emacs/etc/DEBUG

1385 lines
61 KiB
Plaintext
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Debugging GNU Emacs
Copyright (C) 1985, 2000-2024 Free Software Foundation, Inc.
See the end of the file for license conditions.
** Preliminaries
This section can be skipped if you are already familiar with building
Emacs with debug info, configuring and starting GDB, and simple GDB
debugging techniques.
*** Configuring Emacs for debugging
It is best to configure and build Emacs with special options that will
make the debugging easier. Here are the configure-time options we
recommend (they are in addition to any other options you might need,
such as --prefix):
./configure --enable-checking='yes,glyphs' --enable-check-lisp-object-type \
CFLAGS='-O0 -g3'
The -O0 flag is important, as debugging optimized code can be hard.
If the problem happens only with optimized code, you may need to
enable optimizations. If that happens, try using -Og first instead of
-O2, as -Og disables some optimizations that make debugging some code
exceptionally hard.
Older versions of GCC may need more than just the -g3 flag. For more,
search for "analyze failed assertions" below.
The 2 --enable-* switches are optional. They don't have any effect on
debugging with GDB, but will compile additional code that might catch
the problem you are debugging much earlier, in the form of assertion
violation. The --enable-checking option also enables additional
functionality useful for debugging display problems; see more about
this below under "Debugging Emacs redisplay problems".
Emacs needs not be installed to be debugged, you can debug the binary
created in the 'src' directory.
*** Configuring GDB
To start GDB to debug Emacs, you can simply type "gdb ./emacs RET" at
the shell prompt (assuming you do that from the directory of the Emacs
executable, usually the 'src' sub-directory of the Emacs tree).
However, we recommend starting GDB from Emacs, see below.
When you debug Emacs with GDB, you should start GDB in the directory
where the Emacs executable was made (the 'src' directory in the Emacs
source tree). That directory has a .gdbinit file that defines various
"user-defined" commands for debugging Emacs. (These commands are
described below under "Examining Lisp object values" and "Debugging
Emacs Redisplay problems".)
Starting the debugger from Emacs, via the "M-x gdb" command (described
below), when the current buffer visits one of the Emacs C source files
will automatically start GDB in the 'src' directory. If you invoke
"M-x gdb" from a buffer whose default directory is different, such as
from the "*scratch*" buffer, you can change the default directory with
the "M-x cd" command before starting the debugger.
Recent GDB versions by default do not automatically load .gdbinit
files in the directory where you invoke GDB. With those versions of
GDB, you will see a warning when GDB starts, like this:
warning: File ".../src/.gdbinit" auto-loading has been declined by your `auto-load safe-path' set to "$debugdir:$datadir/auto-load".
The simplest way to fix this is to add the following line to your
~/.gdbinit file (creating such a file if it doesn't already exist):
add-auto-load-safe-path /path/to/emacs/src/.gdbinit
There are other ways to overcome that difficulty, they are all
described in the node "Auto-loading safe path" in the GDB user manual.
If nothing else helps, type "source /path/to/.gdbinit RET" at the GDB
prompt, to unconditionally load the GDB init file.
Running GDB on macOS sometimes brings an error message like this:
Unable to find Mach task port for process-id NNN: (os/kern) failure (0x5).
To overcome this, search the Internet for the phrase "Unable to find
Mach task port for process-id", and you will find detailed
instructions to follow.
*** Use the Emacs GDB UI front-end
We recommend using the GUI front-end for GDB provided by Emacs. With
it, you can start GDB by typing "M-x gdb RET". This will suggest the
file name of the default binary to debug; if the suggested default is
not the Emacs binary you want to debug, change the file name as
needed. Alternatively, if you want to attach the debugger to an
already running Emacs process, change the GDB command shown in the
minibuffer to say this:
gdb -i=mi -p PID
where PID is the numerical process ID of the running Emacs process,
displayed by system utilities such as 'top' or 'ps' on Posix hosts and
Task Manager on MS-Windows.
Once the debugger starts, open the additional windows provided by the
GDB UI, by typing "M-x gdb-many-windows RET". (Alternatively, click
Gud->GDB-MI->Display Other Windows" from the menu bar.) At this
point, make your frame large enough (or full-screen) such that the
windows you just opened have enough space to show the content without
horizontal scrolling.
You can later restore your window configuration with the companion
command "M-x gdb-restore-windows RET", or by deselecting "Display
Other Windows" from the menu bar.
*** Setting initial breakpoints
Before you let Emacs run, you should now set breakpoints in the code
which you want to debug, so that Emacs stops there and lets GDB take
control. If the code which you want to debug is executed under some
rare conditions, or only when a certain Emacs command is manually
invoked, then just set your breakpoint there, let Emacs run, and
trigger the breakpoint by invoking that command or reproducing those
rare conditions.
If you are less lucky, and the code in question is run very
frequently, you will have to find some way of avoiding triggering your
breakpoint when the conditions for the buggy behavior did not yet
happen. There's no single recipe for this, you will have to be
creative and study the code to see what's appropriate. Some useful
tricks for that:
. Make your breakpoint conditional on certain buffer or string
position. For example:
(gdb) break foo.c:1234 if PT >= 9876
. Set a break point in some rarely called function, then create the
conditions for the bug, call that rare function, and when GDB gets
control, set the breakpoint in the buggy code, knowing that it
will now be called when the bug happens.
. If the bug manifests itself as an error message, set a breakpoint
in Fsignal, and when it breaks, look at the backtrace to see what
triggers the error.
Some additional techniques are described below under "Getting control
to the debugger".
You are now ready to start your debugging session.
*** Running Emacs from GDB
If you are starting a new Emacs session, type "run", followed by any
command-line arguments (e.g., "-Q") into the *gud-emacs* buffer and
press RET. If you ran GDB outside of Emacs, type "run" followed by
the command-line arguments at the GDB prompt instead.
If you attached the debugger to a running Emacs, type "continue" into
the *gud-emacs* buffer and press RET.
Many variables you will encounter while debugging are Lisp objects.
These are normally displayed as opaque pointers or integers that are
hard to interpret, especially if they represent long lists.
(They are instead displayed as structures containing these opaque
values, if --enable-check-lisp-object-type is in effect.) You can
use the 'pp' command to display them in their Lisp form. That command
displays its output on the standard error stream, which you
can redirect to a file using "M-x redirect-debugging-output".
This means that if you attach GDB to a running Emacs that was invoked
from a desktop icon, chances are you will not see the output at all,
or it will wind up in an obscure place (check the documentation of
your desktop environment).
Additional information about displaying Lisp objects can be found
under "Examining Lisp object values" below.
The rest of this document describes specific useful techniques for
debugging Emacs; we suggest reading it in its entirety the first time
you are about to debug Emacs, then look up your specific issues
whenever you need.
Good luck!
** When you are trying to analyze failed assertions or backtraces, it
is essential to compile Emacs with flags suitable for debugging.
Although CFLAGS="-O0 -g3" often suffices with modern compilers,
you may benefit further by using CFLAGS="-O0 -g3 -gdwarf-4", replacing
"4" by the highest version of DWARF that your compiler supports;
this is especially important for GCC versions older than 4.8.
With GCC and higher optimization levels such as -O2, the
-fno-omit-frame-pointer and -fno-crossjumping options are often
essential. The latter prevents GCC from using the same abort call for
all assertions in a given function, rendering the stack backtrace
useless for identifying the specific failed assertion.
** It is a good idea to run Emacs under GDB (or some other suitable
debugger) *all the time*. Then, when Emacs crashes, you will be able
to debug the live process, not just a core dump. (This is especially
important on systems which don't support core files, and instead print
just the registers and some stack addresses.)
** If Emacs hangs, or seems to be stuck in some infinite loop, typing
"kill -TSTP PID", where PID is the Emacs process ID, will cause GDB to
kick in, provided that you run under GDB.
** Getting control to the debugger
Setting a breakpoint in a strategic place, after loading Emacs into
the debugger, but before running it, is the most efficient way of
making sure control will be returned to the debugger when you need
that.
'Fsignal' is a very useful place to put a breakpoint in. All Lisp
errors go through there. If you are only interested in errors that
would fire the Lisp debugger, breaking at 'maybe_call_debugger' is
useful.
Another technique for getting control to the debugger is to put a
breakpoint in some rarely used function. One such convenient function
is Fredraw_display, which you can invoke at will interactively with
"M-x redraw-display RET".
It is also useful to have a guaranteed way to return to the debugger
at any arbitrary time. When using X, this is easy: type C-z at the
window where you are interacting with GDB, and it will stop Emacs just
as it would stop any ordinary program. (This doesn't work if GDB was
attached to a running Emacs process; in that case, you will need to
type C-z to the shell window from which Emacs was started, or use the
"kill -TSTP" method described below.)
When Emacs is displaying on a text terminal, things are not so easy,
so we describe the various alternatives below (however, those of them
that use signals only work on Posix systems).
The src/.gdbinit file in the Emacs distribution arranges for SIGINT
(C-g in Emacs on a text-mode frame) to be passed to Emacs and not give
control back to GDB. On modern systems, you can override that with
this command:
handle SIGINT stop nopass
After this 'handle' command, SIGINT will return control to GDB. If
you want the C-g to cause a quit within Emacs as well, omit the 'nopass'.
See the GDB manual for more details about signal handling and the
'handle' command.
A technique that can work when 'handle SIGINT' does not is to store
the code for some character into the variable stop_character. Thus,
set stop_character = 29
makes Control-] (decimal code 29) the stop character.
Typing Control-] will cause immediate stop. You cannot
use the set command until the inferior process has been started, so
start Emacs with the 'start' command, to get an opportunity to do the
above 'set' command.
On a Posix host, you can also send a signal using the 'kill' command
from a shell prompt, like this:
kill -TSTP Emacs-PID
where Emacs-PID is the process ID of Emacs being debugged. Other
useful signals to send are SIGUSR1 and SIGUSR2; see "Error Debugging"
in the ELisp manual for how to use those.
When Emacs is displaying on a text terminal, it is useful to have a
separate terminal for the debug session. This can be done by starting
Emacs as usual, then attaching to it from gdb with the 'attach'
command which is explained in the node "Attach" of the GDB manual.
On MS-Windows, you can alternatively start Emacs from its own separate
console by setting the new-console option before running Emacs under
GDB:
(gdb) set new-console 1
(gdb) run
If you do this, then typing C-c or C-BREAK into the console window
through which you interact with GDB will stop Emacs and return control
to the debugger, no matter if Emacs displays GUI or text-mode frames.
With GDB versions before 13.1, this is the only reliable alternative
on MS-Windows to get control to the debugger, besides setting
breakpoints in advance. GDB 13.1 changed the way C-c and C-BREAK are
handled on Windows, so with those newer versions, you don't need the
"set new-console 1" setting to be able to interrupt Emacs by typing
C-c or C-BREAK into the console window from which you started Emacs
and where you interact with GDB.
** Examining Lisp object values.
When you have a live process to debug, and it has not encountered a
fatal error, you can use the GDB command 'pr'. First print the value
in the ordinary way, with the 'p' command. Then type 'pr' with no
arguments. This calls a subroutine which uses the Lisp printer.
You can also use 'pp value' to print the emacs value directly.
To see the current value of a Lisp Variable, use 'pv variable'.
These commands send their output to stderr; if that is closed or
redirected to some file you don't know, you won't see their output.
This is particularly so for Emacs invoked on MS-Windows from the
desktop shortcut. You can use the command 'redirect-debugging-output'
to redirect stderr to a file.
Note: It is not a good idea to try 'pr', 'pp', or 'pv' if you know that Emacs
is in deep trouble: its stack smashed (e.g., if it encountered SIGSEGV
due to stack overflow), or crucial data structures, such as 'obarray',
corrupted, etc. In such cases, the Emacs subroutine called by 'pr'
might make more damage, like overwrite some data that is important for
debugging the original problem.
Also, on some systems it is impossible to use 'pr' if you stopped
Emacs while it was inside 'select'. This is in fact what happens if
you stop Emacs while it is waiting. In such a situation, don't try to
use 'pr'. Instead, use 's' to step out of the system call. Then
Emacs will be between instructions and capable of handling 'pr'.
If you can't use 'pr' command, for whatever reason, you can use the
'xpr' command to print out the data type and value of the last data
value, For example:
p it->object
xpr
You may also analyze data values using lower-level commands. Use the
'xtype' command to print out the data type of the last data value.
Once you know the data type, use the command that corresponds to that
type. Here are these commands:
xint xptr xwindow xmarker xoverlay xmiscfree xintfwd xboolfwd xobjfwd
xbufobjfwd xkbobjfwd xbuflocal xbuffer xsymbol xstring xvector xframe
xwinconfig xcompiled xcons xcar xcdr xsubr xprocess xfloat xscrollbar
xchartable xsubchartable xboolvector xhashtable xlist xcoding
xcharset xfontset xfont
Each one of them applies to a certain type or class of types.
(Some of these types are not visible in Lisp, because they exist only
internally.)
Each x... command prints some information about the value, and
produces a GDB value (subsequently available in $) through which you
can get at the rest of the contents.
In general, most of the rest of the contents will be additional Lisp
objects which you can examine in turn with the x... commands.
Even with a live process, these x... commands are useful for
examining the fields in a buffer, window, process, frame or marker.
Here's an example using concepts explained in the node "Value History"
of the GDB manual to print values associated with the variable
called frame. First, use these commands:
cd src
gdb emacs
b set_frame_buffer_list
r -q
Then Emacs hits the breakpoint:
(gdb) p frame
$1 = 139854428
(gdb) xpr
Lisp_Vectorlike
PVEC_FRAME
$2 = (struct frame *) 0x8560258
"emacs@localhost"
(gdb) p *$
$3 = {
size = 1073742931,
next = 0x85dfe58,
name = 140615219,
[...]
}
Now we can use 'pp' to print the frame parameters:
(gdb) pp $->param_alist
((background-mode . light) (display-type . color) [...])
The Emacs C code heavily uses macros defined in lisp.h. So suppose
we want the address of the l-value expression near the bottom of
'add_command_key' from keyboard.c:
XVECTOR (this_command_keys)->contents[this_command_key_count++] = key;
XVECTOR is a macro, so GDB only knows about it if Emacs has been compiled with
preprocessor macro information. GCC provides this if you specify the options
'-gdwarf-N' (where N is 2 or higher) and '-g3'. In this case, GDB can
evaluate expressions like "p XVECTOR (this_command_keys)".
When this information isn't available, you can use the xvector command in GDB
to get the same result. Here is how:
(gdb) p this_command_keys
$1 = 1078005760
(gdb) xvector
$2 = (struct Lisp_Vector *) 0x411000
0
(gdb) p $->contents[this_command_key_count]
$3 = 1077872640
(gdb) p &$
$4 = (int *) 0x411008
Here's a related example of macros and the GDB 'define' command.
There are many Lisp vectors such as 'recent_keys', which contains the
last 300 keystrokes. We can print this Lisp vector
p recent_keys
pr
But this may be inconvenient, since 'recent_keys' is much more verbose
than 'C-h l'. We might want to print only the last 10 elements of
this vector. 'recent_keys' is updated in keyboard.c by the command
XVECTOR (recent_keys)->contents[recent_keys_index] = c;
So we define a GDB command 'xvector-elts', so the last 10 keystrokes
are printed by
xvector-elts recent_keys recent_keys_index 10
where you can define xvector-elts as follows:
define xvector-elts
set $i = 0
p $arg0
xvector
set $foo = $
while $i < $arg2
p $foo->contents[$arg1-($i++)]
pr
end
document xvector-elts
Prints a range of elements of a Lisp vector.
xvector-elts v n i
prints 'i' elements of the vector 'v' ending at the index 'n'.
end
** Getting Lisp-level backtrace information within GDB
The most convenient way is to use the 'xbacktrace' command. This
shows the names of the Lisp functions that are currently active.
If that doesn't work (e.g., because the 'backtrace_list' structure is
corrupted), type "bt" at the GDB prompt, to produce the C-level
backtrace, and look for stack frames that call Ffuncall. Select them
one by one in GDB, by typing "up N", where N is the appropriate number
of frames to go up, and in each frame that calls Ffuncall type this:
p *args
pr
This will print the name of the Lisp function called by that level
of function calling.
By printing the remaining elements of args, you can see the argument
values. Here's how to print the first argument:
p args[1]
pr
If you do not have a live process, you can use xtype and the other
x... commands such as xsymbol to get such information, albeit less
conveniently. For example:
p *args
xtype
and, assuming that "xtype" says that args[0] is a symbol:
xsymbol
** Debugging Emacs redisplay problems
The Emacs display code includes special debugging code, but it is normally
disabled. Configuring Emacs with --enable-checking='yes,glyphs' enables it.
Building Emacs like that activates many assertions which scrutinize display
code operation more than Emacs does normally. (To see the code which tests
these assertions, look for calls to the 'eassert' macros.) Any assertion that
is reported to fail should be investigated. Redisplay problems that cause
aborts or segfaults in production builds of Emacs will many times be caught by
these assertions before they cause a crash.
If you configured Emacs with --enable-checking='glyphs', you can use redisplay
tracing facilities from a running Emacs session.
The command "M-x trace-redisplay RET" will produce a trace of what redisplay
does on the standard error stream. This is very useful for understanding the
code paths taken by the display engine under various conditions, especially if
some redisplay optimizations produce wrong results. (You know that redisplay
optimizations might be involved if "M-x redraw-display RET", or even just
typing "M-x", causes Emacs to correct the bad display.) Since the cursor
blinking feature and ElDoc trigger periodic redisplay cycles, we recommend
disabling 'blink-cursor-mode' and 'global-eldoc-mode' before invoking
'trace-redisplay', so that you have less clutter in the trace. You can also
have up to 30 last trace messages dumped to standard error by invoking the
'dump-redisplay-history' command.
To find the code paths which were taken by the display engine, search xdisp.c
for the trace messages you see.
The command 'dump-glyph-matrix' is useful for producing on standard error
stream a full dump of the selected window's glyph matrix. See the function's
doc string for more details.
If you run Emacs under GDB, you can print the contents of any glyph matrix by
just calling that function with the matrix as its argument. For example, the
following command will print the contents of the current matrix of the window
whose pointer is in 'w':
(gdb) p dump_glyph_matrix (w->current_matrix, 2)
(The second argument 2 tells dump_glyph_matrix to print the glyphs in
a long form.)
If you are debugging redisplay issues in text-mode frames, you may find the
command 'dump-frame-glyph-matrix' useful.
Other commands useful for debugging redisplay are 'dump-glyph-row' and
'dump-tool-bar-row'.
When you debug display problems running emacs under X, you can use
the 'ff' command to flush all pending display updates to the screen.
The src/.gdbinit file defines many useful commands for dumping redisplay
related data structures in a terse and user-friendly format:
'ppt' prints value of PT, narrowing, and gap in current buffer.
'pit' dumps the current display iterator 'it'.
'pwin' dumps the current window 'win'.
'prow' dumps the current glyph_row 'row'.
'pg' dumps the current glyph 'glyph'.
'pgi' dumps the next glyph.
'pgrow' dumps all glyphs in current glyph_row 'row'.
'pcursor' dumps current output_cursor.
The above commands also exist in a version with an 'x' suffix which takes an
object of the relevant type as argument. For example, 'pgrowx' dumps all
glyphs in its argument, which must be of type 'struct glyph_row'.
Since redisplay is performed by Emacs very frequently, you need to place your
breakpoints cleverly to avoid hitting them all the time, when the issue you
are debugging did not (yet) happen. Here are some useful techniques for that:
. Put a breakpoint at 'Frecenter' or 'Fredraw_display' before running Emacs.
Then do whatever is required to reproduce the bad display, and type C-l or
"M-x redraw-display" just before invoking the last action that reproduces
the bug. The debugger will kick in, and you can set or enable breakpoints
in strategic places, knowing that the bad display will happen soon. With a
breakpoint at 'Fredraw_display', you can even reproduce the bug and invoke
"M-x redraw-display" afterwards, knowing that the bad display will be
redrawn from scratch.
. For debugging incorrect cursor position, a good place to put a breakpoint
is in 'set_cursor_from_row'. The first time this function is called as
part of 'redraw-display', Emacs is redrawing the minibuffer window, which
is usually not what you want; type "continue" to get to the call you want.
In general, always make sure 'set_cursor_from_row' is called for the right
window and buffer by examining the value of w->contents: it should be the
buffer whose display you are debugging.
. 'set_cursor_from_row' is also a good place to look at the contents of a
screen line (a.k.a. "glyph row"), by means of the 'pgrow' GDB command. Of
course, you need first to make sure the cursor is on the screen line which
you want to investigate. If you have set a breakpoint in 'Fredraw_display'
or 'Frecenter', as advised above, move cursor to that line before invoking
these commands.
. If the problem happens only at some specific buffer position or for some
specific rarely-used character, you can make your breakpoints conditional
on those values. The display engine maintains the buffer and string
position it is processing in the it->current member; for example, the
buffer character position is in it->current.pos.charpos. Most redisplay
functions accept a pointer to a 'struct it' object as their argument, so
you can make conditional breakpoints in those functions, like this:
(gdb) break x_produce_glyphs if it->current.pos.charpos == 1234
For conditioning on the character being displayed, use it->c or
it->char_to_display.
. You can also make the breakpoints conditional on what object is being used
for producing glyphs for display. The it->method member has the value
GET_FROM_BUFFER for displaying buffer contents, GET_FROM_STRING for
displaying a Lisp string (e.g., a 'display' property or an overlay string),
GET_FROM_IMAGE for displaying an image, etc. See 'enum it_method' in
dispextern.h for the full list of values.
. When the display engine is processing a 'display' text property or an
overlay string, it pushes on the iterator stack the state variables
describing its iteration of buffer text, then reinitializes the iterator
object for processing the property or overlay. The it->sp ("stack
pointer") member, if it is greater than zero, means the iterator's stack
was pushed at least once. You can therefore condition your breakpoints on
the value of it->sp being positive or being of a certain positive value, to
debug display problems that happen only with display properties or
overlays.
** Debugging problems with native-compiled Lisp.
When you encounter problems specific to native-compilation of Lisp, we
recommend to follow the procedure below to try to identify the cause:
. Reduce the problematic .el file to the minimum by bisection, and
try identifying the function that causes the problem.
. Try natively compiling the problematic file with
'native-comp-speed' set to 1 or even zero. If doing that solves
the problem, you can use
(declare (speed 1))
at the beginning of the body of suspected function(s) to change
'native-comp-speed' only for those functions -- this could help you
identify the function(s) which cause(s) the problem.
. Reduce the problematic function(s) to the minimal code that still
reproduces the problem.
. Study the problem's artifacts, like Lisp or C backtraces, to try
identifying the cause of the problem.
If you cannot figure out the cause for the problem using the above,
native-compile the problematic file after setting the variable
'comp-libgccjit-reproducer' to a non-nil value. That should produce a
file named ELNFILENAME_libgccjit_repro.c, where ELNFILENAME is the
name of the problematic .eln file, either in the same directory where
the .eln file is produced, or under your ~/.emacs.d/eln-cache (which
one depends on how the native-compilation is invoked). It is also
possible that the reproducer file's name will be something like
subr--trampoline-XXXXXXX_FUNCTION_libgccjit_repro.c, where XXXXXXX is
a long string of hex digits and FUNCTION is some function from the
compiled .el file. Attach that reproducer C file to your bug report.
** Following longjmp call.
Recent versions of glibc (2.4+?) encrypt stored values for setjmp/longjmp which
prevents GDB from being able to follow a longjmp call using 'next'. To
disable this protection you need to set the environment variable
LD_POINTER_GUARD to 0.
** Using GDB in Emacs
Debugging with GDB in Emacs offers some advantages over the command line (See
the GDB Graphical Interface node of the Emacs manual). There are also some
features available just for debugging Emacs:
1) The command gud-print is available on the tool bar (the 'p' icon) and
allows the user to print the s-expression of the variable at point,
in the GUD buffer.
2) Pressing 'p' on a component of a watch expression that is a lisp object
in the speedbar prints its s-expression in the GUD buffer.
3) The STOP button on the tool bar and the Signals->STOP menu-bar menu
item are adjusted so that they send SIGTSTP instead of the usual
SIGINT.
4) The command gud-pv has the global binding 'C-x C-a C-v' and prints the
value of the lisp variable at point.
** Debugging what happens while preloading and dumping Emacs
Debugging 'temacs' is useful when you want to establish whether a
problem happens in an undumped Emacs. To run 'temacs' under a
debugger, type "gdb temacs", then start it with 'r -batch -l loadup'.
If you need to debug what happens during dumping, start it with 'r -batch -l
loadup dump' instead. For debugging the bootstrap dumping, use "loadup
bootstrap" instead of "loadup dump".
If temacs actually succeeds when running under GDB in this way, do not
try to run the dumped Emacs, because it was dumped with the GDB
breakpoints in it.
** If you encounter X protocol errors
The X server normally reports protocol errors asynchronously,
so you find out about them long after the primitive which caused
the error has returned.
To get clear information about the cause of an error, try evaluating
(x-synchronize t). That puts Emacs into synchronous mode, where each
Xlib call checks for errors before it returns. This mode is much
slower, but when you get an error, you will see exactly which call
really caused the error.
You can start Emacs in a synchronous mode by invoking it with the -xrm
option, like this:
emacs -xrm "emacs.synchronous: true"
Setting a breakpoint in the function 'x_error_quitter' and looking at
the backtrace when Emacs stops inside that function will show what
code causes the X protocol errors.
Note that the -xrm option may have no effect when you start a server
in an Emacs session invoked with the -nw command-line option, and want
to trace X protocol errors from GUI frames created by subsequent
invocations of emacsclient. In that case starting Emacs via
emacs -nw --eval '(setq x-command-line-resources "emacs.synchronous: true")'
should give more reliable results.
For X protocol errors related to displaying unusual characters or to
font-related customizations, try invoking Emacs like this:
XFT_DEBUG=16 emacs -xrm "emacs.synchronous: true"
This should produce information from the libXft library which could
give useful hints regarding font-related problems in that library.
Some bugs related to the X protocol disappear when Emacs runs in a
synchronous mode. To track down those bugs, we suggest the following
procedure:
- Run Emacs under a debugger and put a breakpoint inside the
primitive function which, when called from Lisp, triggers the X
protocol errors. For example, if the errors happen when you
delete a frame, put a breakpoint inside 'Fdelete_frame'.
- When the breakpoint breaks, step through the code, looking for
calls to X functions (the ones whose names begin with "X" or
"Xt" or "Xm").
- Insert calls to 'XSync' before and after each call to the X
functions, like this:
XSync (f->output_data.x->display_info->display, 0);
where 'f' is the pointer to the 'struct frame' of the selected
frame, normally available via XFRAME (selected_frame). (Most
functions which call X already have some variable that holds the
pointer to the frame, perhaps called 'f' or 'sf', so you shouldn't
need to compute it.)
If your debugger can call functions in the program being debugged,
you should be able to issue the calls to 'XSync' without recompiling
Emacs. For example, with GDB, just type:
call XSync (f->output_data.x->display_info->display, 0)
before and immediately after the suspect X calls. If your
debugger does not support this, you will need to add these pairs
of calls in the source and rebuild Emacs.
Either way, systematically step through the code and issue these
calls until you find the first X function called by Emacs after
which a call to 'XSync' winds up in the function
'x_error_quitter'. The first X function call for which this
happens is the one that generated the X protocol error.
- You should now look around this offending X call and try to figure
out what is wrong with it.
** If Emacs causes errors or memory leaks in your X server
You can trace the traffic between Emacs and your X server with a tool
like xmon.
Xmon can be used to see exactly what Emacs sends when X protocol errors
happen. If Emacs causes the X server memory usage to increase you can
use xmon to see what items Emacs creates in the server (windows,
graphical contexts, pixmaps) and what items Emacs delete. If there
are consistently more creations than deletions, the type of item
and the activity you do when the items get created can give a hint where
to start debugging.
** If the symptom of the bug is that Emacs fails to respond
Don't assume Emacs is 'hung'--it may instead be in an infinite loop.
To find out which, make the problem happen under GDB and stop Emacs
once it is not responding. (If Emacs is using X Windows directly, you
can stop Emacs by typing C-z at the GDB job. On MS-Windows, run Emacs
as usual, and then attach GDB to it -- that will usually interrupt
whatever Emacs is doing and let you perform the steps described
below.)
Then try stepping with 'step'. If Emacs is hung, the 'step' command
won't return. If it is looping, 'step' will return.
If this shows Emacs is hung in a system call, stop it again and
examine the arguments of the call. If you report the bug, it is very
important to state exactly where in the source the system call is, and
what the arguments are.
If Emacs is in an infinite loop, try to determine where the loop
starts and ends. The easiest way to do this is to use the GDB command
'finish'. Each time you use it, Emacs resumes execution until it
exits one stack frame. Keep typing 'finish' until it doesn't
return--that means the infinite loop is in the stack frame which you
just tried to finish.
Stop Emacs again, and use 'finish' repeatedly again until you get back
to that frame. Then use 'next' to step through that frame. By
stepping, you will see where the loop starts and ends. Also, examine
the data being used in the loop and try to determine why the loop does
not exit when it should.
On GNU and Unix systems, you can also try sending Emacs SIGUSR2,
which, if 'debug-on-event' has its default value, will cause Emacs to
attempt to break out of its current loop and enter the Lisp
debugger. (See the node "Debugging" in the ELisp manual for the
details about the Lisp debugger.) This feature is useful when a
C-level debugger is not conveniently available.
** If certain operations in Emacs are slower than they used to be, here
is some advice for how to find out why.
Stop Emacs repeatedly during the slow operation, and make a backtrace
each time. Compare the backtraces looking for a pattern--a specific
function that shows up more often than you'd expect.
If you don't see a pattern in the C backtraces, get some Lisp
backtrace information by typing "xbacktrace" or by looking at Ffuncall
frames (see above), and again look for a pattern.
When using X, you can stop Emacs at any time by typing C-z at GDB.
When not using X, you can do this with C-g. On non-Unix platforms,
such as MS-DOS, you might need to press C-BREAK instead.
** If GDB does not run and your debuggers can't load Emacs.
On some systems, no debugger can load Emacs with a symbol table,
perhaps because they all have fixed limits on the number of symbols
and Emacs exceeds the limits. Here is a method that can be used
in such an extremity. Do
nm -n temacs > nmout
strip temacs
adb temacs
0xd:i
0xe:i
14:i
17:i
:r -l loadup (or whatever)
It is necessary to refer to the file 'nmout' to convert
numeric addresses into symbols and vice versa.
It is useful to be running under a window system.
Then, if Emacs becomes hopelessly wedged, you can create another
window to do kill -9 in. kill -ILL is often useful too, since that
may make Emacs dump core or return to adb.
** Debugging incorrect screen updating on a text terminal.
To debug Emacs problems that update the screen wrong, it is useful
to have a record of what input you typed and what Emacs sent to the
screen. To make these records, do
(open-dribble-file "~/.dribble")
(open-termscript "~/.termscript")
The dribble file contains all characters read by Emacs from the
terminal, and the termscript file contains all characters it sent to
the terminal. The use of the directory '~/' prevents interference
with any other user.
If you have irreproducible display problems, put those two expressions
in your ~/.emacs file. When the problem happens, exit the Emacs that
you were running, kill it, and rename the two files. Then you can start
another Emacs without clobbering those files, and use it to examine them.
** Debugging LessTif
If you encounter bugs whereby Emacs built with LessTif grabs all mouse
and keyboard events, or LessTif menus behave weirdly, it might be
helpful to set the 'DEBUGSOURCES' and 'DEBUG_FILE' environment
variables, so that one can see what LessTif was doing at this point.
For instance
export DEBUGSOURCES="RowColumn.c:MenuShell.c:MenuUtil.c"
export DEBUG_FILE=/usr/tmp/LESSTIF_TRACE
emacs &
causes LessTif to print traces from the three named source files to a
file in '/usr/tmp' (that file can get pretty large). The above should
be typed at the shell prompt before invoking Emacs, as shown by the
last line above.
Running GDB from another terminal could also help with such problems.
You can arrange for GDB to run on one machine, with the Emacs display
appearing on another. Then, when the bug happens, you can go back to
the machine where you started GDB and use the debugger from there.
** Debugging problems which happen in GC
The array 'last_marked' (defined on alloc.c) can be used to display up
to the 512 most-recent objects marked by the garbage collection process.
Whenever the garbage collector marks a Lisp object, it records the
pointer to that object in the 'last_marked' array, which is maintained
as a circular buffer. The variable 'last_marked_index' holds the
index into the 'last_marked' array one place beyond where the pointer
to the very last marked object is stored.
The single most important goal in debugging GC problems is to find the
Lisp data structure that got corrupted. This is not easy since GC
changes the tag bits and relocates strings which make it hard to look
at Lisp objects with commands such as 'pr'. It is sometimes necessary
to convert Lisp_Object variables into pointers to C struct's manually.
Use the 'last_marked' array and the source to reconstruct the sequence
that objects were marked. In general, you need to correlate the
values recorded in the 'last_marked' array with the corresponding
stack frames in the backtrace, beginning with the innermost frame.
Some subroutines of 'mark_object' are invoked recursively, others loop
over portions of the data structure and mark them as they go. By
looking at the code of those routines and comparing the frames in the
backtrace with the values in 'last_marked', you will be able to find
connections between the values in 'last_marked'. E.g., when GC finds
a cons cell, it recursively marks its car and its cdr. Similar things
happen with properties of symbols, elements of vectors, etc. Use
these connections to reconstruct the data structure that was being
marked, paying special attention to the strings and names of symbols
that you encounter: these strings and symbol names can be used to grep
the sources to find out what high-level symbols and global variables
are involved in the crash.
Once you discover the corrupted Lisp object or data structure, grep
the sources for its uses and try to figure out what could cause the
corruption. If looking at the sources doesn't help, you could try
setting a watchpoint on the corrupted data, and see what code modifies
it in some invalid way. (Obviously, this technique is only useful for
data that is modified only very rarely.)
It is also useful to look at the corrupted object or data structure in
a fresh Emacs session and compare its contents with a session that you
are debugging. This might be somewhat harder on modern systems which
randomize addresses of running executables (the so-called Address
Space Layout Randomization, or ASLR, feature). If you have this
problem, see below under "How to disable ASLR".
** Debugging the TTY (non-windowed) version
The most convenient method of debugging the character-terminal display
is to do that on a window system such as X. Begin by starting an
xterm window, then type these commands inside that window:
$ tty
$ echo $TERM
Let's say these commands print "/dev/ttyp4" and "xterm", respectively.
Now start Emacs (the normal, windowed-display session, i.e. without
the '-nw' option), and invoke "M-x gdb RET emacs RET" from there. Now
type these commands at GDB's prompt:
(gdb) set args -nw -t /dev/ttyp4
(gdb) set environment TERM xterm
(gdb) run
The debugged Emacs should now start in no-window mode with its display
directed to the xterm window you opened above.
Similar arrangement is possible on a character terminal by using the
'screen' package.
On MS-Windows, you can start Emacs in its own separate console by
setting the new-console option before running Emacs under GDB:
(gdb) set new-console 1
(gdb) run
** Running Emacs with undefined-behavior sanitization
Building Emacs with undefined-behavior sanitization can help find
several kinds of low-level problems in C code, including:
* Out-of-bounds access of many (but not all) arrays.
* Signed integer overflow, e.g., (INT_MAX + 1).
* Integer shifts by a negative or wider-than-word value.
* Misaligned pointers and pointer overflow.
* Loading a bool or enum value that is out of range for its type.
* Passing NULL to or returning NULL from a function requiring nonnull.
* Passing a size larger than the corresponding array to memcmp etc.
* Passing invalid values to some builtin functions, e.g., __builtin_clz (0).
* Reaching __builtin_unreachable calls (in Emacs, 'eassume' failure).
To use GCC's UndefinedBehaviorSanitizer, append '-fsanitize=undefined'
to CFLAGS, either when running 'configure' or running 'make'.
When supported, you can also specify 'bound-strict' and
'float-cast-overflow'. For example:
./configure \
CFLAGS='-O0 -g3 -fsanitize=undefined,bounds-strict,float-cast-overflow'
You may need to append '-static-libubsan' to CFLAGS if your version of
GCC is installed in an unusual location.
Clang's UB sanitizer can also be used, but has coverage problems.
You'll need '-fsanitize=undefined -fno-sanitize=pointer-overflow' to
suppress misguided warnings about adding zero to a null pointer,
although this also suppresses any valid pointer overflow warnings.
When using GDB to debug an executable with undefined-behavior
sanitization, the GDB command:
(gdb) rbreak ^__ubsan_handle_
will let you gain control when an error is detected and before
UndefinedBehaviorSanitizer outputs to stderr or terminates the
program.
** Running Emacs with address sanitization
Building Emacs with address sanitization can help debug memory-use
problems, such as freeing the same object twice. To use
AddressSanitizer with GCC and similar compilers, append
'-fsanitize=address' to CFLAGS, either when running 'configure' or
running 'make'. Configure, build and run Emacs with
ASAN_OPTIONS='detect_leaks=0' in the environment to suppress
diagnostics of minor memory leaks in Emacs. For example:
export ASAN_OPTIONS='detect_leaks=0'
./configure CFLAGS='-O0 -g3 -fsanitize=address'
make
src/emacs
You may need to append '-static-libasan' to CFLAGS if your version of
GCC is installed in an unusual location.
When using GDB to debug an executable with address sanitization, the
GDB command:
(gdb) rbreak ^__asan_report_
will let you gain control when an error is detected and before
AddressSanitizer outputs to stderr or terminates the program.
Address sanitization is incompatible with undefined-behavior
sanitization, unfortunately. Address sanitization is also
incompatible with the --with-dumping=unexec option of 'configure'.
*** Address poisoning/unpoisoning
When compiled with address sanitization, Emacs will also try to mark
dead/free lisp objects as poisoned, forbidding them from being
accessed without being unpoisoned first. This adds an extra layer
of checking with objects in internal free lists, which may otherwise
evade traditional use-after-free checks. To disable this, add
'allow_user_poisoning=0' to ASAN_OPTIONS, or build Emacs with
'-DGC_ASAN_POISON_OBJECTS=0' in CFLAGS.
While using GDB, memory addresses can be inspected by using helper
functions additionally provided by the ASan library:
(gdb) call __asan_describe_address(ptr)
To check whether an address range is poisoned or not, use:
(gdb) call __asan_region_is_poisoned(ptr, 8)
Additional functions can be found in the header
'sanitizer/asan_interface.h' in your compiler's headers directory.
** Running Emacs under Valgrind
Valgrind <https://valgrind.org/> is free software that can be useful
when debugging low-level Emacs problems. Unlike GCC sanitizers,
Valgrind does not need you to compile Emacs with special debugging
flags, so it can be helpful in investigating problems that vanish when
Emacs is recompiled with debugging enabled. However, by default
Valgrind generates many false alarms with Emacs, and you will need to
maintain a suppressions file to suppress these false alarms and use
Valgrind effectively. For example, you might invoke Valgrind this
way:
valgrind --suppressions=valgrind.supp ./emacs
where valgrind.supp contains groups of lines like the following, which
suppresses some Valgrind false alarms during Emacs garbage collection:
{
Fgarbage_collect Cond - conservative garbage collection
Memcheck:Cond
...
fun:Fgarbage_collect
}
Unfortunately Valgrind suppression files tend to be system-dependent,
so you will need to keep one around that matches your system.
** How to disable ASLR
Modern systems use the so-called Address Space Layout Randomization,
(ASLR) feature, which randomizes the base address of running programs,
making it harder for malicious software or hackers to find the address
of some function or variable in a running program by looking at its
executable file. This causes the address of the same symbol to be
different across rerunning of the same program. Sometimes, it can be
useful to disable ASLR, for example, if you want to compare objects in
two different Emacs sessions.
On GNU/Linux, you can disable ASLR temporarily with the following
shell command:
echo 0 > /proc/sys/kernel/randomize_va_space
or by running Emacs in an environment where ASLR is temporarily
disabled:
setarch -R emacs [args...]
To disable ASLR in Emacs on MS-Windows, you will have to rebuild Emacs
while adding '-Wl,-disable-dynamicbase' to LD_SWITCH_SYSTEM_TEMACS
variable defined in src/Makefile. Alternatively, use some tool to
edit the PE header of the Emacs executable file and reset the
DYNAMIC_BASE (0x40) flag in the DllCharacteristics flags recorded by
the PE header.
On macOS, there's no official way for disabling ASLR, but there are
various hacks that can be found by searching the Internet.
** How to recover buffer contents from an Emacs core dump file
The file etc/emacs-buffer.gdb defines a set of GDB commands for
recovering the contents of Emacs buffers from a core dump file. You
might also find those commands useful for displaying the list of
buffers in human-readable format from within the debugger.
** Debugging Emacs with LLDB
On systems where GDB is not available, like macOS with M1 chip, you
can also use LLDB for Emacs debugging.
To start LLDB to debug Emacs, you can simply type "lldb ./emacs RET"
at the shell prompt in directory of the Emacs executable, usually the
'src' sub-directory of the Emacs tree).
When you debug Emacs with LLDB, you should start LLDB in the directory
where the Emacs executable was built. That directory has an .lldbinit
file that loads a Python module emacs_lldb.py from the 'etc' directory
of the Emacs source tree. The Python module defines "user-defined"
commands for debugging Emacs.
LLDB by default does not automatically load .lldbinit files in the
current directory. The simplest way to fix this is to add the
following line to your ~/.lldbinit file (creating such a file if it
doesn't already exist):
settings set target.load-cwd-lldbinit true
Alternatively, you can type "lldb --local-lldbinit ./emacs RET".
If everything worked, you should see something like "Emacs debugging
support has been installed" after starting LLDB. You can see which
Emacs-specific commands are defined with
(lldb) help
User-defined commands for Emacs debugging start with an "x".
Please refer to the LLDB reference on the web for more information
about LLDB. If you already know GDB, you will also find a mapping
from GDB commands to corresponding LLDB commands there.
** Debugging Emacs on OpenBSD
To debug Emacs on OpenBSD, use the 'egdb' command from the 'gdb'
package. This reportedly works both if Emacs was compiled with GCC and
if it was compiled with clang.
** Debugging Emacs on Android.
A script located in the java/ directory automates the procedures
necessary run Emacs under a Gdb session on an Android device connected
to a computer using USB.
Its requirements are the `adb' (Android Debug Bridge) utility and the
Java debugger (jdb), utilized to cue the Android system to resume the
Emacs process after the debugger attaches.
If all three of those tools are present, simply run (from the Emacs
source directory):
../java/debug.sh -- [any extra arguments you wish to pass to gdb]
Several lines of debug information will be printed, after which the
Gdb prompt should be displayed.
If there is no Gdbserver binary present on the device, then specify
one to upload, like so:
../java/debug.sh --gdbserver /path/to/gdbserver
This Gdbserver should be statically linked or compiled using the
Android NDK, and must target the same architecture as the debugged
Emacs binary. Older versions of the Android NDK (such as r24)
distribute suitable Gdbserver binaries, usually located within
prebuilt/android-<arch>/gdbserver/gdbserver
relative to the root of the NDK distribution.
To attach Emacs to an existing process on a target device, use the
`--attach-existing' argument to debug.sh:
../java/debug.sh --attach-existing [other arguments]
If multiple Emacs processes are running, debug.sh will display the
names and PIDs of each running process, and prompt for the process
that it should attach to.
After Emacs starts, type:
(gdb) handle SIGUSR1 noprint pass
to ignore the SIGUSR1 signal that is sent by the Android port's
`select' emulation. If this is overlooked, Emacs will stop each time
a windowing event is received, which is probably unwanted.
On top of the debugging procedure described above, Android also
maintains a "logcat" buffer, where it prints backtraces during or
after each crash. Its contents are of interest when performing
post-mortem debugging after a crash, and can also be retrieved through
the `adb' tool, like so:
$ adb logcat
There are three forms of crash messages printed by Android. The first
form is printed when a crash arises within Java code, and should
resemble the following when printed in the logcat buffer:
E AndroidRuntime: FATAL EXCEPTION: main
E AndroidRuntime: Process: org.gnu.emacs, PID: 18057
E AndroidRuntime: java.lang.RuntimeException: sample crash
E AndroidRuntime: at org.gnu.emacs.EmacsService.onCreate(EmacsService.java:308)
E AndroidRuntime: at android.app.ActivityThread.handleCreateService(ActivityThread.java:4485)
E AndroidRuntime: ... 9 more
The second form is printed when a fatal signal (such as an abort, or
segmentation fault) is raised within C code. Here is an example of
such a crash:
F libc : Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x3 in tid 32644
(Emacs main thre), pid 32619 (org.gnu.emacs)
F DEBUG : Cmdline: org.gnu.emacs
F DEBUG : pid: 32619, tid: 32644, name: Emacs main thre >>> org.gnu.emacs <<<
F DEBUG : #00 pc 002b27b0 /.../lib/arm64/libemacs.so (sfnt_read_cmap_table+32)
F DEBUG : #01 pc 002c4ee8 /.../lib/arm64/libemacs.so (sfntfont_read_cmap+84)
F DEBUG : #02 pc 002c4dc4 /.../lib/arm64/libemacs.so (sfntfont_lookup_char+396)
F DEBUG : #03 pc 002c23d8 /.../lib/arm64/libemacs.so (sfntfont_list+1688)
F DEBUG : #04 pc 0021112c /.../lib/arm64/libemacs.so (font_list_entities+864)
F DEBUG : #05 pc 002138d8 /.../lib/arm64/libemacs.so (font_find_for_lface+1532)
F DEBUG : #06 pc 00280c50 /.../lib/arm64/libemacs.so (fontset_find_font+2760)
F DEBUG : #07 pc 0027cadc /.../lib/arm64/libemacs.so (fontset_font+792)
F DEBUG : #08 pc 0027c710 /.../lib/arm64/libemacs.so (face_for_char+412)
F DEBUG : #09 pc 00217314 /.../lib/arm64/libemacs.so (Finternal_char_font+324)
F DEBUG : #10 pc 00240d78 /.../lib/arm64/libemacs.so (exec_byte_code+3112)
F DEBUG : #11 pc 001f5ff8 /.../lib/arm64/libemacs.so (Ffuncall+392)
F DEBUG : #12 pc 001f3cf0 /.../lib/arm64/libemacs.so (eval_sub+2260)
F DEBUG : #13 pc 001f853c /.../lib/arm64/libemacs.so (Feval+80)
F DEBUG : #14 pc 00240d78 /.../lib/arm64/libemacs.so (exec_byte_code+3112)
F DEBUG : #15 pc 00240130 /.../lib/arm64/libemacs.so (Fbyte_code+120)
F DEBUG : #16 pc 001f3d84 /.../lib/arm64/libemacs.so (eval_sub+2408)
F DEBUG : #17 pc 00221d7c /.../lib/arm64/libemacs.so (readevalloop+1748)
F DEBUG : #18 pc 002201a0 /.../lib/arm64/libemacs.so (Fload+2544)
F DEBUG : #19 pc 00221f3c /.../lib/arm64/libemacs.so (save_match_data_load+88)
F DEBUG : #20 pc 001f8414 /.../lib/arm64/libemacs.so (load_with_autoload_queue+252)
F DEBUG : #21 pc 001f6550 /.../lib/arm64/libemacs.so (Fautoload_do_load+608)
F DEBUG : #22 pc 00240d78 /.../lib/arm64/libemacs.so (exec_byte_code+3112)
F DEBUG : #23 pc 001f5ff8 /.../lib/arm64/libemacs.so (Ffuncall+392)
F DEBUG : #24 pc 001f1120 /.../lib/arm64/libemacs.so (Ffuncall_interactively+64)
F DEBUG : #25 pc 001f5ff8 /.../lib/arm64/libemacs.so (Ffuncall+392)
F DEBUG : #26 pc 001f8b8c /.../lib/arm64/libemacs.so (Fapply+916)
F DEBUG : #27 pc 001f137c /.../lib/arm64/libemacs.so (Fcall_interactively+576)
F DEBUG : #28 pc 00240d78 /.../lib/arm64/libemacs.so (exec_byte_code+3112)
F DEBUG : #29 pc 001f5ff8 /.../lib/arm64/libemacs.so (Ffuncall+392)
F DEBUG : #30 pc 0016d054 /.../lib/arm64/libemacs.so (command_loop_1+1344)
F DEBUG : #31 pc 001f6d90 /.../lib/arm64/libemacs.so (internal_condition_case+92)
F DEBUG : #32 pc 0016cafc /.../lib/arm64/libemacs.so (command_loop_2+48)
F DEBUG : #33 pc 001f6660 /.../lib/arm64/libemacs.so (internal_catch+84)
F DEBUG : #34 pc 0016c288 /.../lib/arm64/libemacs.so (command_loop+264)
F DEBUG : #35 pc 0016c0d8 /.../lib/arm64/libemacs.so (recursive_edit_1+144)
F DEBUG : #36 pc 0016c4fc /.../lib/arm64/libemacs.so (Frecursive_edit+348)
F DEBUG : #37 pc 0016af9c /.../lib/arm64/libemacs.so (android_emacs_init+7132)
F DEBUG : #38 pc 002ab8d4 /.../lib/arm64/libemacs.so (Java_org_gnu_emacs_...+3816)
Where the first line (the one containing "libc") mentions the number
of the fatal signal, the address of any VM fault, and the name and ID
of the thread which crashed. Subsequent lines then contain a
backtrace, recounting each function in the call stack culminating in
the crash.
The third form is printed when Emacs misuses the JVM in some fashion
that is detected by the Android CheckJNI facility. It looks like:
A/art: art/runtime/check_jni.cc:65] JNI DETECTED ERROR IN APPLICATION: ...
A/art: art/runtime/check_jni.cc:65] in call to CallVoidMethodV
A/art: art/runtime/check_jni.cc:65] from void android.os.MessageQueue.nativePollOnce(long, int)
A/art: art/runtime/check_jni.cc:65] "main" prio=5 tid=1 Runnable
A/art: art/runtime/check_jni.cc:65] | group="main" sCount=0 dsCount=0 obj=0x87d30ef0 self=0xb4f07800
A/art: art/runtime/check_jni.cc:65] | sysTid=18828 nice=-11 cgrp=apps sched=0/0 handle=0xb6fdeec8
A/art: art/runtime/check_jni.cc:65] | state=R schedstat=( 2249126546 506089308 3210 ) utm=183 stm=41 core=3 HZ=100
A/art: art/runtime/check_jni.cc:65] | stack=0xbe0c8000-0xbe0ca000 stackSize=8MB
A/art: art/runtime/check_jni.cc:65] | held mutexes= "mutator lock"(shared held)
A/art: art/runtime/check_jni.cc:65] native: #00 pc 00004640 /system/lib/libbacktrace_libc++.so (UnwindCurrent::Unwind(unsigned int, ucontext*)+23)
A/art: art/runtime/check_jni.cc:65] native: #01 pc 00002e8d /system/lib/libbacktrace_libc++.so (Backtrace::Unwind(unsigned int, ucontext*)+8)
A/art: art/runtime/check_jni.cc:65] native: #02 pc 00248381 /system/lib/libart.so (art::DumpNativeStack(std::__1::basic_ostream<char, std::__1::char_traits<char> >&, int, char const*, art::mirror::ArtMethod*)+68)
A/art: art/runtime/check_jni.cc:65] native: #03 pc 0022cd0b /system/lib/libart.so (art::Thread::Dump(std::__1::basic_ostream<char, std::__1::char_traits<char> >&) const+146)
A/art: art/runtime/check_jni.cc:65] native: #04 pc 000b189b /system/lib/libart.so (art::JniAbort(char const*, char const*)+582)
A/art: art/runtime/check_jni.cc:65] native: #05 pc 000b1fd5 /system/lib/libart.so (art::JniAbortF(char const*, char const*, ...)+60)
A/art: art/runtime/check_jni.cc:65] native: #06 pc 000b50e5 /system/lib/libart.so (art::ScopedCheck::ScopedCheck(_JNIEnv*, int, char const*)+1284)
A/art: art/runtime/check_jni.cc:65] native: #07 pc 000bc59f /system/lib/libart.so (art::CheckJNI::CallVoidMethodV(_JNIEnv*, _jobject*, _jmethodID*, std::__va_list)+30)
A/art: art/runtime/check_jni.cc:65] native: #08 pc 00063803 /system/lib/libandroid_runtime.so (???)
A/art: art/runtime/check_jni.cc:65] native: #09 pc 000776bd /system/lib/libandroid_runtime.so (android::NativeDisplayEventReceiver::dispatchVsync(long long, int, unsigned int)+40)
A/art: art/runtime/check_jni.cc:65] native: #10 pc 00077885 /system/lib/libandroid_runtime.so (android::NativeDisplayEventReceiver::handleEvent(int, int, void*)+80)
A/art: art/runtime/check_jni.cc:65] native: #11 pc 00010f6f /system/lib/libutils.so (android::Looper::pollInner(int)+482)
A/art: art/runtime/check_jni.cc:65] native: #12 pc 00011019 /system/lib/libutils.so (android::Looper::pollOnce(int, int*, int*, void**)+92)
A/art: art/runtime/check_jni.cc:65] native: #13 pc 000830c1 /system/lib/libandroid_runtime.so (android::NativeMessageQueue::pollOnce(_JNIEnv*, int)+22)
A/art: art/runtime/check_jni.cc:65] native: #14 pc 000b22d7 /system/framework/arm/boot.oat (Java_android_os_MessageQueue_nativePollOnce__JI+102)
A/art: art/runtime/check_jni.cc:65] at android.os.MessageQueue.nativePollOnce(Native method)
A/art: art/runtime/check_jni.cc:65] at android.os.MessageQueue.next(MessageQueue.java:143)
A/art: art/runtime/check_jni.cc:65] at android.os.Looper.loop(Looper.java:130)
A/art: art/runtime/check_jni.cc:65] at android.app.ActivityThread.main(ActivityThread.java:5832)
A/art: art/runtime/check_jni.cc:65] at java.lang.reflect.Method.invoke!(Native method)
A/art: art/runtime/check_jni.cc:65] at java.lang.reflect.Method.invoke(Method.java:372)
A/art: art/runtime/check_jni.cc:65] at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1399)
A/art: art/runtime/check_jni.cc:65] at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1194)
A/art: art/runtime/check_jni.cc:65]
In such situations, the first line explains what infraction Emacs
committed, while the ensuing ones print backtraces for each running
Java thread at the time of the error.
If Emacs is executing on Android 5.0 and later, placing a breakpoint
on
(gdb) break art::JavaVMExt::JniAbort
will set a breakpoint that is hit each time such an error is detected.
Since the logcat output is always rapidly being amended, it is worth
piping it to a file or shell command buffer, and then searching for
keywords such as "AndroidRuntime", "Fatal signal", or "JNI DETECTED
ERROR IN APPLICATION".
Once in a blue moon, it proves necessary to debug Java rather than C
code. To this end, the `--jdb' option will attach the Java debugger
instead of gdbserver. Lametably, it seems impossible to debug both C
and Java code in concert.
C code within Emacs rigorously checks for Java exceptions after
calling any JVM function that may signal an out-of-memory error,
employing one of the android_exception_check(_N) functions defined
within android.c for this purpose. These functions operate presuming
the preceding Java code does not signal exceptions of its own, and
report out-of-memory errors upon any type of exception, not just OOM
errors.
If Emacs protests that it is out of memory, yet you witness a
substantial amount of free space remaining, search the log buffer for
a string containing:
"Possible out of memory error. The Java exception follows:"
subsequent to which a reproduction of the exception precipitating the
spurious OOM error should be located. This exception is invariably
indicative of a bug within Emacs that should be fixed.
This file is part of GNU Emacs.
GNU Emacs is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
GNU Emacs is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with GNU Emacs. If not, see <https://www.gnu.org/licenses/>.
Local variables:
mode: outline
paragraph-separate: "[ ]*$"
end: