GNU bug report logs - #2099
stack overflow in GC when creating large nested object

Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.

Package: emacs; Severity: wishlist; Reported by: Markus Triska <markus.triska@HIDDEN>; Keywords: confirmed; merged with #31362; dated Wed, 28 Jan 2009 23:15:02 UTC; Maintainer for emacs is bug-gnu-emacs@HIDDEN.
Changed bug title to 'stack overflow in GC when creating large nested object' from '23.0.60; `mark_object' with larger nested objects crashes Emacs' Request was from Noam Postavsky <npostavs@HIDDEN> to control <at> debbugs.gnu.org. Full text available.
Forcibly Merged 2099 31362. Request was from Noam Postavsky <npostavs@HIDDEN> to control <at> debbugs.gnu.org. Full text available.
Severity set to 'wishlist' from 'normal' Request was from Alan Third <alan@HIDDEN> to control <at> debbugs.gnu.org. Full text available.

Message received at 2099 <at> debbugs.gnu.org:


Received: (at 2099) by debbugs.gnu.org; 11 Jan 2016 20:46:04 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Jan 11 15:46:03 2016
Received: from localhost ([127.0.0.1]:46844 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1aIjLl-00056S-99
	for submit <at> debbugs.gnu.org; Mon, 11 Jan 2016 15:46:03 -0500
Received: from eggs.gnu.org ([208.118.235.92]:44698)
 by debbugs.gnu.org with esmtp (Exim 4.84)
 (envelope-from <eliz@HIDDEN>) id 1aIjLh-000569-2f
 for 2099 <at> debbugs.gnu.org; Mon, 11 Jan 2016 15:46:00 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <eliz@HIDDEN>) id 1aIjLX-0008Mo-Hb
 for 2099 <at> debbugs.gnu.org; Mon, 11 Jan 2016 15:45:51 -0500
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-0.0 required=5.0 tests=BAYES_20,RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:49415)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <eliz@HIDDEN>)
 id 1aIjLM-0008I0-5s; Mon, 11 Jan 2016 15:45:36 -0500
Received: from 84.94.185.246.cable.012.net.il ([84.94.185.246]:3114
 helo=HOME-C4E4A596F7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_128_CBC_SHA1:128)
 (Exim 4.82) (envelope-from <eliz@HIDDEN>)
 id 1aIjLL-0007h3-CY; Mon, 11 Jan 2016 15:45:35 -0500
Date: Mon, 11 Jan 2016 22:45:42 +0200
Message-Id: <83pox7kfpl.fsf@HIDDEN>
From: Eli Zaretskii <eliz@HIDDEN>
To: Alan J Third <alan@HIDDEN>
In-reply-to: <m2a8ob26xb.fsf@HIDDEN> (message from Alan J Third
 on Mon, 11 Jan 2016 20:32:48 +0000)
Subject: Re: bug#2099: 23.0.60;
 `mark_object' with larger nested objects crashes Emacs
References: <20090128230645.07F1DC468CC@HIDDEN>
 <m31uvmn5xk.fsf@HIDDEN> <m21t9p6q4l.fsf@HIDDEN>
 <83vb70kv67.fsf@HIDDEN> <m2vb703t14.fsf@HIDDEN>
 <trinity-52670635-2f5d-40e0-9f7b-be0aa89cef05-1452539426201@3capp-gmx-bs16>
 <8337u4kju1.fsf@HIDDEN>
 <trinity-00bb75b2-fb15-40c4-8cf4-ce91199cced6-1452542268915@3capp-gmx-bs61>
 <m2a8ob26xb.fsf@HIDDEN>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: 2099
Cc: larsi@HIDDEN, 2099 <at> debbugs.gnu.org, markus.triska@HIDDEN
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Reply-To: Eli Zaretskii <eliz@HIDDEN>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)

> From: Alan J Third <alan@HIDDEN>
> Cc: eliz@HIDDEN,  2099 <at> debbugs.gnu.org,  larsi@HIDDEN
> Date: Mon, 11 Jan 2016 20:32:48 +0000
> 
> FWIW I found a 'real-world' bug report, bug#16039, which appears to have
> the same cause, although it requires a different remedy.

No, that's a different cause.  That bug is about stack overflow in
regexp matcher, not in GC.  Such stack overflows should nowadays be
recoverable (at least on most platforms), unlike a stack overflow in
GC that still isn't.




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#2099; Package emacs. Full text available.

Message received at 2099 <at> debbugs.gnu.org:


Received: (at 2099) by debbugs.gnu.org; 11 Jan 2016 20:33:25 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Jan 11 15:33:25 2016
Received: from localhost ([127.0.0.1]:46838 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1aIj9Z-0004oF-56
	for submit <at> debbugs.gnu.org; Mon, 11 Jan 2016 15:33:25 -0500
Received: from mail-wm0-f45.google.com ([74.125.82.45]:37549)
 by debbugs.gnu.org with esmtp (Exim 4.84)
 (envelope-from <athird@HIDDEN>) id 1aIj9X-0004o2-HC
 for 2099 <at> debbugs.gnu.org; Mon, 11 Jan 2016 15:33:23 -0500
Received: by mail-wm0-f45.google.com with SMTP id f206so288060908wmf.0
 for <2099 <at> debbugs.gnu.org>; Mon, 11 Jan 2016 12:33:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=googlemail.com; s=20120113;
 h=sender:from:to:cc:subject:references:date:in-reply-to:message-id
 :user-agent:mime-version:content-type;
 bh=G685VaTP4bJi5cIFjdI9nyyQWCAz0o+az9qDg0k2cT0=;
 b=q12prWnjWClsoXxec9t1+eHLBhVCzh5lf8HHnLtav5BZDkWklaaPGUlb77fcCK4x9X
 iofJ9qr6l7ed26BRDNQTokw14Uxu098fuduOcpxqDIaLiBOpVzBoFnqbq1HY+Sj5ErUb
 ll4V1bmk40W7lctKNl/7MKMM5Ajd9OY3pIg87sh69n9+SUue8rS4hy8b0UqaGIRxfGT9
 m+px15uqze80W+TFd9y9zu5GVNzxRMsemb+MZBKKX5RH+ctObswaVEZt8kSWOqaf8EDs
 /sX0XSXCUJspLC/qUdLrqKDc+8/stQOVa6bI6yX94lcLp9QiI1sC+nc3mzK+QkwyLGtA
 PbRw==
X-Received: by 10.194.192.198 with SMTP id hi6mr137492080wjc.141.1452544397917; 
 Mon, 11 Jan 2016 12:33:17 -0800 (PST)
Received: from galloway.idiocy.org
 (a.0.b.3.e.9.c.e.0.6.6.6.0.9.1.c.9.2.1.8.8.f.3.0.0.b.8.0.1.0.0.2.ip6.arpa.
 [2001:8b0:3f8:8129:c190:6660:ec9e:3b0a])
 by smtp.gmail.com with ESMTPSA id z137sm14364706wmc.8.2016.01.11.12.33.16
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Mon, 11 Jan 2016 12:33:17 -0800 (PST)
From: Alan J Third <alan@HIDDEN>
To: markus.triska@HIDDEN
Subject: Re: bug#2099: 23.0.60;
 `mark_object' with larger nested objects crashes Emacs
References: <20090128230645.07F1DC468CC@HIDDEN>
 <m31uvmn5xk.fsf@HIDDEN> <m21t9p6q4l.fsf@HIDDEN>
 <83vb70kv67.fsf@HIDDEN> <m2vb703t14.fsf@HIDDEN>
 <trinity-52670635-2f5d-40e0-9f7b-be0aa89cef05-1452539426201@3capp-gmx-bs16>
 <8337u4kju1.fsf@HIDDEN>
 <trinity-00bb75b2-fb15-40c4-8cf4-ce91199cced6-1452542268915@3capp-gmx-bs61>
Date: Mon, 11 Jan 2016 20:32:48 +0000
In-Reply-To: <trinity-00bb75b2-fb15-40c4-8cf4-ce91199cced6-1452542268915@3capp-gmx-bs61>
 (markus triska's message of "Mon, 11 Jan 2016 20:57:49 +0100")
Message-ID: <m2a8ob26xb.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (darwin)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -0.5 (/)
X-Debbugs-Envelope-To: 2099
Cc: eliz@HIDDEN, larsi@HIDDEN, 2099 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -0.5 (/)

markus.triska@HIDDEN writes:

> I find it hard to believe that a way to crash Emacs is somehow *not*
> considered a bug. If that is the case, I agree with what Glenn recently
> said: Just deal with this report in any way you wish.

My thinking was simply that it sounds like it will require
reimplementation of the GC, and that's not likely to happen any time
soon, or perhaps ever.

Looking over the debbugs docs again, though, it should probably be
changed to wishlist, as Eli suggested originally. Like you say, a crash
is surely a bug, even if it is hard to fix.

FWIW I found a 'real-world' bug report, bug#16039, which appears to have
the same cause, although it requires a different remedy.
-- 
Alan Third




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#2099; Package emacs. Full text available.

Message received at 2099 <at> debbugs.gnu.org:


Received: (at 2099) by debbugs.gnu.org; 11 Jan 2016 20:33:12 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Jan 11 15:33:12 2016
Received: from localhost ([127.0.0.1]:46835 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1aIj9L-0004no-Re
	for submit <at> debbugs.gnu.org; Mon, 11 Jan 2016 15:33:12 -0500
Received: from eggs.gnu.org ([208.118.235.92]:41398)
 by debbugs.gnu.org with esmtp (Exim 4.84)
 (envelope-from <eliz@HIDDEN>) id 1aIj9H-0004na-En
 for 2099 <at> debbugs.gnu.org; Mon, 11 Jan 2016 15:33:10 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <eliz@HIDDEN>) id 1aIj98-0005G5-La
 for 2099 <at> debbugs.gnu.org; Mon, 11 Jan 2016 15:33:02 -0500
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:49199)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <eliz@HIDDEN>)
 id 1aIj8x-0005C4-JW; Mon, 11 Jan 2016 15:32:47 -0500
Received: from 84.94.185.246.cable.012.net.il ([84.94.185.246]:3050
 helo=HOME-C4E4A596F7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_128_CBC_SHA1:128)
 (Exim 4.82) (envelope-from <eliz@HIDDEN>)
 id 1aIj8w-0006tp-HU; Mon, 11 Jan 2016 15:32:47 -0500
Date: Mon, 11 Jan 2016 22:32:52 +0200
Message-Id: <83si23kgaz.fsf@HIDDEN>
From: Eli Zaretskii <eliz@HIDDEN>
To: markus.triska@HIDDEN
In-reply-to: <trinity-00bb75b2-fb15-40c4-8cf4-ce91199cced6-1452542268915@3capp-gmx-bs61>
 (markus.triska@HIDDEN)
Subject: Re: bug#2099: 23.0.60; `mark_object' with larger nested objects
 crashes Emacs
References: <20090128230645.07F1DC468CC@HIDDEN>
 <m31uvmn5xk.fsf@HIDDEN> <m21t9p6q4l.fsf@HIDDEN>
 <83vb70kv67.fsf@HIDDEN>, <m2vb703t14.fsf@HIDDEN>
 <trinity-52670635-2f5d-40e0-9f7b-be0aa89cef05-1452539426201@3capp-gmx-bs16>,
 <8337u4kju1.fsf@HIDDEN>
 <trinity-00bb75b2-fb15-40c4-8cf4-ce91199cced6-1452542268915@3capp-gmx-bs61>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: 2099
Cc: alan@HIDDEN, larsi@HIDDEN, 2099 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Reply-To: Eli Zaretskii <eliz@HIDDEN>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)

> From: markus.triska@HIDDEN
> Cc: alan@HIDDEN, 2099 <at> debbugs.gnu.org, larsi@HIDDEN
> Date: Mon, 11 Jan 2016 20:57:49 +0100
> 
> > Sorry, I don't understand: what testing? Can you describe the
> > real-life use case behind this bug report? The recipe as shown looks
> > like a deliberate way to cause Emacs to overflow its stack; surely,
> > that's not what you intended to test?
> 
> That's not what I intended to test: Emacs crashing on such datastructures
> prevents more serious automatic tests that can, among other data, also
> create such structures.

I'm asking to describe the data structures that you intended to test,
and their purpose.  The recipe that you posted when you filed the bug
conses an infinitely large object in an infinite loop.  Can you please
tell what is the purpose of creating such a data structure in this
way?  It's clear that at some point Emacs will run out of memory, and
it is also clear that at some other point it will GC.  So what is
being tested by such a data structure, given that these outcomes are
known in advance?

> So far, this shortcoming has prevented my working further on such
> tests.

Knowing more about those tests might help us become more motivated to
work on the problems that interfere with your testing, or suggest how
to work around them.

> I find it hard to believe that a way to crash Emacs is somehow *not*
> considered a bug.

There could be many ways to overcome these problems, some of them
easier than others.  It all depends on what problems get in your way.

For example, there could be a way of letting Emacs run out of heap
memory without triggering GC -- would that help you continue with your
testing?  I don't know, maybe you could tell.

IOW, if there are practical issues for which you'd like to have a
solution or a workaround, so that you could continue with your
testing, we could try helping you on that way.  I'm sure you agree
that leaving the bug without any action will not help you make any
progress with your project.  Please help us help you in any practical
way that's possible, by telling more about the specific aspects of
Emacs you'd like to test.

> If that is the case, I agree with what Glenn recently said: Just
> deal with this report in any way you wish.

Relax, no one said this isn't a bug, so this is uncalled for.  I'm
just trying to understand what is being tested here.  I couldn't
understand that from the recipe you posted, because that recipe has an
outcome that's known in advance.




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#2099; Package emacs. Full text available.

Message received at 2099 <at> debbugs.gnu.org:


Received: (at 2099) by debbugs.gnu.org; 11 Jan 2016 19:58:08 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Jan 11 14:58:07 2016
Received: from localhost ([127.0.0.1]:46824 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1aIibP-0003wx-PH
	for submit <at> debbugs.gnu.org; Mon, 11 Jan 2016 14:58:07 -0500
Received: from mout.gmx.net ([212.227.15.15]:54002)
 by debbugs.gnu.org with esmtp (Exim 4.84)
 (envelope-from <markus.triska@HIDDEN>) id 1aIibO-0003wT-DL
 for 2099 <at> debbugs.gnu.org; Mon, 11 Jan 2016 14:58:06 -0500
Received: from [178.165.128.187] by 3capp-gmx-bs61.server.lan (via HTTP);
 Mon, 11 Jan 2016 20:57:49 +0100
MIME-Version: 1.0
Message-ID: <trinity-00bb75b2-fb15-40c4-8cf4-ce91199cced6-1452542268915@3capp-gmx-bs61>
From: markus.triska@HIDDEN
To: eliz@HIDDEN
Subject: Re: bug#2099: 23.0.60; `mark_object' with larger nested objects
 crashes Emacs
Content-Type: text/plain; charset=UTF-8
Date: Mon, 11 Jan 2016 20:57:49 +0100
Importance: normal
Sensitivity: Normal
In-Reply-To: <8337u4kju1.fsf@HIDDEN>
References: <20090128230645.07F1DC468CC@HIDDEN>
 <m31uvmn5xk.fsf@HIDDEN> <m21t9p6q4l.fsf@HIDDEN>
 <83vb70kv67.fsf@HIDDEN>, <m2vb703t14.fsf@HIDDEN>
 <trinity-52670635-2f5d-40e0-9f7b-be0aa89cef05-1452539426201@3capp-gmx-bs16>,
 <8337u4kju1.fsf@HIDDEN>
X-UI-Message-Type: mail
X-Priority: 3
X-Provags-ID: V03:K0:SJ6+C+/qmbOOlxVL68QCZ8JMjc/hA89ZXw4q3EmJ3wY
 7nmPrLR9mUY902+RjSSCvJlOIFE8uiaSN3YLMY7MU7YkaZ9NE/
 4oBNC6g6dRcefIgj/rBSnxcuXo8VtsB1k8RUvoxrk+0F8bSsbM
 FqPVpiQpgsxs+TCm2jelWaPzXB5RwYTgM3NKvDK2H9XsusfmZJ
 IXgU4Tt79/YryU9nyKnx1TWcWLuqlnhrYyQCdveimTXJb3+A+l
 J23SjzMnIPaikwAfCW9Wp5RmdejQJLXmG3AGYgtRvHs4l9oK7N ZGbqMY=
X-UI-Out-Filterresults: notjunk:1;V01:K0:VpJuo2TrD2Y=:I3uLWG4TXTkukfOoANPIbe
 7Jg6fbvYQOl5LC2ZIwMufJiGtscqY7XpbHybkDldT2LUqi3GVXtobhEUCHJZf9T18YjnTHBKE
 ualmYHy33Lkm/OVrQ29Q9opB8htlHa1jjruMwnpOtCH8PIzdLgY/udkCtSCVJj0zJVgL50uU1
 cw/CvvfvNS7flUdzPkmTzfBX+gLyou/cYnj4US1kk8qIGVLzjywB7p9mKuVmv//pmnTuyLKqL
 +lPZxuqJ2UzlswPe74Rn44m7JGsdMLUrL6xffKQrxYSlCl1B5wCTik9axI91vd0K91C3mgi8z
 ZSEcEJgG1gkORm1LxNj96UPO0YtwyhG2rlZj8mdTf29cetcKdGjcxBM/rmpj45XDexV4io1Yo
 svYCCtguZHU2WjGdgGRk9uhf/E6M2iIkIlZTIndV92vdnnd/GwC9mKAmCrRQg75QHm9S0oHOd
 aH9n5+mF7A==
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 2099
Cc: alan@HIDDEN, larsi@HIDDEN, 2099 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -0.7 (/)

> Sorry, I don't understand: what testing? Can you describe the
> real-life use case behind this bug report? The recipe as shown looks
> like a deliberate way to cause Emacs to overflow its stack; surely,
> that's not what you intended to test?

That's not what I intended to test: Emacs crashing on such datastructures
prevents more serious automatic tests that can, among other data, also
create such structures. So far, this shortcoming has prevented my working
further on such tests.

I find it hard to believe that a way to crash Emacs is somehow *not*
considered a bug. If that is the case, I agree with what Glenn recently
said: Just deal with this report in any way you wish.




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#2099; Package emacs. Full text available.

Message received at 2099 <at> debbugs.gnu.org:


Received: (at 2099) by debbugs.gnu.org; 11 Jan 2016 19:16:54 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Jan 11 14:16:54 2016
Received: from localhost ([127.0.0.1]:46779 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1aIhxW-0002wS-95
	for submit <at> debbugs.gnu.org; Mon, 11 Jan 2016 14:16:54 -0500
Received: from eggs.gnu.org ([208.118.235.92]:42758)
 by debbugs.gnu.org with esmtp (Exim 4.84)
 (envelope-from <eliz@HIDDEN>) id 1aIhxU-0002wD-6v
 for 2099 <at> debbugs.gnu.org; Mon, 11 Jan 2016 14:16:52 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <eliz@HIDDEN>) id 1aIhxL-0000T8-GM
 for 2099 <at> debbugs.gnu.org; Mon, 11 Jan 2016 14:16:47 -0500
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:47764)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <eliz@HIDDEN>)
 id 1aIhxA-0000Nf-Lv; Mon, 11 Jan 2016 14:16:32 -0500
Received: from 84.94.185.246.cable.012.net.il ([84.94.185.246]:2876
 helo=HOME-C4E4A596F7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_128_CBC_SHA1:128)
 (Exim 4.82) (envelope-from <eliz@HIDDEN>)
 id 1aIhx9-0004IV-Ny; Mon, 11 Jan 2016 14:16:32 -0500
Date: Mon, 11 Jan 2016 21:16:38 +0200
Message-Id: <8337u4kju1.fsf@HIDDEN>
From: Eli Zaretskii <eliz@HIDDEN>
To: markus.triska@HIDDEN
In-reply-to: <trinity-52670635-2f5d-40e0-9f7b-be0aa89cef05-1452539426201@3capp-gmx-bs16>
 (markus.triska@HIDDEN)
Subject: Re: bug#2099: 23.0.60; `mark_object' with larger nested objects
 crashes Emacs
References: <20090128230645.07F1DC468CC@HIDDEN>
 <m31uvmn5xk.fsf@HIDDEN> <m21t9p6q4l.fsf@HIDDEN>
 <83vb70kv67.fsf@HIDDEN>, <m2vb703t14.fsf@HIDDEN>
 <trinity-52670635-2f5d-40e0-9f7b-be0aa89cef05-1452539426201@3capp-gmx-bs16>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: 2099
Cc: alan@HIDDEN, larsi@HIDDEN, 2099 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Reply-To: Eli Zaretskii <eliz@HIDDEN>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)

> From: markus.triska@HIDDEN
> Cc: "Eli Zaretskii" <eliz@HIDDEN>, 2099 <at> debbugs.gnu.org, larsi@HIDDEN
> Date: Mon, 11 Jan 2016 20:10:26 +0100
> 
> Marking this as "wontfix" seems particularly inapplicable to me: This
> shortcoming crashes Emacs and potentially causes data loss for users,
> not only in such an artificial test case but in other situations too.
> This shortcoming prevents my testing Emacs in many other ways that would
> help me to find and correct more shortcomings and make Emacs more robust.

Sorry, I don't understand: what testing?  Can you describe the
real-life use case behind this bug report?  The recipe as shown looks
like a deliberate way to cause Emacs to overflow its stack; surely,
that's not what you intended to test?




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#2099; Package emacs. Full text available.

Message received at 2099 <at> debbugs.gnu.org:


Received: (at 2099) by debbugs.gnu.org; 11 Jan 2016 19:10:45 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Jan 11 14:10:45 2016
Received: from localhost ([127.0.0.1]:46769 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1aIhrZ-0002n0-EB
	for submit <at> debbugs.gnu.org; Mon, 11 Jan 2016 14:10:45 -0500
Received: from mout.gmx.net ([212.227.15.15]:49348)
 by debbugs.gnu.org with esmtp (Exim 4.84)
 (envelope-from <markus.triska@HIDDEN>) id 1aIhrX-0002mm-ED
 for 2099 <at> debbugs.gnu.org; Mon, 11 Jan 2016 14:10:43 -0500
Received: from [91.141.1.245] by 3capp-gmx-bs16.server.lan (via HTTP); Mon,
 11 Jan 2016 20:10:26 +0100
MIME-Version: 1.0
Message-ID: <trinity-52670635-2f5d-40e0-9f7b-be0aa89cef05-1452539426201@3capp-gmx-bs16>
From: markus.triska@HIDDEN
To: "Alan J Third" <alan@HIDDEN>
Subject: Re: bug#2099: 23.0.60; `mark_object' with larger nested objects
 crashes Emacs
Content-Type: text/plain; charset=UTF-8
Date: Mon, 11 Jan 2016 20:10:26 +0100
Importance: normal
Sensitivity: Normal
In-Reply-To: <m2vb703t14.fsf@HIDDEN>
References: <20090128230645.07F1DC468CC@HIDDEN>
 <m31uvmn5xk.fsf@HIDDEN> <m21t9p6q4l.fsf@HIDDEN>
 <83vb70kv67.fsf@HIDDEN>, <m2vb703t14.fsf@HIDDEN>
X-UI-Message-Type: mail
X-Priority: 3
X-Provags-ID: V03:K0:0//UFHGQ9dJOpCOuIuMVjzzd5BcLPNwH6FNKG/IRJWf
 a9jVKYySPBFEziw/cGOGjMh2VyekRkBgzL1Am6nCZvvbtikQmA
 rkHLL24W+f5Bs4DTpbZ4TrdOMSmIqepFi8SojuQxJw6uOizC4N
 YKOq2g9Vh604e/iLecTkXCmZKwWKBfhBkKmZfi5cyAljxH0mIp
 m2NzfuNa3vkyPTuBjPvoDPAY5AbbhPk5TF5TzxpqJ2L8i/iA3R
 +hZ+6qlhqxcrorQt4i/bpG015DUKmt9+mOPF1uCWbWXow2b+px z+G/eQ=
X-UI-Out-Filterresults: notjunk:1;V01:K0:B4AYBQ3AV2Y=:X39MRQIWTH5t7pySpCpvEr
 llOMNIYwSs43DUdHoy7Xc6Vlv3e6m7zLQ0M5PFVzu36BkkhipSVX7iN+IRNPgZzmsqhGOEFzp
 4QT+xOJCr9PxXsgrwHEc5NwYkweJmWvSGIduAJfweyV5yLl/KmElh0OIDIRn9K7Ii7ftPlrtL
 UO3445Ug774mbCh3kvojctt0gHTWOJjI1qjJHH5gJxAS+qlWgV0d7lRUybv6JXURwsFn7W4dx
 yDG2e+Zx1t2U0m5S1oQl77I2dHZBgzap6BlEqlHWeR+ayrwHiUPCVsAaS4x4U9PX5l7MNKMMa
 5MEvl5x6VYGRKP5AxI1sRQc+IljKMk8Y9AoD35YBS/pvXayUOx0IMVB8pe8ysz7FnmUy23K9s
 ySajmgm+yxWKMNa22vPGGR6nZKMj2pV6jOKFAWlsPIYG7JR3YAB2wOc5yvAoVKp2SYWNyrxb0
 92s0Du2Htw==
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 2099
Cc: Eli Zaretskii <eliz@HIDDEN>, larsi@HIDDEN, 2099 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -0.7 (/)

Hi Alan,

Alan Third writes:

> My inclination would be to go with "wontfix", but I'm new around here so
> I don't know that my opinion counts for much.

Marking this as "wontfix" seems particularly inapplicable to me: This
shortcoming crashes Emacs and potentially causes data loss for users,
not only in such an artificial test case but in other situations too.
This shortcoming prevents my testing Emacs in many other ways that would
help me to find and correct more shortcomings and make Emacs more robust.

All the best,
Markus




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#2099; Package emacs. Full text available.

Message received at 2099 <at> debbugs.gnu.org:


Received: (at 2099) by debbugs.gnu.org; 11 Jan 2016 17:50:12 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Jan 11 12:50:12 2016
Received: from localhost ([127.0.0.1]:46728 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1aIgbc-0000ss-2q
	for submit <at> debbugs.gnu.org; Mon, 11 Jan 2016 12:50:12 -0500
Received: from mail-wm0-f54.google.com ([74.125.82.54]:33888)
 by debbugs.gnu.org with esmtp (Exim 4.84)
 (envelope-from <athird@HIDDEN>) id 1aIgba-0000sd-Qf
 for 2099 <at> debbugs.gnu.org; Mon, 11 Jan 2016 12:50:11 -0500
Received: by mail-wm0-f54.google.com with SMTP id u188so224587841wmu.1
 for <2099 <at> debbugs.gnu.org>; Mon, 11 Jan 2016 09:50:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=googlemail.com; s=20120113;
 h=sender:from:to:cc:subject:references:date:in-reply-to:message-id
 :user-agent:mime-version:content-type;
 bh=3gRO4Ax08Ufn3mrv/Tjgg2pB3waehfmmIDYBxlHtNmg=;
 b=FP503qFXKb7e6USPfR0P9PnT2rxL8yk5W5uDggcs7v/Lgpth5d1Gy563DRwlsVfjzN
 jdXrfkKode1EFBIbhl/ASlfGKWUyNP0p43/CUKnQ6KM+vyiBJOB7nDFEll86RxcOArUm
 bWrf3HTVBiBywb+LUeEE8niht8HMTTBnYrSIlnLFhK4yPuuOTfR5aS5+wnj5axfIpXHk
 zP/3+VyzWaG5pIKCvzQ+R0QzzvFTGND3dcCRAcGhSvTRlOtsYz5fUn5W2SGzQKaenxn1
 r6WUYNtHsEsA+RV7At72WugFtyR3dz1fQi+4WBQoCtQOOJs4I/cha5XfV+mj+o36UuR7
 7lNA==
X-Received: by 10.194.192.198 with SMTP id hi6mr136854025wjc.141.1452534605152; 
 Mon, 11 Jan 2016 09:50:05 -0800 (PST)
Received: from galloway.idiocy.org
 (b.7.8.b.2.3.4.6.4.8.7.7.0.9.0.4.9.2.1.8.8.f.3.0.0.b.8.0.1.0.0.2.ip6.arpa.
 [2001:8b0:3f8:8129:4090:7784:6432:b87b])
 by smtp.gmail.com with ESMTPSA id m143sm8209097wma.17.2016.01.11.09.50.04
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Mon, 11 Jan 2016 09:50:04 -0800 (PST)
From: Alan J Third <alan@HIDDEN>
To: Eli Zaretskii <eliz@HIDDEN>
Subject: Re: bug#2099: 23.0.60;
 `mark_object' with larger nested objects crashes Emacs
References: <20090128230645.07F1DC468CC@HIDDEN>
 <m31uvmn5xk.fsf@HIDDEN> <m21t9p6q4l.fsf@HIDDEN>
 <83vb70kv67.fsf@HIDDEN>
Date: Mon, 11 Jan 2016 17:49:59 +0000
In-Reply-To: <83vb70kv67.fsf@HIDDEN> (Eli Zaretskii's message of "Mon, 11 Jan
 2016 17:11:44 +0200")
Message-ID: <m2vb703t14.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (darwin)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -0.5 (/)
X-Debbugs-Envelope-To: 2099
Cc: larsi@HIDDEN, markus.triska@HIDDEN, 2099 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -0.5 (/)

Eli Zaretskii <eliz@HIDDEN> writes:

> this is a known limitation of the current GC implementation.  So
> I think we should mark this bug "wishlist" (or maybe even "wontfix"),
> and leave it at that.
>
> Any objections/comments/suggestions?

My inclination would be to go with "wontfix", but I'm new around here so
I don't know that my opinion counts for much.
-- 
Alan Third




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#2099; Package emacs. Full text available.

Message received at 2099 <at> debbugs.gnu.org:


Received: (at 2099) by debbugs.gnu.org; 11 Jan 2016 15:11:50 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Jan 11 10:11:50 2016
Received: from localhost ([127.0.0.1]:46559 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1aIe8L-0001xr-Pw
	for submit <at> debbugs.gnu.org; Mon, 11 Jan 2016 10:11:50 -0500
Received: from eggs.gnu.org ([208.118.235.92]:48595)
 by debbugs.gnu.org with esmtp (Exim 4.84)
 (envelope-from <eliz@HIDDEN>) id 1aIe8K-0001xc-5H
 for 2099 <at> debbugs.gnu.org; Mon, 11 Jan 2016 10:11:48 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <eliz@HIDDEN>) id 1aIe8A-0007jn-Qi
 for 2099 <at> debbugs.gnu.org; Mon, 11 Jan 2016 10:11:42 -0500
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:43046)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <eliz@HIDDEN>)
 id 1aIe8A-0007jj-O2; Mon, 11 Jan 2016 10:11:38 -0500
Received: from 84.94.185.246.cable.012.net.il ([84.94.185.246]:1929
 helo=HOME-C4E4A596F7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_128_CBC_SHA1:128)
 (Exim 4.82) (envelope-from <eliz@HIDDEN>)
 id 1aIe89-0000sQ-VP; Mon, 11 Jan 2016 10:11:38 -0500
Date: Mon, 11 Jan 2016 17:11:44 +0200
Message-Id: <83vb70kv67.fsf@HIDDEN>
From: Eli Zaretskii <eliz@HIDDEN>
To: Alan J Third <alan@HIDDEN>
In-reply-to: <m21t9p6q4l.fsf@HIDDEN> (message from Alan J Third
 on Sun, 10 Jan 2016 22:12:10 +0000)
Subject: Re: bug#2099: 23.0.60;
 `mark_object' with larger nested objects crashes Emacs
References: <20090128230645.07F1DC468CC@HIDDEN>
 <m31uvmn5xk.fsf@HIDDEN> <m21t9p6q4l.fsf@HIDDEN>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: 2099
Cc: larsi@HIDDEN, 2099 <at> debbugs.gnu.org, markus.triska@HIDDEN
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Reply-To: Eli Zaretskii <eliz@HIDDEN>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)

> From: Alan J Third <alan@HIDDEN>
> Date: Sun, 10 Jan 2016 22:12:10 +0000
> Cc: Markus Triska <markus.triska@HIDDEN>, 2099 <at> debbugs.gnu.org
> 
> > Markus Triska <address@hidden> writes:
> >
> >> When you do:
> >>
> >>    $ emacs -Q --eval "(let (v) (while t (setq v (cons v v))))"
> >>
> >> then Emacs crashes with:
> >>
> >>    Program received signal EXC_BAD_ACCESS, Could not access memory.
> >>    Reason: KERN_INVALID_ADDRESS at address: 0xbf7ffffc
> >>    0x0013bc1a in mark_object (arg=40166541) at alloc.c:5372
> >>    (gdb) bt
> >>    #0  0x0013bc1a in mark_object (arg=40166541) at alloc.c:5372
> >
> > I can confirm that the crash is still present in Emacs 24:
> 
> And Emacs 25:
> 
> Fatal error 11: Segmentation fault

Of course: this is expected.

I admit I don't really understand what is the purpose of this bug
report; perhaps the OP could clarify.

Here's my take on this:

  . What happens is clear: stack overflow during GC.  Since the stack
    space is always limited, one can always overflow it by
    deliberately consing larger and larger objects.

  . When stack overflow happens during GC, Emacs commits suicide,
    because such fatal errors are not recoverable with the current
    code.

  . Making GC non-recursive is a large job, that will most probably
    require significant changes in GC as a whole, not just in the
    recursive mark step.  If someone wants to work on that, they
    surely don't need this bug as an inspiration.

IOW, this is a known limitation of the current GC implementation.  So
I think we should mark this bug "wishlist" (or maybe even "wontfix"),
and leave it at that.

Any objections/comments/suggestions?




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#2099; Package emacs. Full text available.

Message received at 2099 <at> debbugs.gnu.org:


Received: (at 2099) by debbugs.gnu.org; 10 Jan 2016 22:12:30 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Jan 10 17:12:30 2016
Received: from localhost ([127.0.0.1]:45772 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1aIODq-0006i5-IP
	for submit <at> debbugs.gnu.org; Sun, 10 Jan 2016 17:12:30 -0500
Received: from mail-wm0-f48.google.com ([74.125.82.48]:34978)
 by debbugs.gnu.org with esmtp (Exim 4.84)
 (envelope-from <athird@HIDDEN>) id 1aIODl-0006hl-R9
 for 2099 <at> debbugs.gnu.org; Sun, 10 Jan 2016 17:12:25 -0500
Received: by mail-wm0-f48.google.com with SMTP id f206so191473486wmf.0
 for <2099 <at> debbugs.gnu.org>; Sun, 10 Jan 2016 14:12:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=googlemail.com; s=20120113;
 h=sender:from:to:cc:subject:references:date:in-reply-to:message-id
 :user-agent:mime-version:content-type;
 bh=eO8YqQpe7LByZVr+P+QscGlDDvA/UvO7y1cEz12VWGw=;
 b=mSz6T1s6u+bdkoos7P6moaotLNl0kUm9c3UbZ7cWxTtG81lM2nABmP+nWP1ASZ4cKu
 LsfsGmODb6/4PsgzbhgtgfvU2N+sb9C+fmoFS1V6G2XAJ2gfzfxs2uH6RsZuu0mCkvKB
 sKm2QaZWoixGuWR65Lh+4TJGYLxyjzbIb0QEbBSOTpx2o0qFHxeDsC9CrJrh/k6DDs/G
 rfEsc2FIWKadnl5DEO+yNycct9xPXSfKBUnZSgpEHv8oFTpZ7Wd45IsWYo86yTR8hDaC
 xD+tUCxc0sQlhqj5xYSDueC30/BbVE7mIicoD5ihhr0XQmDDxqOfzJHDy0DobN7m6RlX
 49gw==
X-Received: by 10.28.73.70 with SMTP id w67mr9406528wma.31.1452463936163;
 Sun, 10 Jan 2016 14:12:16 -0800 (PST)
Received: from galloway.idiocy.org
 (b.7.8.b.2.3.4.6.4.8.7.7.0.9.0.4.9.2.1.8.8.f.3.0.0.b.8.0.1.0.0.2.ip6.arpa.
 [2001:8b0:3f8:8129:4090:7784:6432:b87b])
 by smtp.gmail.com with ESMTPSA id e77sm9920717wma.18.2016.01.10.14.12.15
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Sun, 10 Jan 2016 14:12:15 -0800 (PST)
From: Alan J Third <alan@HIDDEN>
To: Lars Magne Ingebrigtsen <larsi@HIDDEN>
Subject: Re: bug#2099: 23.0.60;
 `mark_object' with larger nested objects crashes Emacs
References: <20090128230645.07F1DC468CC@HIDDEN>
 <m31uvmn5xk.fsf@HIDDEN>
Date: Sun, 10 Jan 2016 22:12:10 +0000
In-Reply-To: <m31uvmn5xk.fsf@HIDDEN> (Lars Magne Ingebrigtsen's
 message of "Sun, 11 Sep 2011 23:08:07 +0200")
Message-ID: <m21t9p6q4l.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (darwin)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -0.5 (/)
X-Debbugs-Envelope-To: 2099
Cc: 2099 <at> debbugs.gnu.org, Markus Triska <markus.triska@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -0.5 (/)

Lars Magne Ingebrigtsen <larsi@HIDDEN> writes:

> Markus Triska <markus.triska@HIDDEN> writes:
>
>> When you do:
>>
>>    $ emacs -Q --eval "(let (v) (while t (setq v (cons v v))))"
>>
>> then Emacs crashes with:
>>
>>    Program received signal EXC_BAD_ACCESS, Could not access memory.
>>    Reason: KERN_INVALID_ADDRESS at address: 0xbf7ffffc
>>    0x0013bc1a in mark_object (arg=40166541) at alloc.c:5372
>>    (gdb) bt
>>    #0  0x0013bc1a in mark_object (arg=40166541) at alloc.c:5372
>
> I can confirm that the crash is still present in Emacs 24:

And Emacs 25:

Fatal error 11: Segmentation fault
-- 
Alan Third




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#2099; Package emacs. Full text available.

Message received at submit <at> debbugs.gnu.org:


Received: (at submit) by debbugs.gnu.org; 11 Sep 2011 23:55:24 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Sep 11 19:55:24 2011
Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1R2trv-0006UK-T1
	for submit <at> debbugs.gnu.org; Sun, 11 Sep 2011 19:55:24 -0400
Received: from eggs.gnu.org ([140.186.70.92])
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <geb-bug-gnu-emacs@HIDDEN>) id 1R2trr-0006UB-MZ
	for submit <at> debbugs.gnu.org; Sun, 11 Sep 2011 19:55:22 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <geb-bug-gnu-emacs@HIDDEN>) id 1R2tng-00025u-30
	for submit <at> debbugs.gnu.org; Sun, 11 Sep 2011 19:51:00 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD autolearn=unavailable version=3.3.1
Received: from lists.gnu.org ([140.186.70.17]:51449)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <geb-bug-gnu-emacs@HIDDEN>) id 1R2tng-00025q-1W
	for submit <at> debbugs.gnu.org; Sun, 11 Sep 2011 19:51:00 -0400
Received: from eggs.gnu.org ([140.186.70.92]:36576)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <geb-bug-gnu-emacs@HIDDEN>) id 1R2tnf-0005x0-4D
	for bug-gnu-emacs@HIDDEN; Sun, 11 Sep 2011 19:51:00 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <geb-bug-gnu-emacs@HIDDEN>) id 1R2tnd-00025H-NX
	for bug-gnu-emacs@HIDDEN; Sun, 11 Sep 2011 19:50:59 -0400
Received: from lo.gmane.org ([80.91.229.12]:38756)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <geb-bug-gnu-emacs@HIDDEN>) id 1R2tnd-000252-3s
	for bug-gnu-emacs@HIDDEN; Sun, 11 Sep 2011 19:50:57 -0400
Received: from list by lo.gmane.org with local (Exim 4.69)
	(envelope-from <geb-bug-gnu-emacs@HIDDEN>) id 1R2tnb-0003qM-Us
	for bug-gnu-emacs@HIDDEN; Mon, 12 Sep 2011 01:50:55 +0200
Received: from cm-84.215.51.58.getinternet.no ([84.215.51.58])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <bug-gnu-emacs@HIDDEN>; Mon, 12 Sep 2011 01:50:55 +0200
Received: from larsi by cm-84.215.51.58.getinternet.no with local (Gmexim 0.1
	(Debian)) id 1AlnuQ-0007hv-00
	for <bug-gnu-emacs@HIDDEN>; Mon, 12 Sep 2011 01:50:55 +0200
X-Injected-Via-Gmane: http://gmane.org/
Mail-Followup-To: bug-gnu-emacs@HIDDEN
To: bug-gnu-emacs@HIDDEN
From: Lars Magne Ingebrigtsen <larsi@HIDDEN>
Subject: Re: bug#2099: 23.0.60;
	`mark_object' with larger nested objects crashes Emacs
Date: Mon, 12 Sep 2011 01:47:42 +0200
Organization: Programmerer Ingebrigtsen
Lines: 16
Message-ID: <m3sjo2ej4x.fsf@HIDDEN>
References: <20090128230645.07F1DC468CC@HIDDEN>
	<m31uvmn5xk.fsf@HIDDEN> <m2aaaaeocz.fsf@HIDDEN>
	<m3r53mg2z7.fsf@HIDDEN>
Mime-Version: 1.0
Content-Type: text/plain
X-Complaints-To: usenet@HIDDEN
X-Gmane-NNTP-Posting-Host: cm-84.215.51.58.getinternet.no
Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAElBMVEUGBQUPDg2Gj6YiHBs8
	MTFNQ0YON3qwAAACc0lEQVQ4jV2TW5LjIAxFcfUswAR7AU3C/2Dgf2yk/w6g/W9lrpzH1ESVStk6
	6HWRjU0uPa2/HuCyxopYaxVmf0upeDzBYc3qA/wKjtDg97ec4oKIi4RL20YINvRN/MO2mzWbtBZC
	8M2G9vLDA9Av7e73tlnfy8MfWmlI9b1u98DbsMd9e0Ycnq1xXtb78X3Z7epfVkpHu3m30cUjpsQv
	0KkigjJ3khZE2jsEs5klZCYWFoDwAmEAyCCSAT/e30A01WlnnuDrszGNyEQZuc73W82PQlqDKiVE
	EAb2o9L2BqwRIkl6QiE5e25PQNTCEaiPcvbgAykQ0slu6KTfRmHt4poywODacAZ5x762M9cVV2WW
	SuwlZiQOdgEYAKrVQnT4K0Bnb10TzXXN4wl6ZN9zi/YY0Mf3RUWsqQUuIVSSaAsRk6QFxV1pEHPD
	tY2y20yVO/wKjiBtHBhbGJdFzN1BPwDUY24oGfhubR5QIEo6r7ZDj6CzKGCpKZKmatylE4cgqTvr
	mLCWtQBAipRrx2SpYjVxODlSIFApF+hHNADyGrHTuj6HHy3tLvOous1L2ZNzCjikozIEH9npmq8V
	O67tsoy6N/2vq4KM3pICHI0VUtS8FwWLNk3n+kS0o9cYOeo31NFaPW/QQWUWvEAsADSdFQwsLXxC
	0a4Ak0acgCBNt+vAwYXcI0KLL7WmpVv8YGO185QexR0iGGB3s53ly5opzeacYwfY51x1OjdZY6IB
	mM1XTBlfet7TbKdpnmcD5pIxX1AZZ5DbTOZhyXzY8WPMNqbp96xv8z9w/RXk+3ZI+PkEqxRhfFz3
	D1Akc8HA6c8H+M/+Aifzxy2TeenMAAAAAElFTkSuQmCC
Mail-Copies-To: never
X-Now-Playing: CocoRosie's _Grey Oceans_: "Here I Come"
User-Agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.50 (gnu/linux)
Cancel-Lock: sha1:UxQ6frblOpFrU9v3UvsD7DAT+Cc=
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3)
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3)
X-Received-From: 140.186.70.17
X-Spam-Score: -4.3 (----)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.11
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Sender: debbugs-submit-bounces <at> debbugs.gnu.org
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
X-Spam-Score: -4.3 (----)

So, the problem here seems simply to be that we blow up the stack by
recursing so ridiculously deep?  I think?

Looking at mark_object, it seems like it could pretty easily be
rewritten to be non-recursive, just by changing it into a loop, and
using a stack to do visit all the objects.

But that's probably not an Emacs 24.1 thing.

The other question is what other interesting deep-nesting bugs a
structure like that might reveal, so even if we fix the mark_object
case, that might not help us much.  Difficult to say...

-- 
(domestic pets only, the antidote for overdose, milk.)
  bloggy blog http://lars.ingebrigtsen.no/





Information forwarded to owner <at> debbugs.gnu.org, bug-gnu-emacs@HIDDEN:
bug#2099; Package emacs. Full text available.

Message received at 2099 <at> debbugs.gnu.org:


Received: (at 2099) by debbugs.gnu.org; 11 Sep 2011 22:01:19 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Sep 11 18:01:19 2011
Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1R2s5X-0006rm-Fr
	for submit <at> debbugs.gnu.org; Sun, 11 Sep 2011 18:01:19 -0400
Received: from hermes.netfonds.no ([80.91.224.195])
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <larsi@HIDDEN>) id 1R2s5V-0006re-1J
	for 2099 <at> debbugs.gnu.org; Sun, 11 Sep 2011 18:01:17 -0400
Received: from cm-84.215.51.58.getinternet.no ([84.215.51.58]
	helo=stories.gnus.org)
	by hermes.netfonds.no with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16)
	(Exim 4.72) (envelope-from <larsi@HIDDEN>)
	id 1R2s1E-0001zq-T0; Sun, 11 Sep 2011 23:56:52 +0200
From: Lars Magne Ingebrigtsen <larsi@HIDDEN>
To: Andreas Schwab <schwab@HIDDEN>
Subject: Re: bug#2099: 23.0.60;
	`mark_object' with larger nested objects crashes Emacs
In-Reply-To: <m2aaaaeocz.fsf@HIDDEN> (Andreas Schwab's message of "Sun, 11
	Sep 2011 23:54:52 +0200")
Date: Sun, 11 Sep 2011 23:53:48 +0200
Message-ID: <m3r53mg2z7.fsf@HIDDEN>
References: <20090128230645.07F1DC468CC@HIDDEN>
	<m31uvmn5xk.fsf@HIDDEN> <m2aaaaeocz.fsf@HIDDEN>
User-Agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.50 (gnu/linux)
Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAHlBMVEUHBQYKCAhpQUc1KSoS
	Dg4MCgsfGRcEAgMLCQkJBwe5ILBGAAACbUlEQVQ4jXWSMW/bMBCFiThIoK1CFmms1BjpFuvJjDWb
	EdCxkFlothwl2Yw6iGbBFcDRgtGi/Lc9klLcAukNhnAfH9/jnVntqgLAzc9QNav/Uwas3wUir/E+
	EMs4FYRzksb/AkDYyuPKtDYjEENfiAoiJ74x30zKFZYjeTsichYomUCA03ciEsFtl0yZ9ullqJAK
	RGnkNKg2grEjvXc6X2KJOIUBFGadEphkqKrFD2Cz5MgJcNABwbaTGdSevkEpSHEv6gebqpkAz8e4
	QEWAzyHvOR6klKzZFuBHGmel9kvco5QFMJcr1jRb4DgLJF1YQBEgZTWCIvup+NO+RgdF10hY8BLx
	OgvDfHa1wB78m5FYADweM62vaixQxG5/JZm/VLic3Gr9C1C03ALEHkyqXQ528VlrvyvLYm6SUq2M
	Ik/gZbr3la3OEWE8EjCtiVApFZSy7Cx4IbMPjOle96Hvt75TUarXOxS3jBkRGRFSykjI/BG7E2h7
	PzASUuzu6voEwj5wAViTVKhnBDx3FYHOAfAmSW2/NxYksHkpLm9q5q6ixIFPzi5Vc7e9HRxCpygH
	xYLAYciqWr+zCgMmLLP9vrcvV105Au9au6w6MEDK0oGz+vokoEeo4Sp2Hn0xx5WdYRu4tJRqy/A1
	9NvVU9uRd+u/vby5iKI4Guom6NUILs+j9U2UUDdO1te+NkbOYzIeJxr7fdtaCXmcvQHS2Lk40Hw/
	gY+h9vRvE8CAV9v7FGEaZfrg2Q0H3d+KaUT/Ijdlq9il4EkSTzHFs+fZftAZYMts5HA4aEtM4BFY
	Qmv07TQDeQJbZpYS9mYtZl5/AIdDbK7zW/sRAAAAAElFTkSuQmCC
X-Now-Playing: Alasdair Roberts's _Spoils_: "The Book of Doves"
MIME-Version: 1.0
Content-Type: text/plain
X-MailScanner-ID: 1R2s1E-0001zq-T0
X-Netfonds-MailScanner: Found to be clean
X-Netfonds-MailScanner-From: larsi@HIDDEN
MailScanner-NULL-Check: 1316383013.17333@mHbjKB/khFeLWm54duyhig
X-Spam-Status: No
X-Spam-Score: -2.7 (--)
X-Debbugs-Envelope-To: 2099
Cc: 2099 <at> debbugs.gnu.org, Markus Triska <markus.triska@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.11
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Sender: debbugs-submit-bounces <at> debbugs.gnu.org
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
X-Spam-Score: -2.7 (--)

Andreas Schwab <schwab@HIDDEN> writes:

> This creates a deeply nested object that is doomed to overflow the stack
> during garbage collecting.  There are many ways to shoot yourself in the
> foot.

But it would be nice if Emacs did something other than segfault.  :-)

-- 
(domestic pets only, the antidote for overdose, milk.)
  bloggy blog http://lars.ingebrigtsen.no/




Information forwarded to owner <at> debbugs.gnu.org, bug-gnu-emacs@HIDDEN:
bug#2099; Package emacs. Full text available.

Message received at 2099 <at> debbugs.gnu.org:


Received: (at 2099) by debbugs.gnu.org; 11 Sep 2011 21:59:21 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Sep 11 17:59:21 2011
Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1R2s3a-000621-Nj
	for submit <at> debbugs.gnu.org; Sun, 11 Sep 2011 17:59:20 -0400
Received: from mail-out.m-online.net ([212.18.0.9])
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <whitebox@HIDDEN>) id 1R2s3Y-00061o-63
	for 2099 <at> debbugs.gnu.org; Sun, 11 Sep 2011 17:59:16 -0400
Received: from frontend1.mail.m-online.net (unknown [192.168.8.180])
	by mail-out.m-online.net (Postfix) with ESMTP id DEEEB1C0F590;
	Sun, 11 Sep 2011 23:54:57 +0200 (CEST)
Received: from localhost (dynscan1.mnet-online.de [192.168.8.164])
	by mail.m-online.net (Postfix) with ESMTP id CC8241C00131;
	Sun, 11 Sep 2011 23:54:57 +0200 (CEST)
X-Virus-Scanned: amavisd-new at mnet-online.de
Received: from mail.mnet-online.de ([192.168.8.180])
	by localhost (dynscan1.mail.m-online.net [192.168.8.164]) (amavisd-new,
	port 10024)
	with ESMTP id iOejM4aIgeZc; Sun, 11 Sep 2011 23:54:52 +0200 (CEST)
Received: from igel.home (ppp-88-217-122-177.dynamic.mnet-online.de
	[88.217.122.177]) by mail.mnet-online.de (Postfix) with ESMTP;
	Sun, 11 Sep 2011 23:54:52 +0200 (CEST)
Received: by igel.home (Postfix, from userid 501)
	id 741F1CA296; Sun, 11 Sep 2011 23:54:52 +0200 (CEST)
From: Andreas Schwab <schwab@HIDDEN>
To: Lars Magne Ingebrigtsen <larsi@HIDDEN>
Subject: Re: bug#2099: 23.0.60;
	`mark_object' with larger nested objects crashes Emacs
References: <20090128230645.07F1DC468CC@HIDDEN>
	<m31uvmn5xk.fsf@HIDDEN>
X-Yow: I left my WALLET in the BATHROOM!!
Date: Sun, 11 Sep 2011 23:54:52 +0200
In-Reply-To: <m31uvmn5xk.fsf@HIDDEN> (Lars Magne Ingebrigtsen's
	message of "Sun, 11 Sep 2011 23:08:07 +0200")
Message-ID: <m2aaaaeocz.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Spam-Score: -2.6 (--)
X-Debbugs-Envelope-To: 2099
Cc: 2099 <at> debbugs.gnu.org, Markus Triska <markus.triska@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.11
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Sender: debbugs-submit-bounces <at> debbugs.gnu.org
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
X-Spam-Score: -2.6 (--)

Lars Magne Ingebrigtsen <larsi@HIDDEN> writes:

> I can confirm that the crash is still present in Emacs 24:
>
> [larsi@stories ~/src/emacs/trunk]$ gdb  --args ./src/emacs -Q --eval "(let (v) (while t (setq v (cons v v))))"

This creates a deeply nested object that is doomed to overflow the stack
during garbage collecting.  There are many ways to shoot yourself in the
foot.

Andreas.

-- 
Andreas Schwab, schwab@HIDDEN
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756  01D3 44D5 214B 8276 4ED5
"And now for something completely different."




Information forwarded to owner <at> debbugs.gnu.org, bug-gnu-emacs@HIDDEN:
bug#2099; Package emacs. Full text available.

Message received at 2099 <at> debbugs.gnu.org:


Received: (at 2099) by debbugs.gnu.org; 11 Sep 2011 21:31:52 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Sep 11 17:31:52 2011
Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1R2rd0-0004ao-Pp
	for submit <at> debbugs.gnu.org; Sun, 11 Sep 2011 17:31:51 -0400
Received: from hermes.netfonds.no ([80.91.224.195])
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <larsi@HIDDEN>) id 1R2rcx-0004aZ-92
	for 2099 <at> debbugs.gnu.org; Sun, 11 Sep 2011 17:31:48 -0400
Received: from cm-84.215.51.58.getinternet.no ([84.215.51.58]
	helo=stories.gnus.org)
	by hermes.netfonds.no with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16)
	(Exim 4.72) (envelope-from <larsi@HIDDEN>)
	id 1R2rYh-0001C4-Aa; Sun, 11 Sep 2011 23:27:23 +0200
From: Lars Magne Ingebrigtsen <larsi@HIDDEN>
To: Markus Triska <markus.triska@HIDDEN>
Subject: Re: 23.0.60; `mark_object' with larger nested objects crashes Emacs
In-Reply-To: <20090128230645.07F1DC468CC@HIDDEN> (Markus Triska's
	message of "Thu, 29 Jan 2009 00:06:45 +0100 (CET)")
Date: Sun, 11 Sep 2011 23:08:07 +0200
Message-ID: <m31uvmn5xk.fsf@HIDDEN>
References: <20090128230645.07F1DC468CC@HIDDEN>
User-Agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.50 (gnu/linux)
X-Now-Playing: Scout Niblett's _This Fool Can Die Now_: "Baby Emma"
MIME-Version: 1.0
Content-Type: text/plain
X-MailScanner-ID: 1R2rYh-0001C4-Aa
X-Netfonds-MailScanner: Found to be clean
X-Netfonds-MailScanner-From: larsi@HIDDEN
MailScanner-NULL-Check: 1316381243.39481@AmK1lcMWI0+7RMu59nTeVA
X-Spam-Status: No
X-Spam-Score: -2.7 (--)
X-Debbugs-Envelope-To: 2099
Cc: 2099 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.11
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Sender: debbugs-submit-bounces <at> debbugs.gnu.org
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
X-Spam-Score: -2.7 (--)

Markus Triska <markus.triska@HIDDEN> writes:

> When you do:
>
>    $ emacs -Q --eval "(let (v) (while t (setq v (cons v v))))"
>
> then Emacs crashes with:
>
>    Program received signal EXC_BAD_ACCESS, Could not access memory.
>    Reason: KERN_INVALID_ADDRESS at address: 0xbf7ffffc
>    0x0013bc1a in mark_object (arg=40166541) at alloc.c:5372
>    (gdb) bt
>    #0  0x0013bc1a in mark_object (arg=40166541) at alloc.c:5372

I can confirm that the crash is still present in Emacs 24:

[larsi@stories ~/src/emacs/trunk]$ gdb  --args ./src/emacs -Q --eval "(let (v) (while t (setq v (cons v v))))"

[...]

(gdb) run
Starting program: /home/larsi/src/emacs/trunk/src/emacs -Q --eval \(let\ \(v\)\ \(while\ t\ \(setq\ v\ \(cons\ v\ v\)\)\)\)
[Thread debugging using libthread_db enabled]

Program received signal SIGSEGV, Segmentation fault.
mark_object (arg=21115190) at alloc.c:5396
5396    {


-- 
(domestic pets only, the antidote for overdose, milk.)
  bloggy blog http://lars.ingebrigtsen.no/




Information forwarded to owner <at> debbugs.gnu.org, bug-gnu-emacs@HIDDEN:
bug#2099; Package emacs. Full text available.
Added tag(s) confirmed. Request was from Lars Magne Ingebrigtsen <larsi@HIDDEN> to control <at> debbugs.gnu.org. Full text available.

Message received at submit@HIDDEN:


Received: (at submit) by emacsbugs.donarmstrong.com; 28 Jan 2009 23:07:00 +0000
From triska@HIDDEN Wed Jan 28 15:06:59 2009
X-Spam-Checker-Version: SpamAssassin 3.2.5-bugs.debian.org_2005_01_02
	(2008-06-10) on rzlab.ucr.edu
X-Spam-Level: *
X-Spam-Bayes: score:0.5 Bayes not run. spammytokens:Tokens not available.
	hammytokens:Tokens not available.
X-Spam-Status: No, score=1.1 required=4.0 tests=FOURLA,IMPRONONCABLE_2
	autolearn=no version=3.2.5-bugs.debian.org_2005_01_02
Received: from fencepost.gnu.org (fencepost.gnu.org [140.186.70.10])
	by rzlab.ucr.edu (8.13.8/8.13.8/Debian-3) with ESMTP id n0SN6umw013664
	for <submit@HIDDEN>; Wed, 28 Jan 2009 15:06:57 -0800
Received: from mail.gnu.org ([199.232.76.166]:60413 helo=mx10.gnu.org)
	by fencepost.gnu.org with esmtp (Exim 4.67)
	(envelope-from <triska@HIDDEN>)
	id 1LSJT9-0004bO-T8
	for emacs-pretest-bug@HIDDEN; Wed, 28 Jan 2009 18:05:15 -0500
Received: from Debian-exim by monty-python.gnu.org with spam-scanned (Exim 4.60)
	(envelope-from <triska@HIDDEN>)
	id 1LSJUi-0004YA-SW
	for emacs-pretest-bug@HIDDEN; Wed, 28 Jan 2009 18:06:54 -0500
Received: from mail.gmx.net ([213.165.64.20]:34129)
	by monty-python.gnu.org with smtp (Exim 4.60)
	(envelope-from <triska@HIDDEN>)
	id 1LSJUi-0004Xq-CE
	for emacs-pretest-bug@HIDDEN; Wed, 28 Jan 2009 18:06:52 -0500
Received: (qmail invoked by alias); 28 Jan 2009 23:06:49 -0000
Received: from chello062178240212.3.14.tuwien.teleweb.at (EHLO mt-computer.local) [62.178.240.212]
  by mail.gmx.net (mp047) with SMTP; 29 Jan 2009 00:06:49 +0100
X-Authenticated: #4064391
X-Provags-ID: V01U2FsdGVkX1+9zAR6PLO9nBfIFn3A45ZM/7qP/ylo30772Lq5iE
	3xWAVH7hH0+DVf
Received: by mt-computer.local (Postfix, from userid 502)
	id 07F1DC468CC; Thu, 29 Jan 2009 00:06:45 +0100 (CET)
From: Markus Triska <markus.triska@HIDDEN>
To: emacs-pretest-bug@HIDDEN
Subject: 23.0.60; `mark_object' with larger nested objects crashes Emacs
Message-Id: <20090128230645.07F1DC468CC@HIDDEN>
Date: Thu, 29 Jan 2009 00:06:45 +0100 (CET)
X-Y-GMX-Trusted: 0
X-FuHaFi: 0.5
X-detected-operating-system: by monty-python.gnu.org: Genre and OS details not recognized.


When you do:

   $ emacs -Q --eval "(let (v) (while t (setq v (cons v v))))"

then Emacs crashes with:

   Program received signal EXC_BAD_ACCESS, Could not access memory.
   Reason: KERN_INVALID_ADDRESS at address: 0xbf7ffffc
   0x0013bc1a in mark_object (arg=40166541) at alloc.c:5372
   (gdb) bt
   #0  0x0013bc1a in mark_object (arg=40166541) at alloc.c:5372
   #1  0x0013bdf8 in mark_object (arg=40166549) at alloc.c:5655
   #2  0x0013bdf8 in mark_object (arg=40166557) at alloc.c:5655
   #3  0x0013bdf8 in mark_object (arg=40166565) at alloc.c:5655
   #4  0x0013bdf8 in mark_object (arg=40166573) at alloc.c:5655
   #5  0x0013bdf8 in mark_object (arg=40166581) at alloc.c:5655
   #6  0x0013bdf8 in mark_object (arg=40166589) at alloc.c:5655
   ...

Throwing an error or making GC stackless seems much preferable here.

In GNU Emacs 23.0.60.1 (i386-apple-darwin8.11.1, GTK+ Version 2.12.9)
 of 2009-01-28 on mt-computer.local
Windowing system distributor `The XFree86 Project, Inc', version 11.0.40400000
Important settings:
  value of $LC_ALL: nil
  value of $LC_COLLATE: nil
  value of $LC_CTYPE: nil
  value of $LC_MESSAGES: nil
  value of $LC_MONETARY: nil
  value of $LC_NUMERIC: nil
  value of $LC_TIME: nil
  value of $LANG: en_GB.UTF-8
  value of $XMODIFIERS: nil
  locale-coding-system: nil
  default-enable-multibyte-characters: t




Acknowledgement sent to Markus Triska <markus.triska@HIDDEN>:
New bug report received and forwarded. Copy sent to Emacs Bugs <bug-gnu-emacs@HIDDEN>. Full text available.
Report forwarded to bug-submit-list@HIDDEN, Emacs Bugs <bug-gnu-emacs@HIDDEN>:
bug#2099; Package emacs. Full text available.
Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.
Last modified: Mon, 25 Nov 2019 12:00:02 UTC

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.