From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Dmitry Antipov Newsgroups: gmane.emacs.bugs Subject: bug#12839: 24.3.50; Emacs aborts in GC Date: Fri, 09 Nov 2012 16:44:26 +0400 Message-ID: <509CFAAA.8030808@yandex.ru> References: <83625g10jw.fsf@gnu.org> <83zk2rzr6f.fsf@gnu.org> <509C7B1A.2070009@yandex.ru> <83vcdfz1b9.fsf@gnu.org> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Trace: ger.gmane.org 1352465110 8735 80.91.229.3 (9 Nov 2012 12:45:10 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Fri, 9 Nov 2012 12:45:10 +0000 (UTC) Cc: 12839@debbugs.gnu.org To: Eli Zaretskii Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Fri Nov 09 13:45:18 2012 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1TWnxT-0006as-BV for geb-bug-gnu-emacs@m.gmane.org; Fri, 09 Nov 2012 13:45:15 +0100 Original-Received: from localhost ([::1]:49031 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TWnxK-0008Hi-7A for geb-bug-gnu-emacs@m.gmane.org; Fri, 09 Nov 2012 07:45:06 -0500 Original-Received: from eggs.gnu.org ([208.118.235.92]:43191) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TWnxC-0008G2-BO for bug-gnu-emacs@gnu.org; Fri, 09 Nov 2012 07:45:04 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1TWnx9-0005hU-Un for bug-gnu-emacs@gnu.org; Fri, 09 Nov 2012 07:44:58 -0500 Original-Received: from debbugs.gnu.org ([140.186.70.43]:46941) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TWnx9-0005hN-Qz for bug-gnu-emacs@gnu.org; Fri, 09 Nov 2012 07:44:55 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.72) (envelope-from ) id 1TWnxG-0007il-78 for bug-gnu-emacs@gnu.org; Fri, 09 Nov 2012 07:45:02 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Dmitry Antipov Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Fri, 09 Nov 2012 12:45:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 12839 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: Original-Received: via spool by 12839-submit@debbugs.gnu.org id=B12839.135246506429622 (code B ref 12839); Fri, 09 Nov 2012 12:45:02 +0000 Original-Received: (at 12839) by debbugs.gnu.org; 9 Nov 2012 12:44:24 +0000 Original-Received: from localhost ([127.0.0.1]:57192 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1TWnwd-0007hi-RW for submit@debbugs.gnu.org; Fri, 09 Nov 2012 07:44:24 -0500 Original-Received: from forward18.mail.yandex.net ([95.108.253.143]:42925) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1TWnwa-0007hZ-96 for 12839@debbugs.gnu.org; Fri, 09 Nov 2012 07:44:23 -0500 Original-Received: from smtp16.mail.yandex.net (smtp16.mail.yandex.net [95.108.252.16]) by forward18.mail.yandex.net (Yandex) with ESMTP id E707A1780FA5; Fri, 9 Nov 2012 16:44:10 +0400 (MSK) Original-Received: from smtp16.mail.yandex.net (localhost [127.0.0.1]) by smtp16.mail.yandex.net (Yandex) with ESMTP id BE70C6A0563; Fri, 9 Nov 2012 16:44:10 +0400 (MSK) Original-Received: from unknown (unknown [37.139.80.10]) by smtp16.mail.yandex.net (nwsmtp/Yandex) with ESMTP id iAZO57v7-iAZODBQN; Fri, 9 Nov 2012 16:44:10 +0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1352465050; bh=+Ytf0vXM4wabNNOJ1OprBrQTtjm340QA+WH08hLYtmY=; h=Message-ID:Date:From:User-Agent:MIME-Version:To:CC:Subject: References:In-Reply-To:Content-Type:Content-Transfer-Encoding; b=jUIF/aKyafXxvDixztJHXHTWcit2GFhlMCSWwEyEK471t4dzdAcO5nF2azP63K+hb 5/KV3n0raybs08CPRr9CVIywcgZYVj10R+X+EtLwSTnOlfAVZTBgWv2yqQvPbG26U4 DRr0s6zg62nLskM5pgfuP4LSj49D9muQfwgtJMUg= User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:16.0) Gecko/20121026 Thunderbird/16.0.2 In-Reply-To: <83vcdfz1b9.fsf@gnu.org> X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 140.186.70.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:66678 Archived-At: On 11/09/2012 11:24 AM, Eli Zaretskii wrote: > Is this what you wanted: > > (gdb) p Scons > $6 = { > header = { > size = 1241513984 > }, Yes. The header looks to be valid here ((1241513984 & (0x3f << 24)) >> 24 is 10, e.g. PVEC_SUBR). > Sorry, I'm not sure I understand: in the first backtrace I've shown, > which was here (alloc.c:sweep_vectors): > > else > { > int tmp; > SETUP_ON_FREE_LIST (vector, total_bytes, tmp); <<<<<<< > } > > the vector in question is not a Lisp object, it is a pointer to > 'struct Lisp_Vector': I just committed r110854 with pvectype and pvecsize commands, similar to xvectype and xvecsize; now it should be possible to do something like: (gdb) p current_buffer $1 = (struct buffer *) 0xd40ad0 (gdb) pvectype current_buffer PVEC_BUFFER (gdb) pvecsize current_buffer 69 48 (gdb) p selected_frame $2 = { i = 19612573 } (gdb) xvectype PVEC_FRAME (gdb) xvecsize 22 47 (gdb) So, if you see the potentially bogus struct Lisp_Vector pointer, try pvectype and pvecsize; if you see a bogus Lisp_Object of Lisp_Vectorlike type, try xvectype and xvecsize. > I'd be happy to try debugging this myself, but I need guidance > regarding some basics of what you changed recently in this area. The goal was to shrink struct vectorlike_header to the only 'size' field (which is totally overloaded and has the totally misleading name; someday I would like to switch to bitfields). This means that we should know the memory footprint of any vectorlike object. For the regular vector V, the memory footprint is: header_size + V->header.size * word_size This is simple because V->header.size is interpreted as follows (assuming 32-bit code): 31 0 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx mpssssssssssssssssssssssssssssss ||| ||| - s) size bits || - p)seudovector bit (always 0) |- m)ark bit For the pseudovector V, the layout is: 31 0 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx mpssssssrrrrrrrrrrrrllllllllllll ||| | | ||| | | l)isp area size, in Lisp_Objects (12 bits) (L) ||| | r)est area size, in word_size units (12 bits) (R) ||| - s)ubtype (PVEC_xxx, 6 bits) ||- p)seudovector bit (always 1) |- m)ark bit (This layout is documented around enum More_Lisp_Bits and struct vectorlike_header in lisp.h). So, for the pseudovector V, the memory footprint is: header_size + (R + L) * word_size Function vector_nbytes in alloc.c works almost like described above (with an exception of Lisp_Bool_Vector). That's why 'pvecsize current_buffer' GDB command prints two numbers. On a 64-bit system, there are: (gdb) pvecsize current_buffer 69 48 (gdb) These are L and R fields, respectively. Since word_size is 8, header_size + (L + R) * word_size is 8 + (69 + 48) * 8 = 944, which is equal to sizeof (struct buffer). The rule above applies to all pseudovector objects except PVEC_SUBR and PVEC_FREE (but remember that size is rounded up to multiple of 8 on 32-bit platforms); if it isn't, this is a bug which is very likely to cause crash with memory corruption or bogus vector pointers. Dmitry