bug-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#43973: 28.0.50; [NS] Two crashes on macOS

From: Robert Pluim
Subject: bug#43973: 28.0.50; [NS] Two crashes on macOS
Date: Tue, 13 Oct 2020 15:00:31 +0200 
>>>>> On Tue, 13 Oct 2020 10:35:28 +0300, Andrii Kolomoiets 
>>>>> <andreyk.mad@gmail.com> said:

    Andrii> Update to recent trunk brought me everyone's favorite random 
crashes.
    Andrii> In an attempt to find the recipe for reproduce the bug somehow, I 
spot
    Andrii> two crashes that I actually can reproduce in 'emacs -Q'.

    Andrii> The first one is more "stable":

    Andrii> With this code in scratch and point at '|':

    Andrii>     (make-frame `((parent-frame . ,(selected-frame))
    Andrii>                   (width . 0.5)
    Andrii>                   (height . 0.5)
    Andrii>                   (top . 0.5)
    Andrii>                   (left . 0.5)))|

    Andrii> 1. C-x C-e
    Andrii> 2. s-w

    Andrii> Repeating these two steps 3-5 times leads to crash.  Most of the 
time
    Andrii> the only meaningfull record in the 'bt' is:

    Andrii> Thread 3 received signal SIGSEGV, Segmentation fault.
    Andrii> 0x00007fff6fa97678 in ?? ()
    Andrii> (gdb) bt full
    Andrii> #0  0x00007fff6fa97678 in ?? ()
    Andrii> No symbol table info available.
    Andrii> #1  0x0000000100476338 in -[EmacsImage dealloc] (self=0x1014c77f0, 
_cmd=0x7fff7afcdc58) at nsimage.m:286
    Andrii> No locals.

    Andrii> It may be tool bar related, because Emacs is not crashing with
    Andrii> tool-bar-mode turned of.

I think you may be right:

(lldb) bt
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS 
(code=1, address=0x20)
  * frame #0: 0x00007fff6be26678 libobjc.A.dylib`objc_release + 24
    frame #1: 0x00000001001f5d1f emacs`-[EmacsImage 
dealloc](self=0x0000000102ac8ff0, _cmd=<unavailable>) at nsimage.m:286:3 [opt]
    frame #2: 0x00007fff6be2beb3 
libobjc.A.dylib`objc_object::sidetable_release(bool) + 229
    frame #3: 0x00007fff301e46e1 AppKit`-[NSMenuItem dealloc] + 108
    frame #4: 0x00007fff304523f8 AppKit`-[NSToolbarItem dealloc] + 110
    frame #5: 0x00007fff32f072a5 
CoreFoundation`__RELEASE_OBJECTS_IN_THE_ARRAY__ + 118
    frame #6: 0x00007fff32f071e8 CoreFoundation`-[__NSArrayM dealloc] + 279
    frame #7: 0x00007fff305b1a99 AppKit`-[NSToolbarClippedItemsIndicator 
dealloc] + 84
    frame #8: 0x00007fff6be42054 
libobjc.A.dylib`AutoreleasePoolPage::releaseUntil(objc_object**) + 134
    frame #9: 0x00007fff6be26dba libobjc.A.dylib`objc_autoreleasePoolPop + 175
    frame #10: 0x00007fff32f69335 
CoreFoundation`__CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ + 
23
    frame #11: 0x00007fff32f69267 CoreFoundation`__CFRunLoopDoObservers + 457
    frame #12: 0x00007fff32f68805 CoreFoundation`__CFRunLoopRun + 874
    frame #13: 0x00007fff32f67e3e CoreFoundation`CFRunLoopRunSpecific + 462
    frame #14: 0x00007fff31b94abd HIToolbox`RunCurrentEventLoopInMode + 292
    frame #15: 0x00007fff31b946f4 HIToolbox`ReceiveNextEventCommon + 359
    frame #16: 0x00007fff31b94579 
HIToolbox`_BlockUntilNextEventMatchingListInModeWithFilter + 64
    frame #17: 0x00007fff301da039 AppKit`_DPSNextEvent + 883
    frame #18: 0x00007fff301d8880 AppKit`-[NSApplication(NSEvent) 
_nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 1352
    frame #19: 0x00007fff301ca58e AppKit`-[NSApplication run] + 658
    frame #20: 0x00000001001d708d emacs`-[EmacsApp 
run](self=0x0000000102a10a70, _cmd=<unavailable>) at nsterm.m:5765:9 [opt]
    frame #21: 0x00000001001e3a1e emacs`ns_read_socket(terminal=<unavailable>, 
hold_quit=<unavailable>) at nsterm.m:4741:11 [opt]
    frame #22: 0x00000001000d11cd emacs`gobble_input at keyboard.c:6889:17 [opt]

which is nsimage.m:

- (void)dealloc
{
  [stippleMask release];
  [bmRep release];
  [transform release];  <====
  [super dealloc];
}

Alan?

    Andrii> The second one is not reproducible every time:

    Andrii> 1. M-x tool-bar-mode
    Andrii> 2. Evaluate
    Andrii>     (let ((params `((parent-frame . ,(selected-frame))
    Andrii>                     (undecorated . t))))
    Andrii>       (dotimes (_z 100)
    Andrii>         (set-face-background 'internal-border "black"
    Andrii>                              (make-frame params))))
    Andrii> 3. Move the frame

And this I see as well, however lldb does warn us:

2020-10-13 14:54:46.765446+0200 emacs[65592:8296279] [Window] WARNING: NSWindow 
has detected an excessive live window count of 101. Window 0x2e668 of class 
'EmacsWindow' created after passing the threshold of 100. This window is not 
necessarily the cause, and this warning will only be shown once per window 
class.

    Andrii> Thread 3 received signal SIGSEGV, Segmentation fault.
    Andrii> 0x0000000100456e88 in ns_clear_under_internal_border 
(f=0x13cedafe8) at nsterm.m:3052
    Andrii> 3052              [ns_lookup_indexed_color (NS_FACE_BACKGROUND 
(face), f) set];
    Andrii> (gdb) bt full

I suspect some initialization has been skipped somewhere:

    frame #0: 0x00000001001e81bc 
emacs`ns_clear_under_internal_border(f=0x0000000132288150) at nsterm.m:3052:33 
[opt]
   3049         face = FRAME_DEFAULT_FACE (f);
   3050
   3051       ns_focus (f, &frame_rect, 1);
-> 3052       [ns_lookup_indexed_color (NS_FACE_BACKGROUND (face), f) set];
   3053       for (int i = 0; i < 4 ; i++)
   3054         {
   3055           NSDivideRect (frame_rect, &edge_rect, &frame_rect, 
border_width, edge[i]);
Target 0: (emacs) stopped.
(lldb) p face
(face *) $0 = 0x0000000000000000

Robert
--
reply via email to
[Prev in Thread] Current Thread [Next in Thread]