>> According to the stack trace, the crash seems to happen by
>> dereferencing NULL pointer (with some offset) in a non-main thread
>> executing the following code in the SIGIO handler.
>>
>>  if (input_available_clear_time)
>>    EMACS_SET_SECS_USECS (*input_available_clear_time, 0, 0);
>>
>> EMACS_SET_SECS_USECS consists of multiple instructions, and
>> input_available_clear_time might be cleared to NULL by the main thread
>> between the NULL-check and the completion of EMACS_SET_SECS_USECS in a
>> non-main thread.
>>
>> Could you try the following patch for a while to see if it can avoid
>> the issue?

> YAMAMOTO,
>
> Thank you for the patch.  I'll will test it this week.

I've been using YAMAMOTO's patch for two days, and no crashes.  Yay!

If I do not see a crash by Friday, then I will close bug#5333.

Steve