GNU bug report logs -
#7496
23.2; copy recursive keymap cause crash
Previous Next
Reported by: ARISAWA Akihiro <ari <at> mbf.ocn.ne.jp>
Date: Sat, 27 Nov 2010 01:04:02 UTC
Severity: minor
Tags: fixed
Found in version 23.2
Fixed in version 27.1
Done: Lars Ingebrigtsen <larsi <at> gnus.org>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 7496 in the body.
You can then email your comments to 7496 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
owner <at> debbugs.gnu.org, bug-gnu-emacs <at> gnu.org:
bug#7496; Package
emacs.
(Sat, 27 Nov 2010 01:04:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
ARISAWA Akihiro <ari <at> mbf.ocn.ne.jp>:
New bug report received and forwarded. Copy sent to
bug-gnu-emacs <at> gnu.org.
(Sat, 27 Nov 2010 01:04:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
In GNU Emacs 23.2.1 (i486-pc-linux-gnu, GTK+ Version 2.12.12)
of 2010-05-15 on nagi, modified by Debian
configured using `configure '--build' 'i486-linux-gnu' '--build' 'i486-linux-gnu' '--prefix=/usr' '--sharedstatedir=/var/lib' '--libexecdir=/usr/lib' '--localstatedir=/var/lib' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--with-pop=yes' '--enable-locallisppath=/etc/emacs23:/etc/emacs:/usr/local/share/emacs/23.2/site-lisp:/usr/local/share/emacs/site-lisp:/usr/share/emacs/23.2/site-lisp:/usr/share/emacs/site-lisp:/usr/share/emacs/23.2/leim' '--with-x=yes' '--with-x-toolkit=gtk' '--with-toolkit-scroll-bars' 'build_alias=i486-linux-gnu' 'CFLAGS=-DDEBIAN -g -O2' 'LDFLAGS=-g' 'CPPFLAGS=''
Hi,
When I call `copy-keymap' with a keymap which contains recursive binding,
the emacs crashed.
I can reproduce it by following sexp.
(let ((map (make-sparse-keymap)))
(define-key map " " map)
(copy-keymap map))
Regards,
ARISAWA
Information forwarded
to
owner <at> debbugs.gnu.org, bug-gnu-emacs <at> gnu.org:
bug#7496; Package
emacs.
(Sat, 27 Nov 2010 02:57:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 7496 <at> debbugs.gnu.org (full text, mbox):
> When I call `copy-keymap' with a keymap which contains recursive binding,
> the emacs crashed.
> I can reproduce it by following sexp.
> (let ((map (make-sparse-keymap)))
> (define-key map " " map)
> (copy-keymap map))
I'm not surprised. There are many ways to address it:
- try and make sure we better handle the "using up all memory" case
rather than crashing. This is very difficult. We already try to do
it, but clearly it's not working that well.
- try and detect such cycles and either signal an error or reproduce the
same cycle in the copy. We have added such things in several other
cases, so we should probably do that.
- don't use cyclic keymaps and especially don't copy them.
- don't use copy-keymap, instead: inherit.
Stefan
Information forwarded
to
owner <at> debbugs.gnu.org, bug-gnu-emacs <at> gnu.org:
bug#7496; Package
emacs.
(Sat, 27 Nov 2010 05:05:02 GMT)
Full text and
rfc822 format available.
Message #11 received at 7496 <at> debbugs.gnu.org (full text, mbox):
Stefan Monnier writes:
>> When I call `copy-keymap' with a keymap which contains recursive binding,
>> the emacs crashed.
> - don't use cyclic keymaps and especially don't copy them.
> - don't use copy-keymap, instead: inherit.
OK.
I use cycle binding in global-map, and the evernote-mode.el calls
(copy-keymap global-map).
http://code.google.com/p/emacs-evernote-mode/
So, I will suggest to the author that evernote-mode.el uses
set-keymap-parent instead of copy-keymap.
Regards,
ARISAWA
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#7496; Package
emacs.
(Sun, 13 Oct 2019 01:16:01 GMT)
Full text and
rfc822 format available.
Message #14 received at 7496 <at> debbugs.gnu.org (full text, mbox):
Stefan Monnier <monnier <at> iro.umontreal.ca> writes:
>> When I call `copy-keymap' with a keymap which contains recursive binding,
>> the emacs crashed.
>> I can reproduce it by following sexp.
>
>> (let ((map (make-sparse-keymap)))
>> (define-key map " " map)
>> (copy-keymap map))
>
> I'm not surprised. There are many ways to address it:
> - try and make sure we better handle the "using up all memory" case
> rather than crashing. This is very difficult. We already try to do
> it, but clearly it's not working that well.
> - try and detect such cycles and either signal an error or reproduce the
> same cycle in the copy. We have added such things in several other
> cases, so we should probably do that.
While this is a pretty obscure, Emacs shouldn't crash on stuff like
this. I first considered whether just to check for EQ in Fcopy_keymap,
but it's possible to have nested keymaps that are mutually recursive,
so that won't work.
So I just added a recursion counter and refuse to copy when we've
reached level 100.
It does not protect against the case where the keymap is a char table
where one of the entries is the same keymap, but I don't know whether
that's a thing.
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
Added tag(s) fixed.
Request was from
Lars Ingebrigtsen <larsi <at> gnus.org>
to
control <at> debbugs.gnu.org.
(Sun, 13 Oct 2019 01:16:02 GMT)
Full text and
rfc822 format available.
bug marked as fixed in version 27.1, send any further explanations to
7496 <at> debbugs.gnu.org and ARISAWA Akihiro <ari <at> mbf.ocn.ne.jp>
Request was from
Lars Ingebrigtsen <larsi <at> gnus.org>
to
control <at> debbugs.gnu.org.
(Sun, 13 Oct 2019 01:16:02 GMT)
Full text and
rfc822 format available.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#7496; Package
emacs.
(Sun, 13 Oct 2019 06:59:02 GMT)
Full text and
rfc822 format available.
Message #21 received at 7496 <at> debbugs.gnu.org (full text, mbox):
> From: Lars Ingebrigtsen <larsi <at> gnus.org>
> Date: Sun, 13 Oct 2019 03:15:17 +0200
> Cc: ARISAWA Akihiro <ari <at> mbf.ocn.ne.jp>, 7496 <at> debbugs.gnu.org
>
> >> (let ((map (make-sparse-keymap)))
> >> (define-key map " " map)
> >> (copy-keymap map))
> >
> > I'm not surprised. There are many ways to address it:
> > - try and make sure we better handle the "using up all memory" case
> > rather than crashing. This is very difficult. We already try to do
> > it, but clearly it's not working that well.
> > - try and detect such cycles and either signal an error or reproduce the
> > same cycle in the copy. We have added such things in several other
> > cases, so we should probably do that.
>
> While this is a pretty obscure, Emacs shouldn't crash on stuff like
> this. I first considered whether just to check for EQ in Fcopy_keymap,
> but it's possible to have nested keymaps that are mutually recursive,
> so that won't work.
>
> So I just added a recursion counter and refuse to copy when we've
> reached level 100.
What happens in the current master without that limitation? We have
since added stack overflow protection -- doesn't it kick in in this
case?
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#7496; Package
emacs.
(Sun, 13 Oct 2019 17:57:02 GMT)
Full text and
rfc822 format available.
Message #24 received at 7496 <at> debbugs.gnu.org (full text, mbox):
Eli Zaretskii <eliz <at> gnu.org> writes:
> What happens in the current master without that limitation? We have
> since added stack overflow protection -- doesn't it kick in in this
> case?
No, Emacs just crashes hard. I haven't examined why, though -- I didn't
know about the new stack overflow protection.
It's easy to reproduce, though: Just eval this form and Emacs will
segfault (if it's older than yesterday's):
(let ((map (make-sparse-keymap)))
(define-key map " " map)
(copy-keymap map))
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#7496; Package
emacs.
(Sun, 13 Oct 2019 18:48:02 GMT)
Full text and
rfc822 format available.
Message #27 received at 7496 <at> debbugs.gnu.org (full text, mbox):
> From: Lars Ingebrigtsen <larsi <at> gnus.org>
> Cc: monnier <at> iro.umontreal.ca, ari <at> mbf.ocn.ne.jp, 7496 <at> debbugs.gnu.org
> Date: Sun, 13 Oct 2019 19:56:47 +0200
>
> Eli Zaretskii <eliz <at> gnu.org> writes:
>
> > What happens in the current master without that limitation? We have
> > since added stack overflow protection -- doesn't it kick in in this
> > case?
>
> No, Emacs just crashes hard. I haven't examined why, though -- I didn't
> know about the new stack overflow protection.
Maybe because the stack overflow happens during GC.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#7496; Package
emacs.
(Sun, 13 Oct 2019 20:25:02 GMT)
Full text and
rfc822 format available.
Message #30 received at 7496 <at> debbugs.gnu.org (full text, mbox):
> (let ((map (make-sparse-keymap)))
> (define-key map " " map)
> (copy-keymap map))
BTW, copy-keymap should pretty much never be used.
And as a consequence its performance is largely irrelevant, so it could
be re-implemented in Elisp ;-)
Stefan
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#7496; Package
emacs.
(Sun, 13 Oct 2019 20:35:01 GMT)
Full text and
rfc822 format available.
Message #33 received at 7496 <at> debbugs.gnu.org (full text, mbox):
Stefan Monnier <monnier <at> iro.umontreal.ca> writes:
> BTW, copy-keymap should pretty much never be used.
> And as a consequence its performance is largely irrelevant, so it could
> be re-implemented in Elisp ;-)
Yes, I wondered whether I should just do that -- almost everything it
does is available from Lisp land, I think -- except map_char_table,
which I didn't investigate closely.
(copy-keymap is used 76 times in the Emacs tree.)
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#7496; Package
emacs.
(Sun, 13 Oct 2019 21:27:01 GMT)
Full text and
rfc822 format available.
Message #36 received at 7496 <at> debbugs.gnu.org (full text, mbox):
> (copy-keymap is used 76 times in the Emacs tree.)
Yes, I know. I've had it in my TODO to get this number down, but never
got around to it.
Stefan
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#7496; Package
emacs.
(Sun, 13 Oct 2019 21:39:02 GMT)
Full text and
rfc822 format available.
Message #39 received at 7496 <at> debbugs.gnu.org (full text, mbox):
> It's easy to reproduce, though: Just eval this form and Emacs will
> segfault (if it's older than yesterday's):
>
> (let ((map (make-sparse-keymap)))
> (define-key map " " map)
> (copy-keymap map))
FWIW, on MS Windows, Emacs 26.3, emacs -Q hangs if I
do that, after showing this message in the echo area:
Re-entering top level after C stack overflow.
Have to kill the process with the Task Manager.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#7496; Package
emacs.
(Mon, 14 Oct 2019 06:10:02 GMT)
Full text and
rfc822 format available.
Message #42 received at 7496 <at> debbugs.gnu.org (full text, mbox):
> Date: Sun, 13 Oct 2019 21:38:06 +0000 (UTC)
> From: Drew Adams <drew.adams <at> oracle.com>
> Cc: ari <at> mbf.ocn.ne.jp, monnier <at> iro.umontreal.ca, 7496 <at> debbugs.gnu.org
>
> > It's easy to reproduce, though: Just eval this form and Emacs will
> > segfault (if it's older than yesterday's):
> >
> > (let ((map (make-sparse-keymap)))
> > (define-key map " " map)
> > (copy-keymap map))
>
> FWIW, on MS Windows, Emacs 26.3, emacs -Q hangs if I
> do that, after showing this message in the echo area:
>
> Re-entering top level after C stack overflow.
>
> Have to kill the process with the Task Manager.
Thanks for testing. So the stack overflow protection does kick in.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Mon, 11 Nov 2019 12:24:14 GMT)
Full text and
rfc822 format available.
This bug report was last modified 5 years and 283 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.