Package: emacs;
Reported by: Gemini Lasswell <gazally <at> runbox.com>
Date: Thu, 11 Oct 2018 05:32:01 UTC
Severity: normal
Tags: fixed
Found in version 26.1.50
Fixed in version 27.1
Done: Gemini Lasswell <gazally <at> runbox.com>
Bug is archived. No further changes may be made.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
From: Gemini Lasswell <gazally <at> runbox.com> To: bug-gnu-emacs <at> gnu.org Subject: 26.1.50; 27.0.50; Fatal error after re-evaluating a thread's function Date: Wed, 10 Oct 2018 22:30:29 -0700
[Message part 1 (text/plain, inline)]
When I run some byte-compiled code which creates some threads, and then, while a thread is blocked, interactively evaluate the function which was used to create that thread, Emacs has a fatal error or segmentation fault when the thread becomes unblocked. To reproduce: Build Emacs from master with this patch, in which I've pasted some excerpts from my current project onto the end of lisp/thread.el. It's going to be like ERT but designed to run benchmarks instead of tests, but right now all it does is to create a buffer and three threads, set the threads up to communicate with each other, log their progress to *Messages*, and update the buffer when they finish:
[0001-Reproduce-Bswitch-segfault.patch (text/plain, attachment)]
[Message part 3 (text/plain, inline)]
Run Emacs with -Q, and then type:
M-x erb-summary-run RET
s
Wait several seconds for the second to the last line in the buffer to
change to "Finished". There will also be an echo area message about
erb--status being set to done.
Navigate to lisp/thread.el, select everything from the definition of
erb--benchmark-monitor to the end of the file, and use:
M-x eval-region RET
Return to the buffer created by erb-summary-run, and type 's' again.
Result:
lisp.h:2241: Emacs fatal error: assertion failed: HASH_TABLE_P (a)
My suspicion is that the garbage collector is freeing something needed
by the blocked thread. Setting gc-cons-threshold to 500M before doing
the steps above stops the error from happening.
Here's the backtrace. While trying to sort out how to reproduce this, I
also saw it segfault in Ffuncall, in styled_format, and in the Bswitch
case of exec_byte_code just past where this error occurs, when it tries
to access h->count.
Thread 7 (Thread 0x7f1cd4dec700 (LWP 21837)):
#0 terminate_due_to_signal (sig=sig <at> entry=6,
backtrace_limit=backtrace_limit <at> entry=2147483647) at emacs.c:369
#1 0x00000000005a4d99 in die (msg=msg <at> entry=0x678d52 "HASH_TABLE_P (a)",
file=file <at> entry=0x6768a5 "lisp.h", line=line <at> entry=2241) at alloc.c:7094
#2 0x00000000006122b5 in XHASH_TABLE (a=...) at lisp.h:2241
#3 exec_byte_code (bytestr=..., vector=..., maxdepth=..., args_template=...,
nargs=nargs <at> entry=0, args=<optimized out>,
args <at> entry=0x16eac38 <bss_sbrk_buffer+9926040>) at bytecode.c:1403
#4 0x00000000005cb972 in funcall_lambda (fun=..., nargs=nargs <at> entry=0,
arg_vector=0x16eac38 <bss_sbrk_buffer+9926040>,
arg_vector <at> entry=0x158ec58 <bss_sbrk_buffer+8500664>) at eval.c:3057
#5 0x00000000005c818b in Ffuncall (nargs=nargs <at> entry=1,
args=args <at> entry=0x158ec50 <bss_sbrk_buffer+8500656>) at eval.c:2870
#6 0x000000000064443b in invoke_thread_function () at thread.c:684
#7 0x00000000005c728f in internal_condition_case (
bfun=bfun <at> entry=0x644400 <invoke_thread_function>, handlers=...,
handlers <at> entry=XIL(0xc3c0), hfun=hfun <at> entry=0x644320 <record_thread_error>)
at eval.c:1373
#8 0x0000000000644dd1 in run_thread (state=0x158ec30 <bss_sbrk_buffer+8500624>)
at thread.c:723
#9 0x00007f1cebf602a7 in start_thread ()
from /nix/store/hwwqshlmazzjzj7yhrkyjydxamvvkfd3-glibc-2.26-131/lib/libpthread.so.0
#10 0x00007f1ceb5fd57f in clone ()
from /nix/store/hwwqshlmazzjzj7yhrkyjydxamvvkfd3-glibc-2.26-131/lib/libc.so.6
Thread 7 (Thread 0x7f1cd4dec700 (LWP 21837)):
"erb--benchmark-monitor-func" (0x158ec58)
In GNU Emacs 27.0.50 (build 1, x86_64-pc-linux-gnu, GTK+ Version 3.22.28)
of 2018-10-09 built on sockeye
Repository revision: 708444efad7a2ce1e309532898b844527e2d9c64
Windowing system distributor 'The X.Org Foundation', version 11.0.11906000
System Description: NixOS 18.03.git.bd06547 (Impala)
Recent messages:
For information about GNU Emacs and the GNU system, type C-h C-a.
Configured using:
'configure --prefix=/home/gem/src/emacs/master/bin --with-modules
--with-x-toolkit=gtk3 --with-xft --config-cache
--enable-checking=yes,glyphs --enable-check-lisp-object-type'
Configured features:
XPM JPEG TIFF GIF PNG RSVG SOUND DBUS GSETTINGS GLIB NOTIFY LIBSELINUX
GNUTLS LIBXML2 FREETYPE XFT ZLIB TOOLKIT_SCROLL_BARS GTK3 X11 XDBE XIM
MODULES THREADS GMP
Important settings:
value of $EMACSLOADPATH:
value of $LANG: en_US.UTF-8
locale-coding-system: utf-8-unix
Major mode: Lisp Interaction
Minor modes in effect:
tooltip-mode: t
global-eldoc-mode: t
eldoc-mode: t
electric-indent-mode: t
mouse-wheel-mode: t
tool-bar-mode: t
menu-bar-mode: t
file-name-shadow-mode: t
global-font-lock-mode: t
font-lock-mode: t
blink-cursor-mode: t
auto-composition-mode: t
auto-encryption-mode: t
auto-compression-mode: t
line-number-mode: t
transient-mark-mode: t
Load-path shadows:
None found.
Features:
(shadow sort mail-extr emacsbug message rmc puny seq byte-opt gv
bytecomp byte-compile cconv dired dired-loaddefs format-spec rfc822 mml
easymenu mml-sec password-cache epa derived epg epg-config gnus-util
rmail rmail-loaddefs time-date mm-decode mm-bodies mm-encode mail-parse
rfc2231 mailabbrev gmm-utils mailheader cl-loaddefs cl-lib sendmail
rfc2047 rfc2045 ietf-drums mm-util mail-prsvr mail-utils elec-pair
mule-util tooltip eldoc electric uniquify ediff-hook vc-hooks
lisp-float-type mwheel term/x-win x-win term/common-win x-dnd tool-bar
dnd fontset image regexp-opt fringe tabulated-list replace newcomment
text-mode elisp-mode lisp-mode prog-mode register page menu-bar
rfn-eshadow isearch timer select scroll-bar mouse jit-lock font-lock
syntax facemenu font-core term/tty-colors frame cl-generic cham georgian
utf-8-lang misc-lang vietnamese tibetan thai tai-viet lao korean
japanese eucjp-ms cp51932 hebrew greek romanian slovak czech european
ethiopic indian cyrillic chinese composite charscript charprop
case-table epa-hook jka-cmpr-hook help simple abbrev obarray minibuffer
cl-preloaded nadvice loaddefs button faces cus-face macroexp files
text-properties overlay sha1 md5 base64 format env code-pages mule
custom widget hashtable-print-readable backquote threads dbusbind
inotify dynamic-setting system-font-setting font-render-setting
move-toolbar gtk x-toolkit x multi-tty make-network-process emacs)
Memory information:
((conses 16 94967 9472)
(symbols 48 20045 1)
(strings 32 28456 1769)
(string-bytes 1 816313)
(vectors 16 14265)
(vector-slots 8 504082 12268)
(floats 8 47 70)
(intervals 56 213 0)
(buffers 992 11))
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.