GNU bug report logs - #76327
29.4; random segfaults after switch to tree-sitter

Previous Next

Package: emacs;

Reported by: Evgeniy Dushistov <dushistov <at> mail.ru>

Date: Sun, 16 Feb 2025 08:47:01 UTC

Severity: normal

Found in version 29.4

Full log

View this message in rfc822 format

From: Pip Cet <pipcet <at> protonmail.com>
To: 76327 <at> debbugs.gnu.org, dushistov <at> mail.ru, eliz <at> gnu.org, eggert <at> cs.ucla.edu, mattiasengdegard <at> gmail.com
Subject: bug#76327: 29.4; random segfaults after switch to tree-sitter
Date: Wed, 19 Feb 2025 12:36:37 +0000

"Evgeniy Dushistov via \"Bug reports for GNU Emacs, the Swiss army knife of text editors\"" <bug-gnu-emacs <at> gnu.org> writes:

> On Tue, Feb 18, 2025 at 05:44:15PM +0000, Pip Cet wrote:
>> Evgeniy,, could you try replacing the definition of
>> flush_stack_call_func in lisp.h by this definition, and recompiling?
>>
>> INLINE void
>> flush_stack_call_func (void (*func) (void *arg), void *arg)
>> {
>>   volatile bool repeat = true;
>>   while (repeat)
>>     {
>>       __builtin_unwind_init ();
>>       asm volatile ("" : : : "memory");
>>       flush_stack_call_func1 (func, arg);
>>       repeat = false;
>>     }
>> }
>>
>
>
> I tried this fix.
> It doesn't help :(

Oops.  Interesting.

> New crash dump looks the same to previous (I rebuilt without --enable-checking=all):
>
> (gdb) bt

Please use "bt full", not "bt", and please keep the sessions alive in
gdb.

Also, please reproduce your precise CFLAGS and compiler version, there's
likely to be a problem there.

> #0  __pthread_kill_implementation (threadid=<optimized out>, signo=signo <at> entry=11, no_tid=no_tid <at> entry=0) at pthread_kill.c:44
> #1  0x000077717feb96d3 in __pthread_kill_internal (threadid=<optimized out>, signo=11) at pthread_kill.c:89
> #2  0x000077717fe5fba0 in __GI_raise (sig=sig <at> entry=11) at ../sysdeps/posix/raise.c:26
> #3  0x00005e89a9d6e7ca in terminate_due_to_signal (sig=sig <at> entry=11, backtrace_limit=backtrace_limit <at> entry=40) at emacs.c:464
> #4  0x00005e89a9d6f092 in handle_fatal_signal (sig=sig <at> entry=11) at sysdep.c:1783
> #5  0x00005e89a9d6f099 in deliver_thread_signal (sig=sig <at> entry=11, handler=0x5e89a9d6f07f <handle_fatal_signal>) at sysdep.c:1775
> #6  0x00005e89a9ee0341 in deliver_fatal_thread_signal (sig=11) at sysdep.c:1795
> #7  handle_sigsegv (sig=11, siginfo=<optimized out>, arg=<optimized out>) at sysdep.c:1888
> #8  0x000077717fe5fcd0 in <signal handler called> () at /usr/lib/libc.so.6
> #9  SYMBOL_NAME (sym=0x5e89b479fc10) at /usr/src/debug/emacs/emacs-29.4/src/lisp.h:1152
> #10 print_object (obj=0x5e89b479fc10, printcharfun=<optimized out>, escapeflag=true) at print.c:2398
> #11 0x00005e89a9f8618d in print (obj=<optimized out>, printcharfun=<optimized out>, escapeflag=<optimized out>) at print.c:1301
> #12 0x00005e89a9f862d3 in Fprin1 (object=0x5e89b479fc10, printcharfun=printcharfun <at> entry=0x30, overrides=overrides <at> entry=0x0) at print.c:776
> #13 0x00005e89a9f86af9 in print_error_message (data=<optimized out>,
> data <at> entry=0x5e89c039cbd3, stream=stream <at> entry=0x30,
> context=<optimized out>, caller=caller <at> entry=0x7fe0) at print.c:1134
> #14 0x00005e89a9ec503b in Fcommand_error_default_function
> (data=0x5e89c039cbd3, context=0x77717bc80284, signal=0x7fe0) at
> /usr/src/debug/emacs/emacs-29.4/src/lisp.h:1679
> #15 0x00005e89a9fabd6c in exec_byte_code (fun=<optimized out>, args_template=<optimized out>, nargs=<optimized out>, args=<optimized out>) at bytecode.c:809
> #16 0x00005e89a9f5e0c5 in Ffuncall (nargs=nargs <at> entry=4, args=args <at> entry=0x7ffc97562ab0) at eval.c:2999
> #17 0x00005e89a9ec591e in call3 (fn=<optimized out>,
> arg1=0x5e89c039cbd3, arg2=<optimized out>, arg3=0x7fe0) at
> /usr/src/debug/emacs/emacs-29.4/src/lisp.h:3262
> #18 cmd_error_internal (data=data <at> entry=0x5e89c039cbd3, context=context <at> entry=0x7ffc97562b20 "") at keyboard.c:1013
> #19 0x00005e89a9ec5aa2 in cmd_error (data=0x5e89c039cbd3) at keyboard.c:981
> #20 0x00005e89a9f58771 in internal_condition_case
> (bfun=bfun <at> entry=0x5e89a9ed3360 <command_loop_1>,
> handlers=handlers <at> entry=0x90, hfun=hfun <at> entry=0x5e89a9ec5950
> <cmd_error>) at eval.c:1470
> #21 0x00005e89a9ebd73f in command_loop_2 (handlers=handlers <at> entry=0x90) at keyboard.c:1133
> #22 0x00005e89a9f586d8 in internal_catch (tag=tag <at> entry=0x10080, func=func <at> entry=0x5e89a9ebd700 <command_loop_2>, arg=arg <at> entry=0x90) at eval.c:1197
> #23 0x00005e89a9ebd6c5 in command_loop () at keyboard.c:1111
> #24 0x00005e89a9ec5461 in recursive_edit_1 () at keyboard.c:720
> #25 0x00005e89a9ec583d in Frecursive_edit () at keyboard.c:803
> #26 0x00005e89a9d7d0e6 in main (argc=1, argv=0x7ffc97562f38) at emacs.c:2521
>
>
> (gdb) li 4227
>
> 4229	INLINE void
> 4230	flush_stack_call_func (void (*func) (void *arg), void *arg)
> 4231	{
> 4232	  volatile bool repeat = true;
> 4233	  while (repeat)
> 4234	    {
> 4235	      __builtin_unwind_init ();
> 4236	      asm volatile ("" : : : "memory");
> 4237	      flush_stack_call_func1 (func, arg);
> 4238	      repeat = false;
> 4239	    }
> 4240	}

Please disassemble this function by running

disass flush_stack_call_func

Thanks!

Pip
This bug report was last modified 116 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.