GNU bug report logs - #75784
Typo "unreadeable" in print.c; was exposed to Lisp

Previous Next

Full log

View this message in rfc822 format

From: Pip Cet <pipcet <at> protonmail.com>
To: Stefan Kangas <stefankangas <at> gmail.com>
Cc: 75784 <at> debbugs.gnu.org
Subject: bug#75784: Typo "unreadeable" in print.c; was exposed to Lisp
Date: Fri, 24 Jan 2025 14:27:04 +0000

"Pip Cet" <pipcet <at> protonmail.com> writes:

> Pip Cet <pipcet <at> protonmail.com> writes:
>
>> "Stefan Kangas" <stefankangas <at> gmail.com> writes:
>>
>> I'm sorry: why both names?  The new name should be permanent, unless we
>> decide to move to a different name entirely to get rid of the typo (this
>> is what happened with kdb-macro-redisplay, IIRC).
>>
>>> Would you like to suggest a patch?
>>
>> diff --git a/src/print.c b/src/print.c
>
> Here's a better patch.  While this goes overboard and fixes the case
> that Vprint_variable_mapping has become invalid, I'm not sure this can
> happen: Fassq can quit, but the Lisp backtrace won't expose its
> arguments to the debugger, it seems.  I'd like to err on the side of
> caution and double-check that this mapping is still valid in case
> someone somehow exposes it to Lisp.
>
> Note that specbind currently insists on a BARE_SYMBOL.  We'll have to
> check all callers to make sure they never pass a symbol-with-position!

Now done.  All but one call safe.

Proposed patch to fix what is very likely a nasty crashable bug in the
byte compiler:

From 9c70bd663a2045db92ed01ffedca23748f492d50 Mon Sep 17 00:00:00 2001
From: Pip Cet <pipcet <at> protonmail.com>
Subject: [PATCH] DO NOT COMMIT: Fix likely (but unproven) specbind bug in
 bytecode runner (bug#75784)

* src/bytecode.c (exec_byte_code): Ensure position is removed from
symbol taken from constant vector.  Check it is a symbol if
BYTE_CODE_SAFE.
---
 src/bytecode.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/bytecode.c b/src/bytecode.c
index d62d7d067b1..7516431cb96 100644
--- a/src/bytecode.c
+++ b/src/bytecode.c
@@ -734,8 +734,15 @@ #define DEFINE(name, value) [name] = &&insn_ ## name,
 	CASE (Bvarbind5):
 	  op -= Bvarbind;
 	varbind:
-	  /* Specbind can signal and thus GC.  */
-	  specbind (vectorp[op], POP);
+	  {
+	    Lisp_Object symbol = vectorp[op];
+	    symbol = maybe_remove_pos_from_symbol (symbol);
+#if BYTE_CODE_SAFE
+	    CHECK_SYMBOL (symbol);
+#endif
+	    /* Specbind can signal and thus GC.  */
+	    specbind (symbol, POP);
+	  }
 	  NEXT;
 
 	CASE (Bcall6):
-- 
2.47.1

Marked as DO NOT COMMIT because this needs more thought.  Might have to
be applied with -n as this makes the first line "too long".

Will confirm and file separate bug report if crashable.

Pip

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.