Package: emacs;
Reported by: james <at> jojojames.com
Date: Thu, 18 Aug 2022 00:39:01 UTC
Severity: normal
Found in version 28.1
View this message in rfc822 format
From: james <at> jojojames.com To: Eli Zaretskii <eliz <at> gnu.org> Cc: 57267 <at> debbugs.gnu.org Subject: bug#57267: 28.1; emacs crashes when loading too many images Date: Fri, 19 Aug 2022 02:01:13 -0400
Here’s another trace, not sure if it would help or not.
Process 52957 stopped
* thread #113, stop reason = EXC_BAD_ACCESS (code=2, address=0x18abe96d0)
frame #0: 0x000000018abe96d0
Target 0: (Emacs) stopped.
(lldb) bt
* thread #113, stop reason = EXC_BAD_ACCESS (code=2, address=0x18abe96d0)
* frame #0: 0x000000018abe96d0
frame #1: 0x00007fff31a448da AppleVPA`___lldb_unnamed_symbol479$$AppleVPA + 336
frame #2: 0x00007fff31a427ec AppleVPA`___lldb_unnamed_symbol455$$AppleVPA + 254
frame #3: 0x00007fff204a48fc libsystem_pthread.dylib`_pthread_start + 224
frame #4: 0x00007fff204a0443 libsystem_pthread.dylib`thread_start + 15
(lldb) thread select 1
* thread #1, queue = 'com.apple.main-thread'
frame #0: 0x00007fff202cd0f8 libsystem_malloc.dylib`small_malloc_from_free_list + 531
libsystem_malloc.dylib`small_malloc_from_free_list:
-> 0x7fff202cd0f8 <+531>: leaq 0x604d16b1(%rip), %rax ; malloc_entropy
0x7fff202cd0ff <+538>: movzwl 0x1(%rax), %eax
0x7fff202cd103 <+542>: cmpl %eax, %r8d
0x7fff202cd106 <+545>: jne 0x7fff202cd147 ; <+610>
(lldb) bt all
* thread #1, queue = 'com.apple.main-thread'
* frame #0: 0x00007fff202cd0f8 libsystem_malloc.dylib`small_malloc_from_free_list + 531
frame #1: 0x00007fff202cc877 libsystem_malloc.dylib`small_malloc_should_clear + 259
frame #2: 0x00007fff202cc692 libsystem_malloc.dylib`szone_malloc_should_clear + 109
frame #3: 0x00007fff202e5f3b libsystem_malloc.dylib`_malloc_zone_malloc + 118
frame #4: 0x00007fff2051ff87 CoreFoundation`_CFRuntimeCreateInstance + 587
frame #5: 0x00007fff2bc86720 VideoToolbox`___lldb_unnamed_symbol1153$$VideoToolbox + 60
frame #6: 0x00007fff2bc7c331 VideoToolbox`___lldb_unnamed_symbol1119$$VideoToolbox + 5933
frame #7: 0x00007fff2bc7ab8b VideoToolbox`___lldb_unnamed_symbol1118$$VideoToolbox + 296
frame #8: 0x00007fff2bc515b7 VideoToolbox`___lldb_unnamed_symbol778$$VideoToolbox + 663
frame #9: 0x00007fff2bbd5ee3 VideoToolbox`___lldb_unnamed_symbol120$$VideoToolbox + 11943
frame #10: 0x00007fff2bbb1a6e VideoToolbox`VTPixelTransferSessionTransferImage + 1259
frame #11: 0x00007fff2c4e30b9 MediaToolbox`___lldb_unnamed_symbol11295$$MediaToolbox + 4079
frame #12: 0x00007fff2c0515b9 MediaToolbox`FigPhotoScaleAndRotateSessionTransformForSize + 247
frame #13: 0x00007fff2c3afdea MediaToolbox`___lldb_unnamed_symbol7966$$MediaToolbox + 2665
frame #14: 0x00007fff2c3acb81 MediaToolbox`___lldb_unnamed_symbol7929$$MediaToolbox + 74
frame #15: 0x00007fff2c060c88 MediaToolbox`FigPhotoDecompressionContainerCreateImageForIndex + 81
frame #16: 0x00007fff28b7ccac ImageIO`AppleJPEGReadPlugin::copyIOSurfaceCallback(InfoRec*, CGImageProvider*, __CFDictionary const*) + 802
frame #17: 0x00007fff28b7d570 ImageIO`AppleJPEGReadPlugin::createImageBlockSetWithHardwareDecode(InfoRec*, CGImageProvider*, CGSize, __CFDictionary const*) + 154
frame #18: 0x00007fff28b0f679 ImageIO`AppleJPEGReadPlugin::copyImageBlockSet(InfoRec*, CGImageProvider*, CGRect, CGSize, __CFDictionary const*) + 1955
frame #19: 0x00007fff28b0e998 ImageIO`IIO_Reader::CopyImageBlockSetProc(void*, CGImageProvider*, CGRect, CGSize, __CFDictionary const*) + 100
frame #20: 0x00007fff28b2c527 ImageIO`IIOImageProviderInfo::copyImageBlockSetWithOptions(CGImageProvider*, CGRect, CGSize, __CFDictionary const*) + 663
frame #21: 0x00007fff28b0e8d0 ImageIO`IIOImageProviderInfo::CopyImageBlockSetWithOptions(void*, CGImageProvider*, CGRect, CGSize, __CFDictionary const*) + 680
frame #22: 0x00007fff250e076b CoreGraphics`CGImageCreateSubsampledImage + 594
frame #23: 0x00007fff250e0000 CoreGraphics`ripc_DrawImage + 507
frame #24: 0x00007fff250df4f7 CoreGraphics`CGContextDrawImageWithOptions + 454
frame #25: 0x00007fff22f119c5 AppKit`__74-[NSImageRep drawInRect:fromRect:operation:fraction:respectFlipped:hints:]_block_invoke + 902
frame #26: 0x00007fff22f114fa AppKit`-[NSImageRep drawInRect:fromRect:operation:fraction:respectFlipped:hints:] + 936
frame #27: 0x00007fff233b1dbc AppKit`__71-[NSImage drawInRect:fromRect:operation:fraction:respectFlipped:hints:]_block_invoke.1340 + 967
frame #28: 0x00007fff22eea8b9 AppKit`-[NSImage _usingBestRepresentationForRect:context:hints:body:] + 129
frame #29: 0x00007fff22f10ec1 AppKit`-[NSImage drawInRect:fromRect:operation:fraction:respectFlipped:hints:] + 1359
frame #30: 0x000000010049358c Emacs`ns_dumpglyphs_image(s=0x00007ffeefbfa140, r=(origin = (x = 10, y = 586), size = (width = 1296, height = 143))) at nsterm.m:3952:7
frame #31: 0x000000010048f75e Emacs`ns_draw_glyph_string(s=0x00007ffeefbfa140) at nsterm.m:4349:7
frame #32: 0x0000000100092b81 Emacs`draw_glyphs(w=0x000000011f05c210, x=1142, row=0x000000014b818a00, area=TEXT_AREA, start=0, end=75, hl=DRAW_NORMAL_TEXT, overlaps=0) at xdisp.c:30449:5
frame #33: 0x000000010008f72d Emacs`gui_write_glyphs(w=0x000000011f05c210, updated_row=0x000000014b818a00, start=0x00000001c4182400, updated_area=TEXT_AREA, len=75) at xdisp.c:32509:7
frame #34: 0x0000000100019566 Emacs`update_text_area(w=0x000000011f05c210, updated_row=0x000000014b818a00, vpos=2, partial_p=0x00007ffeefbfaa4e) at dispnew.c:3981:2
frame #35: 0x000000010001726d Emacs`update_window_line(w=0x000000011f05c210, vpos=2, mouse_face_overwritten_p=0x00007ffeefbfab12) at dispnew.c:4239:11
frame #36: 0x0000000100009bc6 Emacs`update_window(w=0x000000011f05c210, force_p=true) at dispnew.c:3719:19
frame #37: 0x000000010000a212 Emacs`update_window_tree(w=0x000000011f05c210, force_p=true) at dispnew.c:3444:14
frame #38: 0x0000000100009278 Emacs`update_frame(f=0x000000011f05ba30, force_p=true, inhibit_hairy_id_p=false) at dispnew.c:3279:18
frame #39: 0x000000010006dd0f Emacs`redisplay_internal at xdisp.c:17096:14
frame #40: 0x00000001000763e9 Emacs`redisplay at xdisp.c:16103:3
frame #41: 0x00000001001cf700 Emacs`read_char(commandflag=1, map=(EMACS_INT) $57 = 12384940296, prev_event=(struct Lisp_Symbol *) $60 = 0x0000000100bb11e0, used_mouse_menu=0x00007ffeefbfe58f, end_time=0x0000000000000000) at keyboard.c:2643:6
frame #42: 0x00000001001cae45 Emacs`read_key_sequence(keybuf=(struct Lisp_Cons *) $62 = 0x00000000000001b0, prompt=(struct Lisp_Symbol *) $65 = 0x0000000100bb11e0, dont_downcase_last=false, can_return_switch_frame=true, fix_current_buffer=true, prevent_redisplay=false) at keyboard.c:10045:12
frame #43: 0x00000001001c890e Emacs`command_loop_1 at keyboard.c:1384:15
frame #44: 0x0000000100314451 Emacs`internal_condition_case(bfun=(Emacs`command_loop_1 at keyboard.c:1277), handlers=(struct Lisp_Symbol *) $68 = 0x0000000100bb1270, hfun=(Emacs`cmd_error at keyboard.c:935)) at eval.c:1497:25
frame #45: 0x00000001001c8203 Emacs`command_loop_2(handlers=(struct Lisp_Symbol *) $71 = 0x0000000100bb1270) at keyboard.c:1132:11
frame #46: 0x00000001003134e6 Emacs`internal_catch(tag=(struct Lisp_Symbol *) $74 = 0x0000000100bbfbe0, func=(Emacs`command_loop_2 at keyboard.c:1128), arg=(struct Lisp_Symbol *) $77 = 0x0000000100bb1270) at eval.c:1220:25
frame #47: 0x00000001001c7175 Emacs`command_loop at keyboard.c:1110:2
frame #48: 0x00000001001c6f60 Emacs`recursive_edit_1 at keyboard.c:719:9
frame #49: 0x00000001001c75a4 Emacs`Frecursive_edit at keyboard.c:802:3
frame #50: 0x00000001001c3a2b Emacs`main(argc=1, argv=0x00007ffeefbff2e8) at emacs.c:2517:3
frame #51: 0x00007fff204bff3d libdyld.dylib`start + 1
frame #52: 0x00007fff204bff3d libdyld.dylib`start + 1
thread #4, name = 'gmain'
frame #0: 0x00007fff20477646 libsystem_kernel.dylib`__select + 10
frame #1: 0x000000010211c56b libglib-2.0.0.dylib`g_poll + 505
frame #2: 0x000000010210fc2a libglib-2.0.0.dylib`g_main_context_iterate + 340
frame #3: 0x000000010210fcd8 libglib-2.0.0.dylib`g_main_context_iteration + 55
frame #4: 0x0000000102110e35 libglib-2.0.0.dylib`glib_worker_main + 30
frame #5: 0x0000000102132ff2 libglib-2.0.0.dylib`g_thread_proxy + 66
frame #6: 0x00007fff204a48fc libsystem_pthread.dylib`_pthread_start + 224
frame #7: 0x00007fff204a0443 libsystem_pthread.dylib`thread_start + 15
thread #8
frame #0: 0x00007fff20473d52 libsystem_kernel.dylib`__pselect + 10
frame #1: 0x00007fff20473c6f libsystem_kernel.dylib`pselect$DARWIN_EXTSN + 42
frame #2: 0x0000000100472c7b Emacs`-[EmacsApp fd_handler:](self=0x000000011e876440, _cmd="fd_handler:", unused=0x0000000000000000) at nsterm.m:6303:20
frame #3: 0x00007fff21325447 Foundation`__NSThread__start__ + 1068
frame #4: 0x00007fff204a48fc libsystem_pthread.dylib`_pthread_start + 224
frame #5: 0x00007fff204a0443 libsystem_pthread.dylib`thread_start + 15
thread #10, name = 'com.apple.NSEventThread'
frame #0: 0x00007fff2046f2aa libsystem_kernel.dylib`mach_msg_trap + 10
frame #1: 0x00007fff2046f61c libsystem_kernel.dylib`mach_msg + 60
frame #2: 0x00007fff2059cecf CoreFoundation`__CFRunLoopServiceMachPort + 316
frame #3: 0x00007fff2059b5af CoreFoundation`__CFRunLoopRun + 1328
frame #4: 0x00007fff2059a9bc CoreFoundation`CFRunLoopRunSpecific + 563
frame #5: 0x00007fff22f29bba AppKit`_NSEventThread + 124
frame #6: 0x00007fff204a48fc libsystem_pthread.dylib`_pthread_start + 224
frame #7: 0x00007fff204a0443 libsystem_pthread.dylib`thread_start + 15
thread #98
frame #0: 0x00007fff204a0420 libsystem_pthread.dylib`start_wqthread
thread #104
frame #0: 0x00007fff204a0420 libsystem_pthread.dylib`start_wqthread
thread #105
frame #0: 0x00007fff204a0420 libsystem_pthread.dylib`start_wqthread
thread #108
frame #0: 0x00007fff2047094e libsystem_kernel.dylib`__workq_kernreturn + 10
frame #1: 0x00007fff204a14c1 libsystem_pthread.dylib`_pthread_wqthread + 414
frame #2: 0x00007fff204a042f libsystem_pthread.dylib`start_wqthread + 15
thread #109
frame #0: 0x00007fff204a0420 libsystem_pthread.dylib`start_wqthread
thread #110
frame #0: 0x00007fff204a0420 libsystem_pthread.dylib`start_wqthread
thread #111
frame #0: 0x00007fff2047094e libsystem_kernel.dylib`__workq_kernreturn + 10
frame #1: 0x00007fff204a14c1 libsystem_pthread.dylib`_pthread_wqthread + 414
frame #2: 0x00007fff204a042f libsystem_pthread.dylib`start_wqthread + 15
thread #112
frame #0: 0x00007fff2047094e libsystem_kernel.dylib`__workq_kernreturn + 10
frame #1: 0x00007fff204a14c1 libsystem_pthread.dylib`_pthread_wqthread + 414
frame #2: 0x00007fff204a042f libsystem_pthread.dylib`start_wqthread + 15
thread #113
frame #0: 0x000000018abe96d0
frame #1: 0x00007fff31a448da AppleVPA`___lldb_unnamed_symbol479$$AppleVPA + 336
frame #2: 0x00007fff31a427ec AppleVPA`___lldb_unnamed_symbol455$$AppleVPA + 254
frame #3: 0x00007fff204a48fc libsystem_pthread.dylib`_pthread_start + 224
frame #4: 0x00007fff204a0443 libsystem_pthread.dylib`thread_start + 15
(lldb) xbacktrace
(unsigned char *) data = 0x0000000100540c8e "redisplay_internal (C function)"
(lldb)
> On Aug 19, 2022, at 1:55 AM, Eli Zaretskii <eliz <at> gnu.org> wrote:
>
>> From: james <at> jojojames.com
>> Date: Thu, 18 Aug 2022 16:14:26 -0400
>> Cc: 57267 <at> debbugs.gnu.org
>>
>> Process 35748 stopped
>> * thread #44, stop reason = EXC_BAD_ACCESS (code=2, address=0x718b828a0)
>> frame #0: 0x0000000718b828a0
>> -> 0x718b828a0: addb %al, (%rax)
>> 0x718b828a2: addb %al, (%rax)
>> 0x718b828a4: addb %al, (%rax)
>> 0x718b828a6: addb %al, (%rax)
>> Target 0: (Emacs) stopped.
>> (lldb)
>
> Thread 44 doesn't look like our thread. If it stopped due to
> EXC_BAD_ACCESS, then I don't know what to say about this.
>
> Thread 1, which is the main Lisp thread, seems to be inside the Apple
> library that handles JPEG images:
>
>> (lldb) thread select 1
>> * thread #1, queue = 'com.apple.main-thread'
>> frame #0: 0x00007fff204709de libsystem_kernel.dylib`__ulock_wait + 10
>> libsystem_kernel.dylib`__ulock_wait:
>> -> 0x7fff204709de <+10>: jae 0x7fff204709e8 ; <+20>
>> 0x7fff204709e0 <+12>: movq %rax, %rdi
>> 0x7fff204709e3 <+15>: jmp 0x7fff2046fac9 ; cerror_nocancel
>> 0x7fff204709e8 <+20>: retq
>> (lldb) bt
>> * thread #1, queue = 'com.apple.main-thread'
>> * frame #0: 0x00007fff204709de libsystem_kernel.dylib`__ulock_wait + 10
>> frame #1: 0x00007fff204a5f60 libsystem_pthread.dylib`_pthread_join + 362
>> frame #2: 0x00007fff31a4287c AppleVPA`___lldb_unnamed_symbol456$$AppleVPA + 132
>> frame #3: 0x00007fff31a3abde AppleVPA`___lldb_unnamed_symbol279$$AppleVPA + 72
>> frame #4: 0x00007fff2066775a CoreFoundation`_CFRelease + 244
>> frame #5: 0x00007fff2053e583 CoreFoundation`__RELEASE_OBJECTS_IN_THE_ARRAY__ + 118
>> frame #6: 0x00007fff2053e4c6 CoreFoundation`-[__NSArrayM dealloc] + 279
>> frame #7: 0x00007fff2c082f12 MediaToolbox`___lldb_unnamed_symbol186$$MediaToolbox + 270
>> frame #8: 0x00007fff2066775a CoreFoundation`_CFRelease + 244
>> frame #9: 0x00007fff28b7ce57 ImageIO`AppleJPEGReadPlugin::copyIOSurfaceCallback(InfoRec*, CGImageProvider*, __CFDictionary const*) + 1229
>> frame #10: 0x00007fff28b7d570 ImageIO`AppleJPEGReadPlugin::createImageBlockSetWithHardwareDecode(InfoRec*, CGImageProvider*, CGSize, __CFDictionary const*) + 154
>> frame #11: 0x00007fff28b0f679 ImageIO`AppleJPEGReadPlugin::copyImageBlockSet(InfoRec*, CGImageProvider*, CGRect, CGSize, __CFDictionary const*) + 1955
>> frame #12: 0x00007fff28b0e998 ImageIO`IIO_Reader::CopyImageBlockSetProc(void*, CGImageProvider*, CGRect, CGSize, __CFDictionary const*) + 100
>> frame #13: 0x00007fff28b2c527 ImageIO`IIOImageProviderInfo::copyImageBlockSetWithOptions(CGImageProvider*, CGRect, CGSize, __CFDictionary const*) + 663
>> frame #14: 0x00007fff28b0e8d0 ImageIO`IIOImageProviderInfo::CopyImageBlockSetWithOptions(void*, CGImageProvider*, CGRect, CGSize, __CFDictionary const*) + 680
>> frame #15: 0x00007fff250e82d0 CoreGraphics`imageProvider_retain_data + 77
>> frame #16: 0x00007fff250e8246 CoreGraphics`CGDataProviderRetainData + 75
>> frame #17: 0x00007fff250e826b CoreGraphics`provider_for_destination_retain_data + 17
>> frame #18: 0x00007fff250e8246 CoreGraphics`CGDataProviderRetainData + 75
>> frame #19: 0x00007fff250e80f6 CoreGraphics`CGAccessSessionCreate + 98
>> frame #20: 0x00007fff250e9e57 CoreGraphics`get_access_session + 44
>> frame #21: 0x00007fff250e954c CoreGraphics`img_raw_read + 1302
>> frame #22: 0x00007fff251440f9 CoreGraphics`img_interpolate_read + 753
>> frame #23: 0x00007fff250e75bc CoreGraphics`img_data_lock + 6164
>> frame #24: 0x00007fff250e22f0 CoreGraphics`CGSImageDataLock + 1230
>> frame #25: 0x00007fff250e1de9 CoreGraphics`RIPImageDataInitializeShared + 164
>> frame #26: 0x00007fff250e1aaa CoreGraphics`RIPImageCacheGetRetained + 750
>> frame #27: 0x00007fff250e1574 CoreGraphics`ripc_AcquireRIPImageData + 384
>> frame #28: 0x00007fff250e02a1 CoreGraphics`ripc_DrawImage + 1180
>> frame #29: 0x00007fff250df4f7 CoreGraphics`CGContextDrawImageWithOptions + 454
>> frame #30: 0x00007fff22f119c5 AppKit`__74-[NSImageRep drawInRect:fromRect:operation:fraction:respectFlipped:hints:]_block_invoke + 902
>> frame #31: 0x00007fff22f114fa AppKit`-[NSImageRep drawInRect:fromRect:operation:fraction:respectFlipped:hints:] + 936
>> frame #32: 0x00007fff233b1dbc AppKit`__71-[NSImage drawInRect:fromRect:operation:fraction:respectFlipped:hints:]_block_invoke.1340 + 967
>> frame #33: 0x00007fff22eea8b9 AppKit`-[NSImage _usingBestRepresentationForRect:context:hints:body:] + 129
>> frame #34: 0x00007fff22f10ec1 AppKit`-[NSImage drawInRect:fromRect:operation:fraction:respectFlipped:hints:] + 1359
>> frame #35: 0x000000010049358c Emacs`ns_dumpglyphs_image(s=0x00007ffeefbfa220, r=(origin = (x = 10, y = 222), size = (width = 700, height = 507))) at nsterm.m:3952:7
>> frame #36: 0x000000010048f75e Emacs`ns_draw_glyph_string(s=0x00007ffeefbfa220) at nsterm.m:4349:7
>> frame #37: 0x0000000100092b81 Emacs`draw_glyphs(w=0x0000000106152630, x=672, row=0x000000010424f700, area=TEXT_AREA, start=0, end=20, hl=DRAW_NORMAL_TEXT, overlaps=0) at xdisp.c:30449:5
>
> So again, I don't see what that has to do with Emacs.
>
> OTOH, redisplay works on macOS very differently from other platforms,
> so maybe we are somehow causing this?
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.