From: Dmitry Antipov <dmantipov@yandex.ru>
To: Nathan Froyd <froydnj@gmail.com>
Cc: 16502@debbugs.gnu.org
Subject: bug#16502: segmentation fault with org-capture
Date: Mon, 20 Jan 2014 12:20:59 +0400 [thread overview]
Message-ID: <52DCDC6B.9090209@yandex.ru> (raw)
In-Reply-To: <CAMkm6pqQqmQLVCxGgHEPyxWL639YUKe_CP0ymxvra-Q=47zQsw@mail.gmail.com>
On 01/20/2014 01:15 AM, Nathan Froyd wrote:
> Given this initialization file, bug-init:
[...skip...]
Reproduced in trunk (as of r116077). Could you please run undumped (temacs)
under valgrind? With your recipe, I'm seeing nasty memory management error:
valgrind --tool=memcheck ./src/temacs -Q -l /tmp/bug16502.el
==>
==10951== Invalid read of size 8
==10951== at 0x56142D: PSEUDOVECTOR_TYPEP (lisp.h:2377)
==10951== by 0x56149C: PSEUDOVECTORP (lisp.h:2391)
==10951== by 0x561575: BUFFERP (lisp.h:2437)
==10951== by 0x673C47: find_interval (intervals.c:669)
==10951== by 0x6796F7: validate_interval_range (textprop.c:212)
==10951== by 0x67B190: Ftext_properties_at (textprop.c:601)
==10951== by 0x67B245: Fget_text_property (textprop.c:621)
==10951== by 0x51FAD4: face_at_buffer_position (xfaces.c:5987)
==10951== by 0x4439FD: handle_face_prop (xdisp.c:3815)
==10951== by 0x4427D0: handle_stop (xdisp.c:3319)
==10951== by 0x44C416: reseat (xdisp.c:6359)
==10951== by 0x441789: init_iterator (xdisp.c:2975)
==10951== Address 0x763cb10 is 0 bytes inside a block of size 960 free'd
==10951== at 0x4A07577: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==10951== by 0x5E1470: lisp_free (alloc.c:931)
==10951== by 0x5EA618: gc_sweep (alloc.c:6637)
==10951== by 0x5E8181: Fgarbage_collect (alloc.c:5572)
==10951== by 0x562277: maybe_gc (lisp.h:4518)
==10951== by 0x60A36B: eval_sub (eval.c:2075)
==10951== by 0x6084A3: internal_lisp_condition_case (eval.c:1314)
==10951== by 0x656A46: exec_byte_code (bytecode.c:1169)
==10951== by 0x60C8DD: funcall_lambda (eval.c:2974)
==10951== by 0x60C275: Ffuncall (eval.c:2855)
==10951== by 0x60AE7C: Fapply (eval.c:2292)
==10951== by 0x60BF66: Ffuncall (eval.c:2787)
I.e. the buffer is swept by GC and then (de)referenced in find_interval.
Dmitry
next prev parent reply other threads:[~2014-01-20 8:20 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-19 21:15 bug#16502: segmentation fault with org-capture Nathan Froyd
2014-01-20 8:20 ` Dmitry Antipov [this message]
2014-01-20 9:30 ` Dmitry Antipov
2014-01-20 15:29 ` Nathan Froyd
2014-01-20 17:13 ` Dmitry Antipov
2014-01-20 17:23 ` Nathan Froyd
2014-01-21 2:32 ` Dmitry Antipov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52DCDC6B.9090209@yandex.ru \
--to=dmantipov@yandex.ru \
--cc=16502@debbugs.gnu.org \
--cc=froydnj@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.