emacs-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: allocate_string_data memory corruption

From: Stefan Monnier
Subject: Re: allocate_string_data memory corruption
Date: Mon, 23 Jan 2006 15:21:42 -0500
User-agent: Gnus/5.11 (Gnus v5.11) Emacs/22.0.50 (gnu/linux) 
>> In this function, data->string is set to s, and nbytes is set to
>> nbytes.  If check_sblock is a no-op, there should be no change.
>> However, we get an abort on the second debugging check:

> Most likely the thing that's happening is that check_sblock takes a "long"
> time during which there's a higher probability for a signal to arrive and
> the bug itself is that one of the signal handlers does some string
> allocation (or some other manipulation of those data structures).

> I'd try something like

>     eassert (!in_allocate_string_data);
>     in_allocate_string_data = 1;
>     ...
>     check_sblock();
>     ...
>     in_allocate_string_data = 0;

> BTW, it's possible that -DSYNC_INPUT fixes the bug.

My recent eassert (!handling_signal) patch uncovered another case where Lisp
objects are allocated asynchronously (and this time, it's allocating
a string rather than a vector, so it's more serious):

A backtrace is attached.

I don't know how to go about fixing this problem (other than
use -DSYNC_INPUT).  I seem to remember discussions in the past about moving
the note_mouse_movement code to the normal main loop (i.e. generate
a special Lisp event and bind it in special-event-map) which could solve
this problem, but at the cost of delaying the processing of mouse_movement
even more than -DSYNC_INPUT would.


        Stefan


#0  abort () at emacs.c:464
#1  0x00000000006136c7 in die (msg=0x736410 "assertion failed: 
!handling_signal", file=0x736190 "alloc.c", line=1845) at alloc.c:6127
#2  0x0000000000609d50 in allocate_string () at alloc.c:1845
#3  0x000000000060b182 in make_uninit_multibyte_string (nchars=63, nbytes=63) 
at alloc.c:2454
#4  0x000000000060b117 in make_uninit_string (length=63) at alloc.c:2435
#5  0x000000000060acfd in make_unibyte_string (contents=0x10047b8 
"-misc-fixed-medium-r-semicondensed--13-120-75-75-c-60-iso8859-1", length=63) 
at alloc.c:2349
#6  0x000000000060acc2 in make_string (contents=0x10047b8 
"-misc-fixed-medium-r-semicondensed--13-120-75-75-c-60-iso8859-1", nbytes=63) 
at alloc.c:2334
#7  0x000000000060b0fa in build_string (str=0x10047b8 
"-misc-fixed-medium-r-semicondensed--13-120-75-75-c-60-iso8859-1") at 
alloc.c:2423
#8  0x000000000053227e in x_load_font (f=0x1b9bb40, fontname=0x10047b8 
"-misc-fixed-medium-r-semicondensed--13-120-75-75-c-60-iso8859-1", size=0) at 
xterm.c:9726
#9  0x000000000054f2fd in fs_load_font (f=0x1b9bb40, c=0, fontname=0x10047b8 
"-misc-fixed-medium-r-semicondensed--13-120-75-75-c-60-iso8859-1", id=-1, 
face=0x0) at fontset.c:700
#10 0x000000000054ef6e in fontset_font_pattern (f=0x1b9bb40, id=102, c=0) at 
fontset.c:633
#11 0x0000000000516fc3 in choose_face_font (f=0x1b9bb40, attrs=0x210da48, 
fontset=102, c=0, needs_overstrike=0x7fbfffc264) at xfaces.c:6888
#12 0x0000000000507d08 in load_face_font (f=0x1b9bb40, face=0x210d9d0, c=0) at 
xfaces.c:1257
#13 0x00000000005184d6 in realize_face (cache=0x174e8c0, attrs=0x7fbfffc380, 
c=0, base_face=0x0, former_face_id=-1) at xfaces.c:7153
#14 0x00000000005145c4 in lookup_face (f=0x1b9bb40, attr=0x7fbfffc380, c=0, 
base_face=0x0) at xfaces.c:5685
#15 0x0000000000519b2c in face_at_string_position (w=0x1f9de00, string={i = 
6917529027653345456, s = {val = 12263600, type = Lisp_String}, u = {val = 
12263600, type = Lisp_String}}, pos=1, bufpos=0, region_beg=0, region_end=0, 
endptr=0x7fbfffc504, base_face_id=14, mouse_p=1) at xfaces.c:7786
#16 0x000000000048fdec in note_mode_line_or_margin_highlight (window={i = 
-9223372036821623296, s = {val = 33152512, type = Lisp_Vectorlike}, u = {val = 
33152512, type = Lisp_Vectorlike}}, x=20, y=53, area=ON_MODE_LINE) at 
xdisp.c:22128
#17 0x000000000049010a in note_mouse_highlight (f=0x1b9bb40, x=121, y=494) at 
xdisp.c:22219
#18 0x0000000000523b09 in note_mouse_movement (frame=0x1b9bb40, 
event=0x7fbfffcb30) at xterm.c:3614
#19 0x000000000052b3ff in handle_one_xevent (dpyinfo=0x10315b0, 
eventp=0x7fbfffcfd0, finish=0x7fbfffcf6c, hold_quit=0x7fbfffe120) at 
xterm.c:6573
#20 0x000000000052bfee in XTread_socket (sd=2, expected=1, 
hold_quit=0x7fbfffe120) at xterm.c:7021
#21 0x0000000000580165 in read_avail_input (expected=1) at keyboard.c:6710
#22 0x0000000000580356 in handle_async_input () at keyboard.c:6856
reply via email to
[Prev in Thread] Current Thread [Next in Thread]