* core dump in malloc
@ 2009-02-10 7:49 Kenichi Handa
2009-02-10 8:36 ` Glenn Morris
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Kenichi Handa @ 2009-02-10 7:49 UTC (permalink / raw)
To: emacs-devel; +Cc: kkrosso
I got a bug report saying that Emacs dumps core in malloc
while reading a process output. The backtrace is attached
at the tail. His system is Debian sid, and is using the
source code distributed at <http://emacs.orebokech.com/>.
It occurs while his mail reader Mew 6.0.51 <www.mew.org> is
fetching a mail, but not constantly. It happens a few times
a day, or after using Emacs several days.
Does anybody know about such a bug?
---
Kenichi Handa
handa@m17n.org
(gdb) bt full
#0 0xb7f32424 in __kernel_vsyscall ()
No symbol table info available.
#1 0xb746b640 in raise () from /lib/i686/cmov/libc.so.6
No symbol table info available.
#2 0xb746d018 in abort () from /lib/i686/cmov/libc.so.6
No symbol table info available.
#3 0xb74a834d in __libc_message () from /lib/i686/cmov/libc.so.6
No symbol table info available.
#4 0xb74b1256 in _int_malloc () from /lib/i686/cmov/libc.so.6
No symbol table info available.
#5 0xb74b2655 in malloc () from /lib/i686/cmov/libc.so.6
No symbol table info available.
#6 0x0823ae6d in lisp_malloc (nbytes=8136, type=MEM_TYPE_NON_LISP) at alloc.c:861
val = (void *) 0x1000
#7 0x0823b5e9 in allocate_string_data (s=0x9dde578, nchars=8121, nbytes=8121) at alloc.c:1991
size = 8136
data = (struct sdata *) 0x9dde578
old_data = (struct sdata *) 0x0
b = (struct sblock *) 0xbfc492c8
needed = 8128
old_nbytes = 0
#8 0x0823c128 in make_uninit_multibyte_string (nchars=8121, nbytes=8121) at alloc.c:2508
string = 138522658
s = (struct Lisp_String *) 0x9dde578
#9 0x0823c0b7 in make_uninit_string (length=8121) at alloc.c:2486
val = 1
#10 0x0824e5cc in make_buffer_string_both (start=1, start_byte=1, end=8122, end_byte=8122, props=1) at editfns.c:2420
result = 135016871
tem = 137193416
tem1 = 1007
#11 0x0824e552 in make_buffer_string (start=1, end=8122, props=1) at editfns.c:2389
start_byte = 1
end_byte = 8122
#12 0x0824e82f in Fbuffer_string () at editfns.c:2517
No locals.
#13 0x080dd420 in decode_coding_object (coding=0xa650e00, src_object=138898713, from=0, from_byte=0, to=4096, to_byte=4096, dst_object=138898761) at coding.c:7382
count = 5
destination = (unsigned char *) 0x847d012 ""
dst_bytes = 138924050
chars = 4096
bytes = 4096
attrs = 139194956
saved_pt = -1
saved_pt_byte = 166182576
need_marker_adjustment = 0
old_deactivate_mark = 138898713
#14 0x082ab1bf in read_process_output (proc=185721444, channel=11) at process.c:5305
count = 3
odeactivate = 138898713
obuffer = 166182580
waiting = -1
okeymap = 161923813
text = 0
outer_running_asynch_code = 0
nbytes = 4096
chars = 0xbfc49470 "livered-To: xxx-xxxxxxxx@xxx-xx.xxx.xx.jp\r\nAuthentication-Results: xxxx.xxx.xx.jp; spf=pass smtp.mailfrom=xxxxxxx@xxxxxxxx.xx.jp; senderid=pass\r\n\t header.From=xxxxxxx@xxxxxxxx.xx.jp; dkim=none; dkim-s"...
outstream = 163279577
old = (struct buffer *) 0x9e7beb0
p = (struct Lisp_Process *) 0xb11e260
opoint = 142093164
coding = (struct coding_system *) 0xa650e00
carryover = 0
readmax = 4096
#15 0x082aa8cb in wait_reading_process_output (time_limit=30, microsecs=0, read_kbd=-1, do_display=1, wait_for_cell=138898713, wait_proc=0x0, just_wait_proc=0) at process.c:4996
nread = -1077630856
timeout_reduced_for_timers = 1
channel = 11
nfds = 1
Available = {fds_bits = {2048, 0 <repeats 31 times>}}
Connecting = {fds_bits = {0 <repeats 32 times>}}
check_connect = 0
check_delay = 3
no_avail = 0
xerrno = 11
proc = 185721444
timeout = {tv_sec = 0, tv_usec = 316000}
end_time = {tv_sec = 1234169684, tv_usec = 788294}
wait_channel = -1
got_some_input = 1
count = 2
#16 0x08061533 in sit_for (timeout=240, reading=1, do_display=1) at dispnew.c:6639
sec = 30
usec = 0
#17 0x081d1046 in read_char (commandflag=1, nmaps=3, maps=0xbfc4ab70, prev_event=138898713, used_mouse_menu=0xbfc4ad04, end_time=0x0) at keyboard.c:2909
tem0 = 139851601
timeout = 30
delay_level = 4
buffer_size = 8
c = 138898713
count = 136619098
jmpcount = 2
local_getcjmp = {{__jmpbuf = {3, 1, -1077630100, -1077630168, -1655594879, 773237742}, __mask_was_saved = 0, __saved_mask = {__val = {3217336872, 137097158, 177067125, 138928065, 3217337128, 136619667, 15232, 138928065, 166182580, 0, 138898713, 0 <repeats 12 times>, 3, 3217337032, 137097443, 166182576, 139407506, 0, 0, 0, 166182580}}}}
save_jump = {{__jmpbuf = {4, 1, -1077630100, -1077630168, -1655594879, 773237742}, __mask_was_saved = 0, __saved_mask = {__val = {3217336872, 137097158, 138898713, 138928065, 3217337128, 136619667, 4760, 138928065, 170807492, 8192, 0, 139059778, 139059778, 139059778, 139062633, 139059778, 138898713, 0, 3217337844, 3217339936, 3217337032, 136692705, 139062633, 138898713, 170807488, 1, 139059778, 3100051, 3217337016, 136723183, 165662925, 165662933}}}}
key_already_recorded = 0
tem = 138898713
save = -1077630264
previous_echo_area_message = 138898713
also_record = 138898713
reread = 0
gcpro1 = {next = 0x1, var = 0x60, nvars = 1904}
gcpro2 = {next = 0x5f, var = 0x60, nvars = 1}
polling_stopped_here = 0
orig_kboard = (struct kboard *) 0x8c80128
#18 0x081db557 in read_key_sequence (keybuf=0xbfc4af18, bufsize=30, prompt=138898713, dont_downcase_last=0, can_return_switch_frame=1, fix_current_buffer=1) at keyboard.c:9376
interrupted_kboard = (KBOARD *) 0x8c80128
interrupted_frame = (struct frame *) 0x8cadb48
key = 166182580
used_mouse_menu = 0
echo_local_start = 0
last_real_key_start = 0
keys_local_start = 0
local_first_binding = 0
from_string = 138898713
count = 2
t = 0
echo_start = 0
keys_start = 0
nmaps = 3
nmaps_allocated = 3
defs = (Lisp_Object * volatile) 0xbfc4ab50
submaps = (Lisp_Object * volatile) 0xbfc4ab70
orig_local_map = 161923813
orig_keymap = 138898713
localized_local_map = 0
first_binding = 0
first_unbound = 31
mock_input = 0
fkey = {parent = 141899605, map = 141899605, start = 0, end = 0}
keytran = {parent = 138892157, map = 138892157, start = 0, end = 0}
indec = {parent = 141899613, map = 141899613, start = 0, end = 0}
shift_translated = 0
delayed_switch_frame = 138898713
original_uppercase = 139030632
original_uppercase_position = -1
dummyflag = 0
starting_buffer = (struct buffer *) 0x9e7beb0
fake_prefixed_keys = 138898713
gcpro1 = {next = 0x82001fe, var = 0x85d18c8, nvars = 138898713}
#19 0x081ce06b in command_loop_1 () at keyboard.c:1631
cmd = 138938089
lose = 23450
nonundocount = 0
keybuf = {216, 960, 147512136, 138941873, 139032467, 138898713, 138898713, 0, -1077629112, 134615559, 138888141, 166635179, -1077629064, 136108454, 173150965, 138898761, -1077629026, 138898713, -1220264772, -1220269824, 0, 0, 0, 147512136, -1077628968, 136108013, 173150965, -1077629026, -1077629028, -1077629312}
i = 2
prev_modiff = 764
prev_buffer = (struct buffer *) 0xa7c9d70
already_adjusted = 0
#20 0x0825911c in internal_condition_case (bfun=0x81cdd31 <command_loop_1>, handlers=138941849, hfun=0x81cd702 <cmd_error>) at eval.c:1511
val = 139221861
c = {tag = 138898713, val = 138898713, next = 0xbfc4b100, gcpro = 0x0, jmp = {{__jmpbuf = {-1218875404, -1077627360, -1077627360, -1077628728, -1654669183, 1596023790}, __mask_was_saved = 0, __saved_mask = {__val = {3086205885, 3075147814, 3076096352, 140969384, 140969376, 3076091892, 3086265308, 3217338128, 3217338132, 276967387, 3077569824, 8655230, 62, 3217338816, 138820768, 3217338788, 3217338648, 136229473, 2, 3074718620, 3077569824, 3070129512, 4294967295, 3086278644, 134523936, 3086280296, 3217338576, 3086223451, 3086280736, 3070129512, 1, 1}}}}, backlist = 0x0, handlerlist = 0x0, lisp_eval_depth = 0, pdlcount = 2, poll_suppress_count = 1, interrupt_input_blocked = 0, byte_stack = 0x0}
h = {handler = 138941849, var = 138898713, chosen_clause = 138898761, tag = 0xbfc4affc, next = 0x0}
#21 0x081cda83 in command_loop_2 () at keyboard.c:1348
val = 6
#22 0x08258bd8 in internal_catch (tag=138937873, func=0x81cda5e <command_loop_2>, arg=138898713) at eval.c:1247
c = {tag = 138937873, val = 138898713, next = 0x0, gcpro = 0x0, jmp = {{__jmpbuf = {-1218875404, -1077627360, -1077627360, -1077628472, -1654529919, 1595380718}, __mask_was_saved = 0, __saved_mask = {__val = {0, 0, 0, 0, 0, 2, 3075984436, 3075991112, 3075978705, 3075978495, 0, 0, 0, 139059048, 3075984436, 3075991112, 3075978705, 3075978495, 0, 3217338824, 136589771, 139138409, 139135690, 138898713, 138924568, 1, 1, 141011920, 138898713, 138898713, 139135690, 139135690}}}}, backlist = 0x0, handlerlist = 0x0, lisp_eval_depth = 0, pdlcount = 2, poll_suppress_count = 1, interrupt_input_blocked = 0, byte_stack = 0x0}
#23 0x081cda3c in command_loop () at keyboard.c:1327
No locals.
#24 0x081cd30e in recursive_edit_1 () at keyboard.c:942
count = 1
val = -1077627360
#25 0x081cd47d in Frecursive_edit () at keyboard.c:1004
count = 0
buffer = 138898713
#26 0x081cbbcb in main (argc=1, argv=0xbfc4b6a4) at emacs.c:1852
dummy = 0
stack_bottom_variable = 8 '\b'
do_initial_setlocale = 1
skip_args = 0
rlim = {rlim_cur = 8388608, rlim_max = 18446744073709551615}
no_loadup = 0
junk = 0x0
dname_arg = 0x0
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: core dump in malloc
2009-02-10 7:49 core dump in malloc Kenichi Handa
@ 2009-02-10 8:36 ` Glenn Morris
2009-02-10 20:50 ` Romain Francoise
2009-02-10 22:55 ` Johan Bockgård
2 siblings, 0 replies; 4+ messages in thread
From: Glenn Morris @ 2009-02-10 8:36 UTC (permalink / raw)
To: Kenichi Handa; +Cc: kkrosso, emacs-devel
Kenichi Handa wrote:
> Does anybody know about such a bug?
Also a crash in mew:
http://emacsbugs.donarmstrong.com/cgi-bin/bugreport.cgi?bug=665
(Not that it helps much I imagine.)
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: core dump in malloc
2009-02-10 7:49 core dump in malloc Kenichi Handa
2009-02-10 8:36 ` Glenn Morris
@ 2009-02-10 20:50 ` Romain Francoise
2009-02-10 22:55 ` Johan Bockgård
2 siblings, 0 replies; 4+ messages in thread
From: Romain Francoise @ 2009-02-10 20:50 UTC (permalink / raw)
To: Kenichi Handa; +Cc: kkrosso, emacs-devel
Kenichi Handa <handa@m17n.org> writes:
> Does anybody know about such a bug?
Nope, sorry.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: core dump in malloc
2009-02-10 7:49 core dump in malloc Kenichi Handa
2009-02-10 8:36 ` Glenn Morris
2009-02-10 20:50 ` Romain Francoise
@ 2009-02-10 22:55 ` Johan Bockgård
2 siblings, 0 replies; 4+ messages in thread
From: Johan Bockgård @ 2009-02-10 22:55 UTC (permalink / raw)
To: emacs-devel
Kenichi Handa <handa@m17n.org> writes:
> I got a bug report saying that Emacs dumps core in malloc while
> reading a process output. [...]
> Does anybody know about such a bug?
http://emacsbugs.donarmstrong.com/1650
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2009-02-10 22:55 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-02-10 7:49 core dump in malloc Kenichi Handa
2009-02-10 8:36 ` Glenn Morris
2009-02-10 20:50 ` Romain Francoise
2009-02-10 22:55 ` Johan Bockgård
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).