[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#17249: 24.3; segfault with certain unicode strings in C locale
|
From: |
Richard Hansen |
|
Subject: |
bug#17249: 24.3; segfault with certain unicode strings in C locale |
|
Date: |
Sat, 12 Apr 2014 02:11:20 -0400 |
I can get emacs to crash with these shell commands:
# generate a unicode string
printf '\040\314\210\302\273\n' >crash-emacs.txt
LC_ALL=C emacs -nw -Q +1:3 crash-emacs.txt
If I set LC_ALL=en_US.utf8 then it does not crash.
Here is the gdb backtrace:
#0 0x0000000000498c20 in char_table_ref (table=<optimized out>,
c=c@entry=4194690) at chartab.c:234
tbl = 0xbb5000
val = 4611686018429485125
#1 0x00000000005a679e in composition_compute_stop_pos (
cmp_it=cmp_it@entry=0x7fffffffcf50, charpos=4, charpos@entry=3,
bytepos=<optimized out>, bytepos@entry=3,
endpos=<optimized out>, endpos@entry=5, string=12124434)
at composite.c:1053
start = 3
end = 40
c = 4194690
prop = 839073240292445696
val = <optimized out>
#2 0x000000000051bc7e in scan_for_column (
endpos=endpos@entry=0x7fffffffcfe8,
goalcol=goalcol@entry=0x7fffffffcff8,
prevcol=prevcol@entry=0x7fffffffcff0) at indent.c:595
c = <optimized out>
ctl_arrow = true
dp = 0x0
multibyte = true
cmp_it = {
stop_pos = 5,
id = -1,
ch = -2,
rule_idx = 0,
lookback = 1,
nglyphs = 2,
reversed_p = false,
charpos = 2,
nchars = 1,
nbytes = 1,
from = 1,
to = 2,
width = 1
}
window = <optimized out>
w = 0xba2978
col = 2
prev_col = 1
goal = 2
end = 5
scan = 3
scan_byte = 3
next_boundary = 5
#3 0x000000000051cea1 in Fmove_to_column (column=<optimized out>,
force=12124434) at indent.c:990
pos = 5
prev_col = 20186896
col = 2
goal = 2
#4 0x000000000055006d in Ffuncall (nargs=<optimized out>,
args=<optimized out>) at eval.c:2781
fun = 8584349
original_fun = 12285586
funcar = <optimized out>
numargs = <optimized out>
lisp_numargs = <optimized out>
val = <optimized out>
backtrace = {
next = 0x7fffffffd250,
function = 12285586,
args = 0x7fffffffd160,
nargs = 1,
debug_on_exit = 0
}
internal_args = 0x7fffffffd030
i = <optimized out>
#5 0x0000000000584a8b in exec_byte_code (bytestr=12275717,
vector=4194690, maxdepth=4611686018695757824,
args_template=4611686018430533632, nargs=4611686018695757824,
args=0x7fffffffd150) at bytecode.c:900
targets = {0x584ba8 <exec_byte_code+1032>,
...
vectorp = 0x8c6fb8 <pure+601144>
stack = {
pc = 0xab5414 <pure+2625684> "\210\313\262\006\266\002\201Q",
byte_string = 9203593,
byte_string_start = 0xab5099 <pure+2624793> "\306 \210\b\203\021",
constants = 9203629,
next = 0x7fffffffd380
}
result = 4611686018429485125
#6 0x000000000054f9bd in funcall_lambda (fun=9203629,
nargs=nargs@entry=1, arg_vector=0x8c6f89 <pure+601097>,
arg_vector@entry=0x7fffffffd2d0) at eval.c:2944
val = <optimized out>
syms_left = <optimized out>
next = <optimized out>
lexenv = <optimized out>
count = -26216640712628180
i = <optimized out>
optional = <optimized out>
rest = <optimized out>
#7 0x000000000054feeb in Ffuncall (nargs=2, args=0x7fffffffd2c8)
at eval.c:2839
fun = <optimized out>
original_fun = 16434802
funcar = <optimized out>
numargs = 1
lisp_numargs = <optimized out>
val = <optimized out>
backtrace = {
next = 0x7fffffffd410,
function = 16434802,
args = 0x7fffffffd2d0,
nargs = 1,
debug_on_exit = 0
}
internal_args = <optimized out>
i = <optimized out>
#8 0x0000000000584a8b in exec_byte_code (bytestr=12275717,
vector=4194690, maxdepth=4611686018695757824,
args_template=4611686018430533632, nargs=4611686018695757824,
args=0x7fffffffd2c8) at bytecode.c:900
targets = {0x584ba8 <exec_byte_code+1032>,
...
vectorp = 0x8c0600 <pure+574080>
stack = {
pc = 0xab7f31 <pure+2636721> "\210\016H\203\264\005\201\303",
byte_string = 9176529,
byte_string_start = 0xab7989 <pure+2635273> "\306
\020\307\021\n\023\307\024\310\311!\211\307=\204\060",
constants = 9176565,
next = 0x7fffffffd500
}
result = 4611686018429485125
#9 0x000000000054f9bd in funcall_lambda (fun=9176565,
nargs=nargs@entry=0, arg_vector=0x8c05d1 <pure+574033>,
arg_vector@entry=0x7fffffffd498) at eval.c:2944
val = <optimized out>
syms_left = <optimized out>
next = <optimized out>
lexenv = <optimized out>
count = -26216640712628168
i = <optimized out>
optional = <optimized out>
rest = <optimized out>
#10 0x000000000054feeb in Ffuncall (nargs=1, args=0x7fffffffd490)
at eval.c:2839
fun = <optimized out>
original_fun = 15567250
funcar = <optimized out>
numargs = 0
lisp_numargs = <optimized out>
val = <optimized out>
backtrace = {
next = 0x7fffffffd630,
function = 15567250,
args = 0x7fffffffd498,
nargs = 0,
debug_on_exit = 0
}
internal_args = <optimized out>
i = <optimized out>
#11 0x0000000000584a8b in exec_byte_code (bytestr=12275717,
vector=4194690, maxdepth=4611686018695757824,
args_template=4611686018430533632, nargs=4611686018695757824,
args=0x7fffffffd488) at bytecode.c:900
targets = {0x584ba8 <exec_byte_code+1032>,
...
vectorp = 0x8bf9d0 <pure+570960>
stack = {
pc = 0xab84b7 <pure+2638135>
"\210)\210\351\352\353\"\210\354\321\355\"\211;\203\256",
byte_string = 9173409,
byte_string_start = 0xab8422 <pure+2637986> "\b\203\b",
constants = 9173445,
next = 0x0
}
result = 4611686018429485125
#12 0x000000000054f9bd in funcall_lambda (fun=9173445,
fun@entry=9173357, nargs=nargs@entry=0,
arg_vector=0x8bf9a1 <pure+570913>,
arg_vector@entry=0x7fffffffd570) at eval.c:2944
val = <optimized out>
syms_left = <optimized out>
next = <optimized out>
lexenv = <optimized out>
count = -26221038759138928
i = <optimized out>
optional = <optimized out>
rest = <optimized out>
#13 0x000000000054effd in apply_lambda (fun=9173357,
args=<optimized out>) at eval.c:2887
args_left = 12124434
i = <optimized out>
numargs = 0
arg_vector = <optimized out>
gcpro1 = <optimized out>
tem = <optimized out>
sa_count = 3
sa_must_free = <optimized out>
#14 0x000000000054f3c2 in eval_sub (form=form@entry=12349798)
at eval.c:2218
fun = <optimized out>
val = <optimized out>
original_fun = 15837026
original_args = 12124434
funcar = <optimized out>
backtrace = {
next = 0x0,
function = 15837026,
args = 0x7fffffffd570,
nargs = 0,
debug_on_exit = 0
}
gcpro3 = <optimized out>
#15 0x00000000005527cd in Feval (form=12349798,
lexical=<optimized out>) at eval.c:2005
count = 2
#16 0x000000000054e5b3 in internal_condition_case (
bfun=bfun@entry=0x4dd600 <top_level_2>, handlers=12176114,
hfun=hfun@entry=0x4e2290 <cmd_error>) at eval.c:1289
val = <optimized out>
c = {
tag = 12124434,
val = 12124434,
next = 0x7fffffffd8b0,
gcpro = 0x0,
jmp = {{
__jmpbuf = {1, 7163789923458151104, 12124434, 4000,
140737488346000, 1, -7163791675184188736,
7163791299020387008},
__mask_was_saved = 0,
__saved_mask = {
__val = {17, 0, 140737354130880, 0, 140737354130880,
140737488345136, 140737488345120, 3488983867,
4299206140, 4294967295, 4238103, 4294967295,
67108864, 140737251060432, 140737353872624, 0}
}
}},
backlist = 0x0,
handlerlist = 0x0,
lisp_eval_depth = 0,
pdlcount = 2,
poll_suppress_count = 1,
interrupt_input_blocked = 0,
byte_stack = 0x0
}
h = {
handler = 12176114,
var = 12124434,
chosen_clause = 4294967296,
tag = 0x7fffffffd760,
next = 0x0
}
#17 0x00000000004dd5e6 in top_level_1 (ignore=ignore@entry=12124434)
at keyboard.c:1185
No locals.
#18 0x000000000054e48e in internal_catch (tag=<optimized out>,
func=func@entry=0x4dd580 <top_level_1>, arg=12124434)
at eval.c:1060
c = {
tag = 12171954,
val = 12124434,
next = 0x0,
gcpro = 0x0,
jmp = {{
__jmpbuf = {1, 7163789923458151104, 12124434, 4000,
140737488346000, 1, -7163791674762661184,
7163791298990764736},
__mask_was_saved = 0,
__saved_mask = {
__val = {140737351972645, 400, 5, 0, 0, 0, 0,
227633266711, 5849150, 532575944823, 6198499,
140737488345584, 140737488345592, 0,
140737488345584, 6198499}
}
}},
backlist = 0x0,
handlerlist = 0x0,
lisp_eval_depth = 0,
pdlcount = 2,
poll_suppress_count = 1,
interrupt_input_blocked = 0,
byte_stack = 0x0
}
#19 0x00000000004e1d9f in command_loop () at keyboard.c:1146
No locals.
#20 recursive_edit_1 () at keyboard.c:779
count = 1
val = 20186704
#21 0x00000000004e20b4 in Frecursive_edit () at keyboard.c:843
count = 0
buffer = 12124434
#22 0x00000000004171d5 in main (argc=<optimized out>,
argv=0x7fffffffdb98) at emacs.c:1528
dummy = 140737353873872
stack_bottom_variable = -15 '\361'
do_initial_setlocale = <optimized out>
dumping = <optimized out>
skip_args = 1
rlim = {
rlim_cur = 8720000,
rlim_max = 18446744073709551615
}
no_loadup = false
junk = 0x0
dname_arg = 0x0
ch_to_dir = 0x818 <Address 0x818 out of bounds>
Lisp Backtrace:
"move-to-column" (0xffffd160)
"command-line-1" (0xffffd2d0)
"command-line" (0xffffd498)
"normal-top-level" (0xffffd570)
In GNU Emacs 24.3.1 (x86_64-pc-linux-gnu, GTK+ Version 3.8.2)
of 2013-07-26 on roseapple, modified by Debian
Windowing system distributor `The X.Org Foundation', version 11.0.11405000
System Description: Ubuntu 13.10
Configured using:
`configure '--build' 'x86_64-linux-gnu' '--build' 'x86_64-linux-gnu'
'--prefix=/usr' '--sharedstatedir=/var/lib' '--libexecdir=/usr/lib'
'--localstatedir=/var/lib' '--infodir=/usr/share/info'
'--mandir=/usr/share/man' '--with-pop=yes'
'--enable-locallisppath=/etc/emacs24:/etc/emacs:/usr/local/share/emacs/24.3/site-lisp:/usr/local/share/emacs/site-lisp:/usr/share/emacs/24.3/site-lisp:/usr/share/emacs/site-lisp'
'--with-crt-dir=/usr/lib/x86_64-linux-gnu' '--with-x=yes'
'--with-x-toolkit=gtk3' '--with-toolkit-scroll-bars'
'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fstack-protector
--param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wall'
'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro'
'CPPFLAGS=-D_FORTIFY_SOURCE=2''
Important settings:
value of $LC_TIME: en_DK.utf8
value of $LANG: en_US.utf8
locale-coding-system: utf-8-unix
default enable-multibyte-characters: t
- bug#17249: 24.3; segfault with certain unicode strings in C locale,
Richard Hansen <=