all messages for Emacs-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
From: "Herbert Euler" <herberteuler@hotmail.com>
Cc: emacs-devel@gnu.org
Subject: Re: Emacs crashes accidentally
Date: Fri, 08 Sep 2006 21:32:24 +0800	[thread overview]
Message-ID: <BAY117-F1586BC14A8A988681630FBDA370@phx.gbl> (raw)
In-Reply-To: <E1GLexj-0007Lo-7n@fencepost.gnu.org>

>From: Richard Stallman <rms@gnu.org>
>Reply-To: rms@gnu.org
>To: "Herbert Euler" <herberteuler@hotmail.com>
>CC: emacs-devel@gnu.org
>Subject: Re: Emacs crashes accidentally
>Date: Fri, 08 Sep 2006 07:55:59 -0400
>
>     "SDATA (string)" shall be 0x243d8ac, but value of the first argument
>     (PTR) of STROUT is 0x2469648.  This is the reason why Emacs
>     crashed.
>
>     But, why this happened?  Memory leak?
>
>I don't see how a memory leak could possibly have such an effect.
>
>Please examine the value of printcharfun and figure out what Lisp
>object it is.  That way we can tell what path the code took through
>strout.  And what is the value of `i' in strout's frame?
>
>strout increments PTR as it runs.  Maybe it has incremented PTR too
>far.
>
>Or maybe message_dolog somehow clobbered the stack and altered PTR.
>
>Basically I am as puzzled as you are.
>We need more facts.

(print.c, version 1.190.2.21, function STROUT)

static void
strout (ptr, size, size_byte, printcharfun, multibyte)
     char *ptr;
     int size, size_byte;
     Lisp_Object printcharfun;
     int multibyte;
{

[ The value of SIZE is 27, so SIZE_BYTE is not reset. ]

  if (size < 0)
    size_byte = size = strlen (ptr);

[ PRINTCHARFUN is 'T, and NONINTERACTIVE is 0, so
  the third branch gets executed. ]

  if (NILP (printcharfun))
    {
      if (print_buffer_pos_byte + size_byte > print_buffer_size)
        {
          print_buffer_size = print_buffer_size * 2 + size_byte;
          print_buffer = (char *) xrealloc (print_buffer,
                                            print_buffer_size);
        }
      bcopy (ptr, print_buffer + print_buffer_pos_byte, size_byte);
      print_buffer_pos += size;
      print_buffer_pos_byte += size_byte;

#ifdef MAX_PRINT_CHARS
      if (max_print)
        print_chars += size;
#endif /* MAX_PRINT_CHARS */
    }
  else if (noninteractive && EQ (printcharfun, Qt))
    {
      fwrite (ptr, 1, size_byte, stdout);
      noninteractive_need_newline = 1;
    }

[ This branch gets executed. ]

  else if (EQ (printcharfun, Qt))
    {
      /* Output to echo area.  We're trying to avoid a little overhead
         here, that's the reason we don't call printchar to do the
         job.  */
      int i;

[ CURRENT_BUFFER->ENABLE_MULTIBYTE_CHARACTERS is 'T.
  I don't think I can remember whether the buffer I typed z's
  contains multibyte characters. ]

      int multibyte_p
        = !NILP (current_buffer->enable_multibyte_characters);

[ I assume SETUP_ECHO_AREA_FOR_PRINTING behaves well
  so I didn't trace into it. ]

      setup_echo_area_for_printing (multibyte_p);

[ I see MESSAGE_DOLOG is in xdisp.c, but I compiled Emacs
  without X.  What's the behavior here?  Since MESSAGE_DOLOG
  is very long, I didn't post the tracing.  Btw, Vmemory_full is
  'NIL and Vmessage_log_max is 400. ]

      message_dolog (ptr, size_byte, 0, multibyte_p);

[ Both SIZE and SIZE_BYTE are 27. ]

      if (size == size_byte)
        {

[ gdb shows that crashing happened on INSERT_CHAR.
  While the value of I is 26, so iteration was not finished.
  The value of PTR is 0x2469649, but PRINT_STRINT
  calls STROUT with (I think) 0x243d8ac, so even the
  starting address is not valid. ]

          for (i = 0; i < size; ++i)
            insert_char ((unsigned char )*ptr++);
        }
      else
        {

This is what I can know now from the .core file.  Andreas
Schwab told to find out whether GC was called, but I
don't know how.

Regards,
Guanpeng Xu

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

  reply	other threads:[~2006-09-08 13:32 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-08-09  9:37 Emacs crashes accidentally Herbert Euler
2006-08-10 16:27 ` Richard Stallman
2006-09-06 12:50   ` Herbert Euler
2006-09-07 10:13     ` Herbert Euler
2006-09-08 11:55       ` Richard Stallman
2006-09-08 13:32         ` Herbert Euler [this message]
2006-09-08 13:38           ` David Kastrup
2006-09-08 13:46             ` Herbert Euler
2006-09-07 21:15     ` Richard Stallman
2006-09-08  2:50       ` Herbert Euler
2006-09-08  8:49         ` Andreas Schwab
2006-09-08 15:12           ` Richard Stallman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=BAY117-F1586BC14A8A988681630FBDA370@phx.gbl \
    --to=herberteuler@hotmail.com \
    --cc=emacs-devel@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/emacs.git
	https://git.savannah.gnu.org/cgit/emacs/org-mode.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.