GNU bug report logs - #78473
30.1; feature/igc: multiple crashes with pgtk_handle_selection_*

Previous Next

Package: emacs;

Reported by: Oliver Reiter <oliver.reiter <at> snapdragon.cc>

Date: Sat, 17 May 2025 20:44:02 UTC

Severity: normal

Found in version 30.1

Done: Paul Eggert <eggert <at> cs.ucla.edu>

Full log

View this message in rfc822 format

From: Pip Cet <pipcet <at> protonmail.com>
To: Eli Zaretskii <eliz <at> gnu.org>
Cc: oliver.reiter <at> snapdragon.cc, 78473 <at> debbugs.gnu.org
Subject: bug#78473: 30.1; feature/igc: multiple crashes with pgtk_handle_selection_*
Date: Sun, 18 May 2025 11:20:00 +0000

"Eli Zaretskii" <eliz <at> gnu.org> writes:

>> Date: Sat, 17 May 2025 20:58:49 +0000
>> From:  Pip Cet via "Bug reports for GNU Emacs,
>>  the Swiss army knife of text editors" <bug-gnu-emacs <at> gnu.org>
>>
>> "Oliver Reiter via \"Bug reports for GNU Emacs, the Swiss army knife of text editors\"" <bug-gnu-emacs <at> gnu.org> writes:
>>
>> > Dear all,
>> >
>> > I have encountered multiple crashes on feature/igc with pgtk when
>> > copying from Emacs to somewhere else. All crashes seem to involve some
>> > form of 'pgtk_handle_selection_*' function (xbacktrace is always empty).
>> > These crashes appear to be reproducible for me, if you need further
>> > info.
>>
>> Thanks for the report!  Can you try adding -fno-tree-sra to your CFLAGS
>> and recompiling?  This looks like
>> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=117423
>>
>> > #9  pgtk_handle_selection_request (event=0x7fffffffc780)
>> >     at /home/reitero/build/sources/emacs/emacs_debug/src/pgtkselect.c:585
>> >         local_selection_time = <optimized out>
>> >         dpyinfo = 0x55dee7e0
>>
>> This pointer has been truncated to 32 bits; it should be 0x555555dee7e0.
>> That's consistent with the gcc bug above (and
>> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=119085, which has been
>> correctly marked as a duplicate).
>
> Is there any way we could change our code to avoid bumping into this
> problem?

I thought we had, to be honest.  Let's confirm this is 117423 first,
then we can figure out how to work around that.

> The bug exists in a relatively new version of GCC, so more
> users will hit it in the years to come.

Indeed, and that's if it is fixed at all.

> One way is to force the use of -fno-tree-sra (for the affected
> versions of GCC, if we can identify them), but is there maybe a less
> blunt instrument?

That'd be great, but I don't know how to do it.

>> > Configured using:
>> >  'configure 'CFLAGS=-g3 -ggdb -O3 -mtune=native -march=native
>> >  -fomit-frame-pointer' CPPFLAGS=-I/home/reitero/.local/lib/mps
>>
>> Using -fomit-frame-pointer will result in the compiler putting
>> references to GC-able objects in %rbp; since MPS usually uses setjmp to
>> spill the registers to the stack, and setjmp "scrambles" %rbp for
>> security reasons, that will result in references which are invisible to
>> MPS, which will cause other crashes.
>
> But configure.ac on the branch forces -fno-omit-frame-pointer.  Is
> that not working for some reason?

Both options are passed to GCC, and -fomit-frame-pointer wins because
it's last.

Pip
This bug report was last modified 23 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.