GNU bug report logs - #8705
Emacs 24.3 occasionally crashes (segfault) just after starting it

Previous Next

Package: emacs;

Reported by: Vincent Lefevre <vincent <at> vinc17.net>

Date: Fri, 20 May 2011 08:55:02 UTC

Severity: important

Merged with 18671

Found in version 23.3

Done: Paul Eggert <eggert <at> cs.ucla.edu>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Paul Eggert <eggert <at> cs.ucla.edu>
Cc: tracker <at> debbugs.gnu.org
Subject: bug#18671: closed (Bug#726131: emacs24: Emacs 24 crashed
 (segmentation fault) in getenv.c from libX11/_XkbGetCharset)
Date: Sun, 12 Oct 2014 06:20:03 +0000

[Message part 1 (text/plain, inline)]
Your message dated Sat, 11 Oct 2014 23:19:21 -0700
with message-id <543A1D69.2050306 <at> cs.ucla.edu>
and subject line Re: Emacs 24.3 occasionally crashes (segfault) just after starting it
has caused the debbugs.gnu.org bug report #8705,
regarding Bug#726131: emacs24: Emacs 24 crashed (segmentation fault) in getenv.c from libX11/_XkbGetCharset
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs <at> gnu.org.)


-- 
8705: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=8705
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]
From: Rob Browning <rlb <at> defaultvalue.org>
To: bug-gnu-emacs <at> gnu.org
Cc: 726131 <at> bugs.debian.org, 726131-forwarded <at> bugs.debian.org,
 Vincent Lefevre <vincent <at> vinc17.net>
Subject: Re: Bug#726131: emacs24: Emacs 24 crashed (segmentation fault) in
 getenv.c from libX11/_XkbGetCharset
Date: Thu, 09 Oct 2014 11:18:31 -0500

[If possible, please preserve the -forwarded address in any replies.]

Here's another 24.3 crash report:

  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726131

Vincent Lefevre <vincent <at> vinc17.net> writes:

> Package: emacs24
> Version: 24.3+1-2
> Severity: important
>
> Just after Emacs 24 was started, it crashed. In the terminal:
>
> Fatal error 11: Segmentation fault
> Backtrace:
> emacs[0x4f75fb]
> emacs[0x4dd0ae]
> emacs[0x4f624e]
> emacs[0x4f63b3]
> /lib/x86_64-linux-gnu/libpthread.so.0(+0xf210)[0x7ff66e728210]
> /lib/x86_64-linux-gnu/libc.so.6(getenv+0xac)[0x7ff66e3a614c]
> /usr/lib/x86_64-linux-gnu/libX11.so.6(_XkbGetCharset+0xd)[0x7ff6718e6aad]
> /usr/lib/x86_64-linux-gnu/libX11.so.6(XkbTranslateKeySym+0x1e2)[0x7ff6718e5252]
> /usr/lib/x86_64-linux-gnu/libX11.so.6(XLookupString+0x1f8)[0x7ff6718e54f8]
> /usr/lib/x86_64-linux-gnu/libX11.so.6(_XimLocalFilter+0x5a)[0x7ff6718bf3fa]
> emacs[0x4ba220]
> /usr/lib/x86_64-linux-gnu/libgdk-3.so.0(+0x4bd81)[0x7ff67366fd81]
> /usr/lib/x86_64-linux-gnu/libgdk-3.so.0(+0x4c00e)[0x7ff67367000e]
> /usr/lib/x86_64-linux-gnu/libgdk-3.so.0(gdk_display_get_event+0x68)[0x7ff673644fd8]
> /usr/lib/x86_64-linux-gnu/libgdk-3.so.0(+0x4be02)[0x7ff67366fe02]
> /lib/x86_64-linux-gnu/libglib-2.0.so.0(g_main_context_dispatch+0x146)[0x7ff671ffcea6]
> /lib/x86_64-linux-gnu/libglib-2.0.so.0(+0x481f8)[0x7ff671ffd1f8]
> /lib/x86_64-linux-gnu/libglib-2.0.so.0(g_main_context_iteration+0x2c)[0x7ff671ffd29c]
> /usr/lib/x86_64-linux-gnu/libgtk-3.so.0(gtk_main_iteration+0x15)[0x7ff673a344f5]
> emacs[0x4b2492]
> emacs[0x4e4491]
> emacs[0x4e3e75]
> emacs[0x594ef2]
> emacs[0x5500af]
> emacs[0x5511bc]
> emacs[0x5500af]
> emacs[0x584a5b]
> emacs[0x54fbaf]
> emacs[0x54febb]
> emacs[0x5511bc]
> emacs[0x5500af]
> emacs[0x584a5b]
> emacs[0x54fbaf]
> emacs[0x54febb]
> emacs[0x5511bc]
> emacs[0x5500af]
> emacs[0x584a5b]
> emacs[0x54fbaf]
> emacs[0x54febb]
> emacs[0x584a5b]
> emacs[0x54f565]
> ...
> Segmentation fault (core dumped)
>
> $ gdb /usr/bin/emacs24-x core
> GNU gdb (GDB) 7.6.1 (Debian 7.6.1-1)
> [...]
> Core was generated by `emacs svn-commit.tmp'.
> Program terminated with signal 11, Segmentation fault.
> #0  0x00007ff66e7280eb in raise (sig=11)
>     at ../nptl/sysdeps/unix/sysv/linux/pt-raise.c:38
> 38      ../nptl/sysdeps/unix/sysv/linux/pt-raise.c: No such file or directory.
> (gdb) bt full
> #0  0x00007ff66e7280eb in raise (sig=11)
>     at ../nptl/sysdeps/unix/sysv/linux/pt-raise.c:38
>         resultvar = 0
>         pid = <optimized out>
> #1  0x00000000004dd0d6 in ?? ()
> No symbol table info available.
> #2  0x00000000004f624e in ?? ()
> No symbol table info available.
> #3  0x00000000004f63b3 in ?? ()
> No symbol table info available.
> #4  <signal handler called>
> No locals.
> #5  __GI_getenv (name=0x7ff67197065a "KB_CHARSET") at getenv.c:89
>         ep_start = <error reading variable ep_start (Cannot access memory at address 0x7ff600000000)>
>         len = 10
>         ep = 0x7fff3c1ba128
>         name_start = 22623
> #6  0x00007ff6718e6aad in _XkbGetCharset ()
>    from /usr/lib/x86_64-linux-gnu/libX11.so.6
> No symbol table info available.
> #7  0x00007ff6718e5252 in XkbTranslateKeySym ()
>    from /usr/lib/x86_64-linux-gnu/libX11.so.6
> No symbol table info available.
> #8  0x00007ff6718e54f8 in XLookupString ()
>    from /usr/lib/x86_64-linux-gnu/libX11.so.6
> No symbol table info available.
> #9  0x00007ff6718bf3fa in _XimLocalFilter ()
>    from /usr/lib/x86_64-linux-gnu/libX11.so.6
> No symbol table info available.
> #10 0x00000000004ba220 in ?? ()
> No symbol table info available.
> #11 0x00007ff67366fd81 in ?? () from /usr/lib/x86_64-linux-gnu/libgdk-3.so.0
> No symbol table info available.
> #12 0x00007ff67367000e in ?? () from /usr/lib/x86_64-linux-gnu/libgdk-3.so.0
> No symbol table info available.
> #13 0x00007ff673644fd8 in gdk_display_get_event ()
>    from /usr/lib/x86_64-linux-gnu/libgdk-3.so.0
> No symbol table info available.
> #14 0x00007ff67366fe02 in ?? () from /usr/lib/x86_64-linux-gnu/libgdk-3.so.0
> No symbol table info available.
> #15 0x00007ff671ffcea6 in g_main_dispatch (context=0xe34f00)
>     at /tmp/buildd/glib2.0-2.36.4/./glib/gmain.c:3054
>         dispatch = 0x7ff67366fdf0
>         was_in_call = 0
>         user_data = 0x0
>         callback = 0x0
>         cb_funcs = 0x0
>         cb_data = 0x0
>         need_destroy = <optimized out>
>         current_source_link = {data = 0xe5c330, next = 0x0}
>         source = 0xe5c330
>         current = 0xe5c610
>         i = 0
> #16 g_main_context_dispatch (context=context <at> entry=0xe34f00)
>     at /tmp/buildd/glib2.0-2.36.4/./glib/gmain.c:3630
> No locals.
> #17 0x00007ff671ffd1f8 in g_main_context_iterate (
>     context=context <at> entry=0xe34f00, block=block <at> entry=1, 
>     dispatch=dispatch <at> entry=1, self=<optimized out>)
>     at /tmp/buildd/glib2.0-2.36.4/./glib/gmain.c:3701
>         max_priority = 0
>         timeout = 0
>         some_ready = 1
>         nfds = <optimized out>
>         allocated_nfds = 4
>         fds = 0xe31720
> #18 0x00007ff671ffd29c in g_main_context_iteration (context=0xe34f00, 
>     may_block=1) at /tmp/buildd/glib2.0-2.36.4/./glib/gmain.c:3762
>         retval = <optimized out>
> #19 0x00007ff673a344f5 in gtk_main_iteration ()
>    from /usr/lib/x86_64-linux-gnu/libgtk-3.so.0
> No symbol table info available.
> #20 0x00000000004b2492 in ?? ()
> No symbol table info available.
> #21 0x00000000004e4491 in ?? ()
> No symbol table info available.
> #22 0x00000000004e3e75 in ?? ()
> No symbol table info available.
> [...]
> #99 0x00000000004171c5 in ?? ()
> No symbol table info available.
> #100 0x00007ff66e38e995 in __libc_start_main (main=0x4167b0, argc=2, 
>     ubp_av=0x7fff3c1ce088, init=<optimized out>, fini=<optimized out>, 
>     rtld_fini=<optimized out>, stack_end=0x7fff3c1ce078) at libc-start.c:260
>         result = <optimized out>
>         unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, 2508716875972236015, 
>                 4291765, 140734201913472, 0, 0, -2508865025507437841, 
>                 -2505095659607010577}, mask_was_saved = 0}}, priv = {pad = {
>               0x0, 0x0, 0x5d1600, 0x7fff3c1ce088}, data = {prev = 0x0, 
>               cleanup = 0x0, canceltype = 6100480}}}
>         not_first_call = <optimized out>
> #101 0x0000000000417cde in ?? ()
> No symbol table info available.
> (gdb) 
>
> Possible related bugs:
>
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594592
> Same bug but with Emacs 23.
>
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699325
> Still related to getenv, but in a different context.

Thanks
-- 
Rob Browning
rlb @defaultvalue.org and @debian.org
GPG as of 2011-07-10 E6A9 DA3C C9FD 1FF8 C676 D2C4 C0F0 39E9 ED1B 597A
GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4



[Message part 3 (message/rfc822, inline)]
From: Paul Eggert <eggert <at> cs.ucla.edu>
To: 8705-done <at> debbugs.gnu.org
Cc: 699325 <at> bugs.debian.org
Subject: Re: Emacs 24.3 occasionally crashes (segfault) just after starting it
Date: Sat, 11 Oct 2014 23:19:21 -0700

I audited the Emacs trunk source code for getenv-related races that have 
undefined behavior and could have the reported symptoms.  I found some other 
races and installed a fix for them as Emacs trunk bzr 118095.  I expect this 
patch to be harder to backport to older Emacs versions, and less urgent as the 
races appear to be less likely.

Since we have fixes installed in the trunk I'll take the liberty of closing the 
Emacs bug report.  Please let us know if the bug occurs even with the fixes; if 
that happens I plan to reopen the bug report and look into it further.
This bug report was last modified 10 years and 225 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.