From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.ciao.gmane.io!not-for-mail From: Pip Cet Newsgroups: gmane.emacs.bugs Subject: bug#39962: 27.0.90; Crash in Emacs 27.0.90 Date: Wed, 11 Mar 2020 14:32:09 +0000 Message-ID: References: <24162.58107.725366.668639@cochabamba.vanoostrum.org> <329e58b1-6255-311e-bdd8-b6f5b3d5208f@cs.ucla.edu> <22225b66-44f6-d132-3036-92181d53c28d@cs.ucla.edu> <89A83582-358F-43DC-B96E-04EE9D655D5F@vanoostrum.org> <63b88e2d-9888-f3ce-a4b0-fcf344e803e5@cs.ucla.edu> <83d09lbgk5.fsf@gnu.org> Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Injection-Info: ciao.gmane.io; posting-host="ciao.gmane.io:159.69.161.202"; logging-data="86125"; mail-complaints-to="usenet@ciao.gmane.io" Cc: 39962@debbugs.gnu.org, Paul Eggert To: Pieter van Oostrum Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Wed Mar 11 15:33:12 2020 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jC2Q4-000MG5-D7 for geb-bug-gnu-emacs@m.gmane-mx.org; Wed, 11 Mar 2020 15:33:12 +0100 Original-Received: from localhost ([::1]:53492 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jC2Q3-0001bb-Em for geb-bug-gnu-emacs@m.gmane-mx.org; Wed, 11 Mar 2020 10:33:11 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:45893) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jC2Pv-0001bF-KU for bug-gnu-emacs@gnu.org; Wed, 11 Mar 2020 10:33:04 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jC2Pu-0003Cp-LR for bug-gnu-emacs@gnu.org; Wed, 11 Mar 2020 10:33:03 -0400 Original-Received: from debbugs.gnu.org ([209.51.188.43]:49330) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1jC2Pu-0003Cl-ID for bug-gnu-emacs@gnu.org; Wed, 11 Mar 2020 10:33:02 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1jC2Pu-000092-Fu for bug-gnu-emacs@gnu.org; Wed, 11 Mar 2020 10:33:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Pip Cet Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Wed, 11 Mar 2020 14:33:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 39962 X-GNU-PR-Package: emacs Original-Received: via spool by 39962-submit@debbugs.gnu.org id=B39962.1583937174521 (code B ref 39962); Wed, 11 Mar 2020 14:33:02 +0000 Original-Received: (at 39962) by debbugs.gnu.org; 11 Mar 2020 14:32:54 +0000 Original-Received: from localhost ([127.0.0.1]:55299 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jC2Pm-00008L-CP for submit@debbugs.gnu.org; Wed, 11 Mar 2020 10:32:54 -0400 Original-Received: from mail-oi1-f174.google.com ([209.85.167.174]:35491) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jC2Pk-000086-CH for 39962@debbugs.gnu.org; Wed, 11 Mar 2020 10:32:53 -0400 Original-Received: by mail-oi1-f174.google.com with SMTP id k8so635100oik.2 for <39962@debbugs.gnu.org>; Wed, 11 Mar 2020 07:32:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Vipq7YMBSolhhFaUHzl2pfIfU4CWNjR6sND1vYTwyh0=; b=ZOUKkzl/GwobKhRHlTppKYec9c3+NyaQB/7eMiHxMZaVD3CjTr7DLbk0y44xgNPY2/ BgF2wxfOkKrKb3dHEI5uLIaQF7w/iI/n5hv8KEYQYabTMJiak2LJIqZ4WtH0IIqkj1v7 yJ371jlidQqWsInlV0Xv0GhMATpi8Q4NMUjxWPVYfROg/MMl7VQh59pVkOR7NgpfwDA3 an2xnprlYKIy/NkWIEOc0FYuEGKTB3lUZ0JdGBPbd9MxRV1KCYNwB1T9EonbtE3oELow jzMhoH1ZkijW+jad420HW7MmlY07EprvPxky8oAwb/hXmY8juPE9TX9Gfluy2chjXIuh RAzA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Vipq7YMBSolhhFaUHzl2pfIfU4CWNjR6sND1vYTwyh0=; b=EDjdJrHlfqTb6BpeQZ5VfdfijOg8UZ8NjZcGylnBi2PMhW8ysS1hcp5CQ+lfUp1SIB okZMJWwd2x5ZFz+IxwndWKZDKcjn+XcOrNhqS6zXNpDhx1iqEdGVX0TNFMdmvrRotMiH qCWuXAPhIJcm1gBdpgfn7KhdZovqAw/pdtrgMuxYe0Jni4WNHDrv6DSBQb2DsfFrxTmr QfkmuSP81t/tKUG/yrsKMBw9dTf6UeIQoqpM3yjYlNIjePBSr+0s5ZPNqBGj8+cETnY1 Tun5JoUt1OK1Q7YIi9MdVrB77MFjizlZ4kQXJc9SodFf0T/ZBwaaSKXOsBNEGwBC9zm3 GSSA== X-Gm-Message-State: ANhLgQ3IxKcem1ar8TZx6lNllADpHL2oyIdIAVHNf2qqEm979jDm6aTj 9l0m/kvhB89vyv1CSt0WtqVbfz8FvIh9AqLCXns= X-Google-Smtp-Source: ADFU+vsl/3NFjitOx9DEOeE9IxN8DHHaZaijL7Hc5IUYE9v9Sq+jNc1hQrYA8l19GMoVcdnMHigicvD5tqcnM8J+Ct8= X-Received: by 2002:aca:d553:: with SMTP id m80mr2212101oig.30.1583937166528; Wed, 11 Mar 2020 07:32:46 -0700 (PDT) In-Reply-To: X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.51.188.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.io gmane.emacs.bugs:177177 Archived-At: On Tue, Mar 10, 2020 at 4:36 PM Pieter van Oostrum wrote: > #2 0x0000000100233af4 in adjust_markers_for_insert (from=36399, > from_byte=36399, to=36401, to_byte=36401, before_markers=false) > at insdel.c:294 > 294 eassert (m->bytepos >= m->charpos > (gdb) x/32gx m > 0x1609db830: 0x4000000003005000 0x000000015b29a4b0 > 0x1609db840: 0x00000001609dba44 0x00000001609db800 > 0x1609db850: 0x0000000000000000 0x0000000000002d12 > 0x1609db860: 0x4000000003005000 0x000000015b29a4b0 > 0x1609db870: 0x0000000000000000 0x00000001609db830 > 0x1609db880: 0x0000000000002d6f 0x0000000000002d6f > 0x1609db890: 0x4000000004001003 0x00000001609db835 > 0x1609db8a0: 0x00000001609db865 0x00000001054d2723 > 0x1609db8b0: 0x00000001609db7a0 0x0000000000000000 So it's a marker marking the start position of an overlay. It's allocated in the same vector block as other markers and overlays, so maybe there used to be an overlay at 0x1609db830 and someone set its "next" pointer to NULL after it had been freed? I'm not sure this is related, but in looking over the code I spotted a bit of confusion in the garbage collector between checking a buffer is "live" (in the sense that it has not been killed) and checking it's live in the sense that it needs to be preserved by GC: evaluating this code in *scratch* causes a segfault at least some of the time. (prog1 (let ((temp-buffer (generate-new-buffer " *temp*"))) (prog1 temp-buffer (kill-buffer temp-buffer) (setq temp-buffer nil))) (garbage-collect))