GNU bug report logs - #55068
29.0.50; crashes when trying to set default font

Previous Next

Package: emacs;

Reported by: Gregor Zattler <telegraph <at> gmx.net>

Date: Fri, 22 Apr 2022 18:39:02 UTC

Severity: normal

Tags: confirmed

Found in version 29.0.50

Full log

View this message in rfc822 format

From: Lars Ingebrigtsen <larsi <at> gnus.org>
To: Po Lu <luangruo <at> yahoo.com>
Cc: Eli Zaretskii <eliz <at> gnu.org>, 55068 <at> debbugs.gnu.org, telegraph <at> gmx.net
Subject: bug#55068: 29.0.50; crashes when trying to set default font
Date: Mon, 23 May 2022 14:24:04 +0200

This is the output from valgrind (from after I started the menu):

==3291841== More than 100 errors detected.  Subsequent errors
==3291841== will still be recorded, but in less detail than before.
==3291841== Syscall param pselect6(sig) points to unaddressable byte(s)
==3291841==    at 0x74A61F3: pselect (pselect.c:52)
==3291841==    by 0x4309BA: really_call_select (thread.c:612)
==3291841==    by 0x3632C9: flush_stack_call_func1 (alloc.c:5189)
==3291841==    by 0x42FDD7: flush_stack_call_func (lisp.h:4201)
==3291841==    by 0x430A7A: thread_select (thread.c:644)
==3291841==    by 0x462D43: xg_select (xgselect.c:182)
==3291841==    by 0x1E2D7F: x_menu_wait_for_event (xmenu.c:219)
==3291841==    by 0x1E2E92: popup_widget_loop (xmenu.c:621)
==3291841==    by 0x1E4284: create_and_show_popup_menu (xmenu.c:1596)
==3291841==    by 0x1E4CB6: x_menu_show (xmenu.c:2090)
==3291841==    by 0x1E2009: x_popup_menu_1 (menu.c:1402)
==3291841==    by 0x1E2088: Fx_popup_menu (menu.c:1466)
==3291841==  Address 0x1009d0d0b0 is 0 bytes inside a block of size 32 in arena "core"
==3291841== 
==3291841== Conditional jump or move depends on uninitialised value(s)
==3291841==    at 0x35D5B0: pdumper_object_p (pdumper.h:166)
==3291841==    by 0x361C28: set_string_marked (alloc.c:4009)
==3291841==    by 0x366339: process_mark_stack (alloc.c:6805)
==3291841==    by 0x3667EB: mark_object (alloc.c:7023)
==3291841==    by 0x3631B1: mark_maybe_pointer (alloc.c:4906)
==3291841==    by 0x363232: mark_memory (alloc.c:4956)
==3291841==    by 0x36328B: mark_c_stack (alloc.c:5148)
==3291841==    by 0x430ACC: mark_one_thread (thread.c:658)
==3291841==    by 0x430BA0: mark_threads_callback (thread.c:691)
==3291841==    by 0x3632C9: flush_stack_call_func1 (alloc.c:5189)
==3291841==    by 0x42FDD7: flush_stack_call_func (lisp.h:4201)
==3291841==    by 0x430BD2: mark_threads (thread.c:698)
==3291841== 
==3291841== Conditional jump or move depends on uninitialised value(s)
==3291841==    at 0x35D5BD: pdumper_object_p (pdumper.h:166)
==3291841==    by 0x361C28: set_string_marked (alloc.c:4009)
==3291841==    by 0x366339: process_mark_stack (alloc.c:6805)
==3291841==    by 0x3667EB: mark_object (alloc.c:7023)
==3291841==    by 0x3631B1: mark_maybe_pointer (alloc.c:4906)
==3291841==    by 0x363232: mark_memory (alloc.c:4956)
==3291841==    by 0x36328B: mark_c_stack (alloc.c:5148)
==3291841==    by 0x430ACC: mark_one_thread (thread.c:658)
==3291841==    by 0x430BA0: mark_threads_callback (thread.c:691)
==3291841==    by 0x3632C9: flush_stack_call_func1 (alloc.c:5189)
==3291841==    by 0x42FDD7: flush_stack_call_func (lisp.h:4201)
==3291841==    by 0x430BD2: mark_threads (thread.c:698)
==3291841== 
==3291841== Use of uninitialised value of size 8
==3291841==    at 0x361C3F: set_string_marked (alloc.c:4012)
==3291841==    by 0x366339: process_mark_stack (alloc.c:6805)
==3291841==    by 0x3667EB: mark_object (alloc.c:7023)
==3291841==    by 0x3631B1: mark_maybe_pointer (alloc.c:4906)
==3291841==    by 0x363232: mark_memory (alloc.c:4956)
==3291841==    by 0x36328B: mark_c_stack (alloc.c:5148)
==3291841==    by 0x430ACC: mark_one_thread (thread.c:658)
==3291841==    by 0x430BA0: mark_threads_callback (thread.c:691)
==3291841==    by 0x3632C9: flush_stack_call_func1 (alloc.c:5189)
==3291841==    by 0x42FDD7: flush_stack_call_func (lisp.h:4201)
==3291841==    by 0x430BD2: mark_threads (thread.c:698)
==3291841==    by 0x3651C9: garbage_collect (alloc.c:6185)
==3291841== 
==3291841== Use of uninitialised value of size 8
==3291841==    at 0x361C53: set_string_marked (alloc.c:4012)
==3291841==    by 0x366339: process_mark_stack (alloc.c:6805)
==3291841==    by 0x3667EB: mark_object (alloc.c:7023)
==3291841==    by 0x3631B1: mark_maybe_pointer (alloc.c:4906)
==3291841==    by 0x363232: mark_memory (alloc.c:4956)
==3291841==    by 0x36328B: mark_c_stack (alloc.c:5148)
==3291841==    by 0x430ACC: mark_one_thread (thread.c:658)
==3291841==    by 0x430BA0: mark_threads_callback (thread.c:691)
==3291841==    by 0x3632C9: flush_stack_call_func1 (alloc.c:5189)
==3291841==    by 0x42FDD7: flush_stack_call_func (lisp.h:4201)
==3291841==    by 0x430BD2: mark_threads (thread.c:698)
==3291841==    by 0x3651C9: garbage_collect (alloc.c:6185)
==3291841== 
==3291841== Use of uninitialised value of size 8
==3291841==    at 0x36633A: process_mark_stack (alloc.c:6806)
==3291841==    by 0x3667EB: mark_object (alloc.c:7023)
==3291841==    by 0x3631B1: mark_maybe_pointer (alloc.c:4906)
==3291841==    by 0x363232: mark_memory (alloc.c:4956)
==3291841==    by 0x36328B: mark_c_stack (alloc.c:5148)
==3291841==    by 0x430ACC: mark_one_thread (thread.c:658)
==3291841==    by 0x430BA0: mark_threads_callback (thread.c:691)
==3291841==    by 0x3632C9: flush_stack_call_func1 (alloc.c:5189)
==3291841==    by 0x42FDD7: flush_stack_call_func (lisp.h:4201)
==3291841==    by 0x430BD2: mark_threads (thread.c:698)
==3291841==    by 0x3651C9: garbage_collect (alloc.c:6185)
==3291841==    by 0x364F7B: maybe_garbage_collect (alloc.c:6088)
==3291841== 
==3291841== Warning: client switching stacks?  SP change: 0x1ffeffdf60 --> 0x1ffe619240
==3291841==          to suppress, use: --max-stackframe=10374432 or greater
==3291841== Warning: client switching stacks?  SP change: 0x1ffe619240 --> 0x1ffdc34520
==3291841==          to suppress, use: --max-stackframe=10374432 or greater
==3291841== Invalid write of size 8
==3291841==    at 0x1E43BF: x_menu_show (xmenu.c:1903)
==3291841==  Address 0x1ffdc34518 is on thread 1's stack
==3291841== 
Fatal error 11: Segmentation fault
Backtrace:
./emacs(+0x1f4ec9)[0x2fcec9]
./emacs(+0x1c5d68)[0x2cdd68]
./emacs(+0x1f4713)[0x2fc713]
./emacs(+0x1f46e8)[0x2fc6e8]
./emacs(+0x1f4754)[0x2fc754]
./emacs(+0x1f48f8)[0x2fc8f8]
/lib/x86_64-linux-gnu/libpthread.so.0(+0x12200)[0x705e200]
./emacs(+0xdc3bf)[0x1e43bf]
./emacs(+0xda00a)[0x1e200a]
./emacs(+0xda089)[0x1e2089]
./emacs(+0x290997)[0x398997]
./emacs(+0x2e2735)[0x3ea735]
./emacs(+0x290c82)[0x398c82]
./emacs(+0x290ff6)[0x398ff6]
./emacs(+0x290e14)[0x398e14]
./emacs(+0x28f50b)[0x39750b]
./emacs(+0x28eafd)[0x396afd]
./emacs(+0x290997)[0x398997]
./emacs(+0x2e2735)[0x3ea735]
./emacs(+0x290c82)[0x398c82]
./emacs(+0x290ff6)[0x398ff6]
./emacs(+0x29056b)[0x39856b]
./emacs(+0x2907c7)[0x3987c7]
./emacs(+0x286894)[0x38e894]
./emacs(+0x290bae)[0x398bae]
./emacs(+0x29051f)[0x39851f]
./emacs(+0x2907c7)[0x3987c7]
./emacs(+0x288ca7)[0x390ca7]
./emacs(+0x2909ca)[0x3989ca]
./emacs(+0x2e2735)[0x3ea735]
./emacs(+0x290c82)[0x398c82]
./emacs(+0x290ff6)[0x398ff6]
./emacs(+0x29056b)[0x39856b]
./emacs(+0x2907c7)[0x3987c7]
./emacs(+0x1cb0a5)[0x2d30a5]
./emacs(+0x1ce03b)[0x2d603b]
./emacs(+0x28cda2)[0x394da2]
./emacs(+0x1cd4da)[0x2d54da]
./emacs(+0x28c475)[0x394475]
./emacs(+0x1cd46c)[0x2d546c]
./emacs(+0x1cc9d4)[0x2d49d4]
...
==3291841== 
==3291841== Process terminating with default action of signal 11 (SIGSEGV)
==3291841==    at 0x705E07F: raise (raise.c:45)
==3291841==    by 0x2CDDB3: terminate_due_to_signal (emacs.c:458)
==3291841==    by 0x2FC712: handle_fatal_signal (sysdep.c:1780)
==3291841==    by 0x2FC6E7: deliver_thread_signal (sysdep.c:1772)
==3291841==    by 0x2FC753: deliver_fatal_thread_signal (sysdep.c:1792)
==3291841==    by 0x2FC8F7: handle_sigsegv (sysdep.c:1885)
==3291841==    by 0x705E1FF: ??? (in /usr/lib/x86_64-linux-gnu/libpthread-2.33.so)
==3291841==    by 0x1E43BE: x_menu_show (xmenu.c:1901)
==3291841== 
==3291841== HEAP SUMMARY:
==3291841==     in use at exit: 79,361,910 bytes in 133,428 blocks
==3291841==   total heap usage: 691,341 allocs, 557,913 frees, 222,256,829 bytes allocated
==3291841== 
==3291841== LEAK SUMMARY:
==3291841==    definitely lost: 13,952 bytes in 47 blocks
==3291841==    indirectly lost: 26,621 bytes in 1,060 blocks
==3291841==      possibly lost: 107,553 bytes in 3,167 blocks
==3291841==    still reachable: 77,476,416 bytes in 119,425 blocks
==3291841==         suppressed: 0 bytes in 0 blocks
==3291841== Rerun with --leak-check=full to see details of leaked memory
==3291841== 
==3291841== Use --track-origins=yes to see where uninitialised values come from
==3291841== For lists of detected and suppressed errors, rerun with: -s
==3291841== ERROR SUMMARY: 416209 errors from 107 contexts (suppressed: 0 from 0)
Segmentation fault
larsi <at> xo:~/src/emacs/trunk/src$ 


-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no
This bug report was last modified 2 years and 361 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.