From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Daniel Barrett <dbarrett@blazemonger.com>
Newsgroups: gmane.emacs.bugs
Subject: Re: Help debugging an Emacs crash
Date: Mon, 11 Apr 2005 20:45:04 -0400
Message-ID: <16987.6672.550519.311173@spinky.blazemonger.com>
References: <16977.30822.931471.679226@spinky.blazemonger.com>
	<01c5395a$Blat.v2.4$0356fec0@zahav.net.il>
Reply-To: Daniel Barrett <dbarrett@blazemonger.com>
NNTP-Posting-Host: main.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
X-Trace: sea.gmane.org 1113267351 12389 80.91.229.2 (12 Apr 2005 00:55:51 GMT)
X-Complaints-To: usenet@sea.gmane.org
NNTP-Posting-Date: Tue, 12 Apr 2005 00:55:51 +0000 (UTC)
Cc: dbarrett@blazemonger.com
Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Tue Apr 12 02:55:45 2005
Return-path: <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>
Original-Received: from lists.gnu.org ([199.232.76.165])
	by ciao.gmane.org with esmtp (Exim 4.43)
	id 1DL9gN-000088-Rt
	for geb-bug-gnu-emacs@m.gmane.org; Tue, 12 Apr 2005 02:55:12 +0200
Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43)
	id 1DL9Gb-0003Py-9W
	for geb-bug-gnu-emacs@m.gmane.org; Mon, 11 Apr 2005 20:28:33 -0400
Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1DL9Fo-00033v-7R
	for bug-gnu-emacs@gnu.org; Mon, 11 Apr 2005 20:27:44 -0400
Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1DL9Ff-0002zb-Iw
	for bug-gnu-emacs@gnu.org; Mon, 11 Apr 2005 20:27:39 -0400
Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1DL9Fd-0002vB-MI
	for bug-gnu-emacs@gnu.org; Mon, 11 Apr 2005 20:27:33 -0400
Original-Received: from [204.127.202.55] (helo=sccrmhc11.comcast.net)
	by monty-python.gnu.org with esmtp (Exim 4.34) id 1DL9Wg-0004QG-MC
	for bug-gnu-emacs@gnu.org; Mon, 11 Apr 2005 20:45:10 -0400
Original-Received: from spinky.blazemonger.com
	(c-24-60-175-62.hsd1.ma.comcast.net[24.60.175.62])
	by comcast.net (sccrmhc11) with ESMTP
	id <200504120045060110023t31e>; Tue, 12 Apr 2005 00:45:06 +0000
Original-Received: by spinky.blazemonger.com (Postfix, from userid 500)
	id 171F81388; Mon, 11 Apr 2005 20:45:06 -0400 (EDT)
Original-To: bug-gnu-emacs@gnu.org
X-Mailer: VM 7.19 under Emacs 21.4.1
X-DJB-Valid: Yes
X-BeenThere: bug-gnu-emacs@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Bug reports for GNU Emacs,
	the Swiss army knife of text editors" <bug-gnu-emacs.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/bug-gnu-emacs>,
	<mailto:bug-gnu-emacs-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/bug-gnu-emacs>
List-Post: <mailto:bug-gnu-emacs@gnu.org>
List-Help: <mailto:bug-gnu-emacs-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/bug-gnu-emacs>,
	<mailto:bug-gnu-emacs-request@gnu.org?subject=subscribe>
Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org
Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.bugs:11129
X-Report-Spam: http://spam.gmane.org/gmane.emacs.bugs:11129

On April 5, 2005, Eli Zaretskii wrote:
>> I am experiencing emacs segmentation faults under X. They occur at
>> random times, but always at the moment I press a key.  What is the
>> best way to debug this kind of problem?  I would be happy to enable
>> debugging in some way, and send you any useful information.
>>
>> The crashes occur only within Kyle Jones's Emacs mail reader package =22=
VM=22.
>> However, VM should not be able to crash emacs, so there must be an
>> underlying emacs or X bug.
>
>For starters, please run GDB on the core file and post here a
>traceback for these crashes.

OK, after installing emacs 21.4.1 and running in gdb for a week, I finall=
y
captured a segfault in the vm mailer. The stacktrace is below.

Also, I don't know if this is related, but emacs also =22stopped=22 many =
times
during the week, i.e., gdb and its invoking shell displayed:

=5B1=5D+  Stopped                 gdb /usr/local/emacs-21.4/bin/emacs
=24 fg
gdb /usr/local/emacs-21.4/bin/emacs
---Type <return> to continue, or q <return> to quit---

Pressing <return> resumed the Emacs session.

Here's the backtrace.  I'll leave gdb running and will gladly type any
debugging commands you request.

emacs-version:
(GNU Emacs 21.4.1 (i686-pc-linux-gnu, X toolkit, Xaw3d scroll bars) of
2005-04-05 on myhost)

Program received signal SIGSEGV, Segmentation fault.
make_uninit_multibyte_string (nchars=3D9, nbytes=3D9) at alloc.c:1330
1330      string_free_list =3D NEXT_FREE_LISP_STRING (s);
(gdb) bt
=230  make_uninit_multibyte_string (nchars=3D9, nbytes=3D9) at alloc.c:13=
30
=231  0x081238d4 in make_specified_string (
    contents=3D0xbfffc2a0 =22image/gif=5C234v+=5C030T=1B%G=EF=BF=BD=1B%=40=
X=1B%G=EF=BF=BD=EF=BF=BD=1B%=400Z=5C022=5Cb=5C234v+=5C030=5Ct=22, nchars=3D=
9, nbytes=3D9, multibyte=3D0) at alloc.c:1825
=232  0x0810fe79 in Fregexp_quote (string=3D946891788) at search.c:2876
=233  0x0813609d in Ffuncall (nargs=3D2, args=3D0xbfffc354) at eval.c:267=
0
=234  0x0816200b in Fbyte_code (bytestr=3D946891788, vector=3D1215331760,=
 maxdepth=3D4)
    at bytecode.c:716
=235  0x08135b1b in funcall_lambda (fun=3D1215331912, nargs=3D2,
    arg_vector=3D0xbfffc464) at eval.c:2851
=236  0x08135ee5 in Ffuncall (nargs=3D3, args=3D0xbfffc460) at eval.c:271=
6
=237  0x0816200b in Fbyte_code (bytestr=3D948339124, vector=3D1215333080,=
 maxdepth=3D3)
    at bytecode.c:716
=238  0x08135b1b in funcall_lambda (fun=3D1215333384, nargs=3D2,
    arg_vector=3D0xbfffc574) at eval.c:2851
=239  0x08135ee5 in Ffuncall (nargs=3D3, args=3D0xbfffc570) at eval.c:271=
6
=2310 0x0816200b in Fbyte_code (bytestr=3D1484510828, vector=3D1215357152=
,
    maxdepth=3D8) at bytecode.c:716
=2311 0x08135b1b in funcall_lambda (fun=3D1215357352, nargs=3D1,
    arg_vector=3D0xbfffc694) at eval.c:2851
=2312 0x08135ee5 in Ffuncall (nargs=3D2, args=3D0xbfffc690) at eval.c:271=
6
=2313 0x0816200b in Fbyte_code (bytestr=3D1216462656, vector=3D1215341480=
,
    maxdepth=3D3) at bytecode.c:716
=2314 0x08135352 in Feval (form=3D1483771164) at eval.c:2023
=2315 0x08137af8 in Fcondition_case (args=3D140891824) at eval.c:1211
=2316 0x081617cc in Fbyte_code (bytestr=3D945272068, vector=3D1215341544,=
 maxdepth=3D7)
    at bytecode.c:898
=2317 0x08135b1b in funcall_lambda (fun=3D1215341896, nargs=3D1,
    arg_vector=3D0xbfffca14) at eval.c:2851
=2318 0x08135ee5 in Ffuncall (nargs=3D2, args=3D0xbfffca10) at eval.c:271=
6
=2319 0x0816200b in Fbyte_code (bytestr=3D1216462656, vector=3D1215337504=
,
    maxdepth=3D6) at bytecode.c:716
=2320 0x08135b1b in funcall_lambda (fun=3D1215340096, nargs=3D0,
    arg_vector=3D0xbfffcad0) at eval.c:2851
=2321 0x08135cbd in apply_lambda (fun=3D1215340096, args=3D405300268, eva=
l_flag=3D1)
    at eval.c:2770
=2322 0x081350c9 in Feval (form=3D1483728204) at eval.c:2071
=2323 0x08137af8 in Fcondition_case (args=3D140891824) at eval.c:1211
=2324 0x081617cc in Fbyte_code (bytestr=3D1482072116, vector=3D1215498744=
,
    maxdepth=3D6) at bytecode.c:898
=2325 0x08135b1b in funcall_lambda (fun=3D1215499032, nargs=3D0,
    arg_vector=3D0xbfffce54) at eval.c:2851
=2326 0x08135ee5 in Ffuncall (nargs=3D1, args=3D0xbfffce50) at eval.c:271=
6
=2327 0x0816200b in Fbyte_code (bytestr=3D409617732, vector=3D1213693560,=
 maxdepth=3D9)
    at bytecode.c:716
=2328 0x08135b1b in funcall_lambda (fun=3D1215288520, nargs=3D1,
    arg_vector=3D0xbfffcfb4) at eval.c:2851
=2329 0x08135ee5 in Ffuncall (nargs=3D2, args=3D0xbfffcfb0) at eval.c:271=
6
=2330 0x081330e7 in Fcall_interactively (function=3D408680940,
    record_flag=3D405300268, keys=3D1210665384) at callint.c:797
=2331 0x080dd0b3 in Fcommand_execute (cmd=3D408680940, record_flag=3D4053=
00268,
    keys=3D405300268, special=3D405300268) at keyboard.c:9250
=2332 0x080e767c in command_loop_1 () at keyboard.c:1661
=2333 0x08134aea in internal_condition_case (bfun=3D0x80e72a0 <command_lo=
op_1>,
    handlers=3D405396612, hfun=3D0x80e2f40 <cmd_error>) at eval.c:1267
=2334 0x080e2b0c in command_loop_2 () at keyboard.c:1245
=2335 0x08134bc2 in internal_catch (tag=3D200, func=3D0x80e2af0 <command_=
loop_2>,
    arg=3D405300268) at eval.c:1030
=2336 0x080e2c41 in command_loop () at keyboard.c:1224
=2337 0x080e2ce6 in recursive_edit_1 () at keyboard.c:950
=2338 0x080e2dff in Frecursive_edit () at keyboard.c:1006
=2339 0x080d9f40 in main (argc=3D3, argv=3D0xbfffd7d4, envp=3D0xbfffd7e4)=

    at emacs.c:1547

(gdb) down 39
=230  make_uninit_multibyte_string (nchars=3D9, nbytes=3D9) at alloc.c:13=
30
1330      string_free_list =3D NEXT_FREE_LISP_STRING (s);

(gdb) list
1325          total_free_strings +=3D STRINGS_IN_STRING_BLOCK;
1326        =7D
1327
1328      /* Pop a Lisp_String off the free-list.  */
1329      s =3D string_free_list;
1330      string_free_list =3D NEXT_FREE_LISP_STRING (s);
1331
1332      /* Probably not strictly necessary, but play it safe.  */
1333      bzero (s, sizeof *s);
1334

(gdb) p total_free_strings
=241 =3D 52

(gdb) p string_free_list
=242 =3D (struct Lisp_String *) 0xc8

(gdb) p *string_free_list
Cannot access memory at address 0xc8

--
Dan Barrett
dbarrett=40blazemonger.com