Re: editfns.c (Fformat): fix for segfault

From: Jim Meyering
Subject: Re: editfns.c (Fformat): fix for segfault
Date: Wed, 07 May 2003 11:27:23 +0200

Richard Stallman <address@hidden> wrote:
>     I applied that patch and rebuilt yesterday.
>     It just aborted:
>     Program received signal SIGABRT, Aborted.
>     0x402e2a41 in kill () from /lib/libc.so.6
>     (gdb) w
>     #0  0x402e2a41 in kill () from /lib/libc.so.6
>     #1  0x080fef29 in abort () at /mirror/d/emacs/src/emacs.c:412
>     #2  0x0815f2bd in Fgarbage_collect () at /mirror/d/emacs/src/alloc.c:4103
>     #3  0x08179c26 in Ffuncall (nargs=3, args=0xbfffd8e0)
>       at /mirror/d/emacs/src/eval.c:2664
>     #4  0x08179a2e in run_hook_list_with_args (funlist=1492461932, nargs=3,
>       args=0xbfffd8e0) at /mirror/d/emacs/src/eval.c:2446
>     #5  0x0812aeac in signal_before_change (start_int=1, end_int=11,
>       preserve_ptr=0xbfffd9e0) at /mirror/d/emacs/src/insdel.c:2058
> Binding Qinhibit_modification_hooks to t should have made
> signal_before_change return near the beginning.  Can you find
> out why this did not work?

I set a watchpoint for inhibit_modification_hooks, and found that
it changes very frequently.  Is that expected?
In fact, it changes so frequently, that attaching a useful action
(like `where' or xbacktrace) to it makes emacs+Gnus nearly unusable.

I presume the goal is to find out which code sets it to 0
just before the abort.

I could endure that if there were some way to trigger the abort
more quickly.  I can't use such an impaired program for the entire
day or so it usually seems to take.

For example, after stopping at a breakpoint in Fgarbage_collect,
I enabled the inhibit_modification_hooks watchpoint and `finish'ed
that function.  The watchpoint was hit *many* times:

  Hardware watchpoint 5: inhibit_modification_hooks

  Old value = 1
  New value = 0
  store_symval_forwarding (symbol=406073020, valcontents=674503112,
      newval=405897284, buf=0x8578e28) at /mirror/d/emacs/src/data.c:889
  889               break;
  (gdb) w
  #0  store_symval_forwarding (symbol=406073020, valcontents=674503112,
      newval=405897284, buf=0x8578e28) at /mirror/d/emacs/src/data.c:889
  #1  0x081645ab in set_internal (symbol=406073020, newval=405897284,
      buf=0x8578e28, bindflag=1) at /mirror/d/emacs/src/data.c:1243
  #2  0x0817ad54 in unbind_to (count=2, value=405897284)
      at /mirror/d/emacs/src/eval.c:3106
  #3  0x080705c0 in with_echo_area_buffer (w=0x0, which=0,
      fn=0x8071296 <current_message_1>, a1=-1073747996, a2=405897284, a3=0, 
      at /mirror/d/emacs/src/xdisp.c:6809
  #4  0x08071279 in current_message () at /mirror/d/emacs/src/xdisp.c:7227
  #5  0x080712ef in push_message () at /mirror/d/emacs/src/xdisp.c:7262
  #6  0x0815f2f3 in Fgarbage_collect () at /mirror/d/emacs/src/alloc.c:4117
  #7  0x0810510d in read_char (commandflag=1, nmaps=8, maps=0xbfffeaf0,
      prev_event=405897284, used_mouse_menu=0xbfffebdc)
      at /mirror/d/emacs/src/keyboard.c:2717
  #8  0x0810e1a0 in read_key_sequence (keybuf=0xbfffed50, bufsize=30,
      prompt=405897284, dont_downcase_last=0, can_return_switch_frame=1,
      fix_current_buffer=1) at /mirror/d/emacs/src/keyboard.c:8581
  #9  0x0810242b in command_loop_1 () at /mirror/d/emacs/src/keyboard.c:1507
  #10 0x08177cd8 in internal_condition_case (bfun=0x810209a <command_loop_1>,
      handlers=405993916, hfun=0x8101c37 <cmd_error>)
      at /mirror/d/emacs/src/eval.c:1333
  #11 0x08101f5e in command_loop_2 () at /mirror/d/emacs/src/keyboard.c:1295
  #12 0x08177789 in internal_catch (tag=405955220,
      func=0x8101f3f <command_loop_2>, arg=405897284)
      at /mirror/d/emacs/src/eval.c:1094
  #13 0x08101f11 in command_loop () at /mirror/d/emacs/src/keyboard.c:1274
  #14 0x081019de in recursive_edit_1 () at /mirror/d/emacs/src/keyboard.c:990
  #15 0x08101b0d in Frecursive_edit () at /mirror/d/emacs/src/keyboard.c:1046
  #16 0x08100505 in main (argc=3, argv=0xbffff364)
      at /mirror/d/emacs/src/emacs.c:1659

