bug-gnu-emacs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#17168: 24.3.50; Segfault at mark_object


From: Daniel Colascione
Subject: bug#17168: 24.3.50; Segfault at mark_object
Date: Wed, 02 Apr 2014 17:28:38 -0700
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0

On 04/02/2014 04:24 PM, Stefan Monnier wrote:
>> It's 32 bytes long, which means that we're trying to mark a pointer into
>> the middle of the vector.
>> The clear-transient-map symbol itself, of course, is live. It's
>> perfectly normal and its value slot is set to Qunbound.
> 
> So, IIUC the symbol-function slot of the clear-transient-map symbol
> points in the middle of a vector?

That's what my analysis seems to indicate.

> Since the symbol-function slot of the clear-transient-map symbol is only
> set once, I think this means that the vector to which it pointed has
> been somehow freed.

That's what I speculated last week, but I still have no idea how it
would be possible.

> Of course that shouldn't be possible: at any previous GC, either the
> clear-transient-map symbol was found live and traced (so the vector to
> which it pointed shouldn't have been freed) or it wasn't found live, in
> which case the symbol-function slot should have been set to the special
> "dead" value.

I added some code to trunk that might help track down the problem. Now
we can mark certain objects as "suspicious" (only vectors for now, but
that's sufficient); when we free one of these suspicious objects, we
record a stack trace. This way, if we crash later, we can figure out
where things went wrong.

Attachment: signature.asc
Description: OpenPGP digital signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]