliz@gnu.org>)
 id 1e9bky-0004vT-F9; Tue, 31 Oct 2017 14:59:24 -0400
Received: from [176.228.60.248] (port=1402 helo=home-c4e4a596f7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <eliz@gnu.org>)
 id 1e9bkx-0001eu-SJ; Tue, 31 Oct 2017 14:59:24 -0400
Date: Tue, 31 Oct 2017 20:59:11 +0200
Message-Id: <834lqfta80.fsf@gnu.org>
From: Eli Zaretskii <eliz@gnu.org>
To: Andreas Schwab <schwab@linux-m68k.org>
In-reply-to: <87efpjzv2p.fsf@linux-m68k.org> (message from Andreas Schwab on
 Tue, 31 Oct 2017 07:32:14 +0100)
Subject: Re: bug#29066: 26.0.90; crash in gc involving buffer local symbols
References: <CAFd54qNxFhwTVC-ttTWzn1d3hJQ83kEwDa-Kka1T+SAk-y9V7Q@mail.gmail.com>
 <83a808tlqp.fsf@gnu.org>
 <CAFd54qOEYm2UAG+cFjcEmRR0pHZJzy=1eyfonQTnYsRVE=NCfQ@mail.gmail.com>
 <838tfst27n.fsf@gnu.org> <87efpjzv2p.fsf@linux-m68k.org>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: 29066
Cc: 29066@debbugs.gnu.org, mshinwell@janestreet.com,
 vgatien-baron@janestreet.com
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Reply-To: Eli Zaretskii <eliz@gnu.org>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)

> From: Andreas Schwab <schwab@linux-m68k.org>
> Cc: Valentin Gatien-Baron <vgatien-baron@janestreet.com>,  29066@debbugs.gnu.org,  mshinwell@janestreet.com
> Date: Tue, 31 Oct 2017 07:32:14 +0100
> 
> On Okt 31 2017, Eli Zaretskii <eliz@gnu.org> wrote:
> 
> >>            if (!sym->s.gcmarkbit)
> >>              {
> >> -              if (sym->s.redirect == SYMBOL_LOCALIZED)
> >> +              if (sym->s.redirect == SYMBOL_LOCALIZED) {
> >>                  xfree (SYMBOL_BLV (&sym->s));
> >> +                sym->s.val.blv = NULL;
> >> +              }
> >
> > That was my first attempt, but various macros like SYMBOL_BLV and
> > SET_SYMBOL_BLV insist on val.blv being non-NULL.
> 
> SET_SYMBOL_BLV doesn't.

Maybe I'm blind, or misunderstand what you mean, but if the intent was
to do this:

   SET_SYMBOL_BLV (&sym->s, NULL);

then it does:

  INLINE void
  SET_SYMBOL_BLV (struct Lisp_Symbol *sym, struct Lisp_Buffer_Local_Value *v)
  {
    eassume (sym->redirect == SYMBOL_LOCALIZED && v);  <<<<<<<<<<<<<<<<
    sym->val.blv = v;
  }


> And calling SYMBOL_BLV with a freed symbol is a bug anyway.

It isn't freed, it's on the symbol_free_list.  Only its buffer-local
value is freed.




From debbugs-submit-bounces@debbugs.gnu.org Tue Oct 31 15:11:08 2017
Received: (at 29066) by debbugs.gnu.org; 31 Oct 2017 19:11:09 +0000
Received: from localhost ([127.0.0.1]:44563 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1e9bwK-00046q-N8
	for submit@debbugs.gnu.org; Tue, 31 Oct 2017 15:11:08 -0400
Received: from eggs.gnu.org ([208.118.235.92]:48475)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eliz@gnu.org>) id 1e9bwI-00046J-NQ
 for 29066@debbugs.gnu.org; Tue, 31 Oct 2017 15:11:07 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <eliz@gnu.org>) id 1e9bwC-0004kK-8A
 for 29066@debbugs.gnu.org; Tue, 31 Oct 2017 15:11:01 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-0.0 required=5.0 tests=BAYES_20,RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:47816)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <eliz@gnu.org>)
 id 1e9bw5-0004fI-9n; Tue, 31 Oct 2017 15:10:53 -0400
Received: from [176.228.60.248] (port=1416 helo=home-c4e4a596f7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <eliz@gnu.org>)
 id 1e9bw4-0006ze-L4; Tue, 31 Oct 2017 15:10:53 -0400
Date: Tue, 31 Oct 2017 21:10:39 +0200
Message-Id: <83375zt9ow.fsf@gnu.org>
From: Eli Zaretskii <eliz@gnu.org>
To: Valentin Gatien-Baron <vgatien-baron@janestreet.com>
In-reply-to: <CAFd54qPr9H1U5Buf+mB0ytf53ewaa3MaAScdRYwYuG=AjzoT-Q@mail.gmail.com>
 (message from Valentin Gatien-Baron on Tue, 31 Oct 2017 10:52:44
 -0400)
Subject: Re: bug#29066: 26.0.90; crash in gc involving buffer local symbols
References: <CAFd54qNxFhwTVC-ttTWzn1d3hJQ83kEwDa-Kka1T+SAk-y9V7Q@mail.gmail.com>
 <83a808tlqp.fsf@gnu.org>
 <CAFd54qOEYm2UAG+cFjcEmRR0pHZJzy=1eyfonQTnYsRVE=NCfQ@mail.gmail.com>
 <838tfst27n.fsf@gnu.org> <87efpjzv2p.fsf@linux-m68k.org>
 <CAFd54qPr9H1U5Buf+mB0ytf53ewaa3MaAScdRYwYuG=AjzoT-Q@mail.gmail.com>
MIME-version: 1.0
Content-type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: 29066
Cc: 29066@debbugs.gnu.org, schwab@linux-m68k.org, mshinwell@janestreet.com
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Reply-To: Eli Zaretskii <eliz@gnu.org>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)

> From: Valentin Gatien-Baron <vgatien-baron@janestreet.com>
> Date: Tue, 31 Oct 2017 10:52:44 -0400
> Cc: Eli Zaretskii <eliz@gnu.org>,
> 	29066@debbugs.gnu.org,
> 	Mark Shinwell <mshinwell@janestreet.com>
> 
>  > That was my first attempt, but various macros like SYMBOL_BLV and
>  > SET_SYMBOL_BLV insist on val.blv being non-NULL.
> 
>  SET_SYMBOL_BLV doesn't.  And calling SYMBOL_BLV with a freed symbol is a
>  bug anyway.
> 
> ​SET_SYMBOL_BLV insists that the new value is not NULL, even if it asserts nothing about the current value.
> 
> We do call SYMBOL_BLV after freeing, when we re-sweep the symbol, which is fine because free does
> nothing when given NULL, but triggers the assertion​.
> 
> I would do this, to avoid the assertion failure:
> 
> diff --git a/src/alloc.c b/src/alloc.c
> index da0c3ad4b3..72550e812b 100644
> --- a/src/alloc.c
> +++ b/src/alloc.c
> @@ -7030,8 +7030,10 @@ sweep_symbols (void)
>          {
>            if (!sym->s.gcmarkbit)
>              {
> -              if (sym->s.redirect == SYMBOL_LOCALIZED)
> +              if (sym->s.redirect == SYMBOL_LOCALIZED && sym->s.val.blv) {
>                  xfree (SYMBOL_BLV (&sym->s));
> +                sym->s.val.blv = NULL;
> +              }
>                sym->s.next = symbol_free_list;
>                symbol_free_list = &sym->s;
>                symbol_free_list->function = Vdead;

Thanks, but it makes little sense to me to work around our own
assertions this way.  Why do we have these macros if we sometimes
don't use them?  And why do we have the assertions if they sometimes
get in the way?

> Or changing the redirect type:
> 
> diff --git a/src/alloc.c b/src/alloc.c
> index da0c3ad4b3..6966d96c6d 100644
> --- a/src/alloc.c
> +++ b/src/alloc.c
> @@ -7030,8 +7030,11 @@ sweep_symbols (void)
>          {
>            if (!sym->s.gcmarkbit)
>              {
> -              if (sym->s.redirect == SYMBOL_LOCALIZED)
> +              if (sym->s.redirect == SYMBOL_LOCALIZED) {
>                  xfree (SYMBOL_BLV (&sym->s));
> +                sym->s.redirect = SYMBOL_PLAINVAL;
> +                SET_SYMBOL_VAL (&sym->s, Qunbound);
> +              }

We could do several things, but I still didn't hear even a single
reason why my suggestion isn't OK.  IMO, it's simpler, and the test
for Vdead is already in at least one other place.

So I went ahead and pushed my change.

Is there anything else we need to do before closing this bug?

Thanks.




From debbugs-submit-bounces@debbugs.gnu.org Tue Oct 31 15:58:55 2017
Received: (at 29066) by debbugs.gnu.org; 31 Oct 2017 19:58:55 +0000
Received: from localhost ([127.0.0.1]:44587 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1e9cgZ-0005Fz-DB
	for submit@debbugs.gnu.org; Tue, 31 Oct 2017 15:58:55 -0400
Received: from mxout1.mail.janestreet.com ([38.105.200.78]:57692)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <vgatien-baron@janestreet.com>) id 1e9cgX-0005Fj-UF
 for 29066@debbugs.gnu.org; Tue, 31 Oct 2017 15:58:54 -0400
Received: from [172.27.56.106] (helo=tot-qpr-mailcore2)
 by mxout1.mail.janestreet.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89)
 (envelope-from <vgatien-baron@janestreet.com>) id 1e9cgR-00060k-Lc
 for 29066@debbugs.gnu.org; Tue, 31 Oct 2017 15:58:47 -0400
X-JS-Flow: external
X-JS-Scanner-attachment: (ok) No attachments
Received: by tot-qpr-mailcore2 with ocaml/mailcore/mailcore 1.0+137
 (04e1cd915edc) (envelope-from <vgatien-baron@janestreet.com>)
 id BZ-NX3-CYJJoA-Uf; 2017-10-31 15:58:47.661107-04:00
Received: from mail-lf0-f69.google.com ([209.85.215.69])
 by mxgoog1.mail.janestreet.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.89)
 (envelope-from <vgatien-baron@janestreet.com>) id 1e9cgR-0003nI-GX
 for 29066@debbugs.gnu.org; Tue, 31 Oct 2017 15:58:47 -0400
Received: by mail-lf0-f69.google.com with SMTP id s16so35632lfs.22
 for <29066@debbugs.gnu.org>; Tue, 31 Oct 2017 12:58:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=janestreet.com; s=google;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc; bh=XhTxqeEL2f1ZJC6ULXKHpbtlVVYWXxBqlI8lQUboze4=;
 b=LXnlFUMcZnJdraRFMcOUhYNLZZMUhz6F5H6umCS7nGwdBZNSwLdfqUfhEQ1j48QdCz
 Uv0ySOovW0O87YxOVMjll3p0sb1I6rfleshmO8LWHBDgA3b7Y/vyhT7PrbCNnnRLNrDm
 dQI0Z8c4lKJ+TH9Gc6gNR6FvJ6p2e3pZ+5voU=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc;
 bh=XhTxqeEL2f1ZJC6ULXKHpbtlVVYWXxBqlI8lQUboze4=;
 b=t0BXX9Ry6HFPHVmRq8oJxLvCvxzmWjj/+wQq+AZ2eEvAe/XZ8lRK5cEgt/Txhcv3wI
 0EiVu0/NXjPO66tsHXQCukgZ71TlbyBEpd/1IVEo06JjJ+VOnNRHjRlMamwpxqcua0pS
 30NwBDqgWmeMZk88c7rwcijTBcPr4UM8mYPwm/231eEXMt/tXlGs6sTy3/mLJceE8OBN
 cOma04AJZx21W7CaeYj59TG/Tyhxl8b6Q8l9yoZAmKKUa7ADPZ5Xi41dTgeBhT2PmSXr
 PcmuDAuWvRHckbetz9ctg08FCUkLyhb6uqPbGc2aFdCI+g6iYfJKE9wV/Ye9CRA7kznm
 EqoQ==
X-Gm-Message-State: AMCzsaXfun5/CyV/3ubXJgXVEMckvKQAWrQoNW3Dl7HwXrqqNOSrwkGP
 IFk/SGaqWiwG0/lBrjSM1XJs0qK0oBtwty5qBEhVt0uQuR9jtubNc6qKu4ZSsFC6AYTYtmS3ADb
 brqcBc6hdN01X0lHz+ldWoaUu+NJW+A==
X-Received: by 10.46.2.78 with SMTP id 75mr1328933ljc.75.1509479926505;
 Tue, 31 Oct 2017 12:58:46 -0700 (PDT)
X-Google-Smtp-Source: ABhQp+QiSw+ZMxLS/JIVtnSBSS2qY503JDy8UfvutczhbTahuGXRWuHtvcdvRIw7TH0PT0lzeZfAicX30kxntuwTjlI=
X-Received: by 10.46.2.78 with SMTP id 75mr1328926ljc.75.1509479926306; Tue,
 31 Oct 2017 12:58:46 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.25.234.11 with HTTP; Tue, 31 Oct 2017 12:58:45 -0700 (PDT)
In-Reply-To: <83375zt9ow.fsf@gnu.org>
References: <CAFd54qNxFhwTVC-ttTWzn1d3hJQ83kEwDa-Kka1T+SAk-y9V7Q@mail.gmail.com>
 <83a808tlqp.fsf@gnu.org>
 <CAFd54qOEYm2UAG+cFjcEmRR0pHZJzy=1eyfonQTnYsRVE=NCfQ@mail.gmail.com>
 <838tfst27n.fsf@gnu.org> <87efpjzv2p.fsf@linux-m68k.org>
 <CAFd54qPr9H1U5Buf+mB0ytf53ewaa3MaAScdRYwYuG=AjzoT-Q@mail.gmail.com>
 <83375zt9ow.fsf@gnu.org>
From: Valentin Gatien-Baron <vgatien-baron@janestreet.com>
Date: Tue, 31 Oct 2017 15:58:45 -0400
Message-ID: <CAFd54qNUB1Bk1tks+RdWxNi-+EAHu2KCRhopK+=T3dH4GCgZig@mail.gmail.com>
Subject: Re: bug#29066: 26.0.90; crash in gc involving buffer local symbols
To: Eli Zaretskii <eliz@gnu.org>
Content-Type: multipart/alternative; boundary="94eb2c1a614acdba33055cdd2e20"
X-JS-Exim-Data-Received: 2017-10-31 15:58:47-0400
X-JS-Processed-by: mailcore
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 29066
Cc: 29066@debbugs.gnu.org, Andreas Schwab <schwab@linux-m68k.org>,
 Mark Shinwell <mshinwell@janestreet.com>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -2.3 (--)

--94eb2c1a614acdba33055cdd2e20
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Tue, Oct 31, 2017 at 3:10 PM, Eli Zaretskii <eliz@gnu.org> wrote:

> > From: Valentin Gatien-Baron <vgatien-baron@janestreet.com>
> > Date: Tue, 31 Oct 2017 10:52:44 -0400
> > Cc: Eli Zaretskii <eliz@gnu.org>,
> >       29066@debbugs.gnu.org,
> >       Mark Shinwell <mshinwell@janestreet.com>
> >
> >  > That was my first attempt, but various macros like SYMBOL_BLV and
> >  > SET_SYMBOL_BLV insist on val.blv being non-NULL.
> >
> >  SET_SYMBOL_BLV doesn't.  And calling SYMBOL_BLV with a freed symbol is=
 a
> >  bug anyway.
> >
> > =E2=80=8BSET_SYMBOL_BLV insists that the new value is not NULL, even if=
 it
> asserts nothing about the current value.
> >
> > We do call SYMBOL_BLV after freeing, when we re-sweep the symbol, which
> is fine because free does
> > nothing when given NULL, but triggers the assertion=E2=80=8B.
> >
> > I would do this, to avoid the assertion failure:
> >
> > diff --git a/src/alloc.c b/src/alloc.c
> > index da0c3ad4b3..72550e812b 100644
> > --- a/src/alloc.c
> > +++ b/src/alloc.c
> > @@ -7030,8 +7030,10 @@ sweep_symbols (void)
> >          {
> >            if (!sym->s.gcmarkbit)
> >              {
> > -
> =E2=80=8B=E2=80=8B
> if (sym->s.redirect =3D=3D SYMBOL_LOCALIZED)
> > +              if (sym->s.redirect =3D=3D SYMBOL_LOCALIZED &&
> sym->s.val.blv) {
> >                  xfree (SYMBOL_BLV (
> =E2=80=8B=E2=80=8B
> &sym->s));
> > +                sym->s.val.blv =3D NULL;
> > +              }
> >                sym->s.next =3D symbol_free_list;
> >                symbol_free_list =3D &sym->s;
> >                symbol_free_list->function =3D Vdead;
>
> Thanks, but it makes little sense to me to work around our own
> assertions this way.  Why do we have these macros if we sometimes
> don't use them?  And why do we have the assertions if they sometimes
> get in the way?


> > Or changing the redirect type:
> >
> > diff --git a/src/alloc.c b/src/alloc.c
> > index da0c3ad4b3..6966d96c6d 100644
> > --- a/src/alloc.c
> > +++ b/src/alloc.c
> > @@ -7030,8 +7030,11 @@ sweep_symbols (void)
> >          {
> >            if (!sym->s.gcmarkbit)
> >              {
> > -              if (sym->s.redirect =3D=3D SYMBOL_LOCALIZED)
> > +              if (sym->s.redirect =3D=3D SYMBOL_LOCALIZED) {
> >                  xfree (SYMBOL_BLV (&sym->s));
> > +                sym->s.redirect =3D SYMBOL_PLAINVAL;
> > +                SET_SYMBOL_VAL (&sym->s, Qunbound);
> > +              }
>
> We could do several things, but I still didn't hear even a single
> reason why my suggestion isn't OK.  IMO, it's simpler, and the test
> for Vdead is already in at least one other place.
>
> So I went ahead and pushed my change.
>
> Is there anything else we need to do before closing this bug?
>

=E2=80=8BThe slight downside of your fix is that there are dangling pointer=
s that
point to valid-looking things in the debugger. It's runtime behavior=E2=80=
=8B looks
fine otherwise.
=E2=80=8BBut I am not going to insist. There's nothing else to do, you can =
close
the bug. Thanks!



>
> Thanks.
>

--94eb2c1a614acdba33055cdd2e20
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div class=3D"gmail_default" style=3D"font-family:arial,he=
lvetica,sans-serif"><br></div><div class=3D"gmail_extra"><br><div class=3D"=
gmail_quote">On Tue, Oct 31, 2017 at 3:10 PM, Eli Zaretskii <span dir=3D"lt=
r">&lt;<a href=3D"mailto:eliz@gnu.org" target=3D"_blank">eliz@gnu.org</a>&g=
t;</span> wrote:<br><blockquote class=3D"gmail_quote" style=3D"margin:0px 0=
px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">&gt; =
From: Valentin Gatien-Baron &lt;<a href=3D"mailto:vgatien-baron@janestreet.=
com">vgatien-baron@janestreet.com</a>&gt;<br>
&gt; Date: Tue, 31 Oct 2017 10:52:44 -0400<br>
&gt; Cc: Eli Zaretskii &lt;<a href=3D"mailto:eliz@gnu.org">eliz@gnu.org</a>=
&gt;,<br>
&gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0<a href=3D"mailto:29066@debbugs.gnu.org">290=
66@debbugs.gnu.org</a>,<br>
&gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0Mark Shinwell &lt;<a href=3D"mailto:mshinwel=
l@janestreet.com">mshinwell@janestreet.com</a>&gt;<br>
<span class=3D"gmail-">&gt;<br>
&gt;=C2=A0 &gt; That was my first attempt, but various macros like SYMBOL_B=
LV and<br>
&gt;=C2=A0 &gt; SET_SYMBOL_BLV insist on val.blv being non-NULL.<br>
&gt;<br>
&gt;=C2=A0 SET_SYMBOL_BLV doesn&#39;t.=C2=A0 And calling SYMBOL_BLV with a =
freed symbol is a<br>
&gt;=C2=A0 bug anyway.<br>
&gt;<br>
&gt; =E2=80=8BSET_SYMBOL_BLV insists that the new value is not NULL, even i=
f it asserts nothing about the current value.<br>
&gt;<br>
&gt; We do call SYMBOL_BLV after freeing, when we re-sweep the symbol, whic=
h is fine because free does<br>
&gt; nothing when given NULL, but triggers the assertion=E2=80=8B.<br>
&gt;<br>
&gt; I would do this, to avoid the assertion failure:<br>
&gt;<br>
&gt; diff --git a/src/alloc.c b/src/alloc.c<br>
&gt; index da0c3ad4b3..72550e812b 100644<br>
&gt; --- a/src/alloc.c<br>
&gt; +++ b/src/alloc.c<br>
&gt; @@ -7030,8 +7030,10 @@ sweep_symbols (void)<br>
&gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 {<br>
&gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 if (!sym-&gt;s.gcmarkbit)<br>
&gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 {<br>
&gt; -=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 <div class=3D"gmail_=
default" style=3D"font-family:arial,helvetica,sans-serif;display:inline">=
=E2=80=8B=E2=80=8B</div>if (sym-&gt;s.redirect =3D=3D SYMBOL_LOCALIZED)<br>
&gt; +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 if (sym-&gt;s.redire=
ct =3D=3D SYMBOL_LOCALIZED &amp;&amp; sym-&gt;s.val.blv) {<br>
&gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 xfree (S=
YMBOL_BLV (<div class=3D"gmail_default" style=3D"font-family:arial,helvetic=
a,sans-serif;display:inline">=E2=80=8B=E2=80=8B</div>&amp;sym-&gt;s));<br>
&gt; +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 sym-&gt;s.val=
.blv =3D NULL;<br>
&gt; +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 }<br>
&gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 sym-&gt;s.next =
=3D symbol_free_list;<br>
&gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 symbol_free_lis=
t =3D &amp;sym-&gt;s;<br>
&gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 symbol_free_lis=
t-&gt;function =3D Vdead;<br>
<br>
</span>Thanks, but it makes little sense to me to work around our own<br>
assertions this way.=C2=A0 Why do we have these macros if we sometimes<br>
don&#39;t use them?=C2=A0 And why do we have the assertions if they sometim=
es<br>
get in the way?=C2=A0</blockquote><blockquote class=3D"gmail_quote" style=
=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding=
-left:1ex">
<span class=3D"gmail-"><br>
&gt; Or changing the redirect type:<br>
&gt;<br>
&gt; diff --git a/src/alloc.c b/src/alloc.c<br>
&gt; index da0c3ad4b3..6966d96c6d 100644<br>
&gt; --- a/src/alloc.c<br>
&gt; +++ b/src/alloc.c<br>
&gt; @@ -7030,8 +7030,11 @@ sweep_symbols (void)<br>
&gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 {<br>
&gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 if (!sym-&gt;s.gcmarkbit)<br>
&gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 {<br>
&gt; -=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 if (sym-&gt;s.redire=
ct =3D=3D SYMBOL_LOCALIZED)<br>
&gt; +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 if (sym-&gt;s.redire=
ct =3D=3D SYMBOL_LOCALIZED) {<br>
&gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 xfree (S=
YMBOL_BLV (&amp;sym-&gt;s));<br>
&gt; +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 sym-&gt;s.red=
irect =3D SYMBOL_PLAINVAL;<br>
&gt; +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 SET_SYMBOL_VA=
L (&amp;sym-&gt;s, Qunbound);<br>
&gt; +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 }<br>
<br>
</span>We could do several things, but I still didn&#39;t hear even a singl=
e<br>
reason why my suggestion isn&#39;t OK.=C2=A0 IMO, it&#39;s simpler, and the=
 test<br>
for Vdead is already in at least one other place.<br>
<br>
So I went ahead and pushed my change.<br>
<br>
Is there anything else we need to do before closing this bug?<br></blockquo=
te><div><br></div><div><div class=3D"gmail_default" style=3D"font-family:ar=
ial,helvetica,sans-serif">=E2=80=8BThe slight downside of your fix is that =
there are dangling pointers that point to valid-looking things in the debug=
ger. It&#39;s runtime behavior=E2=80=8B looks fine otherwise.</div></div><d=
iv><div class=3D"gmail_default" style=3D"font-family:arial,helvetica,sans-s=
erif">=E2=80=8BBut I am not going to insist. There&#39;s nothing else to do=
, you can close the bug. Thanks!<br></div></div><div><br></div><div>=C2=A0<=
/div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;bo=
rder-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
Thanks.<br>
</blockquote></div><br></div></div>

--94eb2c1a614acdba33055cdd2e20--




From debbugs-submit-bounces@debbugs.gnu.org Tue Oct 31 16:10:11 2017
Received: (at 29066-done) by debbugs.gnu.org; 31 Oct 2017 20:10:11 +0000
Received: from localhost ([127.0.0.1]:44591 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1e9crT-0005Xc-Jg
	for submit@debbugs.gnu.org; Tue, 31 Oct 2017 16:10:11 -0400
Received: from eggs.gnu.org ([208.118.235.92]:59422)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eliz@gnu.org>) id 1e9crR-0005XL-V3
 for 29066-done@debbugs.gnu.org; Tue, 31 Oct 2017 16:10:10 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <eliz@gnu.org>) id 1e9crL-0006uY-QS
 for 29066-done@debbugs.gnu.org; Tue, 31 Oct 2017 16:10:04 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:48890)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <eliz@gnu.org>)
 id 1e9crD-0006sS-QN; Tue, 31 Oct 2017 16:09:55 -0400
Received: from [176.228.60.248] (port=1456 helo=home-c4e4a596f7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <eliz@gnu.org>)
 id 1e9crC-0000Sm-5N; Tue, 31 Oct 2017 16:09:55 -0400
Date: Tue, 31 Oct 2017 22:09:34 +0200
Message-Id: <83zi87rse9.fsf@gnu.org>
From: Eli Zaretskii <eliz@gnu.org>
To: Valentin Gatien-Baron <vgatien-baron@janestreet.com>
In-reply-to: <CAFd54qNUB1Bk1tks+RdWxNi-+EAHu2KCRhopK+=T3dH4GCgZig@mail.gmail.com>
 (message from Valentin Gatien-Baron on Tue, 31 Oct 2017 15:58:45
 -0400)
Subject: Re: bug#29066: 26.0.90; crash in gc involving buffer local symbols
References: <CAFd54qNxFhwTVC-ttTWzn1d3hJQ83kEwDa-Kka1T+SAk-y9V7Q@mail.gmail.com>
 <83a808tlqp.fsf@gnu.org>
 <CAFd54qOEYm2UAG+cFjcEmRR0pHZJzy=1eyfonQTnYsRVE=NCfQ@mail.gmail.com>
 <838tfst27n.fsf@gnu.org> <87efpjzv2p.fsf@linux-m68k.org>
 <CAFd54qPr9H1U5Buf+mB0ytf53ewaa3MaAScdRYwYuG=AjzoT-Q@mail.gmail.com>
 <83375zt9ow.fsf@gnu.org>
 <CAFd54qNUB1Bk1tks+RdWxNi-+EAHu2KCRhopK+=T3dH4GCgZig@mail.gmail.com>
MIME-version: 1.0
Content-type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: 29066-done
Cc: 29066-done@debbugs.gnu.org, schwab@linux-m68k.org, mshinwell@janestreet.com
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Reply-To: Eli Zaretskii <eliz@gnu.org>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)

> From: Valentin Gatien-Baron <vgatien-baron@janestreet.com>
> Date: Tue, 31 Oct 2017 15:58:45 -0400
> Cc: Andreas Schwab <schwab@linux-m68k.org>,
> 	29066@debbugs.gnu.org,
> 	Mark Shinwell <mshinwell@janestreet.com>
> 
> ​The slight downside of your fix is that there are dangling pointers that point to valid-looking things in the
> debugger.

How is that different from any other symbol on symbol_free_list?

> ​But I am not going to insist. There's nothing else to do, you can close the bug. Thanks!

Thanks, done.




From debbugs-submit-bounces@debbugs.gnu.org Tue Oct 31 16:13:20 2017
Received: (at 29066-done) by debbugs.gnu.org; 31 Oct 2017 20:13:20 +0000
Received: from localhost ([127.0.0.1]:44599 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1e9cuW-0005cf-2w
	for submit@debbugs.gnu.org; Tue, 31 Oct 2017 16:13:20 -0400
Received: from mxout1.mail.janestreet.com ([38.105.200.78]:56153)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <vgatien-baron@janestreet.com>) id 1e9cuT-0005cS-T7
 for 29066-done@debbugs.gnu.org; Tue, 31 Oct 2017 16:13:18 -0400
Received: from [172.27.56.106] (helo=tot-qpr-mailcore2)
 by mxout1.mail.janestreet.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89)
 (envelope-from <vgatien-baron@janestreet.com>) id 1e9cuO-0001P2-HD
 for 29066-done@debbugs.gnu.org; Tue, 31 Oct 2017 16:13:12 -0400
X-JS-Flow: external
X-JS-Scanner-attachment: (ok) No attachments
Received: by tot-qpr-mailcore2 with ocaml/mailcore/mailcore 1.0+137
 (04e1cd915edc) (envelope-from <vgatien-baron@janestreet.com>)
 id BZ-NlY-CYJJoA-QN; 2017-10-31 16:13:12.523235-04:00
Received: from mail-lf0-f72.google.com ([209.85.215.72])
 by mxgoog1.mail.janestreet.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.89)
 (envelope-from <vgatien-baron@janestreet.com>) id 1e9cuO-0005hV-Fj
 for 29066-done@debbugs.gnu.org; Tue, 31 Oct 2017 16:13:12 -0400
Received: by mail-lf0-f72.google.com with SMTP id s16so45938lfs.22
 for <29066-done@debbugs.gnu.org>; Tue, 31 Oct 2017 13:13:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=janestreet.com; s=google;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc; bh=SzGX0uJbN92B6ZCqB6mA35NH4ZYUstv7Wa3WYFPwVkg=;
 b=uN4PuaH7E2Ijs6m8ScqLqllDIsPb/3nMUjoDAeODIlF1pdt/wdGylhoRNyjs4eeG/g
 uf4netAU3jZ/XTvtg8YMyQ7h1DXwtyXTxrcfFpQ3m+9kZpVH6cNpKcigu1h1zzAcU7UC
 mBDajuoypwcK4TQEBU+6irUGOAei3nck0yvWo=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc;
 bh=SzGX0uJbN92B6ZCqB6mA35NH4ZYUstv7Wa3WYFPwVkg=;
 b=JLoO5EpuSGmZT7xDDV53lAhrUeYvQXhkeo8mo+V2MDikiKC9Gu0yVTrqce4hiaZVxX
 IkMB2qUnggD8kdIb9NXZqyoYUqU8a/X0HA1h+N24ydwJEA/TK7Ue1cgM5dsGgr5Dg4v8
 nKOFDF3ATL34t7yMWWea0cwqVtqqLWJp44aqHk/NEsqPbwp46lxgASgKXZpqFkK8bKOZ
 A0c/B8CxS4Q0121CGqqoW/8qPm7Zj/GHdzBRY5U+cGyW2d8n/GOiG9nQrGaeVtrmVgDY
 YhmSAetxJofje2ckAsQhkrHYs5VX4fWOkRMyiubm4Q0GMV3Z/12l/nspj++wgFerwRcM
 BYvg==
X-Gm-Message-State: AMCzsaWm8id8tTyUF5Y4TVqLBCbPVlbSBz0LDuSfrIs5kWDLqU9h+5rg
 Z0150CQnMP8PsfwWEaMZuT9FCv2sL/5Vuzs7yErlcZ0pGz0HAr85Uz7fMQHxeb1Xff13scJ1O83
 4WShQpPxZDR/aZX2KRyXvSCAWBr75Sv3xe3xg
X-Received: by 10.46.25.218 with SMTP id 87mr1480784ljz.122.1509480791515;
 Tue, 31 Oct 2017 13:13:11 -0700 (PDT)
X-Google-Smtp-Source: ABhQp+R9W++NG4Dbg28l+EmolQaKpNulizQAYXUapVTLxmwWThe7lyxMMy2OM9AjEScLShmV9E1xFckDsKVqN/1pI84=
X-Received: by 10.46.25.218 with SMTP id 87mr1480777ljz.122.1509480791322;
 Tue, 31 Oct 2017 13:13:11 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.25.234.11 with HTTP; Tue, 31 Oct 2017 13:13:10 -0700 (PDT)
In-Reply-To: <83zi87rse9.fsf@gnu.org>
References: <CAFd54qNxFhwTVC-ttTWzn1d3hJQ83kEwDa-Kka1T+SAk-y9V7Q@mail.gmail.com>
 <83a808tlqp.fsf@gnu.org>
 <CAFd54qOEYm2UAG+cFjcEmRR0pHZJzy=1eyfonQTnYsRVE=NCfQ@mail.gmail.com>
 <838tfst27n.fsf@gnu.org> <87efpjzv2p.fsf@linux-m68k.org>
 <CAFd54qPr9H1U5Buf+mB0ytf53ewaa3MaAScdRYwYuG=AjzoT-Q@mail.gmail.com>
 <83375zt9ow.fsf@gnu.org>
 <CAFd54qNUB1Bk1tks+RdWxNi-+EAHu2KCRhopK+=T3dH4GCgZig@mail.gmail.com>
 <83zi87rse9.fsf@gnu.org>
From: Valentin Gatien-Baron <vgatien-baron@janestreet.com>
Date: Tue, 31 Oct 2017 16:13:10 -0400
Message-ID: <CAFd54qNT2pG2jO-jKnhML58fJ6QBG=r0UHtLXwjjGdd+z8NSPA@mail.gmail.com>
Subject: Re: bug#29066: 26.0.90; crash in gc involving buffer local symbols
To: Eli Zaretskii <eliz@gnu.org>
Content-Type: multipart/alternative; boundary="94eb2c1a63945cd162055cdd62c5"
X-JS-Exim-Data-Received: 2017-10-31 16:13:12-0400
X-JS-Processed-by: mailcore
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 29066-done
Cc: 29066-done@debbugs.gnu.org, Andreas Schwab <schwab@linux-m68k.org>,
 Mark Shinwell <mshinwell@janestreet.com>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -2.3 (--)

--94eb2c1a63945cd162055cdd62c5
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Tue, Oct 31, 2017 at 4:09 PM, Eli Zaretskii <eliz@gnu.org> wrote:

> > From: Valentin Gatien-Baron <vgatien-baron@janestreet.com>
> > Date: Tue, 31 Oct 2017 15:58:45 -0400
> > Cc: Andreas Schwab <schwab@linux-m68k.org>,
> >       29066@debbugs.gnu.org,
> >       Mark Shinwell <mshinwell@janestreet.com>
> >
> > =E2=80=8BThe slight downside of your fix is that there are dangling poi=
nters
> that point to valid-looking things in the
> > debugger.
>
> How is that different from any other symbol on symbol_free_list?
>

Ok, maybe it's no different.


>
> > =E2=80=8BBut I am not going to insist. There's nothing else to do, you =
can close
> the bug. Thanks!
>
> Thanks, done.
>

--94eb2c1a63945cd162055cdd62c5
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div class=3D"gmail_default" style=3D"font-family:arial,he=
lvetica,sans-serif"><br></div><div class=3D"gmail_extra"><div class=3D"gmai=
l_quote">On Tue, Oct 31, 2017 at 4:09 PM, Eli Zaretskii <span dir=3D"ltr">&=
lt;<a href=3D"mailto:eliz@gnu.org" target=3D"_blank">eliz@gnu.org</a>&gt;</=
span> wrote:<br><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8e=
x;border-left:1px #ccc solid;padding-left:1ex">&gt; From: Valentin Gatien-B=
aron &lt;<a href=3D"mailto:vgatien-baron@janestreet.com">vgatien-baron@jane=
street.com</a>&gt;<br>
&gt; Date: Tue, 31 Oct 2017 15:58:45 -0400<br>
&gt; Cc: Andreas Schwab &lt;<a href=3D"mailto:schwab@linux-m68k.org">schwab=
@linux-m68k.org</a>&gt;,<br>
&gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0<a href=3D"mailto:29066@debbugs.gnu.org">290=
66@debbugs.gnu.org</a>,<br>
&gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0Mark Shinwell &lt;<a href=3D"mailto:mshinwel=
l@janestreet.com">mshinwell@janestreet.com</a>&gt;<br>
&gt;<br>
<span class=3D"">&gt; =E2=80=8BThe slight downside of your fix is that ther=
e are dangling pointers that point to valid-looking things in the<br>
&gt; debugger.<br>
<br>
</span>How is that different from any other symbol on symbol_free_list?<br>=
</blockquote><div><br></div><div><div class=3D"gmail_default" style=3D"font=
-family:arial,helvetica,sans-serif">Ok, maybe it&#39;s no different.</div><=
/div><div>=C2=A0</div><blockquote class=3D"gmail_quote" style=3D"margin:0 0=
 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<span class=3D""><br>
&gt; =E2=80=8BBut I am not going to insist. There&#39;s nothing else to do,=
 you can close the bug. Thanks!<br>
<br>
</span>Thanks, done.<br>
</blockquote></div><br></div></div>

--94eb2c1a63945cd162055cdd62c5--




From debbugs-submit-bounces@debbugs.gnu.org Tue Oct 31 16:23:13 2017
Received: (at 29066) by debbugs.gnu.org; 31 Oct 2017 20:23:14 +0000
Received: from localhost ([127.0.0.1]:44617 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1e9d45-0005u2-OG
	for submit@debbugs.gnu.org; Tue, 31 Oct 2017 16:23:13 -0400
Received: from mail-out.m-online.net ([212.18.0.9]:53483)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <whitebox@nefkom.net>) id 1e9d44-0005tv-DF
 for 29066@debbugs.gnu.org; Tue, 31 Oct 2017 16:23:12 -0400
Received: from frontend01.mail.m-online.net (unknown [192.168.8.182])
 by mail-out.m-online.net (Postfix) with ESMTP id 3yRN8H1mfFz1qtdt;
 Tue, 31 Oct 2017 21:23:11 +0100 (CET)
Received: from localhost (dynscan1.mnet-online.de [192.168.6.70])
 by mail.m-online.net (Postfix) with ESMTP id 3yRN8H03FNz1tSmX;
 Tue, 31 Oct 2017 21:23:10 +0100 (CET)
X-Virus-Scanned: amavisd-new at mnet-online.de
Received: from mail.mnet-online.de ([192.168.8.182])
 by localhost (dynscan1.mail.m-online.net [192.168.6.70]) (amavisd-new,
 port 10024)
 with ESMTP id vOipI2i7-xqQ; Tue, 31 Oct 2017 21:23:10 +0100 (CET)
X-Auth-Info: ebY9z+GFstRi4CguafAa0SGk//QmJcyo+XqsnxJdr1KdS4s/UCjI/AzABFDaw6iP
Received: from localhost (ppp-188-174-147-245.dynamic.mnet-online.de
 [188.174.147.245])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mail.mnet-online.de (Postfix) with ESMTPSA;
 Tue, 31 Oct 2017 21:23:10 +0100 (CET)
Received: by localhost (Postfix, from userid 1000)
 id D6C062C1125; Tue, 31 Oct 2017 21:23:09 +0100 (CET)
From: Andreas Schwab <schwab@linux-m68k.org>
To: Eli Zaretskii <eliz@gnu.org>
Subject: Re: bug#29066: 26.0.90; crash in gc involving buffer local symbols
References: <CAFd54qNxFhwTVC-ttTWzn1d3hJQ83kEwDa-Kka1T+SAk-y9V7Q@mail.gmail.com>
 <83a808tlqp.fsf@gnu.org>
 <CAFd54qOEYm2UAG+cFjcEmRR0pHZJzy=1eyfonQTnYsRVE=NCfQ@mail.gmail.com>
 <838tfst27n.fsf@gnu.org> <87efpjzv2p.fsf@linux-m68k.org>
 <834lqfta80.fsf@gnu.org>
X-Yow: Yow!  Are you the self-frying president?
Date: Tue, 31 Oct 2017 21:23:09 +0100
In-Reply-To: <834lqfta80.fsf@gnu.org> (Eli Zaretskii's message of "Tue, 31 Oct
 2017 20:59:11 +0200")
Message-ID: <877evbxe1e.fsf@linux-m68k.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 29066
Cc: 29066@debbugs.gnu.org, mshinwell@janestreet.com,
 vgatien-baron@janestreet.com
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.7 (/)

On Okt 31 2017, Eli Zaretskii <eliz@gnu.org> wrote:

> It isn't freed, it's on the symbol_free_list.

A symbol on the symbol_free_list is a freed symbol, not available for
use.

Andreas.

-- 
Andreas Schwab, schwab@linux-m68k.org
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756  01D3 44D5 214B 8276 4ED5
"And now for something completely different."




From debbugs-submit-bounces@debbugs.gnu.org Tue Oct 31 16:35:20 2017
Received: (at 29066) by debbugs.gnu.org; 31 Oct 2017 20:35:21 +0000
Received: from localhost ([127.0.0.1]:44634 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1e9dFo-0006F3-Jt
	for submit@debbugs.gnu.org; Tue, 31 Oct 2017 16:35:20 -0400
Received: from eggs.gnu.org ([208.118.235.92]:37182)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eliz@gnu.org>) id 1e9dFn-0006En-70
 for 29066@debbugs.gnu.org; Tue, 31 Oct 2017 16:35:19 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <eliz@gnu.org>) id 1e9dFe-0006Kf-UR
 for 29066@debbugs.gnu.org; Tue, 31 Oct 2017 16:35:14 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:49473)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <eliz@gnu.org>)
 id 1e9dFE-00064u-Mn; Tue, 31 Oct 2017 16:34:44 -0400
Received: from [176.228.60.248] (port=1483 helo=home-c4e4a596f7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <eliz@gnu.org>)
 id 1e9dF8-00047Z-Qu; Tue, 31 Oct 2017 16:34:40 -0400
Date: Tue, 31 Oct 2017 22:34:17 +0200
Message-Id: <83r2tjrr92.fsf@gnu.org>
From: Eli Zaretskii <eliz@gnu.org>
To: Andreas Schwab <schwab@linux-m68k.org>
In-reply-to: <877evbxe1e.fsf@linux-m68k.org> (message from Andreas Schwab on
 Tue, 31 Oct 2017 21:23:09 +0100)
Subject: Re: bug#29066: 26.0.90; crash in gc involving buffer local symbols
References: <CAFd54qNxFhwTVC-ttTWzn1d3hJQ83kEwDa-Kka1T+SAk-y9V7Q@mail.gmail.com>
 <83a808tlqp.fsf@gnu.org>
 <CAFd54qOEYm2UAG+cFjcEmRR0pHZJzy=1eyfonQTnYsRVE=NCfQ@mail.gmail.com>
 <838tfst27n.fsf@gnu.org> <87efpjzv2p.fsf@linux-m68k.org>
 <834lqfta80.fsf@gnu.org> <877evbxe1e.fsf@linux-m68k.org>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: 29066
Cc: 29066@debbugs.gnu.org, mshinwell@janestreet.com,
 vgatien-baron@janestreet.com
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Reply-To: Eli Zaretskii <eliz@gnu.org>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)

> From: Andreas Schwab <schwab@linux-m68k.org>
> Cc: vgatien-baron@janestreet.com,  29066@debbugs.gnu.org,  mshinwell@janestreet.com
> Date: Tue, 31 Oct 2017 21:23:09 +0100
> 
> On Okt 31 2017, Eli Zaretskii <eliz@gnu.org> wrote:
> 
> > It isn't freed, it's on the symbol_free_list.
> 
> A symbol on the symbol_free_list is a freed symbol, not available for
> use.

I guess you are saying that sweep_symbols has a bug?  Because it hits
this "freed" symbol every GC, AFAICT.




From debbugs-submit-bounces@debbugs.gnu.org Tue Oct 31 17:03:31 2017
Received: (at 29066) by debbugs.gnu.org; 31 Oct 2017 21:03:31 +0000
Received: from localhost ([127.0.0.1]:44670 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1e9dh5-00070C-Au
	for submit@debbugs.gnu.org; Tue, 31 Oct 2017 17:03:31 -0400
Received: from mail-out.m-online.net ([212.18.0.9]:54713)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <whitebox@nefkom.net>) id 1e9dh3-000704-BW
 for 29066@debbugs.gnu.org; Tue, 31 Oct 2017 17:03:30 -0400
Received: from frontend01.mail.m-online.net (unknown [192.168.8.182])
 by mail-out.m-online.net (Postfix) with ESMTP id 3yRP2m0DHmz1qs03;
 Tue, 31 Oct 2017 22:03:27 +0100 (CET)
Received: from localhost (dynscan1.mnet-online.de [192.168.6.70])
 by mail.m-online.net (Postfix) with ESMTP id 3yRP2l6dTvz1tSmd;
 Tue, 31 Oct 2017 22:03:27 +0100 (CET)
X-Virus-Scanned: amavisd-new at mnet-online.de
Received: from mail.mnet-online.de ([192.168.8.182])
 by localhost (dynscan1.mail.m-online.net [192.168.6.70]) (amavisd-new,
 port 10024)
 with ESMTP id 1AwWZM4emtDU; Tue, 31 Oct 2017 22:03:27 +0100 (CET)
X-Auth-Info: kt5s7YgrvYME+viUfFfY5meJPgOt+u6z6ROlI20D6ubL7461F003LgafW2wdWOPp
Received: from localhost (ppp-188-174-147-245.dynamic.mnet-online.de
 [188.174.147.245])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mail.mnet-online.de (Postfix) with ESMTPSA;
 Tue, 31 Oct 2017 22:03:27 +0100 (CET)
Received: by localhost (Postfix, from userid 1000)
 id 9154E2C224F; Tue, 31 Oct 2017 22:03:26 +0100 (CET)
From: Andreas Schwab <schwab@linux-m68k.org>
To: Eli Zaretskii <eliz@gnu.org>
Subject: Re: bug#29066: 26.0.90; crash in gc involving buffer local symbols
References: <CAFd54qNxFhwTVC-ttTWzn1d3hJQ83kEwDa-Kka1T+SAk-y9V7Q@mail.gmail.com>
 <83a808tlqp.fsf@gnu.org>
 <CAFd54qOEYm2UAG+cFjcEmRR0pHZJzy=1eyfonQTnYsRVE=NCfQ@mail.gmail.com>
 <838tfst27n.fsf@gnu.org> <87efpjzv2p.fsf@linux-m68k.org>
 <834lqfta80.fsf@gnu.org> <877evbxe1e.fsf@linux-m68k.org>
 <83r2tjrr92.fsf@gnu.org>
X-Yow: The FALAFEL SANDWICH lands on my HEAD and I become a VEGETARIAN...
Date: Tue, 31 Oct 2017 22:03:26 +0100
In-Reply-To: <83r2tjrr92.fsf@gnu.org> (Eli Zaretskii's message of "Tue, 31 Oct
 2017 22:34:17 +0200")
Message-ID: <87375zxc69.fsf@linux-m68k.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 29066
Cc: 29066@debbugs.gnu.org, mshinwell@janestreet.com,
 vgatien-baron@janestreet.com
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.7 (/)

On Okt 31 2017, Eli Zaretskii <eliz@gnu.org> wrote:

>> From: Andreas Schwab <schwab@linux-m68k.org>
>> Cc: vgatien-baron@janestreet.com,  29066@debbugs.gnu.org,  mshinwell@janestreet.com
>> Date: Tue, 31 Oct 2017 21:23:09 +0100
>> 
>> On Okt 31 2017, Eli Zaretskii <eliz@gnu.org> wrote:
>> 
>> > It isn't freed, it's on the symbol_free_list.
>> 
>> A symbol on the symbol_free_list is a freed symbol, not available for
>> use.
>
> I guess you are saying that sweep_symbols has a bug?  Because it hits
> this "freed" symbol every GC, AFAICT.

Since GC is special, it needs to do special things.

Andreas.

-- 
Andreas Schwab, schwab@linux-m68k.org
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756  01D3 44D5 214B 8276 4ED5
"And now for something completely different."




From debbugs-submit-bounces@debbugs.gnu.org Tue Oct 31 17:09:49 2017
Received: (at 29066) by debbugs.gnu.org; 31 Oct 2017 21:09:49 +0000
Received: from localhost ([127.0.0.1]:44674 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1e9dnB-00079K-2d
	for submit@debbugs.gnu.org; Tue, 31 Oct 2017 17:09:49 -0400
Received: from eggs.gnu.org ([208.118.235.92]:46679)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eliz@gnu.org>) id 1e9dn9-000793-Ds
 for 29066@debbugs.gnu.org; Tue, 31 Oct 2017 17:09:47 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <eliz@gnu.org>) id 1e9dn1-000418-0E
 for 29066@debbugs.gnu.org; Tue, 31 Oct 2017 17:09:42 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:49898)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <eliz@gnu.org>)
 id 1e9dmZ-0003ou-GO; Tue, 31 Oct 2017 17:09:11 -0400
Received: from [176.228.60.248] (port=1763 helo=home-c4e4a596f7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <eliz@gnu.org>)
 id 1e9dmY-0000Nx-Vv; Tue, 31 Oct 2017 17:09:11 -0400
Date: Tue, 31 Oct 2017 23:08:58 +0200
Message-Id: <83lgjrrpn9.fsf@gnu.org>
From: Eli Zaretskii <eliz@gnu.org>
To: Andreas Schwab <schwab@linux-m68k.org>
In-reply-to: <87375zxc69.fsf@linux-m68k.org> (message from Andreas Schwab on
 Tue, 31 Oct 2017 22:03:26 +0100)
Subject: Re: bug#29066: 26.0.90; crash in gc involving buffer local symbols
References: <CAFd54qNxFhwTVC-ttTWzn1d3hJQ83kEwDa-Kka1T+SAk-y9V7Q@mail.gmail.com>
 <83a808tlqp.fsf@gnu.org>
 <CAFd54qOEYm2UAG+cFjcEmRR0pHZJzy=1eyfonQTnYsRVE=NCfQ@mail.gmail.com>
 <838tfst27n.fsf@gnu.org> <87efpjzv2p.fsf@linux-m68k.org>
 <834lqfta80.fsf@gnu.org> <877evbxe1e.fsf@linux-m68k.org>
 <83r2tjrr92.fsf@gnu.org> <87375zxc69.fsf@linux-m68k.org>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: 29066
Cc: 29066@debbugs.gnu.org, mshinwell@janestreet.com,
 vgatien-baron@janestreet.com
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Reply-To: Eli Zaretskii <eliz@gnu.org>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)

> From: Andreas Schwab <schwab@linux-m68k.org>
> Cc: vgatien-baron@janestreet.com,  29066@debbugs.gnu.org,  mshinwell@janestreet.com
> Date: Tue, 31 Oct 2017 22:03:26 +0100
> 
> >> A symbol on the symbol_free_list is a freed symbol, not available for
> >> use.
> >
> > I guess you are saying that sweep_symbols has a bug?  Because it hits
> > this "freed" symbol every GC, AFAICT.
> 
> Since GC is special, it needs to do special things.

But the crash due to double-free did happen as part of GC doing those
"special things".  So we are talking about those special things, not
something else.




From debbugs-submit-bounces@debbugs.gnu.org Tue Oct 31 18:00:16 2017
Received: (at 29066) by debbugs.gnu.org; 31 Oct 2017 22:00:16 +0000
Received: from localhost ([127.0.0.1]:44698 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1e9eZz-0008SF-W9
	for submit@debbugs.gnu.org; Tue, 31 Oct 2017 18:00:16 -0400
Received: from mail-out.m-online.net ([212.18.0.9]:46034)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <whitebox@nefkom.net>) id 1e9eZy-0008S4-7d
 for 29066@debbugs.gnu.org; Tue, 31 Oct 2017 18:00:14 -0400
Received: from frontend01.mail.m-online.net (unknown [192.168.8.182])
 by mail-out.m-online.net (Postfix) with ESMTP id 3yRQJD4MvSz1qs0q;
 Tue, 31 Oct 2017 23:00:12 +0100 (CET)
Received: from localhost (dynscan1.mnet-online.de [192.168.6.70])
 by mail.m-online.net (Postfix) with ESMTP id 3yRQJD3NRtz1tSmb;
 Tue, 31 Oct 2017 23:00:12 +0100 (CET)
X-Virus-Scanned: amavisd-new at mnet-online.de
Received: from mail.mnet-online.de ([192.168.8.182])
 by localhost (dynscan1.mail.m-online.net [192.168.6.70]) (amavisd-new,
 port 10024)
 with ESMTP id cC3-u9XkBZ4C; Tue, 31 Oct 2017 23:00:10 +0100 (CET)
X-Auth-Info: NnFA77Ch1pQ7POocJrgq8JIsnIW/1LMZp1GJpqYxZmht3OPXcq7Fvx6Ng7FlsriH
Received: from localhost (ppp-188-174-147-245.dynamic.mnet-online.de
 [188.174.147.245])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mail.mnet-online.de (Postfix) with ESMTPSA;
 Tue, 31 Oct 2017 23:00:10 +0100 (CET)
Received: by localhost (Postfix, from userid 1000)
 id 155D52C224F; Tue, 31 Oct 2017 23:00:10 +0100 (CET)
From: Andreas Schwab <schwab@linux-m68k.org>
To: Eli Zaretskii <eliz@gnu.org>
Subject: Re: bug#29066: 26.0.90; crash in gc involving buffer local symbols
References: <CAFd54qNxFhwTVC-ttTWzn1d3hJQ83kEwDa-Kka1T+SAk-y9V7Q@mail.gmail.com>
 <83a808tlqp.fsf@gnu.org>
 <CAFd54qOEYm2UAG+cFjcEmRR0pHZJzy=1eyfonQTnYsRVE=NCfQ@mail.gmail.com>
 <838tfst27n.fsf@gnu.org> <87efpjzv2p.fsf@linux-m68k.org>
 <834lqfta80.fsf@gnu.org> <877evbxe1e.fsf@linux-m68k.org>
 <83r2tjrr92.fsf@gnu.org> <87375zxc69.fsf@linux-m68k.org>
 <83lgjrrpn9.fsf@gnu.org>
X-Yow: Th' PINK SOCK... soaking... soaking... soaking...
 Th' PINK SOCK... washing... washing... washing...
 Th' PINK SOCK... rinsing... rinsing... rinsing...
Date: Tue, 31 Oct 2017 23:00:10 +0100
In-Reply-To: <83lgjrrpn9.fsf@gnu.org> (Eli Zaretskii's message of "Tue, 31 Oct
 2017 23:08:58 +0200")
Message-ID: <87y3nrvuz9.fsf@linux-m68k.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 29066
Cc: 29066@debbugs.gnu.org, mshinwell@janestreet.com,
 vgatien-baron@janestreet.com
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.7 (/)

On Okt 31 2017, Eli Zaretskii <eliz@gnu.org> wrote:

>> From: Andreas Schwab <schwab@linux-m68k.org>
>> Cc: vgatien-baron@janestreet.com,  29066@debbugs.gnu.org,  mshinwell@janestreet.com
>> Date: Tue, 31 Oct 2017 22:03:26 +0100
>> 
>> >> A symbol on the symbol_free_list is a freed symbol, not available for
>> >> use.
>> >
>> > I guess you are saying that sweep_symbols has a bug?  Because it hits
>> > this "freed" symbol every GC, AFAICT.
>> 
>> Since GC is special, it needs to do special things.
>
> But the crash due to double-free did happen as part of GC doing those
> "special things".

That's why it helps to clear the pointer to the freed memory, instead of
leaving it dangling.

Andreas.

-- 
Andreas Schwab, schwab@linux-m68k.org
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756  01D3 44D5 214B 8276 4ED5
"And now for something completely different."




From unknown Fri Aug 15 15:32:26 2025
Received: (at fakecontrol) by fakecontrolmessage;
To: internal_control@debbugs.gnu.org
From: Debbugs Internal Request <help-debbugs@gnu.org>
Subject: Internal Control
Message-Id: bug archived.
Date: Wed, 29 Nov 2017 12:24:04 +0000
User-Agent: Fakemail v42.6.9

# This is a fake control message.
#
# The action:
# bug archived.
thanks
# This fakemail brought to you by your local debbugs
# administrator