valgrinding emacs?

valgrinding emacs?

[joakim]

I seem to recall that others have had success valgrinding emacs in the
past.

I get a crash though. Any hints?

export CFLAGS="-O0 -g3"
./configure --with-xwidgets  --with-x-toolkit=gtk3


valgrind src/temacs
...
Fatal error 11: Segmentation fault==7249== Conditional jump or move depends on uninitialised value(s)
==7249==    at 0x56F098: emacs_backtrace (sysdep.c:2159)
==7249==    by 0x54AE1A: terminate_due_to_signal (emacs.c:367)
==7249==    by 0x56EA6C: handle_fatal_signal (sysdep.c:1604)
==7249==    by 0x56EA3E: deliver_thread_signal (sysdep.c:1578)
==7249==    by 0x56EAA2: deliver_fatal_thread_signal (sysdep.c:1616)
==7249==    by 0x56EBC4: handle_sigsegv (sysdep.c:1667)
==7249==    by 0x3E1EA100CF: ??? (in /usr/lib64/libpthread-2.20.so)
==7249==    by 0x5473C0: STRING_BYTES (lisp.h:1320)
==7249==    by 0x5473FC: SBYTES (lisp.h:1327)
==7249==    by 0x531F10: smc_save_yourself_CB (xsmfns.c:200)
==7249==    by 0x3E30A04E24: _SmcProcessMessage (in /usr/lib64/libSM.so.6.0.1)
==7249==    by 0x3E30E111FB: IceProcessMessages (in /usr/lib64/libICE.so.6.3.0)

-- 
Joakim Verona

Re: valgrinding emacs?

[joakim]

joakim@verona.se writes:

> I seem to recall that others have had success valgrinding emacs in the
> past.
>
> I get a crash though. Any hints?
>
> export CFLAGS="-O0 -g3"
> ./configure --with-xwidgets  --with-x-toolkit=gtk3
>
>
> valgrind src/temacs
> ...
> Fatal error 11: Segmentation fault==7249== Conditional jump or move depends on uninitialised value(s)
> ==7249==    at 0x56F098: emacs_backtrace (sysdep.c:2159)
> ==7249==    by 0x54AE1A: terminate_due_to_signal (emacs.c:367)
> ==7249==    by 0x56EA6C: handle_fatal_signal (sysdep.c:1604)
> ==7249==    by 0x56EA3E: deliver_thread_signal (sysdep.c:1578)
> ==7249==    by 0x56EAA2: deliver_fatal_thread_signal (sysdep.c:1616)
> ==7249==    by 0x56EBC4: handle_sigsegv (sysdep.c:1667)
> ==7249==    by 0x3E1EA100CF: ??? (in /usr/lib64/libpthread-2.20.so)
> ==7249==    by 0x5473C0: STRING_BYTES (lisp.h:1320)
> ==7249==    by 0x5473FC: SBYTES (lisp.h:1327)
> ==7249==    by 0x531F10: smc_save_yourself_CB (xsmfns.c:200)
> ==7249==    by 0x3E30A04E24: _SmcProcessMessage (in /usr/lib64/libSM.so.6.0.1)
> ==7249==    by 0x3E30E111FB: IceProcessMessages (in /usr/lib64/libICE.so.6.3.0)

so, I discovered --enable-checking

export CFLAGS="-O0 -g3" 
./configure --enable-checking --with-xwidgets  --with-x-toolkit=gtk3

But then I get:

valgrinde src/temacs
...
Pure-hashed: 23205 strings, 3377 vectors, 36690 conses, 3399 bytecodes, 82 others
==29944== Conditional jump or move depends on uninitialised value(s)
==29944==    at 0x3E3027280A: ??? (in /usr/lib64/libpixman-1.so.0.32.6)
==29944==    by 0x3E30257D2A: ??? (in /usr/lib64/libpixman-1.so.0.32.6)
==29944==    by 0x3E3020B710: pixman_image_composite32 (in /usr/lib64/libpixman-1.so.0.32.6)
==29944==    by 0x3E3421FCDA: _inplace_spans (in /usr/lib64/libcairo.so.2.11301.0)
==29944==    by 0x3E3425FB96: _cairo_tor_scan_converter_generate.lto_priv.527 (in /usr/lib64/libcairo.so.2.11301.0)
==29944==    by 0x3E3426C32C: composite_polygon.isra.9 (in /usr/lib64/libcairo.so.2.11301.0)
==29944==    by 0x3E3426D6F9: clip_and_composite_polygon (in /usr/lib64/libcairo.so.2.11301.0)
==29944==    by 0x3E3426E57E: _cairo_spans_compositor_fill.lto_priv.291 (in /usr/lib64/libcairo.so.2.11301.0)
==29944==    by 0x3E342273B7: _cairo_compositor_fill (in /usr/lib64/libcairo.so.2.11301.0)
==29944==    by 0x3E3423B0B6: _cairo_image_surface_fill (in /usr/lib64/libcairo.so.2.11301.0)
==29944==    by 0x3E3425029E: _cairo_surface_fill (in /usr/lib64/libcairo.so.2.11301.0)
==29944==    by 0x3E3422E7AB: _cairo_gstate_fill (in /usr/lib64/libcairo.so.2.11301.0)
==29944== 
==29944== Conditional jump or move depends on uninitialised value(s)
==29944==    at 0x3E4582A047: ??? (in /usr/lib64/librsvg-2.so.2.40.5)
==29944==    by 0x3E4582AD2B: rsvg_handle_get_pixbuf_sub (in /usr/lib64/librsvg-2.so.2.40.5)
==29944==    by 0x11093ED5: ??? (in /usr/lib64/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-svg.so)
==29944==    by 0x3E2FE0AB51: generic_load_incrementally (gdk-pixbuf-io.c:1009)
==29944==    by 0x3E2FE0C729: gdk_pixbuf_new_from_file (gdk-pixbuf-io.c:1096)
==29944==    by 0x54B122: xg_set_icon (xfns.c:495)
==29944==    by 0x544094: x_bitmap_icon (xterm.c:8244)
==29944==    by 0x54C459: x_set_icon_type (xfns.c:914)
==29944==    by 0x430E04: x_set_frame_parameters (frame.c:3154)
==29944==    by 0x435166: x_default_parameter (frame.c:4308)
==29944==    by 0x550B1C: Fx_create_frame (xfns.c:3220)
==29944==    by 0x62A741: Ffuncall (eval.c:2708)
==29944== 

lisp.h:977: Emacs fatal error: assertion failed: STRINGP (a)
Fatal error 6: Aborted
Backtrace:
src/temacs[0x5a65c9]
src/temacs[0x57af63]
src/temacs[0x606fb6]
src/temacs[0x575793]
src/temacs[0x576047]
src/temacs[0x55fdd0]
/lib64/libSM.so.6(_SmcProcessMessage+0xc35)[0x3e30a04e25]
/lib64/libICE.so.6(IceProcessMessages+0x35c)[0x3e30e111fc]
src/temacs[0x55fac2]
src/temacs[0x68353f]
src/temacs[0x42643b]
src/temacs[0x583765]
src/temacs[0x593050]
src/temacs[0x57fd8b]
src/temacs[0x626c45]
src/temacs[0x57f556]
src/temacs[0x62604c]
src/temacs[0x57f4f6]
src/temacs[0x57ea75]
src/temacs[0x57ec80]
src/temacs[0x57c9d8]
/lib64/libc.so.6(__libc_start_main+0xf0)[0x3e1de1ffe0]
src/temacs[0x4180a9]
==29944== 
==29944== HEAP SUMMARY:
==29944==     in use at exit: 23,560,856 bytes in 111,596 blocks
==29944==   total heap usage: 594,644 allocs, 483,048 frees, 169,460,968 bytes allocated
==29944== 
==29944== LEAK SUMMARY:
==29944==    definitely lost: 8,064 bytes in 18 blocks
==29944==    indirectly lost: 24,673 bytes in 918 blocks
==29944==      possibly lost: 877,344 bytes in 11,756 blocks
==29944==    still reachable: 21,359,135 bytes in 94,285 blocks
==29944==         suppressed: 0 bytes in 0 blocks
==29944== Rerun with --leak-check=full to see details of leaked memory
==29944== 
==29944== For counts of detected and suppressed errors, rerun with: -v
==29944== Use --track-origins=yes to see where uninitialised values come from
==29944== ERROR SUMMARY: 8 errors from 2 contexts (suppressed: 13 from 1)
killed


-- 
Joakim Verona

Re: valgrinding emacs?

[Paul Eggert]

[-- Attachment #1: Type: text/plain, Size: 453 bytes --]

joakim@verona.se wrote:
> I seem to recall that others have had success valgrinding emacs in the past.

It works for me, sort of, but it's kind of flaky.  I haven't used it recently, 
but I just now tried it on Fedora 21 x86-64 and got some warnings that I hope 
are false alarms.  I use the attached valgrind.supp file which is somewhat 
obsolescent now (it probably needs to be upgraded to match Fedora 21's quirks, 
and I haven't looked into that).


[-- Attachment #2: valgrind.supp --]
[-- Type: text/plain, Size: 1337 bytes --]

# valgrind suppression file
# Usage:
#    valgrind --suppressions=valgrind.supp ./temacs

# Conservative garbage collection inherently looks at uninitialized values,
# and Fgarbage_collect and its callees all depend on this.
# It's hard to separate out exactly which callees need to be listed here,
# since the C compiler can inline them.  Also, valgrind doesn't care
# about the use of uninitialized variables directly, only when their values
# are eventually used.  So just list Fgarbage_collect and its callees.
{
   Fgarbage_collect Cond - conservative garbage collection
   Memcheck:Cond
   ...
   fun:Fgarbage_collect
}
{
   Fgarbage_collect Value8 - conservative garbage collection
   Memcheck:Value8
   ...
   fun:Fgarbage_collect
}
# valgrind only looks at the last few callees on the stack, but
# mark_object can call itself recursively and deeply.  So list
# it too, in case Fgarbage_collect is a long way from the stack top.
{
   Fgarbage_collect Cond - conservative garbage collection
   Memcheck:Cond
   ...
   fun:mark_object
}
{
   Fgarbage_collect Value8 - conservative garbage collection
   Memcheck:Value8
   ...
   fun:mark_object
}

# On one circa-2011 x86-64 GNU/Linux platform, strlen is inlined to
# something that loads 4 bytes at a time.
{
   init_buffer optimized strlen
   Memcheck:Addr4
   fun:init_buffer
}