bug#34394: 27.0.50; Emacs segfaults with SLY, company and C-g

classic Classic list List threaded Threaded
36 messages Options
12
Reply | Threaded
Open this post in threaded view
|

bug#34394: 27.0.50; Emacs segfaults with SLY, company and C-g

João Távora
Hi,

This has been happening for a while, but I finally had some time to
track it down.  The problem renders Emacs completely unusable.

Before the recipe and some debugging info, a few notes:

1. The problem happens exlusively with company-mode. It's not easy to
   trigger but I have narrowed a technique that takes me a few minutes a
   most.

2. When using optimized builds, it's not really a SIGSEGV but a strange
   freeze in the display.
   
   The following is printed to stderr, if Emacs was started from the
   terminal:
   
      *** longjmp causes uninitialized stack frame ***: ./src/emacs terminated
      Fatal error 6: Aborted
     
   Very bizarrely, I can still open another frame to the Emacs
   (i.e. from a terminal) if i have the server running, but the buffer
   contents won't be displayed.  Back in the broken GUI I can even use
   the minibuffer to save the buffer to a file, request completions, and
   jump out to another window and apparently resume normal usage.

   But eventually there is always a broken window/display/buffer.

   Evidently, I can't understand what's going on.  But if you know some
   elisp diagnostic command, I can probably still type it in and read
   its output.
     
3. In contrast, when using a non-optimized build I always see SIGSEGV
   and the process dies completely, under gdb or not.
   
4. Also bizarely, when using non-optimized build, configured with:

      ./configure --enable-checking='yes,glyphs' \
      --enable-check-lisp-object-type CFLAGS='-O0 -g3 -gdwarf-4'

   I get _less_ information in gdb than when debugging an
   optimized build:
   
      (gdb) bt full
      #0  0x0000000000000000 in ?? ()
      No symbol table info available.
      #1  0x0000000000000000 in ?? ()
      No symbol table info available.
      (gdb) xbacktrace
      (gdb)

5. Debugging an optimized build gave me much more information (search
   for "yes-optimized-gdb" from here).

6. The use of SLY, a Common Lisp IDE, is not necessary.  I've seen the
   same bug with Eglot and company.  What Eglot has in common with SLY
   is that they both set up a completion-at-point-function that requests
   completions from a subprocess.  The specific manner in which
   completions are requested is interruptable by user input, i.e. using
   either sit-for or while-no-input.  I've witnessed the problem using
   both approaches, though lately I've settled for sit-for in both
   systems.
   
   In Emacs core, the elisp function jsonrpc-request (used by Eglot) is
   where the interruptible sit-for approach in used.

   Nevertheless this recipe uses SLY, since I've been using it more
   often these days.
   
7. I've can get a little more information with a non-optimized build if
   I start without Emacs -Q and load my normal config file.  It's not
   much more info than above, tho, and I don't understand what the
   difference is.  But you can have a look if you search for
   "non-optimized-gdb" from here.
   
Thanks,
João
   
## Now for the reproduction recipe:

The easiest way to get SLY is to clone it from github

   git clone [hidden email]:joaotavora/sly.git /path/to/sly

To get company:

   git clone [hidden email]:company-mode/company-mode.git
   /path/to/company
   
You also need a Common Lisp executable in your path.  For Debian this
will probably do

   sudo apt-get install sbcl

Now start Emacs

   ~/Source/Emacs/emacs/src/emacs -Q                             \
   -L /path/to/sly -l sly-autoloads                              \
   -L /path/to/company-mode -l /path/to/company-mode/company.el  \
   -f global-company-mode                                        \
   -f sly  # start sly
   
After the SLY CL prompt is ready, type "pos". A company widget should
appear.

You should now move quickly <up> and <down> as if selecting a completion
and then quickly press C-g as if wanting to give up on those
completions.  If you do this often enough you will trigger the crash.

## Running this under GDB, (yes-optimized-gdb)

The optimized build was configured with

   --enable-checking=yes,glyphs --enable-check-lisp-object-type 'CFLAGS=-Og -gdwarf-4'

gdb --args ./emacs -Q -L ~/Source/Emacs/sly -l sly-autoloads -L ~/Source/Emacs/company-mode -l ~/Source/Emacs/company-mode/company.el -f global-company-mode -f sly
GNU gdb (Debian 8.2-1) 8.2
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ./emacs...done.
SIGINT is used by the debugger.
Are you sure you want to change it? (y or n) [answered Y; input not from terminal]
DISPLAY = :0
TERM = xterm
Breakpoint 1 at 0x15015c: file emacs.c, line 370.
Temporary breakpoint 2 at 0x172efd: file lisp.h, line 1056.
(gdb) r
Starting program: /home/capitaomorte/Source/Emacs/emacs-master/src/emacs -Q -L /home/capitaomorte/Source/Emacs/sly -l sly-autoloads -L /home/capitaomorte/Source/Emacs/company-mode -l /home/capitaomorte/Source/Emacs/company-mode/company.el -f global-company-mode -f sly
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Detaching after vfork from child process 17193]
[Detaching after vfork from child process 17201]
[Detaching after vfork from child process 17202]
*** longjmp causes uninitialized stack frame ***: /home/capitaomorte/Source/Emacs/emacs-master/src/emacs terminated

Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt full
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
        set = {
          __val = {0, 0, 93825000843456, 140737328736549, 11310, 93825000838608, 93825000883760, 1, 140737488341936,
            140737305084542, 93825008640256, 16777216000000000000, 140737488342240, 93825000373056, 4294967256, 1}
        }
        pid = <optimized out>
        tid = <optimized out>
        ret = <optimized out>
#1  0x00007ffff4f6d535 in __GI_abort () at abort.c:79
        save_stage = 1
        act = {
          __sigaction_handler = {
            sa_handler = 0x1,
            sa_sigaction = 0x1
          },
          sa_mask = {
            __val = {140737305057658, 1937910009842106368, 8260008066545429248, 32, 1, 2, 140737488342496, 93825000021600,
              140737488342544, 140737488342480, 140737305057352, 1, 140737305057658, 1937910009842106368, 140737488342400,
              140737488342800}
          },
          sa_flags = -12928,
          sa_restorer = 0x1000
        }
        sigs = {
          __val = {32, 0 <repeats 15 times>}
        }
#2  0x00007ffff4fc4718 in __libc_message (action=<optimized out>, fmt=fmt@entry=0x7ffff50cf088 "*** %s ***: %s terminated\n")
    at ../sysdeps/posix/libc_fatal.c:181
        ap = {{
            gp_offset = 32,
            fp_offset = 465,
            overflow_arg_area = 0x7fffffffcf20,
            reg_save_area = 0x7fffffffceb0
          }}
        fd = 11
        list = <optimized out>
        nlist = <optimized out>
        cp = <optimized out>
        written = <optimized out>
#3  0x00007ffff5055bbd in __GI___fortify_fail_abort (need_backtrace=need_backtrace@entry=true,
    msg=0x7ffff50cf03d <longjmp_msg> "longjmp causes uninitialized stack frame") at fortify_fail.c:28
No locals.
#4  0x00007ffff5055bf1 in __GI___fortify_fail (msg=<optimized out>) at fortify_fail.c:44
No locals.
#5  0x00007ffff5055aad in ____longjmp_chk () at ../sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S:105
No locals.
#6  0x00007ffff5055a0b in __longjmp_chk (env=0x555555d01238 <main_thread+216>, val=val@entry=1) at ../setjmp/longjmp.c:39
No locals.
#7  0x00005555556b22d4 in quit_throw_to_read_char (from_signal=from_signal@entry=false) at keyboard.c:10486
No locals.
#8  0x00005555556ba3cd in set_waiting_for_input (time_to_clear=time_to_clear@entry=0x7fffffffd130) at keyboard.c:10253
No locals.
--Type <RET> for more, q to quit, c to continue without paging--
#9  0x000055555579007c in wait_reading_process_output (time_limit=time_limit@entry=30, nsecs=nsecs@entry=0, read_kbd=-1,
    do_display=do_display@entry=true, wait_for_cell=..., wait_proc=wait_proc@entry=0x0, just_wait_proc=0) at process.c:5212
        process_skipped = false
        channel = <optimized out>
        nfds = <optimized out>
        Available = {
          fds_bits = {16, 0 <repeats 15 times>}
        }
        Writeok = {
          fds_bits = {0 <repeats 16 times>}
        }
        check_write = <optimized out>
        check_delay = <optimized out>
        no_avail = <optimized out>
        xerrno = 11
        proc = XIL(0x555556473955)
        timeout = {
          tv_sec = 29,
          tv_nsec = 861423452
        }
        end_time = <optimized out>
        timer_delay = <optimized out>
        got_output_end_time = <optimized out>
        wait = TIMEOUT
        got_some_output = -1
        prev_wait_proc_nbytes_read = 0
        retry_for_async = false
        count = 3
        now = <optimized out>
#10 0x00005555555983ac in sit_for (timeout=..., timeout@entry=make_number(30), reading=reading@entry=true,
    display_option=display_option@entry=1) at lisp.h:1056
        sec = 30
        nsec = 0
        do_display = true
#11 0x00005555556b6209 in read_char (commandflag=1, map=..., map@entry=XIL(0x555556bba943), prev_event=XIL(0),
    used_mouse_menu=used_mouse_menu@entry=0x7fffffffd5cb, end_time=end_time@entry=0x0) at lisp.h:751
        tem0 = <optimized out>
        timeout = 30
        delay_level = <optimized out>
        buffer_size = <optimized out>
        c = XIL(0)
        jmpcount = 3
        local_getcjmp = {{
            __jmpbuf = {0, 7951441480105110497, 93825009979408, 93825001081184, 140737488344720, 0, 4254887586582539233,
              7951440073964956641},
            __mask_was_saved = 0,
            __saved_mask = {
              __val = {93825009136931, 0, 93824993581685, 3, 0, 4294967295, 3, 93825001229536, 93824993726913, 0, 0, 0, 7655440,
                0, 93824993581685, 8194}
            }
          }}
        save_jump = {{
--Type <RET> for more, q to quit, c to continue without paging--
            __jmpbuf = {0, 0, 0, 0, 0, 0, 0, 0},
            __mask_was_saved = 0,
            __saved_mask = {
              __val = {0 <repeats 16 times>}
            }
          }}
        tem = <optimized out>
        save = <optimized out>
        previous_echo_area_message = XIL(0)
        also_record = XIL(0)
        reread = false
        recorded = false
        polling_stopped_here = false
        orig_kboard = 0x555555d68c90
#12 0x00005555556b74f5 in read_key_sequence (keybuf=keybuf@entry=0x7fffffffd690, prompt=XIL(0x555555d68c90),
    dont_downcase_last=dont_downcase_last@entry=false, can_return_switch_frame=can_return_switch_frame@entry=true,
    fix_current_buffer=fix_current_buffer@entry=true, prevent_redisplay=prevent_redisplay@entry=false) at keyboard.c:9082
        interrupted_kboard = 0x555555d68c90
        interrupted_frame = 0x555555dc4960
        key = XIL(0x555556641010)
        used_mouse_menu = false
        echo_local_start = 0
        last_real_key_start = 0
        keys_local_start = <optimized out>
        new_binding = <optimized out>
        count = 3
        t = 0
        echo_start = 0
        keys_start = 0
        current_binding = <optimized out>
        first_unbound = 31
        mock_input = 0
        used_mouse_menu_history = {false <repeats 30 times>}
        fkey = {
          parent = XIL(0x555555d84f73),
          map = XIL(0x555555d84f73),
          start = 0,
          end = 0
        }
        keytran = {
          parent = XIL(0x7ffff103d5cb),
          map = XIL(0x7ffff103d5cb),
          start = 0,
          end = 0
        }
        indec = {
          parent = XIL(0x555555d84f63),
          map = XIL(0x555555d84f63),
          start = 0,
          end = 0
        }
        shift_translated = false
--Type <RET> for more, q to quit, c to continue without paging--
        delayed_switch_frame = <optimized out>
        original_uppercase = <optimized out>
        original_uppercase_position = -1
        dummyflag = false
        starting_buffer = 0x555556641010
        fake_prefixed_keys = <optimized out>
        first_event = <optimized out>
        second_event = <optimized out>
#13 0x00005555556b8bc1 in command_loop_1 () at lisp.h:1056
        cmd = <optimized out>
        keybuf = {XIL(0x50a0), XIL(0x555555c595e5), XIL(0x2aaa9b297918), XIL(0x3), XIL(0x3), XIL(0x555555742c17), XIL(0),
          XIL(0x555556ad8393), XIL(0x7fffffffd750), XIL(0x2aaa9b297918), XIL(0), XIL(0), XIL(0), make_number(23456248568811),
          XIL(0x2aaa9b297918), XIL(0x555556ad8393), XIL(0x7ffff0ad5f74), XIL(0), XIL(0x7fffffffd750), XIL(0x5555556acf45), XIL(0),
          XIL(0x555556ad8393), XIL(0), XIL(0x5555556ad2bb), XIL(0), XIL(0), XIL(0x3), XIL(0x55555574182b), XIL(0x7ffff104060b),
          XIL(0x555555d68a50)}
        i = <optimized out>
        prev_modiff = 36
        prev_buffer = 0x555556641010
#14 0x0000555555741a96 in internal_condition_case (bfun=bfun@entry=0x5555556b8943 <command_loop_1>, handlers=...,
    handlers@entry=XIL(0x55b0), hfun=hfun@entry=0x5555556acf6d <cmd_error>) at eval.c:1376
        val = XIL(0)
        c = 0x555555d68a50
#15 0x00005555556a9494 in command_loop_2 (ignore=..., ignore@entry=XIL(0)) at lisp.h:1056
        val = <optimized out>
#16 0x00005555557419da in internal_catch (tag=..., func=func@entry=0x5555556a9478 <command_loop_2>, arg=..., arg@entry=XIL(0))
    at eval.c:1139
        val = XIL(0)
        c = 0x555555d68930
#17 0x00005555556a6786 in command_loop () at lisp.h:1056
No locals.
#18 0x00005555556ac728 in recursive_edit_1 () at keyboard.c:714
        count = 1
        val = <optimized out>
#19 0x00005555556accf0 in Frecursive_edit () at keyboard.c:785
        count = 0
        buffer = <optimized out>
#20 0x00005555556a5154 in main (argc=14, argv=<optimized out>) at emacs.c:1949
        stack_bottom_variable = 0x5555557f9155 <__libc_csu_init+69>
        do_initial_setlocale = <optimized out>
        no_loadup = false
        junk = 0x0
        dname_arg = 0x0
        ch_to_dir = 0x0
        original_pwd = 0x0
        dump_mode = <optimized out>
        skip_args = 0
        temacs = 0x0
        rlim = {
          rlim_cur = 10022912,
          rlim_max = 18446744073709551615
        }
       
## non-optimized-gdb

gdb ./emacs            
GNU gdb (Debian 8.2-1) 8.2
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ./emacs...done.
SIGINT is used by the debugger.
Are you sure you want to change it? (y or n) [answered Y; input not from terminal]
DISPLAY = :0
TERM = xterm
Breakpoint 1 at 0x1ad3b8: file emacs.c, line 371.
Temporary breakpoint 2 at 0x1d9e93: file sysdep.c, line 1101.
(gdb) r
Starting program: /home/capitaomorte/Source/Emacs/emacs/src/emacs
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Detaching after vfork from child process 17713]
[Detaching after vfork from child process 17718]
[Detaching after vfork from child process 17719]
[Detaching after vfork from child process 17721]
[Detaching after vfork from child process 17725]
[Detaching after vfork from child process 17726]
[Detaching after vfork from child process 17729]
[Detaching after vfork from child process 17754]
[Detaching after vfork from child process 17755]
[Detaching after vfork from child process 17769]

Program received signal SIGSEGV, Segmentation fault.
0x0000000000000000 in ?? ()
(gdb) bt full
#0  0x0000000000000000 in ?? ()
No symbol table info available.
#1  0x00005555557d02ae in do_one_unbind (this_binding=0x7fffffff85a0, unwinding=true, bindflag=SET_INTERNAL_UNBIND) at eval.c:3504
No locals.
#2  0x00005555557d0763 in unbind_to (count=8589905392, value=XIL(0)) at eval.c:3631
        this_binding = {
          kind = SPECPDL_UNWIND,
          unwind = {
            kind = SPECPDL_UNWIND,
            func = 0x0,
            arg = XIL(0),
            eval_depth = 0
          },
          unwind_array = {
            kind = SPECPDL_UNWIND,
            nelts = 0,
            array = 0x0
          },
          unwind_ptr = {
            kind = SPECPDL_UNWIND,
            func = 0x0,
            arg = 0x0
          },
          unwind_int = {
            kind = SPECPDL_UNWIND,
            func = 0x0,
            arg = 0
          },
          unwind_excursion = {
            kind = SPECPDL_UNWIND,
            marker = XIL(0),
            window = XIL(0)
          },
          unwind_void = {
            kind = SPECPDL_UNWIND,
            func = 0x0
          },
          let = {
            kind = SPECPDL_UNWIND,
            symbol = XIL(0),
            old_value = XIL(0),
            where = XIL(0),
            saved_value = XIL(0)
          },
          bt = {
            kind = SPECPDL_UNWIND,
            debug_on_exit = false,
            function = XIL(0),
            args = 0x0,
            nargs = 0
          }
        }
--Type <RET> for more, q to quit, c to continue without paging--c
        quitf = XIL(0xc750)
#3  0x000055555570a27b in read_char (commandflag=21845, map=XIL(0x555556e3cc00), prev_event=XIL(0x20), used_mouse_menu=0x7ffff0abeabd, end_time=0x3d5579264f) at keyboard.c:2551
        c = XIL(0x7fffffff8868)
        jmpcount = 8589905392
        local_getcjmp = {{
            __jmpbuf = {140737488324512, 1433386485, 171798691841, 140737236181973, 140737488324608, 140737488325824, 93825017529728, 140737488324604},
            __mask_was_saved = 0,
            __saved_mask = {
              __val = {140737326527355, 140737488324656, 140737488325872, 93825017529728, 140737488324652, 0, 140737326527355, 93825003666096, 140737488325804, 140737488325868, 4294967296, 18446744069414584321, 1432946432, 140737488324752, 108819530576, 140737236339464}
            }
          }}
        save_jump = {{
            __jmpbuf = {140737488324320, 93824993965235, 140737488324336, 0, 0, 107374182400, 140737236339464, 140737488324360},
            __mask_was_saved = 1433384518,
            __saved_mask = {
              __val = {111669118032, 140737488324448, 140737488325664, 93825017529728, 140737488324444, 0, 140737326527355, 140737488324496, 140737488325712, 93825017529728, 140737488324492, 0, 140737326527355, 93825003666096, 140737488325644, 140737488325708}
            }
          }}
        tem = XIL(0x555556e3cbe5)
        save = XIL(0x7fffffff86d0)
        previous_echo_area_message = XIL(0x7ffff0b3c5ad)
        also_record = XIL(0)
        reread = false
        recorded = false
        polling_stopped_here = false
        orig_kboard = 0x7ffff65ab37b <XftGlyphExtents+123>
#4  0x00007fffffffa3a0 in ?? ()
No symbol table info available.
#5  0x00007fffffff8dec in ?? ()
No symbol table info available.
#6  0x00000001ffffb2b0 in ?? ()
No symbol table info available.
#7  0x0000000000000000 in ?? ()
No symbol table info available.
(gdb) xbacktrace
(gdb)



Reply | Threaded
Open this post in threaded view
|

bug#34394: 27.0.50; Emacs segfaults with SLY, company and C-g

Eli Zaretskii
> From: João Távora <[hidden email]>
> Date: Sat, 09 Feb 2019 00:55:41 +0000
>
>    The following is printed to stderr, if Emacs was started from the
>    terminal:
>    
>       *** longjmp causes uninitialized stack frame ***: ./src/emacs terminated
>       Fatal error 6: Aborted

This means we used a garbled or bogus jmp_buf contents, somehow.

> 4. Also bizarely, when using non-optimized build, configured with:
>
>       ./configure --enable-checking='yes,glyphs' \
>       --enable-check-lisp-object-type CFLAGS='-O0 -g3 -gdwarf-4'
>
>    I get _less_ information in gdb than when debugging an
>    optimized build:
>    
>       (gdb) bt full
>       #0  0x0000000000000000 in ?? ()
>       No symbol table info available.
>       #1  0x0000000000000000 in ?? ()
>       No symbol table info available.
>       (gdb) xbacktrace
>       (gdb)

I think the stack is smashed, so GDB is confused.

> *** longjmp causes uninitialized stack frame ***: /home/capitaomorte/Source/Emacs/emacs-master/src/emacs terminated
>
> Program received signal SIGABRT, Aborted.
> __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
> 50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
> (gdb) bt full
> #0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
>         set = {
>           __val = {0, 0, 93825000843456, 140737328736549, 11310, 93825000838608, 93825000883760, 1, 140737488341936,
>             140737305084542, 93825008640256, 16777216000000000000, 140737488342240, 93825000373056, 4294967256, 1}
>         }
>         pid = <optimized out>
>         tid = <optimized out>
>         ret = <optimized out>
> #1  0x00007ffff4f6d535 in __GI_abort () at abort.c:79
>         save_stage = 1
>         act = {
>           __sigaction_handler = {
>             sa_handler = 0x1,
>             sa_sigaction = 0x1
>           },
>           sa_mask = {
>             __val = {140737305057658, 1937910009842106368, 8260008066545429248, 32, 1, 2, 140737488342496, 93825000021600,
>               140737488342544, 140737488342480, 140737305057352, 1, 140737305057658, 1937910009842106368, 140737488342400,
>               140737488342800}
>           },
>           sa_flags = -12928,
>           sa_restorer = 0x1000
>         }
>         sigs = {
>           __val = {32, 0 <repeats 15 times>}
>         }
> #2  0x00007ffff4fc4718 in __libc_message (action=<optimized out>, fmt=fmt@entry=0x7ffff50cf088 "*** %s ***: %s terminated\n")
>     at ../sysdeps/posix/libc_fatal.c:181
>         ap = {{
>             gp_offset = 32,
>             fp_offset = 465,
>             overflow_arg_area = 0x7fffffffcf20,
>             reg_save_area = 0x7fffffffceb0
>           }}
>         fd = 11
>         list = <optimized out>
>         nlist = <optimized out>
>         cp = <optimized out>
>         written = <optimized out>
> #3  0x00007ffff5055bbd in __GI___fortify_fail_abort (need_backtrace=need_backtrace@entry=true,
>     msg=0x7ffff50cf03d <longjmp_msg> "longjmp causes uninitialized stack frame") at fortify_fail.c:28
> No locals.
> #4  0x00007ffff5055bf1 in __GI___fortify_fail (msg=<optimized out>) at fortify_fail.c:44
> No locals.
> #5  0x00007ffff5055aad in ____longjmp_chk () at ../sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S:105
> No locals.
> #6  0x00007ffff5055a0b in __longjmp_chk (env=0x555555d01238 <main_thread+216>, val=val@entry=1) at ../setjmp/longjmp.c:39
> No locals.
> #7  0x00005555556b22d4 in quit_throw_to_read_char (from_signal=from_signal@entry=false) at keyboard.c:10486
> No locals.
> #8  0x00005555556ba3cd in set_waiting_for_input (time_to_clear=time_to_clear@entry=0x7fffffffd130) at keyboard.c:10253

When this happens, what is the value of Vquit_flag, in Lisp terms?  Is
it t or something else?



Reply | Threaded
Open this post in threaded view
|

bug#34394: 27.0.50; Emacs segfaults with SLY, company and C-g

Andreas Schwab-2
In reply to this post by João Távora
On Feb 09 2019, João Távora <[hidden email]> wrote:

>    The following is printed to stderr, if Emacs was started from the
>    terminal:
>    
>       *** longjmp causes uninitialized stack frame ***: ./src/emacs terminated
>       Fatal error 6: Aborted

That can mean that longjmp tried to use a stale jmp_buf, eg. of a stack
frame after it has returned.

> 4. Also bizarely, when using non-optimized build, configured with:
>
>       ./configure --enable-checking='yes,glyphs' \
>       --enable-check-lisp-object-type CFLAGS='-O0 -g3 -gdwarf-4'
>
>    I get _less_ information in gdb than when debugging an
>    optimized build:
>    
>       (gdb) bt full
>       #0  0x0000000000000000 in ?? ()
>       No symbol table info available.
>       #1  0x0000000000000000 in ?? ()
>       No symbol table info available.

That is typical for a process that has a clobbered stack.  Since longjmp
checking is not active in unoptimized builds (fortify checks require
optimisation), the process doesn't detect the undefined stack early
enough.

Andreas.

--
Andreas Schwab, [hidden email]
GPG Key fingerprint = 7578 EB47 D4E5 4D69 2510  2552 DF73 E780 A9DA AEC1
"And now for something completely different."



Reply | Threaded
Open this post in threaded view
|

bug#34394: 27.0.50; Emacs segfaults with SLY, company and C-g

João Távora
In reply to this post by Eli Zaretskii
Eli Zaretskii <[hidden email]> writes:

>> From: João Távora <[hidden email]>
>> Date: Sat, 09 Feb 2019 00:55:41 +0000
>>
>>    The following is printed to stderr, if Emacs was started from the
>>    terminal:
>>    
>>       *** longjmp causes uninitialized stack frame ***: ./src/emacs terminated
>>       Fatal error 6: Aborted
>
> This means we used a garbled or bogus jmp_buf contents, somehow.
>
>> 4. Also bizarely, when using non-optimized build, configured with:
>>
>>       ./configure --enable-checking='yes,glyphs' \
>>       --enable-check-lisp-object-type CFLAGS='-O0 -g3 -gdwarf-4'
>>
>>    I get _less_ information in gdb than when debugging an
>>    optimized build:
>>    
>>       (gdb) bt full
>>       #0  0x0000000000000000 in ?? ()
>>       No symbol table info available.
>>       #1  0x0000000000000000 in ?? ()
>>       No symbol table info available.
>>       (gdb) xbacktrace
>>       (gdb)
>
> I think the stack is smashed, so GDB is confused.
>
>> *** longjmp causes uninitialized stack frame ***: /home/capitaomorte/Source/Emacs/emacs-master/src/emacs terminated
>>
>> Program received signal SIGABRT, Aborted.
>> __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
>> 50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
>> (gdb) bt full
>> #0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
>>         set = {
>>           __val = {0, 0, 93825000843456, 140737328736549, 11310, 93825000838608, 93825000883760, 1, 140737488341936,
>>             140737305084542, 93825008640256, 16777216000000000000, 140737488342240, 93825000373056, 4294967256, 1}
>>         }
>>         pid = <optimized out>
>>         tid = <optimized out>
>>         ret = <optimized out>
>> #1  0x00007ffff4f6d535 in __GI_abort () at abort.c:79
>>         save_stage = 1
>>         act = {
>>           __sigaction_handler = {
>>             sa_handler = 0x1,
>>             sa_sigaction = 0x1
>>           },
>>           sa_mask = {
>>             __val = {140737305057658, 1937910009842106368, 8260008066545429248, 32, 1, 2, 140737488342496, 93825000021600,
>>               140737488342544, 140737488342480, 140737305057352, 1, 140737305057658, 1937910009842106368, 140737488342400,
>>               140737488342800}
>>           },
>>           sa_flags = -12928,
>>           sa_restorer = 0x1000
>>         }
>>         sigs = {
>>           __val = {32, 0 <repeats 15 times>}
>>         }
>> #2  0x00007ffff4fc4718 in __libc_message (action=<optimized out>, fmt=fmt@entry=0x7ffff50cf088 "*** %s ***: %s terminated\n")
>>     at ../sysdeps/posix/libc_fatal.c:181
>>         ap = {{
>>             gp_offset = 32,
>>             fp_offset = 465,
>>             overflow_arg_area = 0x7fffffffcf20,
>>             reg_save_area = 0x7fffffffceb0
>>           }}
>>         fd = 11
>>         list = <optimized out>
>>         nlist = <optimized out>
>>         cp = <optimized out>
>>         written = <optimized out>
>> #3  0x00007ffff5055bbd in __GI___fortify_fail_abort (need_backtrace=need_backtrace@entry=true,
>>     msg=0x7ffff50cf03d <longjmp_msg> "longjmp causes uninitialized stack frame") at fortify_fail.c:28
>> No locals.
>> #4  0x00007ffff5055bf1 in __GI___fortify_fail (msg=<optimized out>) at fortify_fail.c:44
>> No locals.
>> #5  0x00007ffff5055aad in ____longjmp_chk () at ../sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S:105
>> No locals.
>> #6  0x00007ffff5055a0b in __longjmp_chk (env=0x555555d01238 <main_thread+216>, val=val@entry=1) at ../setjmp/longjmp.c:39
>> No locals.
>> #7  0x00005555556b22d4 in quit_throw_to_read_char (from_signal=from_signal@entry=false) at keyboard.c:10486
>> No locals.
>> #8  0x00005555556ba3cd in set_waiting_for_input (time_to_clear=time_to_clear@entry=0x7fffffffd130) at keyboard.c:10253
>
> When this happens, what is the value of Vquit_flag, in Lisp terms?  Is
> it t or something else?

I can't tell exactly.  I believe this happens in *some* of the times I
ress C-g during the (while (sit-for)) in the following block extracted
from sly.el

This is the block.

   (catch catch-tag
       (sly-rex ()  ;; this sends something to an external process which
                    ;; will eventually "throw" via a process filter
           (sexp package)
         ((:ok value)
          (unless cancelled-on-input
            (throw catch-tag (list #'identity value))))
         ((:abort _condition)
          (throw catch-tag (list #'error "Synchronous Lisp Evaluation aborted"))))
       (cond (cancel-on-input
              (let ((inhibit-quit t))
                (unwind-protect
                    (while (sit-for 30))
                  (setq cancelled-on-input t
                        quit-flag nil)))
              (funcall check-conn))
             (t
              (while t
                (funcall check-conn)
                (accept-process-output nil 30))))
       (list #'identity cancel-on-input-retval))

Also, I think this happens when another request called by this function
has recently been canceled, i.e. the user typed something during the
sit-for, which is _not_ C-g, quickly followed by an invocation of this
same block, _coming from a "get docstring for completion"
(:company-docsig) timer fired by company-mode.  I think if I manage to
type C-g during around that time it crashes.

This intuition, is what lead me to stuff the code with inhibit-quit and
(setq quit-flag nil) and stuff like that.  Because I want to make sure
C-g doesn't get in there.  Perhaps it still does.  Perhaps it is
counter-productive to do this.

Thanks for your help,
João




Reply | Threaded
Open this post in threaded view
|

bug#34394: 27.0.50; Emacs segfaults with SLY, company and C-g

Eli Zaretskii
> From: João Távora <[hidden email]>
> Cc: [hidden email], [hidden email]
> Date: Sat, 09 Feb 2019 09:45:13 +0000
>
> Eli Zaretskii <[hidden email]> writes:
>
> > When this happens, what is the value of Vquit_flag, in Lisp terms?  Is
> > it t or something else?
>
> I can't tell exactly.

I meant to ask that you examine the value in GDB.  Sorry if I didn't
make that clear enough.

> I believe this happens in *some* of the times I ress C-g during the
> (while (sit-for)) in the following block extracted from sly.el

You said the code uses while-no-input, which is why I asked.  Maybe we
get confused by the trickery used by while-no-input.

Btw, does this happen only on master, otr is it reproducible on
emacs-26 as well?



Reply | Threaded
Open this post in threaded view
|

bug#34394: 27.0.50; Emacs segfaults with SLY, company and C-g

João Távora
Eli Zaretskii <[hidden email]> writes:

>> From: João Távora <[hidden email]>
>> Cc: [hidden email], [hidden email]
>> Date: Sat, 09 Feb 2019 09:45:13 +0000
>>
>> Eli Zaretskii <[hidden email]> writes:
>>
>> > When this happens, what is the value of Vquit_flag, in Lisp terms?  Is
>> > it t or something else?
>>
>> I can't tell exactly.

> I meant to ask that you examine the value in GDB.  Sorry if I didn't
> make that clear enough.

Oh, silly, sorry.  But I still can't answer, because it can't find that
symbol in context.

I tried just 'p Vquit_flag'

Strange, isn't this supposed to be a global?  There are other V's that I
can inspect with 'print'.  Even if I 'frame 8' to select a frame where
it should definitely be in context, I can't see 'Vquit_flag'.

I have gotten what seems like richer backtrace though.  See after my
sig.

>> I believe this happens in *some* of the times I ress C-g during the
>> (while (sit-for)) in the following block extracted from sly.el
>
> You said the code uses while-no-input, which is why I asked.  Maybe we
> get confused by the trickery used by while-no-input.

No, I said it used to use while-no-input.  It now uses (while (sit-for))
for the same purpose.  I do believe however, that the problem also
manifested itself back when it did use while-no-input.

> Btw, does this happen only on master, otr is it reproducible on
> emacs-26 as well?

Pretty sure it also happens on emacs-26, too. But I will try again.

Meanwhile, enjoy the backtrace and thanks again.
João


gdb --args ./emacs -Q -L ~/Source/Emacs/sly -l sly-autoloads -L ~/Source/Emacs/company-mode -l ~/Source/Emacs/company-mode/company.el -f global-company-mode -f sly                       scratch/new-flex-completion-style ◼
GNU gdb (Debian 8.2-1) 8.2
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ./emacs...done.
SIGINT is used by the debugger.
Are you sure you want to change it? (y or n) [answered Y; input not from terminal]
DISPLAY = :0
TERM = xterm
Breakpoint 1 at 0x15015c: file emacs.c, line 370.
Temporary breakpoint 2 at 0x172efd: file lisp.h, line 1056.
(gdb) r
Starting program: /home/capitaomorte/Source/Emacs/emacs-master/src/emacs -Q -L /home/capitaomorte/Source/Emacs/sly -l sly-autoloads -L /home/capitaomorte/Source/Emacs/company-mode -l /home/capitaomorte/Source/Emacs/company-mode/company.el -f global-company-mode -f sly
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Detaching after vfork from child process 20755]
[Detaching after vfork from child process 20763]
[Detaching after vfork from child process 20764]
*** longjmp causes uninitialized stack frame ***: /home/capitaomorte/Source/Emacs/emacs-master/src/emacs terminated

Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt full
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
        set = {
          __val = {0, 0, 93825000843456, 140737328736549, 13298, 93825000838608, 93825000883760, 1, 140737488341936, 140737305084542, 93825001776656, 16777216000000000000, 140737488342240, 93825007851488, 4294967256, 1}
        }
        pid = <optimized out>
        tid = <optimized out>
        ret = <optimized out>
#1  0x00007ffff4f6d535 in __GI_abort () at abort.c:79
        save_stage = 1
        act = {
          __sigaction_handler = {
            sa_handler = 0x1,
            sa_sigaction = 0x1
          },
          sa_mask = {
            __val = {140737305057658, 1937910009842106368, 1241655880387876352, 32, 1, 2, 140737488342496, 93825000021600, 140737488342544, 140737488342480, 140737305057352, 1, 140737305057658, 1937910009842106368, 140737488342400,
              140737488342800}
          },
          sa_flags = -12928,
          sa_restorer = 0x1000
        }
        sigs = {
          __val = {32, 0 <repeats 15 times>}
        }
#2  0x00007ffff4fc4718 in __libc_message (action=<optimized out>, fmt=fmt@entry=0x7ffff50cf088 "*** %s ***: %s terminated\n") at ../sysdeps/posix/libc_fatal.c:181
        ap = {{
            gp_offset = 32,
            fp_offset = 465,
            overflow_arg_area = 0x7fffffffcf20,
            reg_save_area = 0x7fffffffceb0
          }}
        fd = 11
        list = <optimized out>
        nlist = <optimized out>
        cp = <optimized out>
        written = <optimized out>
#3  0x00007ffff5055bbd in __GI___fortify_fail_abort (need_backtrace=need_backtrace@entry=true, msg=0x7ffff50cf03d <longjmp_msg> "longjmp causes uninitialized stack frame") at fortify_fail.c:28
No locals.
#4  0x00007ffff5055bf1 in __GI___fortify_fail (msg=<optimized out>) at fortify_fail.c:44
No locals.
#5  0x00007ffff5055aad in ____longjmp_chk () at ../sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S:105
No locals.
#6  0x00007ffff5055a0b in __longjmp_chk (env=0x555555d01238 <main_thread+216>, val=val@entry=1) at ../setjmp/longjmp.c:39
No locals.
#7  0x00005555556b22d4 in quit_throw_to_read_char (from_signal=from_signal@entry=false) at keyboard.c:10486
No locals.
#8  0x00005555556ba3cd in set_waiting_for_input (time_to_clear=time_to_clear@entry=0x7fffffffd130) at keyboard.c:10253
No locals.
#9  0x000055555579007c in wait_reading_process_output (time_limit=time_limit@entry=30, nsecs=nsecs@entry=0, read_kbd=-1, do_display=do_display@entry=true, wait_for_cell=..., wait_proc=wait_proc@entry=0x0, just_wait_proc=0)
    at process.c:5212
        process_skipped = false
        channel = <optimized out>
        nfds = <optimized out>
        Available = {
          fds_bits = {16, 0 <repeats 15 times>}
        }
        Writeok = {
          fds_bits = {0 <repeats 16 times>}
        }
        check_write = <optimized out>
        check_delay = <optimized out>
        no_avail = <optimized out>
--Type <RET> for more, q to quit, c to continue without paging--
        xerrno = 11
        proc = XIL(0x55555644ae05)
        timeout = {
          tv_sec = 29,
          tv_nsec = 847330104
        }
        end_time = <optimized out>
        timer_delay = <optimized out>
        got_output_end_time = <optimized out>
        wait = TIMEOUT
        got_some_output = -1
        prev_wait_proc_nbytes_read = 0
        retry_for_async = false
        count = 3
        now = <optimized out>
#10 0x00005555555983ac in sit_for (timeout=..., timeout@entry=make_number(30), reading=reading@entry=true, display_option=display_option@entry=1) at lisp.h:1056
        sec = 30
        nsec = 0
        do_display = true
#11 0x00005555556b6209 in read_char (commandflag=1, map=..., map@entry=XIL(0x555556a34d63), prev_event=XIL(0), used_mouse_menu=used_mouse_menu@entry=0x7fffffffd5cb, end_time=end_time@entry=0x0) at lisp.h:751
        tem0 = <optimized out>
        timeout = 30
        delay_level = <optimized out>
        buffer_size = <optimized out>
        c = XIL(0)
        jmpcount = 3
        local_getcjmp = {{
            __jmpbuf = {0, -2326386954136450792, 93825009896624, 93825001081184, 140737488344720, 0, -8439086859478890216, -2326388347257485032},
            __mask_was_saved = 0,
            __saved_mask = {
              __val = {93825009137987, 0, 93824993581685, 3, 0, 4294967295, 3, 93825001378992, 93824993726913, 0, 0, 0, 7689696, 0, 93824993581685, 8194}
            }
          }}
        save_jump = {{
            __jmpbuf = {0, -2326386954136450792, 93825009896624, 93825001081184, 140737488344720, 0, -8439086859478890216, -2326388347257485032},
            __mask_was_saved = 0,
            __saved_mask = {
              __val = {93825009137987, 0, 93824993581685, 3, 0, 4294967295, 3, 93825001378992, 93824993726913, 0, 0, 0, 7689696, 0, 93824993581685, 8194}
            }
          }}
        tem = <optimized out>
        save = <optimized out>
        previous_echo_area_message = XIL(0)
        also_record = XIL(0)
        reread = false
        recorded = false
        polling_stopped_here = false
        orig_kboard = 0x555555d68c90
#12 0x00005555556b74f5 in read_key_sequence (keybuf=keybuf@entry=0x7fffffffd690, prompt=XIL(0x555555d68c90), dont_downcase_last=dont_downcase_last@entry=false, can_return_switch_frame=can_return_switch_frame@entry=true,
    fix_current_buffer=fix_current_buffer@entry=true, prevent_redisplay=prevent_redisplay@entry=false) at keyboard.c:9082
        interrupted_kboard = 0x555555d68c90
        interrupted_frame = 0x555555dc4960
        key = XIL(0x55555662ccb0)
        used_mouse_menu = false
        echo_local_start = 0
        last_real_key_start = 0
        keys_local_start = <optimized out>
        new_binding = <optimized out>
        count = 3
        t = 0
        echo_start = 0
        keys_start = 0
--Type <RET> for more, q to quit, c to continue without paging--
        current_binding = <optimized out>
        first_unbound = 31
        mock_input = 0
        used_mouse_menu_history = {false <repeats 30 times>}
        fkey = {
          parent = XIL(0x555555d84f73),
          map = XIL(0x555555d84f73),
          start = 0,
          end = 0
        }
        keytran = {
          parent = XIL(0x7ffff103d5cb),
          map = XIL(0x7ffff103d5cb),
          start = 0,
          end = 0
        }
        indec = {
          parent = XIL(0x555555d84f63),
          map = XIL(0x555555d84f63),
          start = 0,
          end = 0
        }
        shift_translated = false
        delayed_switch_frame = <optimized out>
        original_uppercase = <optimized out>
        original_uppercase_position = -1
        dummyflag = false
        starting_buffer = 0x55555662ccb0
        fake_prefixed_keys = <optimized out>
        first_event = <optimized out>
        second_event = <optimized out>
#13 0x00005555556b8bc1 in command_loop_1 () at lisp.h:1056
        cmd = <optimized out>
        keybuf = {XIL(0x50a0), XIL(0x555555c595e5), XIL(0x2aaa9b297918), XIL(0x3), XIL(0x3), XIL(0x555555742c17), XIL(0), XIL(0x5555569b59a3), XIL(0x7fffffffd750), XIL(0x2aaa9b297918), XIL(0), XIL(0), XIL(0),
          make_number(23456248568811), XIL(0x2aaa9b297918), XIL(0x5555569b59a3), XIL(0x7ffff0ad5f74), XIL(0), XIL(0x7fffffffd750), XIL(0x5555556acf45), XIL(0), XIL(0x5555569b59a3), XIL(0), XIL(0x5555556ad2bb), XIL(0), XIL(0), XIL(0x3),
          XIL(0x55555574182b), XIL(0x7ffff104060b), XIL(0x555555d68a50)}
        i = <optimized out>
        prev_modiff = 56
        prev_buffer = 0x55555662ccb0
#14 0x0000555555741a96 in internal_condition_case (bfun=bfun@entry=0x5555556b8943 <command_loop_1>, handlers=..., handlers@entry=XIL(0x55b0), hfun=hfun@entry=0x5555556acf6d <cmd_error>) at eval.c:1376
        val = XIL(0)
        c = 0x555555d68a50
#15 0x00005555556a9494 in command_loop_2 (ignore=..., ignore@entry=XIL(0)) at lisp.h:1056
        val = <optimized out>
#16 0x00005555557419da in internal_catch (tag=..., func=func@entry=0x5555556a9478 <command_loop_2>, arg=..., arg@entry=XIL(0)) at eval.c:1139
        val = XIL(0)
        c = 0x555555d68930
#17 0x00005555556a6786 in command_loop () at lisp.h:1056
No locals.
#18 0x00005555556ac728 in recursive_edit_1 () at keyboard.c:714
        count = 1
        val = <optimized out>
#19 0x00005555556accf0 in Frecursive_edit () at keyboard.c:785
        count = 0
        buffer = <optimized out>
#20 0x00005555556a5154 in main (argc=14, argv=<optimized out>) at emacs.c:1949
        stack_bottom_variable = 0x5555557f9155 <__libc_csu_init+69>
        do_initial_setlocale = <optimized out>
        no_loadup = false
        junk = 0x0
        dname_arg = 0x0
        ch_to_dir = 0x0
--Type <RET> for more, q to quit, c to continue without paging--
        original_pwd = 0x0
        dump_mode = <optimized out>
        skip_args = 0
        temacs = 0x0
        rlim = {
          rlim_cur = 10022912,
          rlim_max = 18446744073709551615
        }
(gdb) p Vquit_flag
No symbol "Vquit_flag" in current context.
(gdb) p V
Display all 114 possibilities? (y or n)
V                                                                                                        VTT for std::istrstream
V0                                                                                                       VTT for std::ostream
V1                                                                                                       VTT for std::ostrstream
V2                                                                                                       VTT for std::strstream
V3                                                                                                       Vascii_canon_table
V4                                                                                                       Vascii_downcase_table
VALBITS                                                                                                  Vascii_eqv_table
VALMASK                                                                                                  Vascii_upcase_table
VBLOCK_BYTES_MAX                                                                                         Vautoload_queue
VBLOCK_BYTES_MIN                                                                                         Vbig5_coding_system
VC0                                                                                                      Vbuffer_alist
VC1                                                                                                      Vcached_fontset_data
VECTORLIKEP                                                                                              Vccl_program_table
VECTORP                                                                                                  Vchar_unify_table
VECTOR_BLOCK_BYTES                                                                                       Vcharset_hash_table
VECTOR_BLOCK_SIZE                                                                                        Vcharset_non_preferred_head
VECTOR_MAX_FREE_LIST_INDEX                                                                               Vcharset_ordered_list
VERTICAL_BORDER_FACE_ID                                                                                  Vcode_conversion_reused_workbuf
VINDEX                                                                                                   Vcode_conversion_workbuf_name
VISIBLE_CHANGE                                                                                           Vcoding_category_table
VISIT                                                                                                    Vcoding_system_hash_table
VP8CheckSignature                                                                                        Vdead
[hidden email]                                                                                Vdefault_fontset
VP8CheckSignature@plt                                                                                    Vemacs_mule_charset_list
VP8GetCPUInfo                                                                                            Vendor.h
VP8GetInfo                                                                                               VendorP.h
[hidden email]                                                                                       VendorShellClassPart
VP8GetInfo@plt                                                                                           VendorShellClassRec
VP8LCheckSignature                                                                                       Vface_alternative_font_family_alist
[hidden email]                                                                               Vface_alternative_font_registry_alist
VP8LCheckSignature@plt                                                                                   Vfont_log_deferred
VP8LGetInfo                                                                                              Vfontset_table
[hidden email]                                                                                      Vframe_list
VP8LGetInfo@plt                                                                                          Viso_2022_charset_list
VTT for std::__cxx11::basic_istringstream<char, std::char_traits<char>, std::allocator<char> >           Visual
VTT for std::__cxx11::basic_istringstream<wchar_t, std::char_traits<wchar_t>, std::allocator<wchar_t> >  VisualID
VTT for std::__cxx11::basic_ostringstream<char, std::char_traits<char>, std::allocator<char> >           Vlispy_mouse_stem
VTT for std::__cxx11::basic_ostringstream<wchar_t, std::char_traits<wchar_t>, std::allocator<wchar_t> >  Vloads_in_progress
VTT for std::__cxx11::basic_stringstream<char, std::char_traits<char>, std::allocator<char> >            Vmessage_stack
VTT for std::__cxx11::basic_stringstream<wchar_t, std::char_traits<wchar_t>, std::allocator<wchar_t> >   Vmessages_buffer_name
VTT for std::basic_fstream<char, std::char_traits<char> >                                                Vminibuffer_list
VTT for std::basic_fstream<wchar_t, std::char_traits<wchar_t> >                                          Vmode_line_unwind_vector
VTT for std::basic_ifstream<char, std::char_traits<char> >                                               Vmouse_events
VTT for std::basic_ifstream<wchar_t, std::char_traits<wchar_t> >                                         Vparam_value_alist
VTT for std::basic_iostream<wchar_t, std::char_traits<wchar_t> >                                         Vprin1_to_string_buffer
VTT for std::basic_istream<wchar_t, std::char_traits<wchar_t> >                                          Vprocess_alist
VTT for std::basic_istringstream<char, std::char_traits<char>, std::allocator<char> >                    Vrun_hooks
VTT for std::basic_istringstream<wchar_t, std::char_traits<wchar_t>, std::allocator<wchar_t> >           Vsignaling_function
VTT for std::basic_ofstream<char, std::char_traits<char> >                                               Vsjis_coding_system
VTT for std::basic_ofstream<wchar_t, std::char_traits<wchar_t> >                                         Vsyntax_code_object
VTT for std::basic_ostream<wchar_t, std::char_traits<wchar_t> >                                          Vtemp_file_name_pattern
VTT for std::basic_ostringstream<char, std::char_traits<char>, std::allocator<char> >                    Vwindow_list
VTT for std::basic_ostringstream<wchar_t, std::char_traits<wchar_t>, std::allocator<wchar_t> >           Vwindow_system
VTT for std::basic_stringstream<char, std::char_traits<char>, std::allocator<char> >                     Vwith_echo_area_save_vector
VTT for std::basic_stringstream<wchar_t, std::char_traits<wchar_t>, std::allocator<wchar_t> >            Vwrite_region_annotation_buffers
VTT for std::iostream                                                                                    value
VTT for std::istream                                                                                     vtimes_one.part
(gdb) p Vprocess_alist
$1 = XIL(0x555556ae7f83)
(gdb)








Reply | Threaded
Open this post in threaded view
|

bug#34394: 27.0.50; Emacs segfaults with SLY, company and C-g

João Távora
In reply to this post by Eli Zaretskii
Eli Zaretskii <[hidden email]> writes:

> Btw, does this happen only on master, otr is it reproducible on
> emacs-26 as well?

Yep, also Emacs 26.1 and seems to be _way_ easier to trigger there.  I
get it on the first C-g!  A 26.1 backtrace after my sig.

By the way, this is important: I've removed the inhibit-quit hack I used
to have, so the lisp code is now simpler.  You will stil notice that
there is a strange "unwind-protect" there.  I don't think it should be
needed, but sometimes it's like the (while (sit-for)) exits non-locally
even without C-g and the (setq cancelled-on-input) never gets executed.

(catch catch-tag
       (sly-rex ()
           (sexp package)
         ((:ok value)
          (unless cancelled-on-input
            (throw catch-tag (list #'identity value))))
         ((:abort _condition)
          (throw catch-tag (list #'error "Synchronous Lisp Evaluation aborted"))))
       (cond (cancel-on-input
              (unwind-protect
                  (while (sit-for 30))
                (setq cancelled-on-input t))
              (funcall check-conn))
             (t
              (while t
                (funcall check-conn)
                (accept-process-output nil 30))))
       (list #'identity cancel-on-input-retval))

I will try with a Emacs 26.1 debug build, perhaps that won't smash the
stack.

João

gdb --args /usr/local/bin/emacs -Q -L ~/Source/Emacs/sly -l sly-autoloads -L ~/Source/Emacs/company-mode -l ~/Source/Emacs/company-mode/company.el -f global-company-mode -f sly
GNU gdb (Debian 8.2-1) 8.2
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/local/bin/emacs...done.
(gdb) r
Starting program: /usr/local/bin/emacs -Q -L /home/capitaomorte/Source/Emacs/sly -l sly-autoloads -L /home/capitaomorte/Source/Emacs/company-mode -l /home/capitaomorte/Source/Emacs/company-mode/company.el -f global-company-mode -f sly
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7fffef46a700 (LWP 21053)]
[New Thread 0x7fffeec14700 (LWP 21054)]
[New Thread 0x7fffee413700 (LWP 21055)]
[Detaching after vfork from child process 21056]
*** longjmp causes uninitialized stack frame ***: /usr/local/bin/emacs terminated

Thread 1 "emacs" received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1  0x00007ffff3db3535 in __GI_abort () at abort.c:79
#2  0x00007ffff3e0a718 in __libc_message (action=<optimized out>, fmt=fmt@entry=0x7ffff3f15088 "*** %s ***: %s terminated\n") at ../sysdeps/posix/libc_fatal.c:181
#3  0x00007ffff3e9bbbd in __GI___fortify_fail_abort (need_backtrace=need_backtrace@entry=true,
    msg=0x7ffff3f1503d <longjmp_msg> "longjmp causes uninitialized stack frame") at fortify_fail.c:28
#4  0x00007ffff3e9bbf1 in __GI___fortify_fail (msg=<optimized out>) at fortify_fail.c:44
#5  0x00007ffff3e9baad in ____longjmp_chk () at ../sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S:105
#6  0x00007ffff3e9ba0b in __longjmp_chk (env=0xc09e98 <main_thread+216>, val=val@entry=1) at ../setjmp/longjmp.c:39
#7  0x00000000004ec067 in quit_throw_to_read_char (from_signal=from_signal@entry=false) at keyboard.c:10548
#8  0x00000000004eda11 in handle_interrupt (in_signal_handler=<optimized out>) at keyboard.c:10523
#9  0x00000000004f202d in kbd_buffer_store_event_hold (hold_quit=0x0, event=0x7fffffffc4d0) at keyboard.h:472
#10 kbd_buffer_store_event (event=0x7fffffffc4d0) at keyboard.c:3439
#11 gobble_input () at keyboard.c:6955
#12 0x00000000004f25d5 in handle_async_input () at keyboard.c:7146
#13 process_pending_signals () at keyboard.c:7160
#14 0x00000000005d9e49 in xg_select (fds_lim=<optimized out>, rfds=rfds@entry=0x7fffffffcce0, wfds=wfds@entry=0x7fffffffcd60, efds=efds@entry=0x0,
    timeout=timeout@entry=0x7fffffffcbf0, sigmask=sigmask@entry=0x0) at xgselect.c:163
#15 0x000000000059ee2d in wait_reading_process_output (time_limit=time_limit@entry=30, nsecs=nsecs@entry=0, read_kbd=read_kbd@entry=-1,
    do_display=do_display@entry=true, wait_for_cell=..., wait_for_cell@entry=..., wait_proc=wait_proc@entry=0x0, just_wait_proc=0) at process.c:5381
#16 0x0000000000420a10 in sit_for (timeout=..., reading=reading@entry=true, display_option=display_option@entry=1) at dispnew.c:5793
#17 0x00000000004f7364 in read_char (commandflag=commandflag@entry=1, map=..., map@entry=..., prev_event=..., used_mouse_menu=used_mouse_menu@entry=0x7fffffffd5cb,
    end_time=end_time@entry=0x0) at keyboard.c:2717
#18 0x00000000004f80ac in read_key_sequence (keybuf=keybuf@entry=0x7fffffffd6d0, prompt=..., prompt@entry=..., dont_downcase_last=dont_downcase_last@entry=false,
    can_return_switch_frame=can_return_switch_frame@entry=true, fix_current_buffer=fix_current_buffer@entry=true, prevent_redisplay=prevent_redisplay@entry=false,
    bufsize=30) at keyboard.c:9147
#19 0x00000000004f9af6 in command_loop_1 () at keyboard.c:1368
#20 0x000000000055e10e in internal_condition_case (bfun=bfun@entry=0x4f98d0 <command_loop_1>, handlers=..., handlers@entry=..., hfun=hfun@entry=0x4f0230 <cmd_error>)
    at eval.c:1332
#21 0x00000000004eb5b4 in command_loop_2 (ignore=..., ignore@entry=...) at keyboard.c:1110
#22 0x000000000055e07d in internal_catch (tag=..., tag@entry=..., func=func@entry=0x4eb590 <command_loop_2>, arg=..., arg@entry=...) at eval.c:1097
#23 0x00000000004eb54b in command_loop () at keyboard.c:1089
#24 0x00000000004efe43 in recursive_edit_1 () at keyboard.c:695
#25 0x00000000004f0166 in Frecursive_edit () at keyboard.c:766
#26 0x0000000000416a9c in main (argc=<optimized out>, argv=0x7fffffffda58) at emacs.c:1713
(gdb) bt full
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
        set = {__val = {0, 0, 0, 0, 0, 140737289216860, 0, 140737289216860, 46552288, 18446744073709551615, 0, 46552288, 140737488339368, 140737330954679, 0,
            46556584}}
        pid = <optimized out>
        tid = <optimized out>
        ret = <optimized out>
#1  0x00007ffff3db3535 in __GI_abort () at abort.c:79
        save_stage = 1
        act = {__sigaction_handler = {sa_handler = 0x7fffffffc1b0, sa_sigaction = 0x7fffffffc1b0}, sa_mask = {__val = {140737331369509, 54273616, 46543248,
              140737488339368, 140737289216860, 0, 140737289216860, 46552288, 18446744073709551615, 0, 46552288, 140737488339784, 140737330954679, 0, 140737488339488,
              140737488339888}}, sa_flags = -15840, sa_restorer = 0x1000}
        sigs = {__val = {32, 0 <repeats 15 times>}}
#2  0x00007ffff3e0a718 in __libc_message (action=<optimized out>, fmt=fmt@entry=0x7ffff3f15088 "*** %s ***: %s terminated\n") at ../sysdeps/posix/libc_fatal.c:181
        ap = {{gp_offset = 32, fp_offset = 32767, overflow_arg_area = 0x7fffffffc3c0, reg_save_area = 0x7fffffffc350}}
        fd = 16
        list = <optimized out>
        nlist = <optimized out>
        cp = <optimized out>
        written = <optimized out>
#3  0x00007ffff3e9bbbd in __GI___fortify_fail_abort (need_backtrace=need_backtrace@entry=true,
    msg=0x7ffff3f1503d <longjmp_msg> "longjmp causes uninitialized stack frame") at fortify_fail.c:28
No locals.
#4  0x00007ffff3e9bbf1 in __GI___fortify_fail (msg=<optimized out>) at fortify_fail.c:44
No locals.
#5  0x00007ffff3e9baad in ____longjmp_chk () at ../sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S:105
No locals.
#6  0x00007ffff3e9ba0b in __longjmp_chk (env=0xc09e98 <main_thread+216>, val=val@entry=1) at ../setjmp/longjmp.c:39
No locals.
#7  0x00000000004ec067 in quit_throw_to_read_char (from_signal=from_signal@entry=false) at keyboard.c:10548
No locals.
#8  0x00000000004eda11 in handle_interrupt (in_signal_handler=<optimized out>) at keyboard.c:10523
        c = <optimized out>
#9  0x00000000004f202d in kbd_buffer_store_event_hold (hold_quit=0x0, event=0x7fffffffc4d0) at keyboard.h:472
No locals.
#10 kbd_buffer_store_event (event=0x7fffffffc4d0) at keyboard.c:3439
No locals.
#11 gobble_input () at keyboard.c:6955
        nr = <optimized out>
        hold_quit = {kind = ASCII_KEYSTROKE_EVENT, part = scroll_bar_nowhere, code = 103, modifiers = 67108864, x = {i = 0}, y = {i = 0}, timestamp = 234566431,
          frame_or_window = {i = 20692101}, arg = {i = 0}}
        next = 0x0
        nread = 1
--Type <RET> for more, q to quit, c to continue without paging--c
        err = <optimized out>
        t = <optimized out>
#12 0x00000000004f25d5 in handle_async_input () at keyboard.c:7146
        nread = <optimized out>
#13 process_pending_signals () at keyboard.c:7160
No locals.
#14 0x00000000005d9e49 in xg_select (fds_lim=<optimized out>, rfds=rfds@entry=0x7fffffffcce0, wfds=wfds@entry=0x7fffffffcd60, efds=efds@entry=0x0, timeout=timeout@entry=0x7fffffffcbf0, sigmask=sigmask@entry=0x0) at xgselect.c:163
        pselect_errno = 11
        all_rfds = {fds_bits = {32, 0 <repeats 15 times>}}
        all_wfds = {fds_bits = {0 <repeats 16 times>}}
        tmo = {tv_sec = 10, tv_nsec = 140737488340024}
        tmop = <optimized out>
        context = 0x2c8bb00
        have_wfds = <optimized out>
        gfds_buf = {{fd = 6, events = 1, revents = 0}, {fd = 30048, events = 0, revents = 0}, {fd = 49296, events = 0, revents = 0}, {fd = 59531525, events = 0, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = 6, events = 0, revents = 0}, {fd = -13856, events = 32767, revents = 0}, {fd = 6, events = 0, revents = 0}, {fd = -13856, events = 32767, revents = 0}, {fd = 6, events = 0, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = 5850777, events = 0, revents = 0}, {fd = -14288, events = 32767, revents = 0}, {fd = -199138468, events = 32767, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = -199138468, events = 32767, revents = 0}, {fd = 46552288, events = 0, revents = 0}, {fd = -1, events = 65535, revents = 65535}, {fd = 46552288, events = 0, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = 46552312, events = 0, revents = 0}, {fd = -157400649, events = 32767, revents = 0}, {fd = 64028770, events = 8906, revents = 52227}, {fd = 46556584, events = 0, revents = 0}, {fd = -1, events = 65535, revents = 65535}, {fd = 1141098441, events = 1, revents = 0}, {fd = -1, events = 65535, revents = 65535}, {fd = 4096, events = 1, revents = 0}, {fd = 46552404, events = 0, revents = 0}, {fd = 4096, events = 0, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = -14416, events = 32767, revents = 0}, {fd = 1, events = 0, revents = 0}, {fd = -14336, events = 32767, revents = 0}, {fd = 80, events = 0, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = 1221919700, events = 54788, revents = 8776}, {fd = -1786630103, events = 55040, revents = 1496}, {fd = -2093397803, events = 144, revents = 56025}, {fd = 1221920518, events = 33314, revents = 145}, {fd = -1306328101, events = 34817, revents = 34049}, {fd = 218235047, events = 34110, revents = 167}, {fd = -892303102, events = 45641, revents = 46593}, {fd = 8857986, events = 0, revents = 0}, {fd = 51868912, events = 0, revents = 0}, {fd = 48, events = 0, revents = 0}, {fd = 612678144, events = 6336, revents = 38703}, {fd = 48, events = 0, revents = 0}, {fd = 612678144, events = 6336, revents = 38703}, {fd = 0, events = 0, revents = 0}, {fd = 46552288, events = 0, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = 46552312, events = 0, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = -13956, events = 32767, revents = 0}, {fd = -13696, events = 32767, revents = 0}, {fd = -157398747, events = 32767, revents = 0}, {fd = 46550768, events = 0, revents = 0}, {fd = 46543248, events = 0, revents = 0}, {fd = 46550768, events = 0, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = -14080, events = 32767, revents = 0}, {fd = -156985874, events = 32767, revents = 0}, {fd = 46543248, events = 0, revents = 0}, {fd = 46543248, events = 0, revents = 0}, {fd = -14088, events = 32767, revents = 0}, {fd = -156985504, events = 32767, revents = 0}, {fd = -1, events = 65535, revents = 8191}, {fd = 0, events = 0, revents = 0}, {fd = -13872, events = 32767, revents = 0}, {fd = 612678144, events = 6336, revents = 38703}, {fd = 0, events = 0, revents = 0}, {fd = 1, events = 0, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = 5527825, events = 0, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = -13792, events = 32767, revents = 0}, {fd = -1, events = 65535, revents = 8191}, {fd = 3, events = 0, revents = 0}, {fd = -13792, events = 32767, revents = 0}, {fd = 5660967, events = 0, revents = 0}, {fd = -13952, events = 32767, revents = 0}, {fd = 50263384, events = 0, revents = 0}, {fd = 50263544, events = 0, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = -13872, events = 32767, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = 37, events = 0, revents = 0}, {fd = 60345027, events = 0, revents = 0}, {fd = -13824, events = 32767, revents = 0}, {fd = -134398938, events = 32767, revents = 0}, {fd = -13632, events = 32767, revents = 0}, {fd = -13768, events = 1, revents = 0}, {fd = 1, events = 0, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = -13792, events = 32767, revents = 0}, {fd = 60344963, events = 0, revents = 0}, {fd = 51088672, events = 0, revents = 0}, {fd = 60344963, events = 0, revents = 0}, {fd = -13632, events = 32767, revents = 0}, {fd = 5167845, events = 0, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = 0, events = 41248, revents = 7}, {fd = 0, events = 0, revents = 0}, {fd = 5167820, events = 0, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = 0, events = 41248, revents = 7}, {fd = 0, events = 0, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = 12123816, events = 0, revents = 0}, {fd = 5181078, events = 0, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = 60344915, events = 0, revents = 0}, {fd = -13632, events = 32767, revents = 0}, {fd = 60344912, events = 0, revents = 0}, {fd = 52451429, events = 0, revents = 0}, {fd = 146025568, events = 0, revents = 0}, {fd = 1549711958, events = 0, revents = 0}, {fd = 419252587, events = 0, revents = 0}, {fd = -13648, events = 32767, revents = 0}, {fd = 1549711962, events = 0, revents = 0}, {fd = 656260140, events = 0, revents = 0}, {fd = 0, events = 0, revents = 0}, {fd = 500000000, events = 0, revents = 0}}
        gfds = <optimized out>
        gfds_size = <optimized out>
        n_gfds = <optimized out>
        retval = <optimized out>
        our_fds = <optimized out>
        max_fds = <optimized out>
        context_acquired = true
        i = <optimized out>
        nfds = 1
        tmo_in_millisec = -1
        must_free = <optimized out>
        need_to_dispatch = true
#15 0x000000000059ee2d in wait_reading_process_output (time_limit=time_limit@entry=30, nsecs=nsecs@entry=0, read_kbd=read_kbd@entry=-1, do_display=do_display@entry=true, wait_for_cell=..., wait_for_cell@entry=..., wait_proc=wait_proc@entry=0x0, just_wait_proc=0) at process.c:5381
        process_skipped = <optimized out>
        channel = <optimized out>
        nfds = <optimized out>
        Available = {fds_bits = {32, 0 <repeats 15 times>}}
        Writeok = {fds_bits = {0 <repeats 16 times>}}
        check_write = true
        check_delay = 1
        no_avail = false
        xerrno = 11
        proc = <optimized out>
        timeout = {tv_sec = 0, tv_nsec = 0}
        end_time = {tv_sec = 1549711988, tv_nsec = 273248462}
        timer_delay = <optimized out>
        got_output_end_time = {tv_sec = 1549711988, tv_nsec = 273248462}
        wait = TIMEOUT
        got_some_output = -1
        retry_for_async = <optimized out>
        count = <optimized out>
        now = <optimized out>
#16 0x0000000000420a10 in sit_for (timeout=..., reading=reading@entry=true, display_option=display_option@entry=1) at dispnew.c:5793
        sec = 30
        nsec = 0
        do_display = true
#17 0x00000000004f7364 in read_char (commandflag=commandflag@entry=1, map=..., map@entry=..., prev_event=..., used_mouse_menu=used_mouse_menu@entry=0x7fffffffd5cb, end_time=end_time@entry=0x0) at keyboard.c:2717
        tem0 = <optimized out>
        timeout = <optimized out>
        delay_level = <optimized out>
        buffer_size = <optimized out>
        c = <optimized out>
        jmpcount = 3
        local_getcjmp = {{__jmpbuf = {12467136, 142997390669071825, 12037472, 59531520, 140737488344776, 0, -142992387451304495, 142991828090045905}, __mask_was_saved = 0, __saved_mask = {__val = {1, 639, 140737488343744, 46790521, 5640065, 140737488343920, 53427059, 140737488344032, 53143552, 140737488344016, 53126771, 40178224, 53129219, 53143552, 5639024, 50263384}}}}
        save_jump = {{__jmpbuf = {0, 0, 0, 0, 0, 0, 0, 0}, __mask_was_saved = 0, __saved_mask = {__val = {0 <repeats 16 times>}}}}
        tem = {i = 140737488344776}
        save = <optimized out>
        previous_echo_area_message = {i = 0}
        also_record = {i = 0}
        reread = false
        recorded = false
        polling_stopped_here = false
        orig_kboard = 0x2c7bc40
#18 0x00000000004f80ac in read_key_sequence (keybuf=keybuf@entry=0x7fffffffd6d0, prompt=..., prompt@entry=..., dont_downcase_last=dont_downcase_last@entry=false, can_return_switch_frame=can_return_switch_frame@entry=true, fix_current_buffer=fix_current_buffer@entry=true, prevent_redisplay=prevent_redisplay@entry=false, bufsize=30) at keyboard.c:9147
        interrupted_kboard = 0x2c7bc40
        interrupted_frame = 0x13bbc80 <bss_sbrk_buffer+8068256>
        key = <optimized out>
        used_mouse_menu = false
        echo_local_start = 0
        last_real_key_start = 0
        keys_local_start = 0
        new_binding = <optimized out>
        count = <optimized out>
        t = 0
        echo_start = 0
        keys_start = 0
        current_binding = {i = 60152867}
        first_event = {i = 0}
        first_unbound = 31
        mock_input = 0
        fkey = {parent = {i = 17252003}, map = {i = 17252003}, start = 0, end = 0}
        keytran = {parent = {i = 13068947}, map = {i = 13068947}, start = 0, end = 0}
        indec = {parent = {i = 17252019}, map = {i = 17252019}, start = 0, end = 0}
        shift_translated = false
        delayed_switch_frame = {i = 0}
        original_uppercase = {i = 0}
        original_uppercase_position = -1
        dummyflag = false
        starting_buffer = <optimized out>
        fake_prefixed_keys = {i = 0}
#19 0x00000000004f9af6 in command_loop_1 () at keyboard.c:1368
        cmd = {i = 120}
        keybuf = {{i = 53376}, {i = 140737488344736}, {i = 280}, {i = 10427248}, {i = 9873088}, {i = 12477088}, {i = -255}, {i = 4}, {i = 140737488345040}, {i = 5639591}, {i = -816}, {i = 4}, {i = 223338299410}, {i = 0}, {i = 0}, {i = 511101108315}, {i = 0}, {i = 0}, {i = 0}, {i = 120}, {i = 140737488344992}, {i = 0}, {i = 13375491}, {i = -1}, {i = 0}, {i = 5630425}, {i = 5}, {i = 31200}, {i = 0}, {i = 13079557}}
        i = <optimized out>
        prev_modiff = 36
        prev_buffer = 0x38c6100
#20 0x000000000055e10e in internal_condition_case (bfun=bfun@entry=0x4f98d0 <command_loop_1>, handlers=..., handlers@entry=..., hfun=hfun@entry=0x4f0230 <cmd_error>) at eval.c:1332
        val = {i = 0}
        c = 0x2c5d8f0
#21 0x00000000004eb5b4 in command_loop_2 (ignore=..., ignore@entry=...) at keyboard.c:1110
        val = <optimized out>
#22 0x000000000055e07d in internal_catch (tag=..., tag@entry=..., func=func@entry=0x4eb590 <command_loop_2>, arg=..., arg@entry=...) at eval.c:1097
        val = {i = 0}
        c = 0x2c5d7d0
#23 0x00000000004eb54b in command_loop () at keyboard.c:1089
No locals.
#24 0x00000000004efe43 in recursive_edit_1 () at keyboard.c:695
        count = <optimized out>
        val = <optimized out>
#25 0x00000000004f0166 in Frecursive_edit () at keyboard.c:766
        count = <optimized out>
        buffer = <optimized out>
#26 0x0000000000416a9c in main (argc=<optimized out>, argv=0x7fffffffda58) at emacs.c:1713
        stack_bottom_variable = 0xd49656e69
        do_initial_setlocale = <optimized out>
        dumping = <optimized out>
        skip_args = 0
        no_loadup = false
        junk = 0x0
        dname_arg = 0x0
        ch_to_dir = 0x0
        original_pwd = <optimized out>
        disable_aslr = <optimized out>
        rlim = {rlim_cur = 10022912, rlim_max = 18446744073709551615}
        sockfd = -1
(gdb)




Reply | Threaded
Open this post in threaded view
|

bug#34394: 27.0.50; Emacs segfaults with SLY, company and C-g

Eli Zaretskii
In reply to this post by João Távora
> From: João Távora <[hidden email]>
> Cc: [hidden email],  [hidden email]
> Date: Sat, 09 Feb 2019 11:31:36 +0000
>
> > I meant to ask that you examine the value in GDB.  Sorry if I didn't
> > make that clear enough.
>
> Oh, silly, sorry.  But I still can't answer, because it can't find that
> symbol in context.
>
> I tried just 'p Vquit_flag'

Type "up" until you get into a call-stack frame in our sources, which
should be this:

  #7  0x00005555556b22d4 in quit_throw_to_read_char (from_signal=from_signal@entry=false) at keyboard.c:10486

Then just "p Vquit_flag" should do.  Yes, it is a global.



Reply | Threaded
Open this post in threaded view
|

bug#34394: 27.0.50; Emacs segfaults with SLY, company and C-g

Eli Zaretskii
> Date: Sat, 09 Feb 2019 14:11:36 +0200
> From: Eli Zaretskii <[hidden email]>
> Cc: [hidden email], [hidden email]
>
> Then just "p Vquit_flag" should do.  Yes, it is a global.

More accurately, it's a macro that expands to a global.  If just
typing "p Vquit_flag" doesn't work, try "p globals.f_Vquit_flag".



Reply | Threaded
Open this post in threaded view
|

bug#34394: 27.0.50; Emacs segfaults with SLY, company and C-g

João Távora
Eli Zaretskii <[hidden email]> writes:

>> Date: Sat, 09 Feb 2019 14:11:36 +0200
>> From: Eli Zaretskii <[hidden email]>
>> Cc: [hidden email], [hidden email]
>>
>> Type "up" until you get into a call-stack frame in our sources, which
>> should be this:
>> Then just "p Vquit_flag" should do.  Yes, it is a global.
>
> More accurately, it's a macro that expands to a global.  If just
> typing "p Vquit_flag" doesn't work, try "p globals.f_Vquit_flag".

Oh right.  That was needed ('up' isn't needed and I was already in frame
8 anyway).

Anyway it's XIL(0xc750)

    (gdb) p globals.f_Vquit_flag
    $1 = XIL(0xc750)

Backtrace attached.

João


gdb --args ./emacs -Q -L ~/Source/Emacs/sly -l sly-autoloads -L ~/Source/Emacs/company-mode -l ~/Source/Emacs/company-mode/company.el -f global-company-mode -f sly
GNU gdb (Debian 8.2-1) 8.2
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ./emacs...done.
SIGINT is used by the debugger.
Are you sure you want to change it? (y or n) [answered Y; input not from terminal]
DISPLAY = :0
TERM = xterm
Breakpoint 1 at 0x15015c: file emacs.c, line 370.
Temporary breakpoint 2 at 0x172efd: file lisp.h, line 1056.
(gdb) r
Starting program: /home/capitaomorte/Source/Emacs/emacs-master/src/emacs -Q -L /home/capitaomorte/Source/Emacs/sly -l sly-autoloads -L /home/capitaomorte/Source/Emacs/company-mode -l /home/capitaomorte/Source/Emacs/company-mode/company.el -f global-company-mode -f sly
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Detaching after vfork from child process 16838]
[Detaching after vfork from child process 16846]
[Detaching after vfork from child process 16847]
*** longjmp causes uninitialized stack frame ***: /home/capitaomorte/Source/Emacs/emacs-master/src/emacs terminated

Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) where
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1  0x00007ffff4f6d535 in __GI_abort () at abort.c:79
#2  0x00007ffff4fc4718 in __libc_message (action=<optimized out>, fmt=fmt@entry=0x7ffff50cf088 "*** %s ***: %s terminated\n") at ../sysdeps/posix/libc_fatal.c:181
#3  0x00007ffff5055bbd in __GI___fortify_fail_abort (need_backtrace=need_backtrace@entry=true,
    msg=0x7ffff50cf03d <longjmp_msg> "longjmp causes uninitialized stack frame") at fortify_fail.c:28
#4  0x00007ffff5055bf1 in __GI___fortify_fail (msg=<optimized out>) at fortify_fail.c:44
#5  0x00007ffff5055aad in ____longjmp_chk () at ../sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S:105
#6  0x00007ffff5055a0b in __longjmp_chk (env=0x555555d01238 <main_thread+216>, val=val@entry=1) at ../setjmp/longjmp.c:39
#7  0x00005555556b22d4 in quit_throw_to_read_char (from_signal=from_signal@entry=false) at keyboard.c:10486
#8  0x00005555556ba3cd in set_waiting_for_input (time_to_clear=time_to_clear@entry=0x7fffffffd130) at keyboard.c:10253
#9  0x000055555579007c in wait_reading_process_output (time_limit=time_limit@entry=30, nsecs=nsecs@entry=0, read_kbd=-1, do_display=do_display@entry=true,
    wait_for_cell=..., wait_proc=wait_proc@entry=0x0, just_wait_proc=0) at process.c:5212
#10 0x00005555555983ac in sit_for (timeout=..., timeout@entry=make_number(30), reading=reading@entry=true, display_option=display_option@entry=1) at lisp.h:1056
#11 0x00005555556b6209 in read_char (commandflag=1, map=..., map@entry=XIL(0x555556b12603), prev_event=XIL(0), used_mouse_menu=used_mouse_menu@entry=0x7fffffffd5cb,
    end_time=end_time@entry=0x0) at lisp.h:751
#12 0x00005555556b74f5 in read_key_sequence (keybuf=keybuf@entry=0x7fffffffd690, prompt=XIL(0x555555d68c90), dont_downcase_last=dont_downcase_last@entry=false,
    can_return_switch_frame=can_return_switch_frame@entry=true, fix_current_buffer=fix_current_buffer@entry=true, prevent_redisplay=prevent_redisplay@entry=false)
    at keyboard.c:9082
#13 0x00005555556b8bc1 in command_loop_1 () at lisp.h:1056
#14 0x0000555555741a96 in internal_condition_case (bfun=bfun@entry=0x5555556b8943 <command_loop_1>, handlers=..., handlers@entry=XIL(0x55b0),
    hfun=hfun@entry=0x5555556acf6d <cmd_error>) at eval.c:1376
#15 0x00005555556a9494 in command_loop_2 (ignore=..., ignore@entry=XIL(0)) at lisp.h:1056
#16 0x00005555557419da in internal_catch (tag=..., func=func@entry=0x5555556a9478 <command_loop_2>, arg=..., arg@entry=XIL(0)) at eval.c:1139
#17 0x00005555556a6786 in command_loop () at lisp.h:1056
#18 0x00005555556ac728 in recursive_edit_1 () at keyboard.c:714
#19 0x00005555556accf0 in Frecursive_edit () at keyboard.c:785
#20 0x00005555556a5154 in main (argc=14, argv=<optimized out>) at emacs.c:1949
(gdb) frame 7
#7  0x00005555556b22d4 in quit_throw_to_read_char (from_signal=from_signal@entry=false) at keyboard.c:10486
10486  sys_longjmp (getcjmp, 1);
(gdb) p Vquit_flag
No symbol "Vquit_flag" in current context.
(gdb) p glob
glob                   glob64-lstat-compat.c  glob@GLIBC_2.2.5       glob_pattern_p         globalNamespace        globals                globfree64.c
glob-lstat-compat.c    glob64.c               [hidden email]           glob_pattern_p.c       global_code            globals.h              [hidden email]
glob.c                 glob64@@GLIBC_2.27     glob@plt               glob_t                 global_lock            globfree               globfree@plt
glob.h                 glob64@GLIBC_2.2.5     glob_in_dir            global                 global_map             globfree.c            
glob64                 glob@@GLIBC_2.27       glob_internal.h        global-locale.c        global_max_fast        globfree64            
(gdb) p global
global           global-locale.c  globalNamespace  global_code      global_lock      global_map       global_max_fast  globals          globals.h
(gdb) p globals.f_Vquit_flag
$1 = XIL(0xc750)
(gdb) p *globals.f_Vquit_flag
Structure has no component named operator*.
(gdb)




Reply | Threaded
Open this post in threaded view
|

bug#34394: 27.0.50; Emacs segfaults with SLY, company and C-g

Eli Zaretskii
> From: João Távora <[hidden email]>
> Cc: [hidden email],  [hidden email]
> Date: Sat, 09 Feb 2019 12:56:15 +0000
>
>     (gdb) p globals.f_Vquit_flag
>     $1 = XIL(0xc750)

To show its Lisp value, use this:

 (gdb) p globals.f_Vquit_flag
 $1 = XIL(0xc750)
 (gdb) xsymbol

If "xsymbol" doesn't work, you need to "source .gdbinit" first.  This
command is defined in src/.gdbinit which comes with Emacs.



Reply | Threaded
Open this post in threaded view
|

bug#34394: 27.0.50; Emacs segfaults with SLY, company and C-g

João Távora
Eli Zaretskii <[hidden email]> writes:

>> From: João Távora <[hidden email]>
>> Cc: [hidden email],  [hidden email]
>> Date: Sat, 09 Feb 2019 12:56:15 +0000
>>
>>     (gdb) p globals.f_Vquit_flag
>>     $1 = XIL(0xc750)
>
> To show its Lisp value, use this:
>
>  (gdb) p globals.f_Vquit_flag
>  $1 = XIL(0xc750)
>  (gdb) xsymbol
>
> If "xsymbol" doesn't work, you need to "source .gdbinit" first.  This
> command is defined in src/.gdbinit which comes with Emacs.

Finally, it's "t"!

   (gdb) p globals.f_Vquit_flag
   $3 = XIL(0xc750)
   (gdb) xsymbol
   $4 = (struct Lisp_Symbol *) 0x555555ce94d0 <lispsym+51024>
   "t"
 
(.gdbinit is sourced, tho gdb doesn't say it is doing it, otherwise I
wouldn't see the "XIL" I think))

Thanks,
João






Reply | Threaded
Open this post in threaded view
|

bug#34394: 27.0.50; Emacs segfaults with SLY, company and C-g

Eli Zaretskii
> From: João Távora <[hidden email]>
> Cc: [hidden email],  [hidden email]
> Date: Sat, 09 Feb 2019 13:23:06 +0000
>
>    (gdb) p globals.f_Vquit_flag
>    $3 = XIL(0xc750)
>    (gdb) xsymbol
>    $4 = (struct Lisp_Symbol *) 0x555555ce94d0 <lispsym+51024>
>    "t"

Thanks.  So my theory eats dust.  Hmm...  I wonder if you could come
up with a simpler reproducer, perhaps in "emacs -nw" (which many times
tends to make such problems more prominent and simpler to reproduce)?
Removing the need for having SLY or eglot would be a major
simplification.  Then investigating this could be easier.



Reply | Threaded
Open this post in threaded view
|

bug#34394: 27.0.50; Emacs segfaults with SLY, company and C-g

João Távora
Eli Zaretskii <[hidden email]> writes:

>> From: João Távora <[hidden email]>
>> Cc: [hidden email],  [hidden email]
>> Date: Sat, 09 Feb 2019 13:23:06 +0000
>>
>>    (gdb) p globals.f_Vquit_flag
>>    $3 = XIL(0xc750)
>>    (gdb) xsymbol
>>    $4 = (struct Lisp_Symbol *) 0x555555ce94d0 <lispsym+51024>
>>    "t"
>
> Thanks.  So my theory eats dust.  Hmm...  I wonder if you could come
> up with a simpler reproducer, perhaps in "emacs -nw" (which many times
> tends to make such problems more prominent and simpler to reproduce)?

OK with emacs -nw, and attaching a gdb to the PID I got a new, slightly
different, backtrace, attached.  It now breaks on a SIGINT.

> Removing the need for having SLY or eglot would be a major
> simplification.  Then investigating this could be easier.

Yeah, I understand that.  What do you suggest, though?  I would start by
writing a completion-at-point-function that uses a dummy process?
That's a bit non-trivial, though not impossible, since all the filter,
sentinel and such have to be coded.

But is it so you can reproduce it yourself, or some other reason I'm not
seeing?  I understand it's not the best scenario, but if it's the former
maybe if you could clone SLY to a temp dir, install some common lisp
binary, and run the Emacs -Q recipe I gave you.  It should be all there
is to it (SLY doesn't have any dependencies).

João


GNU gdb (Debian 8.2-1) 8.2
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word".
Attaching to process 17884
Reading symbols from /home/capitaomorte/Source/Emacs/emacs-master/src/emacs...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libtiff.so.5...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libjpeg.so.62...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libpng16.so.16...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libz.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libgif.so.7...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libXpm.so.4...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libXaw3d.so.6...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libXmu.so.6...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libXt.so.6...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libSM.so.6...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libICE.so.6...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libXext.so.6...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libX11.so.6...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libX11-xcb.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libxcb.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libXft.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libXrender.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libasound.so.2...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libacl.so.1...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/librt.so.1...Reading symbols from /usr/lib/debug/.build-id/81/1738e7cdddf3c567eee506d0b0f1afd32dd1f3.debug...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libdbus-1.so.3...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libXrandr.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libXinerama.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libXfixes.so.3...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libxml2.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libgpm.so.2...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libtinfo.so.6...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libselinux.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libfreetype.so.6...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libfontconfig.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libotf.so.0...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libm17n-core.so.0...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libm17n-flt.so.0...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libgnutls.so.30...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libpthread.so.0...Reading symbols from /usr/lib/debug/.build-id/5c/79aff4fcf06f7d4cc89a873eade791d8703e69.debug...done.
done.
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Reading symbols from /lib/x86_64-linux-gnu/libanl.so.1...Reading symbols from /usr/lib/debug/.build-id/10/bc1d2eb5e97e0bf190e78fd7eb103e56fd138d.debug...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libm.so.6...Reading symbols from /usr/lib/debug/.build-id/86/be4b7815704459f8a32170db4266066980289f.debug...done.
done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libjansson.so.4...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libgmp.so.10...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libc.so.6...Reading symbols from /usr/lib/debug/.build-id/cd/ae5bb84a51c364471bdd287dbe9df7d1d235f3.debug...done.
done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libwebp.so.6...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libzstd.so.1...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/liblzma.so.5...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libjbig.so.0...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libuuid.so.1...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libbsd.so.0...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libdl.so.2...Reading symbols from /usr/lib/debug/.build-id/60/1c7068f7cbc26814db9cbca61b1a2c00f5d66d.debug...done.
done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libXau.so.6...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libXdmcp.so.6...(no debugging symbols found)...done.
Reading symbols from /lib64/ld-linux-x86-64.so.2...Reading symbols from /usr/lib/debug/.build-id/dd/8026f43793facd0aa3924fb2dd6b0033b7b431.debug...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libattr.so.1...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libsystemd.so.0...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libicui18n.so.63...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libicuuc.so.63...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libicudata.so.63...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libpcre.so.3...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libexpat.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libthai.so.0...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libp11-kit.so.0...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libidn2.so.0...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libunistring.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libtasn1.so.6...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libnettle.so.6...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libhogweed.so.4...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/liblz4.so.1...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libgcrypt.so.20...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libstdc++.so.6...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libgcc_s.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libdatrie.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libffi.so.6...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libgpg-error.so.0...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libnss_compat.so.2...Reading symbols from /usr/lib/debug/.build-id/22/94e0e2af04add8c94075b2c494d8f57b9433db.debug...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libnss_nis.so.2...Reading symbols from /usr/lib/debug/.build-id/d3/466c58db77ce25f8d85fdae8152a5541db9e7b.debug...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libnsl.so.1...Reading symbols from /usr/lib/debug/.build-id/94/9b956c0cdc60d9daefe8ca34109a9fa36b0264.debug...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libnss_files.so.2...Reading symbols from /usr/lib/debug/.build-id/3b/95d55a98806895440ba6f0954ea69efe79df6f.debug...done.
done.
0x00007fe6186084a9 in __pselect (nfds=10, readfds=0x7ffef36a68f0, writefds=0x7ffef36a6870, exceptfds=0x0, timeout=<optimized out>, sigmask=0x0) at ../sysdeps/unix/sysv/linux/pselect.c:69
69 ../sysdeps/unix/sysv/linux/pselect.c: No such file or directory.
(gdb) c
Continuing.

Program received signal SIGINT, Interrupt.
0x00007fe6186084a9 in __pselect (nfds=10, readfds=0x7ffef36a68f0, writefds=0x7ffef36a6870, exceptfds=0x0, timeout=<optimized out>, sigmask=0x0) at ../sysdeps/unix/sysv/linux/pselect.c:69
69 in ../sysdeps/unix/sysv/linux/pselect.c
(gdb) where
#0  0x00007fe6186084a9 in __pselect (nfds=10, readfds=0x7ffef36a68f0, writefds=0x7ffef36a6870, exceptfds=0x0, timeout=<optimized out>, sigmask=0x0) at ../sysdeps/unix/sysv/linux/pselect.c:69
#1  0x00005597df5afc44 in really_call_select (arg=arg@entry=0x7ffef36a6660) at thread.c:580
#2  0x00005597df50b8b7 in flush_stack_call_func (func=func@entry=0x5597df5afbf5 <really_call_select>, arg=arg@entry=0x7ffef36a6660) at alloc.c:5229
#3  0x00005597df5b0fc8 in thread_select (func=<optimized out>, max_fds=<optimized out>, rfds=rfds@entry=0x7ffef36a68f0, wfds=<optimized out>, efds=efds@entry=0x0, timeout=timeout@entry=0x7ffef36a6850, sigmask=0x0) at thread.c:610
#4  0x00005597df586392 in wait_reading_process_output (time_limit=time_limit@entry=30, nsecs=nsecs@entry=0, read_kbd=-1, do_display=do_display@entry=true, wait_for_cell=..., wait_proc=wait_proc@entry=0x0, just_wait_proc=0) at process.c:5420
#5  0x00005597df38e3ac in sit_for (timeout=..., timeout@entry=..., reading=reading@entry=true, display_option=display_option@entry=1) at lisp.h:1056
#6  0x00005597df4ac209 in read_char (commandflag=1, map=..., map@entry=..., prev_event=..., used_mouse_menu=used_mouse_menu@entry=0x7ffef36a6ceb, end_time=end_time@entry=0x0) at lisp.h:751
#7  0x00005597df4ad4f5 in read_key_sequence (keybuf=keybuf@entry=0x7ffef36a6db0, prompt=..., dont_downcase_last=dont_downcase_last@entry=false, can_return_switch_frame=can_return_switch_frame@entry=true, fix_current_buffer=fix_current_buffer@entry=true, prevent_redisplay=prevent_redisplay@entry=false) at keyboard.c:9082
#8  0x00005597df4aebc1 in command_loop_1 () at lisp.h:1056
#9  0x00005597df537a96 in internal_condition_case (bfun=bfun@entry=0x5597df4ae943 <command_loop_1>, handlers=..., handlers@entry=..., hfun=hfun@entry=0x5597df4a2f6d <cmd_error>) at eval.c:1376
#10 0x00005597df49f494 in command_loop_2 (ignore=..., ignore@entry=...) at lisp.h:1056
#11 0x00005597df5379da in internal_catch (tag=..., func=func@entry=0x5597df49f478 <command_loop_2>, arg=..., arg@entry=...) at eval.c:1139
#12 0x00005597df49c786 in command_loop () at lisp.h:1056
#13 0x00005597df4a2728 in recursive_edit_1 () at keyboard.c:714
#14 0x00005597df4a2cf0 in Frecursive_edit () at keyboard.c:785
#15 0x00005597df49b154 in main (argc=15, argv=<optimized out>) at emacs.c:1949
(gdb) bt full
#0  0x00007fe6186084a9 in __pselect (nfds=10, readfds=0x7ffef36a68f0, writefds=0x7ffef36a6870, exceptfds=0x0, timeout=<optimized out>, sigmask=0x0) at ../sysdeps/unix/sysv/linux/pselect.c:69
        resultvar = 18446744073709551102
        sc_ret = <optimized out>
        tval = {tv_sec = 0, tv_nsec = 332490737}
        data = {ss = 0, ss_len = 8}
        result = <optimized out>
#1  0x00005597df5afc44 in really_call_select (arg=arg@entry=0x7ffef36a6660) at thread.c:580
        sa = 0x7ffef36a6660
        self = 0x5597dfaf7160 <main_thread>
        oldset = {__val = {0, 0, 140732982257232, 94110801452240, 94110806102771, 94110775600272, 2000000000002, 4000000000002, 140732982257232, 94110774592060, 1549720307, 94110806102803, 94110801452245, 94110774592778, 140728898420739, 0}}
#2  0x00005597df50b8b7 in flush_stack_call_func (func=func@entry=0x5597df5afbf5 <really_call_select>, arg=arg@entry=0x7ffef36a6660) at alloc.c:5229
        end = 0x7ffef36a6650
        self = 0x5597dfaf7160 <main_thread>
        sentry = <optimized out>
#3  0x00005597df5b0fc8 in thread_select (func=<optimized out>, max_fds=<optimized out>, rfds=rfds@entry=0x7ffef36a68f0, wfds=<optimized out>, efds=efds@entry=0x0, timeout=timeout@entry=0x7ffef36a6850, sigmask=0x0) at thread.c:610
        sa = {func = 0x7fe618608450 <__pselect>, max_fds = 10, rfds = 0x7ffef36a68f0, wfds = 0x7ffef36a6870, efds = 0x0, timeout = 0x7ffef36a6850, sigmask = 0x0, result = 0}
#4  0x00005597df586392 in wait_reading_process_output (time_limit=time_limit@entry=30, nsecs=nsecs@entry=0, read_kbd=-1, do_display=do_display@entry=true, wait_for_cell=..., wait_proc=wait_proc@entry=0x0, just_wait_proc=0) at process.c:5420
        process_skipped = false
        channel = <optimized out>
        nfds = <optimized out>
        Available = {fds_bits = {952, 0 <repeats 15 times>}}
        Writeok = {fds_bits = {0 <repeats 16 times>}}
        check_write = true
        check_delay = 1
        no_avail = false
        xerrno = 4
        proc = {i = 0x5597e0b849b5}
        timeout = {tv_sec = 0, tv_nsec = 377736428}
        end_time = <optimized out>
        timer_delay = <optimized out>
        got_output_end_time = <optimized out>
        wait = TIMEOUT
        got_some_output = -1
        prev_wait_proc_nbytes_read = 0
        retry_for_async = false
        count = 3
        now = <optimized out>
#5  0x00005597df38e3ac in sit_for (timeout=..., timeout@entry=..., reading=reading@entry=true, display_option=display_option@entry=1) at lisp.h:1056
        sec = 30
        nsec = 0
        do_display = true
#6  0x00005597df4ac209 in read_char (commandflag=1, map=..., map@entry=..., prev_event=..., used_mouse_menu=used_mouse_menu@entry=0x7ffef36a6ceb, end_time=end_time@entry=0x0) at lisp.h:751
        tem0 = <optimized out>
        timeout = 30
        delay_level = <optimized out>
        buffer_size = <optimized out>
        c = {i = 0x0}
        jmpcount = 3
        local_getcjmp = {{__jmpbuf = {0, 8102213443394061389, 94110800974880, 94110793737392, 140732982259120, 0, 2639951848513324109, 8102158771423396941}, __mask_was_saved = 0, __saved_mask = {__val = {94110799899491, 0, 94110774540917, 3, 0, 4294967295, 3, 94110794482368, 94110774686145, 0, 0, 0, 17884160, 0, 94110774540917, 8194}}}}
        save_jump = {{__jmpbuf = {0, 0, 0, 0, 0, 0, 0, 0}, __mask_was_saved = 0, __saved_mask = {__val = {0 <repeats 16 times>}}}}
        tem = <optimized out>
        save = <optimized out>
        previous_echo_area_message = {i = 0x0}
        also_record = {i = 0x0}
        reread = false
        recorded = false
        polling_stopped_here = false
        orig_kboard = 0x5597e06fe160
#7  0x00005597df4ad4f5 in read_key_sequence (keybuf=keybuf@entry=0x7ffef36a6db0, prompt=..., dont_downcase_last=dont_downcase_last@entry=false, can_return_switch_frame=can_return_switch_frame@entry=true, fix_current_buffer=fix_current_buffer@entry=true, prevent_redisplay=prevent_redisplay@entry=false) at keyboard.c:9082
        interrupted_kboard = 0x5597e06fe160
        interrupted_frame = 0x5597e06e24b0
        key = {i = 0x5597e0dc9420}
        used_mouse_menu = false
        echo_local_start = 0
        last_real_key_start = 0
        keys_local_start = <optimized out>
        new_binding = <optimized out>
        count = 3
        t = 0
        echo_start = 0
        keys_start = 0
        current_binding = <optimized out>
        first_unbound = 31
        mock_input = 0
        used_mouse_menu_history = {false <repeats 30 times>}
        fkey = {parent = {i = 0x5597e06de553}, map = {i = 0x5597e06de553}, start = 0, end = 0}
        keytran = {parent = {i = 0x7fe6146095cb}, map = {i = 0x7fe6146095cb}, start = 0, end = 0}
        indec = {parent = {i = 0x5597e06de543}, map = {i = 0x5597e06de543}, start = 0, end = 0}
        shift_translated = false
        delayed_switch_frame = <optimized out>
        original_uppercase = <optimized out>
        original_uppercase_position = -1
        dummyflag = false
        starting_buffer = 0x5597e0dc9420
        fake_prefixed_keys = <optimized out>
        first_event = <optimized out>
        second_event = <optimized out>
#8  0x00005597df4aebc1 in command_loop_1 () at lisp.h:1056
        cmd = <optimized out>
        keybuf = {{i = 0x50a0}, {i = 0x13e}, {i = 0x10a}, {i = 0x3}, {i = 0x3}, {i = 0x5597df538c17 <Ffuncall+684>}, {i = 0x0}, {i = 0x5597e128f203}, {i = 0x7ffef36a6e70}, {i = 0x2a4e34a6d918}, {i = 0x1}, {i = 0x0}, {i = 0x0}, {i = 0x5597df53cfae <call3+36>}, {i = 0x2a4e34a6d918}, {i = 0x5597e128f203}, {i = 0x7fe6140a1f74}, {i = 0x0}, {i = 0x7ffef36a6e70}, {i = 0x5597df4a2f45 <cmd_error_internal+495>}, {i = 0x0}, {i = 0x5597e128f203}, {i = 0x0}, {i = 0x5597df4a32bb <cmd_error+846>}, {i = 0x0}, {i = 0x1}, {i = 0x3}, {i = 0x5597df53782b <push_handler_nosignal+323>}, {i = 0x7fe61460c60b}, {i = 0x5597e07102e0}}
        i = <optimized out>
        prev_modiff = 44
        prev_buffer = 0x5597e0dc9420
#9  0x00005597df537a96 in internal_condition_case (bfun=bfun@entry=0x5597df4ae943 <command_loop_1>, handlers=..., handlers@entry=..., hfun=hfun@entry=0x5597df4a2f6d <cmd_error>) at eval.c:1376
        val = {i = 0xfffffffffffffdfe}
        c = 0x5597e07102e0
#10 0x00005597df49f494 in command_loop_2 (ignore=..., ignore@entry=...) at lisp.h:1056
        val = <optimized out>
#11 0x00005597df5379da in internal_catch (tag=..., func=func@entry=0x5597df49f478 <command_loop_2>, arg=..., arg@entry=...) at eval.c:1139
        val = {i = 0xfffffffffffffdfe}
        c = 0x5597e06fe230
#12 0x00005597df49c786 in command_loop () at lisp.h:1056
No locals.
#13 0x00005597df4a2728 in recursive_edit_1 () at keyboard.c:714
        count = 1
        val = <optimized out>
#14 0x00005597df4a2cf0 in Frecursive_edit () at keyboard.c:785
        count = 0
        buffer = <optimized out>
#15 0x00005597df49b154 in main (argc=15, argv=<optimized out>) at emacs.c:1949
        stack_bottom_variable = 0x5597df5ef155 <__libc_csu_init+69>
        do_initial_setlocale = <optimized out>
        no_loadup = false
        junk = 0x0
        dname_arg = 0x0
        ch_to_dir = 0x0
        original_pwd = 0x0
        dump_mode = <optimized out>
        skip_args = 1
        temacs = 0x0
        rlim = {rlim_cur = 10022912, rlim_max = 18446744073709551615}
(gdb)



Reply | Threaded
Open this post in threaded view
|

bug#34394: 27.0.50; Emacs segfaults with SLY, company and C-g

João Távora
João Távora <[hidden email]> writes:

> Eli Zaretskii <[hidden email]> writes:
>
>>> From: João Távora <[hidden email]>
>>> Cc: [hidden email],  [hidden email]
>>> Date: Sat, 09 Feb 2019 13:23:06 +0000
>>>
>>>    (gdb) p globals.f_Vquit_flag
>>>    $3 = XIL(0xc750)
>>>    (gdb) xsymbol
>>>    $4 = (struct Lisp_Symbol *) 0x555555ce94d0 <lispsym+51024>
>>>    "t"
>>
>> Thanks.  So my theory eats dust.  Hmm...  I wonder if you could come
>> up with a simpler reproducer, perhaps in "emacs -nw" (which many times
>> tends to make such problems more prominent and simpler to reproduce)?
>
> OK with emacs -nw, and attaching a gdb to the PID I got a new, slightly
> different, backtrace, attached.  It now breaks on a SIGINT.

Never mind, when I do this I have an automatic breakpoint on C-g for
some reason, and that's what you are seeing.  Will try to disable it to
reproduce the actual bug.

João



Reply | Threaded
Open this post in threaded view
|

bug#34394: 27.0.50; Emacs segfaults with SLY, company and C-g

João Távora
João Távora <[hidden email]> writes:

> João Távora <[hidden email]> writes:
>
>> Eli Zaretskii <[hidden email]> writes:
>>
>>>> From: João Távora <[hidden email]>
>>>> Cc: [hidden email],  [hidden email]
>>>> Date: Sat, 09 Feb 2019 13:23:06 +0000
>>>>
>>>>    (gdb) p globals.f_Vquit_flag
>>>>    $3 = XIL(0xc750)
>>>>    (gdb) xsymbol
>>>>    $4 = (struct Lisp_Symbol *) 0x555555ce94d0 <lispsym+51024>
>>>>    "t"
>>>
>>> Thanks.  So my theory eats dust.  Hmm...  I wonder if you could come
>>> up with a simpler reproducer, perhaps in "emacs -nw" (which many times
>>> tends to make such problems more prominent and simpler to reproduce)?
>>
>> OK with emacs -nw, and attaching a gdb to the PID I got a new, slightly
>> different, backtrace, attached.  It now breaks on a SIGINT.
>
> Never mind, when I do this I have an automatic breakpoint on C-g for
> some reason, and that's what you are seeing.  Will try to disable it to
> reproduce the actual bug.

So I disabled SIGINT for gdb and let it go to Emacs for keyboard-quit.
I reproduced with -nw, here's the backtrace.

Is it my impression or do I finally see sit_for in the bt?  (I don't
know, I've sent so many backtraces already)

João

69 ../sysdeps/unix/sysv/linux/pselect.c: No such file or directory.
(gdb) c
Continuing.

Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt full
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
        set = {__val = {0, 0, 0, 7234246878190108672, 3486406460340450103, 8159871459836720384, 140723461185312, 612, 140723461185312, 94478308327698, 140723461185632, 1, 94478312982560, 140322191709231, 4222451713, 94478312982560}}
        pid = <optimized out>
        tid = <optimized out>
        ret = <optimized out>
#1  0x00007f9f4e55b535 in __GI_abort () at abort.c:79
        save_stage = 1
        act = {__sigaction_handler = {sa_handler = 0x55ed738344b0, sa_sigaction = 0x55ed738344b0}, sa_mask = {__val = {140322191709018, 206158430256, 140723461185864, 140723461185664, 8159871459836720384, 3432, 140322192429728, 94478313311616, 140322191129007, 1974, 94478333592752, 0, 94478338512400, 1, 140723461185792, 140723461186192}}, sa_flags = -1142267648, sa_restorer = 0x1000}
        sigs = {__val = {32, 0 <repeats 15 times>}}
#2  0x00007f9f4e5b2718 in __libc_message (action=<optimized out>, fmt=fmt@entry=0x7f9f4e6bd088 "*** %s ***: %s terminated\n") at ../sysdeps/posix/libc_fatal.c:181
        ap = {{gp_offset = 32, fp_offset = 32764, overflow_arg_area = 0x7ffcbbea62a0, reg_save_area = 0x7ffcbbea6230}}
        fd = 10
        list = <optimized out>
        nlist = <optimized out>
        cp = <optimized out>
        written = <optimized out>
#3  0x00007f9f4e643bbd in __GI___fortify_fail_abort (need_backtrace=need_backtrace@entry=true, msg=0x7f9f4e6bd03d <longjmp_msg> "longjmp causes uninitialized stack frame") at fortify_fail.c:28
No locals.
#4  0x00007f9f4e643bf1 in __GI___fortify_fail (msg=<optimized out>) at fortify_fail.c:44
No locals.
#5  0x00007f9f4e643aad in ____longjmp_chk () at ../sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S:105
No locals.
#6  0x00007f9f4e643a0b in __longjmp_chk (env=0x55ed72523238 <main_thread+216>, val=val@entry=1) at ../setjmp/longjmp.c:39
No locals.
#7  0x000055ed71ed42d4 in quit_throw_to_read_char (from_signal=from_signal@entry=true) at keyboard.c:10486
No locals.
#8  0x000055ed71ed4950 in handle_interrupt (in_signal_handler=in_signal_handler@entry=true) at keyboard.c:10461
        c = <optimized out>
#9  0x000055ed71ed6445 in handle_interrupt_signal (sig=sig@entry=2) at keyboard.c:10293
        terminal = <optimized out>
#10 0x000055ed71ee889b in deliver_process_signal (sig=2, handler=handler@entry=0x55ed71ed6417 <handle_interrupt_signal>) at sysdep.c:1733
        old_errno = 22
        on_main_thread = true
#11 0x000055ed71ec7f3a in deliver_interrupt_signal (sig=<optimized out>) at keyboard.c:10300
No locals.
#12 <signal handler called>
No locals.
#13 0x00007f9f4e62a4a9 in __pselect (nfds=10, readfds=0x7ffcbbea6e10, writefds=0x7ffcbbea6d90, exceptfds=0x0, timeout=<optimized out>, sigmask=0x0) at ../sysdeps/unix/sysv/linux/pselect.c:69
        resultvar = 18446744073709551612
        sc_ret = <optimized out>
        tval = {tv_sec = 0, tv_nsec = 330889851}
        data = {ss = 0, ss_len = 8}
        result = <optimized out>
#14 0x000055ed71fdbc44 in really_call_select (arg=arg@entry=0x7ffcbbea6b80) at thread.c:580
        sa = 0x7ffcbbea6b80
        self = 0x55ed72523160 <main_thread>
        oldset = {__val = {0, 0, 140723461188464, 94478341426928, 94478346665443, 94478307959952, 2000000000002, 4000000000002, 140723461188464, 94478306951740, 1549721455, 94478346665475, 94478341426933, 94478306952458, 140720308486147, 0}}
#15 0x000055ed71f378b7 in flush_stack_call_func (func=func@entry=0x55ed71fdbbf5 <really_call_select>, arg=arg@entry=0x7ffcbbea6b80) at alloc.c:5229
        end = 0x7ffcbbea6b70
        self = 0x55ed72523160 <main_thread>
        sentry = <optimized out>
#16 0x000055ed71fdcfc8 in thread_select (func=<optimized out>, max_fds=<optimized out>, rfds=rfds@entry=0x7ffcbbea6e10, wfds=<optimized out>, efds=efds@entry=0x0, timeout=timeout@entry=0x7ffcbbea6d70, sigmask=0x0) at thread.c:610
        sa = {func = 0x7f9f4e62a450 <__pselect>, max_fds = 10, rfds = 0x7ffcbbea6e10, wfds = 0x7ffcbbea6d90, efds = 0x0, timeout = 0x7ffcbbea6d70, sigmask = 0x0, result = 0}
#17 0x000055ed71fb2392 in wait_reading_process_output (time_limit=time_limit@entry=30, nsecs=nsecs@entry=0, read_kbd=-1, do_display=do_display@entry=true, wait_for_cell=..., wait_proc=wait_proc@entry=0x0, just_wait_proc=0) at process.c:5420
        process_skipped = false
        channel = <optimized out>
        nfds = <optimized out>
        Available = {fds_bits = {952, 0 <repeats 15 times>}}
        Writeok = {fds_bits = {0 <repeats 16 times>}}
        check_write = true
        check_delay = 1
        no_avail = false
        xerrno = 22
        proc = {i = 0x55ed73cce1b5}
        timeout = {tv_sec = 0, tv_nsec = 377014395}
        end_time = <optimized out>
        timer_delay = <optimized out>
        got_output_end_time = <optimized out>
        wait = TIMEOUT
        got_some_output = -1
        prev_wait_proc_nbytes_read = 0
        retry_for_async = false
        count = 3
        now = <optimized out>
#18 0x000055ed71dba3ac in sit_for (timeout=..., timeout@entry=..., reading=reading@entry=true, display_option=display_option@entry=1) at lisp.h:1056
        sec = 30
        nsec = 0
        do_display = true
#19 0x000055ed71ed8209 in read_char (commandflag=1, map=..., map@entry=..., prev_event=..., used_mouse_menu=used_mouse_menu@entry=0x7ffcbbea720b, end_time=end_time@entry=0x0) at lisp.h:751
        tem0 = <optimized out>
        timeout = 30
        delay_level = <optimized out>
        buffer_size = <optimized out>
        c = {i = 0x0}
        jmpcount = 3
        local_getcjmp = {{__jmpbuf = {0, -8545801708543905756, 94478340994080, 94478333592752, 140723461190352, 0, -2502692692833570780, -8545806451447926748}, __mask_was_saved = 0, __saved_mask = {__val = {0, 94478346649555, 94478306900597, 3, 0, 4294967295, 3, 94478334248240, 94478307045825, 0, 0, 0, 25365120, 0, 94478306900597, 8194}}}}
        save_jump = {{__jmpbuf = {54144, 94478338512400, 1, 31056, 94478313481936, 0, 2, 1}, __mask_was_saved = 1, __saved_mask = {__val = {94478306900597, 140723461186576, 94478340994085, 94478340994085, 94478306902260, 140322119159976, 94478307488136, 15, 140322119159928, 140322119159976, 94478306900597, 0, 0, 140322124526683, 94478306902260, 140322124526667}}}}
        tem = <optimized out>
        save = <optimized out>
        previous_echo_area_message = {i = 0x0}
        also_record = {i = 0x0}
        reread = false
        recorded = false
        polling_stopped_here = false
        orig_kboard = 0x55ed73850160
#20 0x000055ed71ed94f5 in read_key_sequence (keybuf=keybuf@entry=0x7ffcbbea72d0, prompt=..., dont_downcase_last=dont_downcase_last@entry=false, can_return_switch_frame=can_return_switch_frame@entry=true, fix_current_buffer=fix_current_buffer@entry=true, prevent_redisplay=prevent_redisplay@entry=false) at keyboard.c:9082
        interrupted_kboard = 0x55ed73850160
        interrupted_frame = 0x55ed738344b0
        key = {i = 0x55ed73f43420}
        used_mouse_menu = false
        echo_local_start = 0
        last_real_key_start = 0
        keys_local_start = <optimized out>
        new_binding = <optimized out>
        count = 3
        t = 0
        echo_start = 0
        keys_start = 0
        current_binding = <optimized out>
        first_unbound = 31
        mock_input = 0
        used_mouse_menu_history = {false <repeats 30 times>}
        fkey = {parent = {i = 0x55ed73830553}, map = {i = 0x55ed73830553}, start = 0, end = 0}
        keytran = {parent = {i = 0x7f9f4a62b5cb}, map = {i = 0x7f9f4a62b5cb}, start = 0, end = 0}
        indec = {parent = {i = 0x55ed73830543}, map = {i = 0x55ed73830543}, start = 0, end = 0}
        shift_translated = false
        delayed_switch_frame = <optimized out>
        original_uppercase = <optimized out>
        original_uppercase_position = -1
        dummyflag = false
        starting_buffer = 0x55ed73f43420
        fake_prefixed_keys = <optimized out>
        first_event = <optimized out>
        second_event = <optimized out>
#21 0x000055ed71edabc1 in command_loop_1 () at lisp.h:1056
        cmd = <optimized out>
        keybuf = {{i = 0x50a0}, {i = 0x13e}, {i = 0x10a}, {i = 0x3}, {i = 0x3}, {i = 0x55ed71f64c17 <Ffuncall+684>}, {i = 0x0}, {i = 0x55ed743321d3}, {i = 0x7ffcbbea7390}, {i = 0x29b1d8063918}, {i = 0x1}, {i = 0x0}, {i = 0x0}, {i = 0x55ed71f68fae <call3+36>}, {i = 0x29b1d8063918}, {i = 0x55ed743321d3}, {i = 0x7f9f4a0c3f74}, {i = 0x0}, {i = 0x7ffcbbea7390}, {i = 0x55ed71ecef45 <cmd_error_internal+495>}, {i = 0x0}, {i = 0x55ed743321d3}, {i = 0x0}, {i = 0x55ed71ecf2bb <cmd_error+846>}, {i = 0x0}, {i = 0x1}, {i = 0x3}, {i = 0x55ed71f6382b <push_handler_nosignal+323>}, {i = 0x7f9f4a62e60b}, {i = 0x55ed7386ff30}}
        i = <optimized out>
        prev_modiff = 36
        prev_buffer = 0x55ed73f43420
#22 0x000055ed71f63a96 in internal_condition_case (bfun=bfun@entry=0x55ed71eda943 <command_loop_1>, handlers=..., handlers@entry=..., hfun=hfun@entry=0x55ed71ecef6d <cmd_error>) at eval.c:1376
        val = {i = 0xfffffffffffffffc}
        c = 0x55ed7386ff30
#23 0x000055ed71ecb494 in command_loop_2 (ignore=..., ignore@entry=...) at lisp.h:1056
        val = <optimized out>
#24 0x000055ed71f639da in internal_catch (tag=..., func=func@entry=0x55ed71ecb478 <command_loop_2>, arg=..., arg@entry=...) at eval.c:1139
        val = {i = 0xfffffffffffffffc}
        c = 0x55ed73850230
#25 0x000055ed71ec8786 in command_loop () at lisp.h:1056
No locals.
#26 0x000055ed71ece728 in recursive_edit_1 () at keyboard.c:714
        count = 1
        val = <optimized out>
#27 0x000055ed71ececf0 in Frecursive_edit () at keyboard.c:785
        count = 0
        buffer = <optimized out>
#28 0x000055ed71ec7154 in main (argc=15, argv=<optimized out>) at emacs.c:1949
        stack_bottom_variable = 0x55ed7201b155 <__libc_csu_init+69>
        do_initial_setlocale = <optimized out>
        no_loadup = false
        junk = 0x0
        dname_arg = 0x0
        ch_to_dir = 0x0
        original_pwd = 0x0
        dump_mode = <optimized out>
        skip_args = 1
        temacs = 0x0
        rlim = {rlim_cur = 10022912, rlim_max = 18446744073709551615}
(gdb)



Reply | Threaded
Open this post in threaded view
|

bug#34394: 27.0.50; Emacs segfaults with SLY, company and C-g

Eli Zaretskii
> From: João Távora <[hidden email]>
> Cc: [hidden email],  [hidden email]
> Date: Sat, 09 Feb 2019 14:13:52 +0000
>
> I reproduced with -nw, here's the backtrace.

Thanks.

> Is it my impression or do I finally see sit_for in the bt?

sit_for was in your first backtrace as well.  But note it's sit_for in
C, not sit-for in Lisp (which lives in subr.el nowadays).



Reply | Threaded
Open this post in threaded view
|

bug#34394: 27.0.50; Emacs segfaults with SLY, company and C-g

Eli Zaretskii
In reply to this post by João Távora
> From: João Távora <[hidden email]>
> Cc: [hidden email],  [hidden email]
> Date: Sat, 09 Feb 2019 14:00:15 +0000
>
> > Removing the need for having SLY or eglot would be a major
> > simplification.  Then investigating this could be easier.
>
> Yeah, I understand that.  What do you suggest, though?  I would start by
> writing a completion-at-point-function that uses a dummy process?
> That's a bit non-trivial, though not impossible, since all the filter,
> sentinel and such have to be coded.

If a completion function that uses a process is necessary, then I
guess it's unreasonable to try to avoid it.  However, I'd like to
avoid installing CL.  Can you provide instructions for doing this with
eglot instead (assuming its installation is more lightweight)?

> But is it so you can reproduce it yourself, or some other reason I'm not
> seeing?

The former.



Reply | Threaded
Open this post in threaded view
|

bug#34394: 27.0.50; Emacs segfaults with SLY, company and C-g

Eli Zaretskii
In reply to this post by João Távora
> From: João Távora <[hidden email]>
> Cc: [hidden email],  [hidden email]
> Date: Sat, 09 Feb 2019 14:13:52 +0000
>
> So I disabled SIGINT for gdb and let it go to Emacs for keyboard-quit.
> I reproduced with -nw, here's the backtrace.

Is it possible that somehow sit_for is called recursively in this
scenario?  If you put a breakpoint in sit_for, does it break when bt
shows another instance of sit_for up the call-stack?

We need to establish who clobbers the jump_buf being used to implement
quitting by C-g.



Reply | Threaded
Open this post in threaded view
|

bug#34394: 27.0.50; Emacs segfaults with SLY, company and C-g

João Távora
On Sat, Feb 9, 2019 at 3:22 PM Eli Zaretskii <[hidden email]> wrote:

>
> > From: João Távora <[hidden email]>
> > Cc: [hidden email],  [hidden email]
> > Date: Sat, 09 Feb 2019 14:13:52 +0000
> >
> > So I disabled SIGINT for gdb and let it go to Emacs for keyboard-quit.
> > I reproduced with -nw, here's the backtrace.
>
> Is it possible that somehow sit_for is called recursively in this
> scenario?  If you put a breakpoint in sit_for, does it break when bt
> shows another instance of sit_for up the call-stack?
>
> We need to establish who clobbers the jump_buf being used to implement
> quitting by C-g.

The problem is that if I place a breakpoint there I can't work with company
at all.  So I can't reproduce the problem.

Or maybe I misunderstood.
--
João Távora



12