From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Chong Yidong Newsgroups: gmane.emacs.devel Subject: Re: allocate_string_data memory corruption Date: Thu, 19 Jan 2006 19:45:57 -0500 Message-ID: <87y81b20ca.fsf@stupidchicken.com> References: <87vewha2zl.fsf@stupidchicken.com> NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: sea.gmane.org 1137718044 28279 80.91.229.2 (20 Jan 2006 00:47:24 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Fri, 20 Jan 2006 00:47:24 +0000 (UTC) Cc: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Jan 20 01:47:21 2006 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by ciao.gmane.org with esmtp (Exim 4.43) id 1EzkQv-0004eM-HT for ged-emacs-devel@m.gmane.org; Fri, 20 Jan 2006 01:47:18 +0100 Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1EzkTN-0004o6-RV for ged-emacs-devel@m.gmane.org; Thu, 19 Jan 2006 19:49:49 -0500 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1EzkRH-0004Fo-Gs for emacs-devel@gnu.org; Thu, 19 Jan 2006 19:47:39 -0500 Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1EzkRD-0004Dm-4E for emacs-devel@gnu.org; Thu, 19 Jan 2006 19:47:38 -0500 Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1EzkRC-0004Da-Cb for emacs-devel@gnu.org; Thu, 19 Jan 2006 19:47:34 -0500 Original-Received: from [18.19.6.82] (helo=localhost.localdomain) by monty-python.gnu.org with esmtp (Exim 4.34) id 1EzkVJ-0005XJ-V1 for emacs-devel@gnu.org; Thu, 19 Jan 2006 19:51:50 -0500 Original-Received: by localhost.localdomain (Postfix, from userid 1000) id 32ACE1208F9; Thu, 19 Jan 2006 19:45:57 -0500 (EST) Original-To: Stefan Monnier In-Reply-To: (Stefan Monnier's message of "Wed, 18 Jan 2006 15:48:33 -0500") User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.0.50 (gnu/linux) X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:49283 Archived-At: Stefan Monnier writes: > Most likely the thing that's happening is that check_sblock takes a "long" > time during which there's a higher probability for a signal to arrive and > the bug itself is that one of the signal handlers does some string > allocation (or some other manipulation of those data structures). > > I'd try something like > > eassert (!in_allocate_string_data); > in_allocate_string_data = 1; > ... > check_sblock(); > ... > in_allocate_string_data = 0; OK, I'll follow this up. > BTW, it's possible that -DSYNC_INPUT fixes the bug. Curiously, if you turn on the GC debugging checks at the top of lisp.h, compiling with -DSYNC_INPUT fails: ./temacs --batch --load loadup bootstrap *** glibc detected *** double free or corruption (out): 0x0839a500 *** make[2]: *** [bootstrap-emacs] Aborted make[2]: Leaving directory `/home/cyd/tmp/emacs/src' make[1]: *** [bootstrap-build] Error 2 make[1]: Leaving directory `/home/cyd/tmp/emacs' make: *** [bootstrap] Error 2 (gdb) r -batch Starting program: /home/cyd/tmp/emacs/src/temacs -batch *** glibc detected *** double free or corruption (out): 0x0839a520 *** Program received signal SIGABRT, Aborted. 0xffffe410 in __kernel_vsyscall () (gdb) bt #0 0xffffe410 in __kernel_vsyscall () #1 0xb7bba9b1 in raise () from /lib/tls/i686/cmov/libc.so.6 #2 0xb7bbc2c9 in abort () from /lib/tls/i686/cmov/libc.so.6 #3 0xb7bee6ea in __fsetlocking () from /lib/tls/i686/cmov/libc.so.6 #4 0xb7bf4f54 in malloc_trim () from /lib/tls/i686/cmov/libc.so.6 #5 0xb7bf52ca in free () from /lib/tls/i686/cmov/libc.so.6 #6 0x0813df9e in init_buffer () at buffer.c:5174 #7 0x0811779e in main (argc=2, argv=0xbfc70214) at emacs.c:1526