GNU bug report logs - #78473
30.1; feature/igc: multiple crashes with pgtk_handle_selection_*

Previous Next

Package: emacs;

Reported by: Oliver Reiter <oliver.reiter <at> snapdragon.cc>

Date: Sat, 17 May 2025 20:44:02 UTC

Severity: normal

Found in version 30.1

Done: Paul Eggert <eggert <at> cs.ucla.edu>

Full log

Message #11 received at 78473 <at> debbugs.gnu.org (full text, mbox):

From: Eli Zaretskii <eliz <at> gnu.org>
To: Pip Cet <pipcet <at> protonmail.com>
Cc: oliver.reiter <at> snapdragon.cc, 78473 <at> debbugs.gnu.org
Subject: Re: bug#78473: 30.1;
 feature/igc: multiple crashes with pgtk_handle_selection_*
Date: Sun, 18 May 2025 07:59:48 +0300

> Date: Sat, 17 May 2025 20:58:49 +0000
> From:  Pip Cet via "Bug reports for GNU Emacs,
>  the Swiss army knife of text editors" <bug-gnu-emacs <at> gnu.org>
> 
> "Oliver Reiter via \"Bug reports for GNU Emacs, the Swiss army knife of text editors\"" <bug-gnu-emacs <at> gnu.org> writes:
> 
> > Dear all,
> >
> > I have encountered multiple crashes on feature/igc with pgtk when
> > copying from Emacs to somewhere else. All crashes seem to involve some
> > form of 'pgtk_handle_selection_*' function (xbacktrace is always empty).
> > These crashes appear to be reproducible for me, if you need further
> > info.
> 
> Thanks for the report!  Can you try adding -fno-tree-sra to your CFLAGS
> and recompiling?  This looks like
> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=117423
> 
> > #9  pgtk_handle_selection_request (event=0x7fffffffc780)
> >     at /home/reitero/build/sources/emacs/emacs_debug/src/pgtkselect.c:585
> >         local_selection_time = <optimized out>
> >         dpyinfo = 0x55dee7e0
> 
> This pointer has been truncated to 32 bits; it should be 0x555555dee7e0.
> That's consistent with the gcc bug above (and
> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=119085, which has been
> correctly marked as a duplicate).

Is there any way we could change our code to avoid bumping into this
problem?  The bug exists in a relatively new version of GCC, so more
users will hit it in the years to come.  One way is to force the use
of -fno-tree-sra (for the affected versions of GCC, if we can identify
them), but is there maybe a less blunt instrument?

> > Configured using:
> >  'configure 'CFLAGS=-g3 -ggdb -O3 -mtune=native -march=native
> >  -fomit-frame-pointer' CPPFLAGS=-I/home/reitero/.local/lib/mps
> 
> Using -fomit-frame-pointer will result in the compiler putting
> references to GC-able objects in %rbp; since MPS usually uses setjmp to
> spill the registers to the stack, and setjmp "scrambles" %rbp for
> security reasons, that will result in references which are invisible to
> MPS, which will cause other crashes.

But configure.ac on the branch forces -fno-omit-frame-pointer.  Is
that not working for some reason?
This bug report was last modified 23 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.