bug#30626: 26.0.91; Crash when traversing a `stream-of-directory-files'

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#30626: 26.0.91; Crash when traversing a `stream-of-directory-files'

From:	Noam Postavsky
Subject:	bug#30626: 26.0.91; Crash when traversing a `stream-of-directory-files'
Date:	Mon, 12 Mar 2018 21:59:57 -0400
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/26.0.90 (gnu/linux)

Eli Zaretskii <eliz@gnu.org> writes:

>> From: Noam Postavsky <npostavs@gmail.com>
>> Cc: michael_heerdegen@web.de,  john.b.mastro@gmail.com,  nicolas@petton.fr,  
>> 30626@debbugs.gnu.org
>> Date: Sun, 11 Mar 2018 17:51:19 -0400
>> 
>> > If you have the address, you could first find the stack frame to which
>> > it belongs, right?
>> 
>> Um, how do I do that part?
>
> By comparing the address with the value of $bp in each frame, I'd say.

Hmm, I found a match, but it doesn't make any sense.

#4851 0x0000000000611d4f in mark_vectorlike (ptr=0x2e64c90) at 
../../src/alloc.c:6227
#4852 0x0000000000612b42 in mark_object (arg=XIL(0x2e64c95)) at 
../../src/alloc.c:6624
#4853 0x000000000060f3ce in mark_maybe_pointer (p=0x2e64c90) at 
../../src/alloc.c:4936
#4854 0x000000000060f452 in mark_memory (start=0x7fffffffa520, 
end=0x7fffffffe868)
    at ../../src/alloc.c:4985
#4855 0x000000000060f493 in mark_stack (bottom=0x7fffffffe868 
"a\036h\364\377\177", 
    end=0x7fffffffa520 "0\245\377\377\377\177") at ../../src/alloc.c:5193

(gdb) frame 4854
#4854 0x000000000060f452 in mark_memory (start=0x7fffffffa520, 
end=0x7fffffffe868)
    at ../../src/alloc.c:4985
4985          mark_maybe_pointer (*(void **) pp);
(gdb) p pp
$28 = 0x7fffffffa968 "\220L\346\002"

(gdb) frame 4864
#4864 0x000000000068d950 in exec_byte_code (bytestr=XIL(0x2e7aad4), 
vector=XIL(0x2e72715), 
    maxdepth=make_number(18), args_template=make_number(768), nargs=3, 
args=0x7fffffffad20)
    at ../../src/bytecode.c:632
632                 TOP = Ffuncall (op + 1, &TOP);
(gdb) p $rbp
$29 = (void *) 0x7fffffffabd0

(gdb) p/x $rbp - $28
$32 = 0x268

(gdb) disas /s
[...]
1180            CASE (Bbuffer_substring):
1181              {
1182                Lisp_Object v1 = POP;
   0x000000000068fea4 <+13154>: mov    -0x40(%rbp),%rax
   0x000000000068fea8 <+13158>: lea    -0x8(%rax),%rdx
   0x000000000068feac <+13162>: mov    %rdx,-0x40(%rbp)
   0x000000000068feb0 <+13166>: mov    (%rax),%rax
   0x000000000068feb3 <+13169>: mov    %rax,-0x268(%rbp)

1183                TOP = Fbuffer_substring (TOP, v1);
   0x000000000068feba <+13176>: mov    -0x268(%rbp),%rdx
   0x000000000068fec1 <+13183>: mov    -0x40(%rbp),%rax
   0x000000000068fec5 <+13187>: mov    %rdx,%rsi
   0x000000000068fec8 <+13190>: mov    (%rax),%rdi
   0x000000000068fecb <+13193>: callq  0x627e0a <Fbuffer_substring>

It can't be a buffer-substring arg, but that's the only reference to
-0x268(%rbp) in that function.

[Prev in Thread]

Current Thread

[Next in Thread]

bug#30626: 26.0.91; Crash when traversing a `stream-of-directory-files', (continued)

Prev by Date: bug#30786: Save text properties in desktop
Next by Date: bug#30789: 26.0.91; xml-parse-region works but libxml-parse-html-region doesn't
Previous by thread: bug#30626: 26.0.91; Crash when traversing a `stream-of-directory-files'
Next by thread: bug#30626: 26.0.91; Crash when traversing a `stream-of-directory-files'
Index(es):
- Date
- Thread