GNU bug report logs -
#56793
Infinite loop in pure_alloc when dumping strings longer than 10K bytes
Previous Next
Reported by: Lynn Winebarger <owinebar <at> gmail.com>
Date: Wed, 27 Jul 2022 13:50:02 UTC
Severity: normal
Done: Stefan Kangas <stefankangas <at> gmail.com>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 56793 in the body.
You can then email your comments to 56793 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#56793; Package
emacs.
(Wed, 27 Jul 2022 13:50:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Lynn Winebarger <owinebar <at> gmail.com>:
New bug report received and forwarded. Copy sent to
bug-gnu-emacs <at> gnu.org.
(Wed, 27 Jul 2022 13:50:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
I apologize for not being able to include significant details of the build,
as this is happening on a sandboxed system in a proprietary context.
I've been attempting to dump emacs built from the 28.1 tarball with a large
number of core libraries preloaded. I have observed runaway allocation
when attempting to dump with native-compilation enabled and with
native-compilation disabled.
Using gdb I was able to identify the culprit as an infinite "goto again"
loop in pure_alloc:
static void *
pure_alloc (size_t size, int type)
{
void *result;
again:
if (type >= 0)
{
/* Allocate space for a Lisp object from the beginning of the free
space with taking account of alignment. */
result = pointer_align (purebeg + pure_bytes_used_lisp, LISP_ALIGNMENT);
pure_bytes_used_lisp = ((char *)result - (char *)purebeg) + size;
}
else
{
/* Allocate space for a non-Lisp object from the end of the free
space. */
ptrdiff_t unaligned_non_lisp = pure_bytes_used_non_lisp + size;
char *unaligned = purebeg + pure_size - unaligned_non_lisp;
int decr = (intptr_t) unaligned & (-1 - type);
pure_bytes_used_non_lisp = unaligned_non_lisp + decr;
result = unaligned - decr;
}
pure_bytes_used = pure_bytes_used_lisp + pure_bytes_used_non_lisp;
if (pure_bytes_used <= pure_size)
return result;
/* Don't allocate a large amount here,
because it might get mmap'd and then its address
might not be usable. */
int small_amount = 10000;
eassert (size <= small_amount - LISP_ALIGNMENT);
purebeg = xzalloc (small_amount);
pure_size = small_amount;
pure_bytes_used_before_overflow += pure_bytes_used - size;
pure_bytes_used = 0;
pure_bytes_used_lisp = pure_bytes_used_non_lisp = 0;
/* Can't GC if pure storage overflowed because we can't determine
if something is a pure object or not. */
garbage_collection_inhibited++;
goto again;
}
For example, the issue was triggered while attempting to dump ibuffer.el -
a docstring has 10,655 characters, and the "eassert" is turned off with the
usual CFLAGS, so it just never stops attempting to allocate.
Since unexec is disabled, I don't even understand why avoiding mmap'ed
memory is important. Pure space is just going to be copied into the cold
storage area of the pdmp file anyway, no?
In any case, changing the small amount to 20000 made the issue go away for
the purpose of testing, but I'm not sure why there isn't some comparison of
the size of the object to the small amount in the logic - either
determining the minimum to allocate in one chunk, or attempting to obtain a
contiguous chunk by successive xzallocs until the required size is obtained.
Lynn
[Message part 2 (text/html, inline)]
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#56793; Package
emacs.
(Wed, 27 Jul 2022 14:01:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 56793 <at> debbugs.gnu.org (full text, mbox):
On Wed, Jul 27, 2022 at 1:51 PM Lynn Winebarger <owinebar <at> gmail.com> wrote:
> I apologize for not being able to include significant details of the build, as this is happening on a sandboxed system in a proprietary context.
> I've been attempting to dump emacs built from the 28.1 tarball with a large number of core libraries preloaded. I have observed runaway allocation when attempting to dump with native-compilation enabled and with native-compilation disabled.
I believe this is a duplicate of #46916, which was closed as WONTFIX.
(https://debbugs.gnu.org/cgi/bugreport.cgi?bug=46916) There's a patch
there, IIRC.
Pip
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#56793; Package
emacs.
(Wed, 27 Jul 2022 14:23:02 GMT)
Full text and
rfc822 format available.
Message #11 received at 56793 <at> debbugs.gnu.org (full text, mbox):
On Wed, Jul 27, 2022 at 10:00 AM Pip Cet <pipcet <at> gmail.com> wrote:
>
> On Wed, Jul 27, 2022 at 1:51 PM Lynn Winebarger <owinebar <at> gmail.com> wrote:
> > I apologize for not being able to include significant details of the build, as this is happening on a sandboxed system in a proprietary context.
> > I've been attempting to dump emacs built from the 28.1 tarball with a large number of core libraries preloaded. I have observed runaway allocation when attempting to dump with native-compilation enabled and with native-compilation disabled.
>
> I believe this is a duplicate of #46916, which was closed as WONTFIX.
> (https://debbugs.gnu.org/cgi/bugreport.cgi?bug=46916) There's a patch
> there, IIRC.
>
True, but the triggering issue doesn't really seem to be pure space
exhaustion per se. Nominal pure space exhaustion doesn't even seem to
prevent producing a portable dump file - unless the object is over 10K
bytes in size.
I understand the long-term solution, but in the meantime we should
still be able to dump emacs with additional files without runaway
allocation.
Lynn
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#56793; Package
emacs.
(Wed, 27 Jul 2022 14:30:02 GMT)
Full text and
rfc822 format available.
Message #14 received at 56793 <at> debbugs.gnu.org (full text, mbox):
On Wed, Jul 27, 2022 at 10:21 AM Lynn Winebarger <owinebar <at> gmail.com> wrote:
>
> On Wed, Jul 27, 2022 at 10:00 AM Pip Cet <pipcet <at> gmail.com> wrote:
> >
> > On Wed, Jul 27, 2022 at 1:51 PM Lynn Winebarger <owinebar <at> gmail.com> wrote:
> > > I apologize for not being able to include significant details of the build, as this is happening on a sandboxed system in a proprietary context.
> > > I've been attempting to dump emacs built from the 28.1 tarball with a large number of core libraries preloaded. I have observed runaway allocation when attempting to dump with native-compilation enabled and with native-compilation disabled.
> >
> > I believe this is a duplicate of #46916, which was closed as WONTFIX.
> > (https://debbugs.gnu.org/cgi/bugreport.cgi?bug=46916) There's a patch
> > there, IIRC.
> >
> True, but the triggering issue doesn't really seem to be pure space
> exhaustion per se. Nominal pure space exhaustion doesn't even seem to
> prevent producing a portable dump file - unless the object is over 10K
> bytes in size.
>
> I understand the long-term solution, but in the meantime we should
> still be able to dump emacs with additional files without runaway
> allocation.
Also, in that archived bug correspondence, it wasn't clear that Eli
noticed that the user is no longer notified that pure space has been
exhausted to know that they need to increase it. The manual indicates
that there will be an error stating that pure space has been exhausted
- I didn't realize it was until I tracked down this bug. I was
thinking I would get some indication of how much additional pure space
would be required.
All I know for sure is that setting SITELOAD_PURESIZE_EXTRA to 10^6
did not prevent the issue.
Reply sent
to
Stefan Kangas <stefankangas <at> gmail.com>:
You have taken responsibility.
(Wed, 12 Feb 2025 14:04:01 GMT)
Full text and
rfc822 format available.
Notification sent
to
Lynn Winebarger <owinebar <at> gmail.com>:
bug acknowledged by developer.
(Wed, 12 Feb 2025 14:04:02 GMT)
Full text and
rfc822 format available.
Message #19 received at 56793-done <at> debbugs.gnu.org (full text, mbox):
Pip Cet <pipcet <at> gmail.com> writes:
> On Wed, Jul 27, 2022 at 1:51 PM Lynn Winebarger <owinebar <at> gmail.com> wrote:
>> I apologize for not being able to include significant details of the build, as this is happening on a sandboxed system in a proprietary context.
>> I've been attempting to dump emacs built from the 28.1 tarball with a large
>> number of core libraries preloaded. I have observed runaway allocation when
>> attempting to dump with native-compilation enabled and with native-compilation
>> disabled.
>
> I believe this is a duplicate of #46916, which was closed as WONTFIX.
> (https://debbugs.gnu.org/cgi/bugreport.cgi?bug=46916) There's a patch
> there, IIRC.
Since purespace has been removed on master, I don't think there's
anything more to do here.
I'm therefore closing this bug report.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Thu, 13 Mar 2025 11:24:29 GMT)
Full text and
rfc822 format available.
This bug report was last modified today.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.