I've spent some time tracing the repeatable crash I get from the killer uuencoded JPEG. There were actually two SIGPIPEs hitting XEmacs. The first one was caught as the code indicated, the second one struck when the process was being deleted. Here's the backtrace of SIGPIPE #1: (The backtraces are from a Mule build, but I observed identical behavior in a no-Mule build). #0 0x4039dee4 in __write () at soinit.c:27 #1 0x8bb9e40 in ?? () #2 0x81bf2e2 in sys_write (fildes=12, buf=0x8b8f6c0, nbyte=512) at /home/xemacs/xemacs-20.0/src/sysdep.c:2718 #3 0x8168d03 in filedesc_writer (stream=0x8bb9df8, data=0x8b8f6c0 "CL,>U>＠_$)\nM9K7Q1<)(\"`VUESW&W_\\`77GEXX8D^M51BU-LY<4_=L6=&\\07>E.J(^Z$L/D8\nM]/I7I%EK<LP7+L#G!R<UY!W%>C6<+A(Y%Z%0?SJ,:E&S1ME=1R4HRZ':PLLH\nMRS%B?>K2`$<<XK(TQ\\H!FMR/:%K\"G[VYU35F1B++Y-.FC&PBIQUXITJ_NSTS\nM6C"..., size=512) at /home/xemacs/xemacs-20.0/src/lstream.c:984 #4 0x8167b4a in Lstream_flush_out (lstr=0x8bb9df8) at /home/xemacs/xemacs-20.0/src/lstream.c:343 #5 0x8167c06 in Lstream_flush (lstr=0x8bb9df8) at /home/xemacs/xemacs-20.0/src/lstream.c:372 #6 0x80e667a in encoding_flusher (stream=0x8bb9fc8) at /home/xemacs/xemacs-20.0/src/file-coding.c:2342 #7 0x8167be4 in Lstream_flush_out (lstr=0x8bb9fc8) at /home/xemacs/xemacs-20.0/src/lstream.c:364 #8 0x8167e03 in Lstream_write_1 (lstr=0x8bb9fc8, data=0xbfffc9e4, size=512) at /home/xemacs/xemacs-20.0/src/lstream.c:452 #9 0x8167e70 in Lstream_write (lstr=0x8bb9fc8, data=0xbfffc9e4, size=512) at /home/xemacs/xemacs-20.0/src/lstream.c:481 #10 0x810b1ca in unix_send_process (proc={gu = {type = Lisp_Type_Record, val = 34559542}, s = {bits = 0, val = 69119084}, u = {bits = 0, val = 69119084}, ui = 138238168, i = 138238168, v = 0x83d58d8, cv = 0x83d58d8}, lstream=0x8bf20c8) at /home/xemacs/xemacs-20.0/src/process-unix.c:1177 [rest deleted] Here's the backtrace of SIGPIPE #2: #0 0x4039dee4 in __write () at soinit.c:27 #1 0x8ad0568 in ?? () #2 0x81bf2e2 in sys_write (fildes=12, buf=0x8afa588, nbyte=512) at /home/xemacs/xemacs-20.0/src/sysdep.c:2718 #3 0x8168d03 in filedesc_writer (stream=0x8ad0520, data=0x8afa588 "59[:U>16BE;.=P9>.>M9BA\nM;NWB#X.T\\#WQ4>I6Q-HI\"Y:%＠P4=QW%9SJ<QI3C[-V1ZU<ZC:)I(D2>,KL`P\nM&'>O(]4(FO9%'*QL?S-,CO=LA6&<L%<%8U!)8=3G\\`1]2*[R/P]H:VL=[F9H\nMR-VUCP#UYXS[43YJR270WPM6&';OK<YK0?#\":BGVF\\=H;4'C!P7^"..., size=512) at /home/xemacs/xemacs-20.0/src/lstream.c:984 #4 0x8167b4a in Lstream_flush_out (lstr=0x8ad0520) at /home/xemacs/xemacs-20.0/src/lstream.c:343 #5 0x8167c06 in Lstream_flush (lstr=0x8ad0520) at /home/xemacs/xemacs-20.0/src/lstream.c:372 #6 0x80e667a in encoding_flusher (stream=0x8a8e110) at /home/xemacs/xemacs-20.0/src/file-coding.c:2342 #7 0x8167be4 in Lstream_flush_out (lstr=0x8a8e110) at /home/xemacs/xemacs-20.0/src/lstream.c:364 #8 0x8167c06 in Lstream_flush (lstr=0x8a8e110) at /home/xemacs/xemacs-20.0/src/lstream.c:372 #9 0x8168448 in Lstream_pseudo_close (lstr=0x8a8e110) at /home/xemacs/xemacs-20.0/src/lstream.c:655 #10 0x816847f in Lstream_close (lstr=0x8a8e110) at /home/xemacs/xemacs-20.0/src/lstream.c:667 #11 0x817910c in deactivate_process (proc={gu = {type = Lisp_Type_Record, val = 34559724}, s = {bits = 0, val = 69119448}, u = {bits = 0, val = 69119448}, ui = 138238896, i = 138238896, v = 0x83d5bb0, cv = 0x83d5bb0}) at /home/xemacs/xemacs-20.0/src/process.c:1828 #12 0x810b302 in unix_send_process (proc={gu = {type = Lisp_Type_Record, val = 34559724}, s = {bits = 0, val = 69119448}, u = {bits = 0, val = 69119448}, ui = 138238896, i = 138238896, v = 0x83d5bb0, cv = 0x83d5bb0}, lstream=0x8ad0738) at /home/xemacs/xemacs-20.0/src/process-unix.c:1206 [rest deleted] I have no idea why this wouldn't strike more often, because the main line through the code clearly has another write operation on the same file descriptor that gave a SIGPIPE moments earlier. Here's an obvious patch that is probably wrong, but it looks right and cures the crash. Is there anything obviously wrong with this? 1998-10-13 SL Baur <steve(a)altair.xemacs.org&gt; * process-unix.c (unix_send_process): Set closed flag on writable pipe after SIGPIPE is received and before we call deactivate_process. Index: src/process-unix.c =================================================================== RCS file: /usr/local/xemacs/xemacs-20.0/src/process-unix.c,v retrieving revision 1.12 diff -u -r1.12 process-unix.c --- src/process-unix.c 1998/09/10 00:07:04 1.12 +++ src/process-unix.c 1998/10/13 23:57:38 ＠＠ -1198,6 +1198,8 ＠＠ else { /* We got here from a longjmp() from the SIGPIPE handler */ signal (SIGPIPE, old_sigpipe); + /* Close the file lstream so we don't attempt to write to it further */ + XLSTREAM (p->pipe_outstream)->flags &= ~LSTREAM_FL_IS_OPEN; p->status_symbol = Qexit; p->exit_code = 256; /* #### SIGPIPE ??? */ p->core_dumped = 0;