Instant segfault at startup

Discussion:

Eric Hanchrow

2006-05-17 22:56:33 UTC

As soon as I saw the announcement that emacs--multi-tty--0--patch-557
was released, I did "tla replay" in my multi-tty-emacs directory and
rebuilt. As soon as I started Emacs, I got this segfault:

15:48:56 [erich at debian src]$ gdb --args emacs -nw
GNU gdb 6.3-debian
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i486-linux-gnu"...Using host libthread_db library "/lib/tls/i686/cmov/libthread_db.so.1".

DISPLAY = :0.0
TERM = screen
Breakpoint 1 at 0x80ef286: file emacs.c, line 465.
Breakpoint 2 at 0x8108399: file sysdep.c, line 1441.
(gdb) run
Starting program: /usr/local/src/multi-tty-emacs/src/emacs -nw

Program received signal SIGSEGV, Segmentation fault.
0x080c31ac in realize_basic_faces (f=0x8349a68) at xfaces.c:7096
7096 if (face->font != FRAME_FONT (f))
(gdb) bt
#0 0x080c31ac in realize_basic_faces (f=0x8349a68) at xfaces.c:7096
#1 0x080c4495 in Fdisplay_supports_face_attributes_p (attributes=138293765, display=137665132) at xfaces.c:6246
#2 0x081577c3 in Ffuncall (nargs=3, args=0xbfcc29b0) at eval.c:2908
#3 0x08184a4a in Fbyte_code (bytestr=136450715, vector=136450940, maxdepth=40) at bytecode.c:694
#4 0x08157167 in funcall_lambda (fun=136450668, nargs=2, arg_vector=0xbfcc2ac4) at eval.c:3089
#5 0x081576da in Ffuncall (nargs=3, args=0xbfcc2ac0) at eval.c:2957
#6 0x08184a4a in Fbyte_code (bytestr=136451267, vector=136451380, maxdepth=32) at bytecode.c:694
#7 0x08157167 in funcall_lambda (fun=136451212, nargs=2, arg_vector=0xbfcc2bcc) at eval.c:3089
#8 0x081576da in Ffuncall (nargs=3, args=0xbfcc2bc8) at eval.c:2957
#9 0x08184a4a in Fbyte_code (bytestr=136452387, vector=136452420, maxdepth=40) at bytecode.c:694
#10 0x08157167 in funcall_lambda (fun=136452324, nargs=3, arg_vector=0xbfcc2cd4) at eval.c:3089
#11 0x081576da in Ffuncall (nargs=4, args=0xbfcc2cd0) at eval.c:2957
#12 0x08184a4a in Fbyte_code (bytestr=136454811, vector=136455172, maxdepth=48) at bytecode.c:694
#13 0x08157167 in funcall_lambda (fun=136454772, nargs=1, arg_vector=0xbfcc2de4) at eval.c:3089
#14 0x081576da in Ffuncall (nargs=2, args=0xbfcc2de0) at eval.c:2957
#15 0x08184a4a in Fbyte_code (bytestr=136459683, vector=136459716, maxdepth=16) at bytecode.c:694
#16 0x08157167 in funcall_lambda (fun=136459660, nargs=0, arg_vector=0xbfcc2ef4) at eval.c:3089
#17 0x081576da in Ffuncall (nargs=1, args=0xbfcc2ef0) at eval.c:2957
#18 0x081587b1 in call0 (fn=138277393) at eval.c:2670
#19 0x08059b80 in init_display () at dispnew.c:6863
#20 0x080f1250 in main (argc=2, argv=0xbfcc3aa4) at emacs.c:1704

Lisp Backtrace:
"display-supports-face-attributes-p" (0x83e3205)
"face-spec-set-match-display" (0x83e3215)
"face-spec-choose" (0x83e3235)
"face-spec-match-p" (0x8364369)
"frame-set-background-mode" (0x8349a6c)
"tty-set-up-initial-frame-faces" (0xffffffff)
(gdb)

--
The story will be familiar to anyone who has ever seen a movie
about a troubled athlete and a brilliant coach. It will also be
familiar to anyone who has not.
-- Roger Ebert, on "Stick It" (2006)

Károly Lőrentey

2006-05-24 12:08:58 UTC

Permalink

Post by Eric Hanchrow
As soon as I saw the announcement that emacs--multi-tty--0--patch-557
was released, I did "tla replay" in my multi-tty-emacs directory and
Program received signal SIGSEGV, Segmentation fault.
0x080c31ac in realize_basic_faces (f=0x8349a68) at xfaces.c:7096
7096 if (face->font != FRAME_FONT (f))

Fixed in patch-559, thanks!

--
K?roly
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 188 bytes
Desc: not available
Url : http://lists.fnord.hu/pipermail/multi-tty/attachments/20060524/4c3f410a/attachment.pgp

Ami Fischman

2006-06-03 19:57:04 UTC

Permalink

As of patch-569, eval'ing
(set-input-mode t nil t 7)
reliably produces an abort. Looks like there a bunch of calls that look
like get_named_tty(NULL) but get_named_tty abort()'s on NULL input. The
last build I know doesn't do this is 544 (haven't built in between).

Breakpoint 1, abort () at /home/fischman/t/emacs--multi-tty/src/emacs.c:465
465 kill (getpid (), SIGABRT);
(gdb) where
#0 abort () at /home/fischman/t/emacs--multi-tty/src/emacs.c:465
#1 0x080b747c in get_named_tty (name=0x0) at
#/home/fischman/t/emacs--multi-tty/src/term.c:2046
#2 0x080fef6b in Fset_quit_char (quit=56) at
#/home/fischman/t/emacs--multi-tty/src/keyboard.c:10898
#3 0x080ff024 in Fset_input_mode (interrupt=56, flow=56, meta=56, quit=56)
#at /home/fischman/t/emacs--multi-tty/src/keyboard.c:10939
#4 0x081568ef in Feval (form=136049664) at
#/home/fischman/t/emacs--multi-tty/src/eval.c:2252
#5 0x0815744b in Ffuncall (nargs=2, args=0xbfffc954) at
#/home/fischman/t/emacs--multi-tty/src/eval.c:2902
#6 0x08182c82 in Fbyte_code (bytestr=137615633, vector=-1073755824,
#maxdepth=1) at /home/fischman/t/emacs--multi-tty/src/bytecode.c:694
#7 0x08156e07 in funcall_lambda (fun=137089012, nargs=1,
#arg_vector=0xbfffcaa4) at /home/fischman/t/emacs--multi-tty/src/eval.c:3089
#8 0x08157214 in Ffuncall (nargs=2, args=0xbfffcaa0) at
#/home/fischman/t/emacs--multi-tty/src/eval.c:2957
#9 0x08182c82 in Fbyte_code (bytestr=137615633, vector=-1073755488,
#maxdepth=1) at /home/fischman/t/emacs--multi-tty/src/bytecode.c:694
#10 0x08156e07 in funcall_lambda (fun=137089844, nargs=1,
#arg_vector=0xbfffcc54) at /home/fischman/t/emacs--multi-tty/src/eval.c:3089
#11 0x08157214 in Ffuncall (nargs=2, args=0xbfffcc50) at
#/home/fischman/t/emacs--multi-tty/src/eval.c:2957
#12 0x081545cc in Fcall_interactively (function=138088993,
#record_flag=137615633, keys=137663084) at
#/home/fischman/t/emacs--multi-tty/src/callint.c:883
#13 0x080f6b9f in Fcommand_execute (cmd=138088993, record_flag=137615633,
#keys=56, special=137615633) at
#/home/fischman/t/emacs--multi-tty/src/keyboard.c:9967
#14 0x080fe11b in command_loop_1 () at
#/home/fischman/t/emacs--multi-tty/src/keyboard.c:1865
#15 0x0815550f in internal_condition_case (bfun=0x80fdd90 <command_loop_1>,
#handlers=137682409, hfun=0x80f7560 <cmd_error>) at
#/home/fischman/t/emacs--multi-tty/src/eval.c:1474
#16 0x080f185e in command_loop_2 () at
#/home/fischman/t/emacs--multi-tty/src/keyboard.c:1400
#17 0x081551cf in internal_catch (tag=56, func=0x80f1830 <command_loop_2>,
#arg=137615633) at /home/fischman/t/emacs--multi-tty/src/eval.c:1212
#18 0x080f160e in command_loop () at
#/home/fischman/t/emacs--multi-tty/src/keyboard.c:1379
#19 0x080f16b4 in recursive_edit_1 () at
#/home/fischman/t/emacs--multi-tty/src/keyboard.c:987
#20 0x080f180c in Frecursive_edit () at
#/home/fischman/t/emacs--multi-tty/src/keyboard.c:1049
#21 0x080f08e2 in main (argc=2, argv=0xbfffd4f4) at
#/home/fischman/t/emacs--multi-tty/src/emacs.c:1793

Lisp Backtrace:
"set-input-mode" (0x833d941)
"eval" (0x867684d)
"eval-last-sexp-1" (0x833d911)
"eval-last-sexp" (0x833d911)
"call-interactively" (0x83b1221)

--
Ami Fischman
ami at fischman.org

Kalle Olavi Niemitalo

2006-07-23 11:48:13 UTC

Permalink

Post by Ami Fischman
As of patch-569, eval'ing
(set-input-mode t nil t 7)
reliably produces an abort. Looks like there a bunch of calls that look
like get_named_tty(NULL) but get_named_tty abort()'s on NULL input. The
last build I know doesn't do this is 544 (haven't built in between).

The abort was apparently introduced in
lorentey at elte.hu--2004/emacs--multi-tty--0--patch-565:

* src/term.c (get_named_tty): Abort if tty name is NULL.
Simplify accordingly.

I have been using patch-561 for some time now, and it doesn't
have this problem. IIRC, I tried the intermediate revisions too
but there was some reason why I couldn't use them. Today I also
tried patch-572, which still aborts.

In patch-564, get_named_tty(NULL) finds a struct terminal where
.name == NULL. In patch-572, when get_named_tty aborts,
terminal_list contains only one struct terminal, and its .name is
"/dev/tty". Thus I presume the get_named_tty(NULL) calls should
be changed to get_named_tty("/dev/tty").

The following patch fixes the crash for me; and after
(set-quit-char ?\C-o), C-o quits (while t) and C-g doesn't.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/x-patch
Size: 1407 bytes
Desc: not available
Url : http://lists.fnord.hu/pipermail/multi-tty/attachments/20060723/76243a86/attachment.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 188 bytes
Desc: not available
Url : http://lists.fnord.hu/pipermail/multi-tty/attachments/20060723/76243a86/attachment.pgp