GNU bug report logs - #24764
25.1.50; Another crash in automatic gc

Previous Next

Package: emacs;

Reported by: Michael Heerdegen <michael_heerdegen <at> web.de>

Date: Sat, 22 Oct 2016 09:40:02 UTC

Severity: normal

Found in version 25.1.50

Done: Michael Heerdegen <michael_heerdegen <at> web.de>

Bug is archived. No further changes may be made.

Full log

Message #53 received at 24764 <at> debbugs.gnu.org (full text, mbox):

From: Eli Zaretskii <eliz <at> gnu.org>
To: Michael Heerdegen <michael_heerdegen <at> web.de>
Cc: 24764 <at> debbugs.gnu.org, npostavs <at> users.sourceforge.net
Subject: Re: bug#24764: 25.1.50; Another crash in automatic gc
Date: Sat, 22 Oct 2016 18:25:17 +0300

> From: Michael Heerdegen <michael_heerdegen <at> web.de>
> Cc: npostavs <at> users.sourceforge.net,  24764 <at> debbugs.gnu.org
> Date: Sat, 22 Oct 2016 16:51:38 +0200
> 
> I attach two other gdb sessions with backtraces.  Maybe they look
> different, or they don't, I'm not good at reading this stuff.
> 
> Thread 1 "emacs" received signal SIGSEGV, Segmentation fault.
> mark_object (arg=3271131134090376052) at alloc.c:6297
> 6297		if (STRING_MARKED_P (ptr))
> (gdb) bt
> #0  mark_object (arg=3271131134090376052) at alloc.c:6297
> #1  0x00000000005c2fe5 in mark_interval (i=0x2d65646f6d2d7370, dummy=0) at alloc.c:1532

This crash is in a different place in GC, but note how the value of
the argument i passed to mark_interval, 0x2d65646f6d2d7370, is again
ASCII text ("ps-mode-").  What's curiouser, GC is marking
buffer_defaults:

> #7536 0x00000000005c9609 in mark_vectorlike (ptr=0xc56d50 <buffer_defaults>) at alloc.c:6038
                                                             ^^^^^^^^^^^^^^^

> Thread 1 "emacs" received signal SIGSEGV, Segmentation fault.
> mark_object (arg=10997052170605) at alloc.c:6315
> 6315		if (VECTOR_MARKED_P (ptr))
> (gdb) bt
> #0  mark_object (arg=10997052170605) at alloc.c:6315
> #1  0x00000000005c2fe5 in mark_interval (i=0xa0073636168, dummy=0) at alloc.c:1532

This is very similar to the above, with the text now being "hacs",
terminated by a null byte.  Also, we are marking objects on the stack
in this case:

> #6  0x00000000005c7540 in mark_maybe_object (obj=66162019) at alloc.c:4743
> #7  0x00000000005c78cc in mark_memory (start=0x7fffffff89f8, end=0x7fffffffe758) at alloc.c:4895
> #8  0x00000000005c7900 in mark_stack (end=0x7fffffff89f8) at alloc.c:5038
> #9  0x00000000005c8e0d in garbage_collect_1 (end=0x7fffffff89f8) at alloc.c:5756
> #10 0x00000000005c947d in Fgarbage_collect () at alloc.c:5979

The Lisp backtraces are very different in each case, which I think
indicates the problem happens in some code entirely unrelated to the
code that crashes.  It just triggers GC.

Please try lowering gc-cons-threshold, perhaps that would make the
crashes closer to the problematic code.
This bug report was last modified 8 years and 200 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.