Package: emacs;
Reported by: Óscar Fuentes <oscarfv <at> eclipso.eu>
Date: Mon, 3 Mar 2025 04:33:04 UTC
Severity: normal
Found in version 31.0.50
Message #26 received at 76705 <at> debbugs.gnu.org (full text, mbox):
From: Óscar Fuentes <oscarfv <at> eclipso.eu> To: Pip Cet <pipcet <at> protonmail.com> Cc: 76705 <at> debbugs.gnu.org Subject: Re: bug#76705: 31.0.50; igc: crash Date: Mon, 03 Mar 2025 16:49:54 +0100
Pip Cet <pipcet <at> protonmail.com> writes:
> I assume this is a Linux kernel?
Correct.
$ uname -a
Linux zen 6.12.11-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.12.11-1 (2025-01-25) x86_64 GNU/Linux
> Can you do an objdump -h on the core file, reporting only the count of
> "load" sections? (Over here, I see about 3000 sections, which is a
> lot).
Tail of objdump -h :
9260 load8395 15760000 0000556e2e8c0000 0000000000000000 9d20f000 2**12
CONTENTS, ALLOC, LOAD
$ objdump -h dump | grep " load" | wc
9237 64659 747221
> What is the output of
>
> cat /proc/sys/vm/max_map_count
>
> ? It is 65530 here,
Same here.
> Thanks! This means that it was actually ProtSet which aborted, and since
> it doesn't show up in the backtrace it must have tail-called the
> assertion function. Can you disassemble ProtSet just to make sure that
> we're looking at an mprotect failure here?
(gdb) disass/s ProtSet
Dump of assembler code for function ProtSet:
0x0000556e0edcf8b0 <+0>: push %r12
0x0000556e0edcf8b2 <+2>: mov %edx,%r12d
0x0000556e0edcf8b5 <+5>: push %rbp
0x0000556e0edcf8b6 <+6>: mov %rdi,%rbp
0x0000556e0edcf8b9 <+9>: push %rbx
0x0000556e0edcf8ba <+10>: mov %rsi,%rbx
0x0000556e0edcf8bd <+13>: cmp %rsi,%rdi
0x0000556e0edcf8c0 <+16>: jae 0x556e0edcf958 <ProtSet+168>
0x0000556e0edcf8c6 <+22>: test %rbp,%rbp
0x0000556e0edcf8c9 <+25>: je 0x556e0edcf980 <ProtSet+208>
0x0000556e0edcf8cf <+31>: sub %rbp,%rbx
0x0000556e0edcf8d2 <+34>: cmp $0x7fffffff,%rbx
0x0000556e0edcf8d9 <+41>: ja 0x556e0edcf9b0 <ProtSet+256>
0x0000556e0edcf8df <+47>: mov $0x5,%edx
0x0000556e0edcf8e4 <+52>: cmp $0x2,%r12d
0x0000556e0edcf8e8 <+56>: je 0x556e0edcf8f6 <ProtSet+70>
0x0000556e0edcf8ea <+58>: ja 0x556e0edcf930 <ProtSet+128>
0x0000556e0edcf8ec <+60>: mov $0x7,%edx
0x0000556e0edcf8f1 <+65>: test %r12d,%r12d
0x0000556e0edcf8f4 <+68>: jne 0x556e0edcf94f <ProtSet+159>
0x0000556e0edcf8f6 <+70>: mov %rbx,%rsi
0x0000556e0edcf8f9 <+73>: mov %rbp,%rdi
0x0000556e0edcf8fc <+76>: call 0x556e0ead23b0 <mprotect <at> plt>
0x0000556e0edcf901 <+81>: test %eax,%eax
0x0000556e0edcf903 <+83>: je 0x556e0edcf928 <ProtSet+120>
0x0000556e0edcf905 <+85>: pop %rbx
--Type <RET> for more, q to quit, c to continue without paging--
0x0000556e0edcf906 <+86>: lea 0x3b536(%rip),%rdx # 0x556e0ee0ae43
0x0000556e0edcf90d <+93>: pop %rbp
0x0000556e0edcf90e <+94>: mov $0x75,%esi
0x0000556e0edcf913 <+99>: lea 0x4011b(%rip),%rdi # 0x556e0ee0fa35
0x0000556e0edcf91a <+106>: pop %r12
0x0000556e0edcf91c <+108>: jmp *0xbcf4e(%rip) # 0x556e0ee8c870 <mps_lib_assert_handler>
0x0000556e0edcf922 <+114>: nopw 0x0(%rax,%rax,1)
0x0000556e0edcf928 <+120>: pop %rbx
0x0000556e0edcf929 <+121>: pop %rbp
0x0000556e0edcf92a <+122>: pop %r12
0x0000556e0edcf92c <+124>: ret
0x0000556e0edcf92d <+125>: nopl (%rax)
0x0000556e0edcf930 <+128>: cmp $0x3,%r12d
0x0000556e0edcf934 <+132>: je 0x556e0edcf94f <ProtSet+159>
0x0000556e0edcf936 <+134>: lea 0x3b506(%rip),%rdx # 0x556e0ee0ae43
0x0000556e0edcf93d <+141>: mov $0x64,%esi
0x0000556e0edcf942 <+146>: lea 0x400ec(%rip),%rdi # 0x556e0ee0fa35
0x0000556e0edcf949 <+153>: call *0xbcf21(%rip) # 0x556e0ee8c870 <mps_lib_assert_handler>
0x0000556e0edcf94f <+159>: xor %edx,%edx
0x0000556e0edcf951 <+161>: jmp 0x556e0edcf8f6 <ProtSet+70>
0x0000556e0edcf953 <+163>: nopl 0x0(%rax,%rax,1)
0x0000556e0edcf958 <+168>: lea 0x3bd24(%rip),%rdx # 0x556e0ee0b683
0x0000556e0edcf95f <+175>: mov $0x49,%esi
0x0000556e0edcf964 <+180>: lea 0x400ca(%rip),%rdi # 0x556e0ee0fa35
0x0000556e0edcf96b <+187>: call *0xbceff(%rip) # 0x556e0ee8c870 <mps_lib_assert_handler>
0x0000556e0edcf971 <+193>: test %rbp,%rbp
0x0000556e0edcf974 <+196>: jne 0x556e0edcf8cf <ProtSet+31>
--Type <RET> for more, q to quit, c to continue without paging--
0x0000556e0edcf97a <+202>: nopw 0x0(%rax,%rax,1)
0x0000556e0edcf980 <+208>: sub %rbp,%rbx
0x0000556e0edcf983 <+211>: lea 0x3bbea(%rip),%rdx # 0x556e0ee0b574
0x0000556e0edcf98a <+218>: mov $0x4a,%esi
0x0000556e0edcf98f <+223>: lea 0x4009f(%rip),%rdi # 0x556e0ee0fa35
0x0000556e0edcf996 <+230>: call *0xbced4(%rip) # 0x556e0ee8c870 <mps_lib_assert_handler>
0x0000556e0edcf99c <+236>: cmp $0x7fffffff,%rbx
0x0000556e0edcf9a3 <+243>: jbe 0x556e0edcf8df <ProtSet+47>
0x0000556e0edcf9a9 <+249>: nopl 0x0(%rax)
0x0000556e0edcf9b0 <+256>: lea 0x25751(%rip),%rdx # 0x556e0edf5108
0x0000556e0edcf9b7 <+263>: mov $0x4b,%esi
0x0000556e0edcf9bc <+268>: lea 0x40072(%rip),%rdi # 0x556e0ee0fa35
0x0000556e0edcf9c3 <+275>: call *0xbcea7(%rip) # 0x556e0ee8c870 <mps_lib_assert_handler>
0x0000556e0edcf9c9 <+281>: jmp 0x556e0edcf8df <ProtSet+47>
End of assembler dump.
HTH
_________________________________________________________________
________________________________________________________
Your E-Mail. Your Cloud. Your Office. eclipso Mail Europe. https://www.eclipso.de
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.