bug#14982: 24.3; core dump on NetBSD in graphical mode on files in cvs

bug#14982: 24.3; core dump on NetBSD in graphical mode on files in cvs

[tk]

When editing a file in emacs in GTK mode, emacs reproducibly crashes for
me. It doesn't happen when start editing with 'emacs -nw'.
One example test case where this reproducibly happens for me on
NetBSD-6.99.23/amd64 is
emacs /usr/pkgsrc/doc/guide/files/options.xml
It also happens with
emacs -Q /usr/pkgsrc/doc/guide/files/options.xml
but not with
emacs -nw /usr/pkgsrc/doc/guide/files/options.xml

When I compile emacs with '-g -O0' and start it in gdb, I get the
following backtrace (bt full):

#0  0x00007f7febd09354 in strncmp () from /usr/lib/libc.so.12
No symbol table info available.
#1  0x00007f7febcb9dce in __getenvslot (allocate=<optimized out>, name=<optimized out>, l_name=<optimized out>, allocate=<optimized out>) at /archive/foreign/src/lib/libc/stdlib/_env.c:266
        num_entries = <optimized out>
        required_size = <optimized out>
        new_size = <optimized out>
        new_environ = <optimized out>
#2  __findenvvar (name=0x7f7fefc063a2 "LANGUAGE", l_name=8) at /archive/foreign/src/lib/libc/stdlib/_env.c:333
No locals.
#3  0x00007f7febcb9854 in getenv (name=0x7f7fefc063a2 "LANGUAGE") at /archive/foreign/src/lib/libc/stdlib/getenv.c:74
        l_name = 8
        result = <optimized out>
#4  0x00007f7fefc03678 in get_lang_env (category_name=0x7f7fefc0640e "LC_MESSAGES") at /archive/foreign/src/lib/libintl/gettext.c:821
        lang = <optimized out>
#5  dcngettext (domainname=<optimized out>, msgid1=0x7f7ff5a9c818 "Horizontal position of child in available space. 0.0 is left aligned, 1.0 is right aligned", 
    msgid2=0x7f7ff5a9c818 "Horizontal position of child in available space. 0.0 is left aligned, 1.0 is right aligned", n=1, category=<optimized out>) at /archive/foreign/src/lib/libintl/gettext.c:883
        olpath = '\000' <repeats 1023 times>
        ocname = 0x0
        odomainname = 0x0
        path = " ", '\000' <repeats 15 times>, "V\267\271\001", '\000' <repeats 12 times>, "2\360\303\000\000\000\000\000\f\000\000\000\000\000\000\000u\253\317\000\000\000\000\000AG}\001\000\000\000\000\062\360\303\000\000\000\000\000AG}\001\000\000\000\000\b}\341\000\000\000\000\000u\253\317\000\000\000\000\000 \261\377\377\177\177\000\000]I�\000\000\000\000\000\062\360\303\000\000\000\000\000\065z\321\353\001\000\000\000 \261\377\377\177\177\000\000|\261\377\377\177\177\000\000\b\257\377\377\177\177\000\000\240\256\377\377\177\177\000\000\f\000\000\000\000\000\000\000f\260\271\001\000\000\000\000\f\000\000\000\000\000\000\000\022\216\323\000\000\000\000\000f\260\271\001\000\000\000\000\062\360\303\000\000\000\000\000"...
        len = 23692678
        msgid = 0x7f7ff5a9c818 "Horizontal position of child in available space. 0.0 is left aligned, 1.0 is right aligned"
        plural_index = <error reading variable plural_index (Cannot access memory at address 0x0)>
        cname = 0x7f7fefc0640e "LC_MESSAGES"
        db = <optimized out>
        lpath = <optimized out>
        v = <optimized out>
#6  0x00007f7ff588999a in ?? () from /usr/pkg/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#7  0x00007f7ff0c2ab51 in g_type_class_ref () from /usr/pkg/lib/libgobject-2.0.so.0
No symbol table info available.
#8  0x00007f7ff0c15211 in g_object_newv () from /usr/pkg/lib/libgobject-2.0.so.0
No symbol table info available.
#9  0x00007f7ff0c156de in g_object_new () from /usr/pkg/lib/libgobject-2.0.so.0
No symbol table info available.
#10 0x00007f7ff588a142 in gtk_alignment_new () from /usr/pkg/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#11 0x00007f7ff59ef1fb in ?? () from /usr/pkg/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#12 0x00007f7ff0c2cb15 in g_type_create_instance () from /usr/pkg/lib/libgobject-2.0.so.0
No symbol table info available.
#13 0x00007f7ff0c1386b in g_object_constructor () from /usr/pkg/lib/libgobject-2.0.so.0
No symbol table info available.
#14 0x00007f7ff0c151a8 in g_object_newv () from /usr/pkg/lib/libgobject-2.0.so.0
No symbol table info available.
#15 0x00007f7ff0c156de in g_object_new () from /usr/pkg/lib/libgobject-2.0.so.0
No symbol table info available.
#16 0x00007f7ff59f0b87 in ?? () from /usr/pkg/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#17 0x00007f7ff592f78a in gtk_main_do_event () from /usr/pkg/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#18 0x00007f7ff545aa32 in ?? () from /usr/pkg/lib/libgdk-x11-2.0.so.0
No symbol table info available.
#19 0x00007f7ff00439d9 in g_main_context_dispatch () from /usr/pkg/lib/libglib-2.0.so.0
No symbol table info available.
#20 0x00007f7ff0043cbf in g_main_context_iterate.clone.5 () from /usr/pkg/lib/libglib-2.0.so.0
No symbol table info available.
#21 0x00007f7ff0043d8e in g_main_context_iteration () from /usr/pkg/lib/libglib-2.0.so.0
No symbol table info available.
#22 0x00007f7ff592ebd5 in gtk_main_iteration () from /usr/pkg/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#23 0x0000000000505977 in XTread_socket (terminal=0x11f0c60, hold_quit=0x7f7fffffc130) at xterm.c:7178
        count = 0
        event_found = 0
#24 0x00000000005470b0 in gobble_input () at keyboard.c:6767
        nr = 0
        hold_quit = {kind = NO_EVENT, code = 0, part = scroll_bar_above_handle, modifiers = 0, x = 0, y = 0, timestamp = 0, padding = {0x0, 0x0}, frame_or_window = 0, arg = 0}
        next = 0x0
        nread = 0
        err = false
        t = 0x11f0c60
#25 0x0000000000547934 in handle_async_input () at keyboard.c:7080
        nread = 0
#26 0x0000000000547950 in process_pending_signals () at keyboard.c:7094
No locals.
#27 0x00000000005b24dc in Fmake_list (length=0, init=12841010) at alloc.c:2560
        val = 28946678
        size = 0
#28 0x00000000005d9ef7 in concat (nargs=1, args=0x7f7fffffc368, target_type=Lisp_Cons, last_special=false) at fns.c:580
        val = -1
        tail = 12841010
        this = 28893526
        toindex = 12841010
        toindex_byte = 0
        result_len = 2
        result_len_byte = 2
        argnum = 1
        last_tail = 12841010
        prev = 0
        some_multibyte = false
        textprops = 0x0
        num_textprops = 0
        sa_count = 3
        sa_must_free = false
#29 0x00000000005d983a in Fcopy_sequence (arg=28893526) at fns.c:448
No locals.
#30 0x0000000000542e02 in timer_check () at keyboard.c:4441
        nexttime = {tv_sec = 549755798536, tv_nsec = 12841010}
        timers = 486704192
        idle_timers = 5516982
        gcpro1 = {next = 0x0, var = 0x7f7ff771e368, nvars = 140187732526112}
        gcpro2 = {next = 0x0, var = 0xffffffffffffffff, nvars = 0}
        tem = 12841010
#31 0x0000000000540ab4 in readable_events (flags=1) at keyboard.c:3351
No locals.
#32 0x0000000000546f12 in get_input_pending (flags=1) at keyboard.c:6680
No locals.
#33 0x000000000054deda in detect_input_pending_run_timers (do_display=true) at keyboard.c:10273
        old_timers_run = 20
#34 0x0000000000627fc2 in wait_reading_process_output (time_limit=0, nsecs=0, read_kbd=-1, do_display=true, wait_for_cell=12841010, wait_proc=0x0, just_wait_proc=0) at process.c:4743
        old_timers_run = 20
        old_buffer = 0xe2e400
        old_window = 19209317
        leave = 0
        timeout_reduced_for_timers = 1
        channel = -14896
        nfds = -1
        Available = {fds_bits = {0, 0, 0, 0, 0, 0, 0, 0}}
        Writeok = {fds_bits = {0, 0, 0, 0, 0, 0, 0, 0}}
        check_write = 0
        check_delay = 0
        no_avail = 1
        xerrno = 4
        proc = 0
        timeout = {tv_sec = 0, tv_nsec = 0}
        end_time = {tv_sec = 140187732526608, tv_nsec = 21495040}
        wait_channel = -1
        got_some_input = 0
        count = 2
#35 0x0000000000541763 in kbd_buffer_get_event (kbp=0x7f7fffffc890, used_mouse_menu=0x7f7fffffcd47, end_time=0x0) at keyboard.c:3803
        obj = 5507736
#36 0x000000000053f413 in read_char (commandflag=1, nmaps=6, maps=0x7f7fffffcb40, prev_event=12841010, used_mouse_menu=0x7f7fffffcd47, end_time=0x0) at keyboard.c:2769
        kb = 0x7f7fffffc8b0
        c = 12841010
        jmpcount = 2
        local_getcjmp = {6, 140187732527840, 140187732530424, 140187589010280, 12670624, 140187589010264, 140187732527128, 5499624, 8589934627, 433791696896, 1}
        save_jump = {0 <repeats 11 times>}
        tem = 22
        save = 23639222
        previous_echo_area_message = 12841010
        also_record = 12841010
        reread = false
        gcpro1 = {next = 0x0, var = 0xe2e405, nvars = 4}
        gcpro2 = {next = 0xc3f032, var = 0xc46ea2, nvars = 140187732527392}
        polling_stopped_here = true
        orig_kboard = 0xcc5800
#37 0x000000000054bb12 in read_key_sequence (keybuf=0x7f7fffffcfc0, bufsize=30, prompt=12841010, dont_downcase_last=false, can_return_switch_frame=true, fix_current_buffer=true) at keyboard.c:9231
        interrupted_kboard = 0xcc5800
        interrupted_frame = 0x1250c60
        key = 19213408
        used_mouse_menu = false
        echo_local_start = 0
        last_real_key_start = 0
        keys_local_start = 0
        local_first_binding = 0
        from_string = 12841010
        count = 2
        t = 0
        echo_start = 0
        keys_start = 0
        nmaps = 6
        nmaps_allocated = 6
        defs = 0x7f7fffffcb00
        submaps = 0x7f7fffffcb40
        orig_local_map = 24013398
        orig_keymap = 12841010
        localized_local_map = 0
        first_binding = 0
        first_unbound = 31
        mock_input = 0
        fkey = {parent = 20335286, map = 20335286, start = 0, end = 0}
        keytran = {parent = 12822966, map = 12822966, start = 0, end = 0}
        indec = {parent = 20335270, map = 20335270, start = 0, end = 0}
        shift_translated = false
        delayed_switch_frame = 12841010
        original_uppercase = 19213408
        original_uppercase_position = -1
        dummyflag = false
        starting_buffer = 0xe2e400
        fake_prefixed_keys = 12841010
        gcpro1 = {next = 0x7f7fffffcd80, var = 0x5ba48c, nvars = 12841010}
#38 0x000000000053c984 in command_loop_1 () at keyboard.c:1459
        cmd = 16282342
        keybuf = {140187598224384, 12974320, 12865536, 12841010, 140187732529168, 6006053, 140187598238720, 12841010, 140187598240768, 2, 140187732529248, 6008429, 12841010, 12974322, 140187732529328, 6007409, 
          12646896, 12841010, 0, 12974320, 140187732529408, 6122484, 13121750, 2, 12974322, 12841010, 0, 24, 140187598246912, 12841010}
        i = 0
        prev_modiff = 0
        prev_buffer = 0x0
        already_adjusted = false
#39 0x00000000005d2889 in internal_condition_case (bfun=0x53c599 <command_loop_1>, handlers=12894978, hfun=0x53bea4 <cmd_error>) at eval.c:1289
        val = 0
        c = {tag = 12841010, val = 12841010, next = 0x7f7fffffd2a0, gcpro = 0x0, jmp = {2, 140187732529728, 140187732530424, 140187589010280, 12670624, 140187589010264, 140187732529464, 6105090, 
            140187732529480, 6105090, 140187589010264}, backlist = 0x0, handlerlist = 0x0, lisp_eval_depth = 0, pdlcount = 2, poll_suppress_count = 1, interrupt_input_blocked = 0, byte_stack = 0x0}
        h = {handler = 12894978, var = 12841010, chosen_clause = 12894978, tag = 0x7f7fffffd190, next = 0x0}
#40 0x000000000053c2b4 in command_loop_2 (ignore=12841010) at keyboard.c:1168
        val = 2
#41 0x00000000005d2261 in internal_catch (tag=12891074, func=0x53c28e <command_loop_2>, arg=12841010) at eval.c:1060
        c = {tag = 12891074, val = 12841010, next = 0x0, gcpro = 0x0, jmp = {2, 140187732530000, 140187732530424, 140187589010280, 12670624, 140187589010264, 140187732529784, 6103626, 140187732530016, 13092912, 
            42949672970}, backlist = 0x0, handlerlist = 0x0, lisp_eval_depth = 0, pdlcount = 2, poll_suppress_count = 1, interrupt_input_blocked = 0, byte_stack = 0x0}
#42 0x000000000053c266 in command_loop () at keyboard.c:1147
No locals.
#43 0x000000000053b9f2 in recursive_edit_1 () at keyboard.c:779
        count = 1
        val = 12841010
#44 0x000000000053bb98 in Frecursive_edit () at keyboard.c:843
        count = 0
        buffer = 12841010
#45 0x0000000000539ca2 in main (argc=2, argv=0x7f7fffffd510) at emacs.c:1528
        dummy = 140187732541408
        stack_bottom_variable = 0 '\000'
        do_initial_setlocale = true
        dumping = false
        skip_args = 0
        rlim = {rlim_cur = 8720384, rlim_max = 134217728}
        no_loadup = false
        junk = 0x0
        dname_arg = 0x0
        ch_to_dir = 0x40b4c0 "\020\225\215"

xbacktrace gives:
(gdb) xbacktrace
Undefined command: "xbacktrace".  Try "help".


In GNU Emacs 24.3.1 (x86_64--netbsd, GTK+ Version 2.24.20)
 of 2013-07-27 on yt.nih.at
Windowing system distributor `The Xorg Foundation', version 11.0.11006000
Configured using:
 `configure '--srcdir=/scratch/editors/emacs24/work/emacs-24.3'
 '--localstatedir=/var' '--with-x' '--with-xpm' '--with-jpeg'
 '--with-tiff' '--with-gif' '--with-png' '--with-x-toolkit=gtk'
 '--prefix=/usr/pkg' '--build=x86_64--netbsd' '--host=x86_64--netbsd'
 '--infodir=/usr/pkg/info' '--mandir=/usr/pkg/man'
 'build_alias=x86_64--netbsd' 'host_alias=x86_64--netbsd' 'CC=gcc'
 'CFLAGS=-O2 -I/usr/include -I/usr/pkg/include
 -I/usr/pkg/include/freetype2 -I/usr/pkg/include/libdrm'
 'LDFLAGS=-L/usr/lib -Wl,-R/usr/lib -L/usr/pkg/lib -Wl,-R/usr/pkg/lib'
 'LIBS=' 'CPPFLAGS=-DTERMINFO -I/usr/include -I/usr/pkg/include
 -I/usr/pkg/include/freetype2 -I/usr/pkg/include/libdrm''

Important settings:
  value of $LC_CTYPE: de_DE.UTF-8
  locale-coding-system: utf-8-unix
  default enable-multibyte-characters: t

Major mode: Lisp Interaction

Minor modes in effect:
  show-paren-mode: t
  electric-indent-mode: t
  global-semantic-mru-bookmark-mode: t
  global-semanticdb-minor-mode: t
  global-semantic-idle-completions-mode: t
  global-semantic-idle-scheduler-mode: t
  global-semantic-idle-summary-mode: t
  global-semantic-decoration-mode: t
  global-semantic-highlight-func-mode: t
  semantic-mode: t
  global-ede-mode: t
  global-auto-complete-mode: t
  auto-complete-mode: t
  tooltip-mode: t
  mouse-wheel-mode: t
  tool-bar-mode: t
  file-name-shadow-mode: t
  global-font-lock-mode: t
  font-lock-mode: t
  blink-cursor-mode: t
  auto-composition-mode: t
  auto-encryption-mode: t
  auto-compression-mode: t
  line-number-mode: t
  transient-mark-mode: t

Recent input:
<escape> x r e p o <tab> r <tab> <return>

Recent messages:
Loading electric...done
Loading paren...done
For information about GNU Emacs and the GNU system, type C-h C-a.
Making completion list...

Load-path shadows:
None found.

Features:
(shadow sort gnus-util mail-extr emacsbug message format-spec rfc822 mml
mml-sec mm-decode mm-bodies mm-encode mail-parse rfc2231 mailabbrev
gmm-utils mailheader sendmail rfc2047 rfc2045 ietf-drums mm-util
mail-prsvr mail-utils help-mode warnings server org-install paren
electric cus-start cus-load semantic/mru-bookmark ring semantic/db-mode
semantic/db semantic/idle semantic/format semantic/ctxt
semantic/decorate/mode semantic/tag-ls semantic/find semantic/decorate
pulse semantic/util-modes semantic/util semantic semantic/tag
semantic/lex semantic/fw mode-local ede/cpp-root ede/emacs advice
help-fns advice-preload ede/speedbar ede/files ede ede/base ede/auto
ede/source eieio-base eieio-speedbar speedbar sb-image ezimage dframe
easymenu eieio-custom wid-edit eieio byte-opt bytecomp byte-compile
cconv cedet auto-complete-config auto-complete edmacro kmacro cl-macs gv
popup cl cl-lib time-date tooltip ediff-hook vc-hooks lisp-float-type
mwheel x-win x-dnd tool-bar dnd fontset image regexp-opt fringe
tabulated-list newcomment lisp-mode register page menu-bar rfn-eshadow
timer select scroll-bar mouse jit-lock font-lock syntax facemenu
font-core frame cham georgian utf-8-lang misc-lang vietnamese tibetan
thai tai-viet lao korean japanese hebrew greek romanian slovak czech
european ethiopic indian cyrillic chinese case-table epa-hook
jka-cmpr-hook help simple abbrev minibuffer loaddefs button faces
cus-face macroexp files text-properties overlay sha1 md5 base64 format
env code-pages mule custom widget hashtable-print-readable backquote
make-network-process dbusbind dynamic-setting system-font-setting
font-render-setting move-toolbar gtk x-toolkit x multi-tty emacs)

Let me know if you need further details.

Thanks,
 Thomas Klausner

-- 
Curiosity is the very basis of education and if you tell me that 
curiosity killed the cat, I say only that the cat died nobly.
- Arnold Edinborough

bug#14982: 24.3; core dump on NetBSD in graphical mode on files in cvs

[Paul Eggert]

From that description it'd be a bit painful for me to try to reproduce
the problem, as I don't use NetBSD and don't know where to get
NetBSD-6.99.23/amd64's /usr/pkgsrc/doc/guide/files/options.xml.

Is that file easily retrievable from somewhere?
I could try to reproduce the problem with the Emacs trunk
on platforms that I use.

bug#14982: 24.3; core dump on NetBSD in graphical mode on files in cvs

[Thomas Klausner]

Hi Paul!

First off, thanks for looking at this!

On Mon, Aug 12, 2013 at 12:19:42AM -0700, Paul Eggert wrote:
> From that description it'd be a bit painful for me to try to reproduce
> the problem, as I don't use NetBSD and don't know where to get
> NetBSD-6.99.23/amd64's /usr/pkgsrc/doc/guide/files/options.xml.
> 
> Is that file easily retrievable from somewhere?
> I could try to reproduce the problem with the Emacs trunk
> on platforms that I use.

Try this (you'll have to install cvs if you don't have it):

# cvs -d anoncvs@anoncvs.netbsd.org:/cvsroot/ co pkgsrc/doc
U pkgsrc/doc/guide/Makefile.common
U pkgsrc/doc/guide/PLIST
U pkgsrc/doc/guide/README
U pkgsrc/doc/guide/distinfo
U pkgsrc/doc/guide/files/Makefile
U pkgsrc/doc/guide/files/binary.xml
U pkgsrc/doc/guide/files/build.xml
U pkgsrc/doc/guide/files/buildlink.xml
U pkgsrc/doc/guide/files/bulk.xml
U pkgsrc/doc/guide/files/chapters.ent
U pkgsrc/doc/guide/files/components.xml
U pkgsrc/doc/guide/files/configuring.xml
U pkgsrc/doc/guide/files/creating.xml
U pkgsrc/doc/guide/files/debug.xml
U pkgsrc/doc/guide/files/devfaq.xml
U pkgsrc/doc/guide/files/editing.xml
U pkgsrc/doc/guide/files/examples.xml
U pkgsrc/doc/guide/files/faq.xml
U pkgsrc/doc/guide/files/files.xml
U pkgsrc/doc/guide/files/fixes.xml
U pkgsrc/doc/guide/files/ftp-layout.xml
U pkgsrc/doc/guide/files/getting.xml
U pkgsrc/doc/guide/files/gnome.xml
U pkgsrc/doc/guide/files/infr.design.xml
U pkgsrc/doc/guide/files/introduction.xml
U pkgsrc/doc/guide/files/logs.xml
U pkgsrc/doc/guide/files/makefile.xml
U pkgsrc/doc/guide/files/options.xml
U pkgsrc/doc/guide/files/pkginstall.xml
U pkgsrc/doc/guide/files/pkgsrc.ent
U pkgsrc/doc/guide/files/pkgsrc.xml
U pkgsrc/doc/guide/files/platforms.xml
U pkgsrc/doc/guide/files/plist.xml
U pkgsrc/doc/guide/files/porting.xml
U pkgsrc/doc/guide/files/regression.xml
U pkgsrc/doc/guide/files/submit.xml
U pkgsrc/doc/guide/files/tools.xml
U pkgsrc/doc/guide/files/using.xml
U pkgsrc/doc/guide/files/share/catalog
U pkgsrc/doc/guide/files/share/default-html-chunk.xsl
U pkgsrc/doc/guide/files/share/default-html.xsl
U pkgsrc/doc/guide/files/share/default.dsl
# emacs pkgsrc/doc/guide/files/options.xml

Another detail I just noted: the core dump only happens for me when
the emacs window first gets focus.

Cheers,
 Thomas

bug#14982: 24.3; core dump on NetBSD in graphical mode on files in cvs

[Paul Eggert]

Thanks, unfortunately I can't reproduce the problem on Fedora 17
with Emacs 24.3, when I edit my copy of options.xml.
So this may be NetBSD specific.

bug#14982: 24.3; core dump on NetBSD in graphical mode on files in cvs

[Thomas Klausner]

On Mon, Aug 12, 2013 at 02:08:11AM -0700, Paul Eggert wrote:
> Thanks, unfortunately I can't reproduce the problem on Fedora 17
> with Emacs 24.3, when I edit my copy of options.xml.
> So this may be NetBSD specific.

Just to make sure: you were using a gtk version of emacs?
Which version of gtk do you have installed? Perhaps that makes a difference too.

Thanks,
 Thomas

bug#14982: 24.3; core dump on NetBSD in graphical mode on files in cvs

[Paul Eggert]

Thomas Klausner wrote:
> Just to make sure: you were using a gtk version of emacs?

Yes.

> Which version of gtk do you have installed? Perhaps that makes a difference too.

libgtk-3, on Fedora 17.

bug#14982: 24.3; core dump on NetBSD in graphical mode on files in cvs

[Thomas Klausner]

On Mon, Aug 12, 2013 at 08:51:31AM -0700, Paul Eggert wrote:
> > Which version of gtk do you have installed? Perhaps that makes a difference too.
> 
> libgtk-3, on Fedora 17.

Ok, I'm still using gtk2. I'll try and compile it against gtk3.
 Thomas

bug#14982: 24.3; core dump on NetBSD in graphical mode on files in cvs

[Thomas Klausner]

On Mon, Aug 12, 2013 at 08:51:31AM -0700, Paul Eggert wrote:
> Thomas Klausner wrote:
> > Just to make sure: you were using a gtk version of emacs?
> 
> Yes.
> 
> > Which version of gtk do you have installed? Perhaps that makes a difference too.
> 
> libgtk-3, on Fedora 17.

Ok, I've now tried with an emacs compiled against gtk3-3.8.2 and still
see a core dump. So perhaps it is NetBSD-specific.

I've included a detailed core dump in my original bug report.
Does anyone have an idea what could be the cause?
 Thomas

bug#14982: 24.3; core dump on NetBSD in graphical mode on files in cvs

[Paul Eggert]

[-- Attachment #1: Type: text/plain, Size: 479 bytes --]

Thomas Klausner wrote:
> I've included a detailed core dump in my original bug report.
> Does anyone have an idea what could be the cause?

Looks like a bad pointer.

If it's easily reproducible, can you reproduce it under valgrind?
I'm attaching the valgrind.supp I use on Fedora 17, maybe you can
use something similar on NetBSD.  It works only with temacs, but
perhaps you can reproduce the problem with temacs.  Instructions
for use are near the start of the attached file.


[-- Attachment #2: valgrind.supp --]
[-- Type: text/plain, Size: 3027 bytes --]

# valgrind suppression file
# Example use:
#    valgrind --db-attach=yes --suppressions=valgrind.supp ./temacs -l loadup

# This works with 'temacs', but not with 'bootstrap-emacs' or with 'emacs'
# due to incompabilities between valgrind and the way Emacs dumps itself.

# This is intended to work on both 32- and 64-bit hosts, so many rules
# are duplicated, e.g., there are rules for both Value4 and Value8.

# Conservative garbage collection inherently looks at uninitialized values,
# and Fgarbage_collect and its callees all depend on this.
# It's hard to separate out exactly which callees need to be listed here,
# since the C compiler can inline them.  Also, valgrind doesn't care
# about the use of uninitialized variables directly, only when their values
# are eventually used.  So just list Fgarbage_collect and its callees.
{
   Fgarbage_collect Cond - conservative garbage collection
   Memcheck:Cond
   ...
   fun:Fgarbage_collect
}
{
   Fgarbage_collect Value4 - conservative garbage collection
   Memcheck:Value4
   ...
   fun:Fgarbage_collect
}
{
   Fgarbage_collect Value8 - conservative garbage collection
   Memcheck:Value8
   ...
   fun:Fgarbage_collect
}
# valgrind only looks at the last few callees on the stack, but
# mark_object can call itself recursively and deeply.  So list
# it too, in case Fgarbage_collect is a long way from the stack top.
{
   Fgarbage_collect Cond - conservative garbage collection
   Memcheck:Cond
   ...
   fun:mark_object
}
{
   Fgarbage_collect Value4 - conservative garbage collection
   Memcheck:Value4
   ...
   fun:mark_object
}
{
   Fgarbage_collect Value8 - conservative garbage collection
   Memcheck:Value8
   ...
   fun:mark_object
}
# On Ubuntu 12.04 x86, valgrind gets confused about the call stack.
# GDB reports this:
#	mark_vectorlike
#	mark_maybe_pointer
#	mark_memory
#	mark_stack
#	Fgarbage_collect
#	Ffuncall
# but valgrind sees only the first and last functions in the chain.
{
   mark_vectorlike Value4 - conservative garbage collection
   Memcheck:Value4
   fun:mark_vectorlike
}
# There's a similar problem on Fedora 17 x86-64 with mark_maybe_object.
{
   mark_maybe_object Value8 - conservative garbage collection
   Memcheck:Value8
   fun:mark_maybe_object
}

# Fedora 17 x86-64 warns about this, for no good reason.
{
   timer_create evp arg is only partly initialized
   Memcheck:Param
   timer_create(evp)
   ...
   fun:init_atimer
}

# On Ubuntu 12.04 x86, strlen is inlined to something that loads 4 bytes
# at a time.
{
   libfontconfig optimized strlen
   Memcheck:Addr4
   obj:/usr/lib*/libfontconfig.so*
}

# On Ubuntu 12.04 x86, several libraries have issues due to unknown reasons.
{
   libgdk and libglib unknown issue
   Memcheck:Param
   writev(vector[...])
   fun:writev
}
{
   libgtk unknown issue
   Memcheck:Cond
   ...
   obj:/usr/lib*/libgtk-x11-*.so*
}
{
   libpixman unknown issue
   Memcheck:Cond
   ...
   obj:/usr/lib*/libpixman-*.so*
}
{
   librsvg unknown issue
   Memcheck:Cond
   ...
   obj:/usr/lib*/librsvg-*.so*
}

bug#14982: 24.3; core dump on NetBSD in graphical mode on files in cvs

[Thomas Klausner]

On Wed, Aug 14, 2013 at 04:38:50PM -0700, Paul Eggert wrote:
> Looks like a bad pointer.
> 
> If it's easily reproducible, can you reproduce it under valgrind?
> I'm attaching the valgrind.supp I use on Fedora 17, maybe you can
> use something similar on NetBSD.  It works only with temacs, but
> perhaps you can reproduce the problem with temacs.  Instructions
> for use are near the start of the attached file.

Sadly, there is no valgrind port for NetBSD. Do you have another idea
how to track this down?

Thanks for your help,
 Thomas

bug#14982: 24.3; core dump on NetBSD in graphical mode on files in cvs

[Paul Eggert]

Thomas Klausner wrote:
> Sadly, there is no valgrind port for NetBSD. Do you have another idea
> how to track this down?

Sorry, I've never used NetBSD so I don't have
any ideas other than "run GDB and tear your
hair out".

bug#14982: 24.3; core dump on NetBSD in graphical mode on files in cvs

[Thomas Klausner]

On Thu, Sep 05, 2013 at 06:07:01AM -0700, Paul Eggert wrote:
> Sorry, I've never used NetBSD so I don't have
> any ideas other than "run GDB and tear your
> hair out".

Some minimal progress:
# emacs creating.xml 
Fatal error 11: Segmentation fault
Backtrace:
0x4ea7d6 <XSetWMNormalHints+0x21a0f> at emacs
0x4d04c2 <XSetWMNormalHints+0x76fb> at emacs
0x4e952e <XSetWMNormalHints+0x20767> at emacs
0x4e95de <XSetWMNormalHints+0x20817> at emacs
zsh: segmentation fault (core dumped)  emacs creating.xml
# ulimit -a
-t: cpu time (seconds)              unlimited
-f: file size (blocks)              unlimited
-d: data seg size (kbytes)          262144
-s: stack size (kbytes)             4096
-c: core file size (blocks)         unlimited
-m: resident set size (kbytes)      32512204
-l: locked-in-memory size (kbytes)  10837401
-u: processes                       160
-n: file descriptors                128
-b: socket buffer size (bytes)      unlimited
-v: virtual memory size (kbytes)    unlimited
-r: threads                         160
# ulimit -s 20000
# emacs creating.xml
(works)

So there seems to be some big object on the stack.

What are your stack size settings?
Can you reproduce this segfault by reducing your stack size?

Suggestions where to look?

Thanks,
 Thomas

bug#14982: 24.3; core dump on NetBSD in graphical mode on files in cvs

[Paul Eggert]

Thomas Klausner wrote:
> What are your stack size settings?
> Can you reproduce this segfault by reducing your stack size?

No, it works for me with Fedora 19 x86-64
and Emacs 24.3 (bundled with fedora)
even after I type 'ulimit -s 4096'.
It works even after 'ulimit -s 1024'.

Sorry, I don't know what to suggest next,
other than GDB.

bug#14982: 24.3; core dump on NetBSD in graphical mode on files in cvs

[Thomas Klausner]

On Fri, Sep 06, 2013 at 04:07:58PM -0700, Paul Eggert wrote:
> Sorry, I don't know what to suggest next,
> other than GDB.

Valery Ushakov <uwe@stderr.spb.ru> tracked it down.

It was a bug in the environ variable handling in NetBSD's libc that
interacted badly with emacs' loading/saving of environment states.

See the thread on NetBSD's current-users mailing list; perhaps start
reading at

http://mail-index.netbsd.org/current-users/2013/09/08/msg023271.html

where Valery starts getting into details.

A fix was committed to NetBSD-current; I think the bug appeared after
NetBSD 5 and before NetBSD 6.

You can close this bug report. Thanks for your help!
 Thomas

bug#14982: 24.3; core dump on NetBSD in graphical mode on files in cvs

[Paul Eggert]

Thanks for helping to track down the problem; closing the bug.