From: Fabrice Popineau <fabrice.popineau@gmail.com>
To: Eli Zaretskii <eliz@gnu.org>
Cc: 22526@debbugs.gnu.org, andrewjmoreton@gmail.com
Subject: bug#22526: 25.0.90; Crash starting gnus
Date: Sat, 13 Feb 2016 22:35:57 +0100 [thread overview]
Message-ID: <CAFgFV9OQQZYqHaes5=Nh26sGQ8O3PPGqbgMW=SsVaMc0Fj1pZA@mail.gmail.com> (raw)
In-Reply-To: <83d1s05zov.fsf@gnu.org>
[-- Attachment #1: Type: text/plain, Size: 4200 bytes --]
2016-02-13 17:42 GMT+01:00 Eli Zaretskii <eliz@gnu.org>:
> > From: Fabrice Popineau <fabrice.popineau@gmail.com>
> > Date: Sat, 13 Feb 2016 17:08:07 +0100
> > Cc: andrewjmoreton@gmail.com, 22526@debbugs.gnu.org
> >
> > Sorry for the delay with my answer, I'm trying to catch up with this
> problem.
>
> No need to apologize. Thanks for chiming in.
>
> > First, and about the patch Eli has offered for mmap_realloc(), I would
> be interested in knowing
> > what was the error code at line 718:
> > DebPrint (("realloc enlarge: VirtualAlloc error %ld\n",
> > GetLastError ()));
>
> I don't think we know that, because I think Andy attached the debugger
> only after the crash. But I sure hope to be wrong ;-)
>
> > I wonder if there is a case where it would fail on the VirtualAlloc()
> and manage with the mmap_alloc() later.
> > I agree than in the case of a failure with VirtualAlloc(), we don't
> return NULL here, which may be the root
> > of further problems.
>
> Yes. So you agree it's a good idea to commit that patch?
>
>
I think we need the DebPrint() trace of the problem to conclude.
If Andy could recompile with:
diff --git a/src/w32fns.c b/src/w32fns.c
index a5018ae..f439e36 100644
--- a/src/w32fns.c
+++ b/src/w32fns.c
@@ -8553,7 +8553,7 @@ _DebPrint (const char *fmt, ...)
va_start (args, fmt);
vsprintf (buf, fmt, args);
va_end (args);
-#if CYGWIN
+#if 1 /* CYGWIN */
fprintf (stderr, "%s", buf);
#endif
OutputDebugString (buf);
It would ease the printing/copying/pasting of DebPrint() messages.
About w32heap.c, the very minimum that we need is :
diff --git a/src/w32heap.c b/src/w32heap.c
index 00da86a..91167cd 100644
--- a/src/w32heap.c
+++ b/src/w32heap.c
@@ -654,7 +654,7 @@ mmap_alloc (void **var, size_t nbytes)
*var = VirtualAlloc (p, nbytes, MEM_COMMIT, PAGE_READWRITE);
}
- if (!p)
+ if (p == NULL || *var == NULL)
{
if (GetLastError () == ERROR_NOT_ENOUGH_MEMORY)
errno = ENOMEM;
@@ -718,6 +718,7 @@ mmap_realloc (void **var, size_t nbytes)
DebPrint (("realloc enlarge: VirtualAlloc error %ld\n",
GetLastError ()));
errno = ENOMEM;
+ return NULL;
}
return *var;
}
About mmap_realloc(), I'm not sure a second attempt at reallocating the
buffer at a different address has a better chance to succeed
(but who knows ? Maybe you are right to try, but I would avoid the jump
between the branches of the conditional).
Anyway, there may be some other interference :
/* If there is enough room in the current reserved area, then
commit more pages as needed. */
if (m2.State == MEM_RESERVE
&& nbytes <= memInfo.RegionSize + m2.RegionSize)
{
If the address sent to mmap_realloc() has been messed up by another part of
the code, we won't know it, VirtualQuery will return
a wrong value and we will keep taking wrong decisions. For example, if
m2.State is not MEM_RESERVE, what does that mean?
Every block that we try to reallocate should have been allocated first, so
reserved first. Are there other cases that could happen?
The error codes from VirtualAlloc() here are crucial.
Admittedly, if there were problems of this nature, they would probably have
been observed on other platforms.
> > Second, I don't see the problem in mmap_alloc(): if VirtualAlloc()
> fails, p is NULL and this is the value returned
> > at line 668:
> >
> > return *var = p;
> >
> > Am I missing something here ?
>
> I thought about the scenario where VirtualAlloc succeeds in the call
> with MEM_RESERVE, but fails in the call with MEM_COMMIT.
>
Ok, agreed.
> Please also read the rest of the thread, perhaps my conclusion about
> mmap_realloc being the culprit as incorrect. I just don't see how
> else to explain the fact that Emacs asked to enlarge the buffer beyond
> 64KB, but got a valid pointer to only a 64KB memory region.
>
I'm positive on the fact that mmap_realloc() should have returned NULL, so
that
any caller could take the right action. At the moment, it failed to enlarge
the bloc,
but acted as if it were able to do so by returning its address. Hence
cascading
problems.
Fabrice
[-- Attachment #2: Type: text/html, Size: 6478 bytes --]
next prev parent reply other threads:[~2016-02-13 21:35 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-01 22:13 bug#22526: 25.0.90; Crash starting gnus Andy Moreton
2016-02-07 5:42 ` Lars Ingebrigtsen
2016-02-07 16:00 ` Eli Zaretskii
2016-02-07 20:58 ` Andy Moreton
2016-02-07 21:05 ` Eli Zaretskii
2016-02-11 2:06 ` Andy Moreton
2016-02-11 20:27 ` Eli Zaretskii
2016-02-11 21:20 ` Andy Moreton
2016-02-11 21:26 ` Eli Zaretskii
2016-02-12 13:34 ` Andy Moreton
2016-02-12 16:16 ` Eli Zaretskii
2016-02-12 22:26 ` Andy Moreton
2016-02-13 8:28 ` Eli Zaretskii
2016-02-13 10:44 ` Eli Zaretskii
2016-02-13 16:08 ` Fabrice Popineau
2016-02-13 16:42 ` Eli Zaretskii
2016-02-13 21:35 ` Fabrice Popineau [this message]
2016-02-13 22:11 ` Eli Zaretskii
2016-02-13 23:44 ` Fabrice Popineau
2016-02-14 5:49 ` Eli Zaretskii
2016-02-14 9:05 ` Fabrice Popineau
2016-02-14 16:57 ` Eli Zaretskii
2016-02-14 5:41 ` Eli Zaretskii
2016-02-14 14:17 ` Andy Moreton
2016-02-14 16:55 ` Eli Zaretskii
2016-02-14 17:51 ` Eli Zaretskii
2016-02-14 21:04 ` Fabrice Popineau
2016-02-14 21:29 ` Eli Zaretskii
2016-02-14 21:31 ` Fabrice Popineau
2016-02-14 21:34 ` Eli Zaretskii
2016-02-14 21:41 ` Fabrice Popineau
2016-02-15 3:32 ` Eli Zaretskii
2016-02-15 8:09 ` Fabrice Popineau
2016-02-15 11:39 ` Eli Zaretskii
2016-02-13 15:16 ` Andy Moreton
2016-02-13 15:52 ` Eli Zaretskii
2016-02-13 21:26 ` Andy Moreton
2016-02-16 1:18 ` Andy Moreton
2016-02-16 3:46 ` Eli Zaretskii
2016-02-20 11:08 ` Eli Zaretskii
2016-02-20 16:17 ` Andy Moreton
2016-02-20 17:01 ` Eli Zaretskii
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAFgFV9OQQZYqHaes5=Nh26sGQ8O3PPGqbgMW=SsVaMc0Fj1pZA@mail.gmail.com' \
--to=fabrice.popineau@gmail.com \
--cc=22526@debbugs.gnu.org \
--cc=andrewjmoreton@gmail.com \
--cc=eliz@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).