> From: Ralf Angeli <[EMAIL PROTECTED]> > Date: Thu, 03 Aug 2006 23:15:38 +0200 > > * Eli Zaretskii (2006-08-03) writes: > > > Put a watchpoint to watch *(char *)0x85f988, and see what code > > modifies it. > > Thanks for the hint. That's what I get when playing around with it a > little bit (control characters replaced by strings again): > > Breakpoint 1, w32_wnd_proc (hwnd=0x101f0, msg=43, wParam=0, lParam=552399328) > at w32fns.c:3571 > (gdb) p title > $1 = 0x860720 "G" > (gdb) delete > Delete all breakpoints? (y or n) y > (gdb) watch *(char *)0x860720 > Hardware watchpoint 2: *(char *) 8783648 > (gdb) c > Continuing. > Hardware watchpoint 2: *(char *) 8783648 > > Old value = 71 'G' > New value = -18 '\356' > 0x7c913105 in _libkernel32_a_iname ()
Jason suggested one way of trying to understand whodunit. Another way is this: based on looking into this crash back when you reported it, I'm guessing that we somehow free the strings allocated to hold the menu items and/or title, and then reuse those strings as if they were still allocated; in the meantime, some other code, perhaps not even in Emacs, allocates and writes into the same memory, which would explain why the watchpoint triggers inside some OS kernel function. If my guess is correct, then setting an access watchpoint (the `awatch' command in GDB) on the address above will show you who frees the strings, because freeing it involves accessing the address. _______________________________________________ emacs-pretest-bug mailing list [email protected] http://lists.gnu.org/mailman/listinfo/emacs-pretest-bug
