From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED.blaine.gmane.org!not-for-mail From: Kaushal Modi Newsgroups: gmane.emacs.bugs Subject: bug#35429: 27.0.50; Arbitrary xdisp.c related crashes when working with overlay-using packages Date: Fri, 26 Apr 2019 15:12:31 -0400 Message-ID: References: <83r29pygqk.fsf@gnu.org> <83ef5pxmjc.fsf@gnu.org> <83r29owsev.fsf@gnu.org> <83pnp8wrb9.fsf@gnu.org> <83o94swpt5.fsf@gnu.org> Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="0000000000008f25d5058773b931" Injection-Info: blaine.gmane.org; posting-host="blaine.gmane.org:195.159.176.226"; logging-data="174193"; mail-complaints-to="usenet@blaine.gmane.org" Cc: 35429@debbugs.gnu.org To: Eli Zaretskii Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Fri Apr 26 21:14:13 2019 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([209.51.188.17]) by blaine.gmane.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:256) (Exim 4.89) (envelope-from ) id 1hK6IW-000jES-Jg for geb-bug-gnu-emacs@m.gmane.org; Fri, 26 Apr 2019 21:14:12 +0200 Original-Received: from localhost ([127.0.0.1]:50999 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hK6IV-00005A-Ku for geb-bug-gnu-emacs@m.gmane.org; Fri, 26 Apr 2019 15:14:11 -0400 Original-Received: from eggs.gnu.org ([209.51.188.92]:39799) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hK6IO-0008WO-1l for bug-gnu-emacs@gnu.org; Fri, 26 Apr 2019 15:14:05 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hK6IM-0003C6-At for bug-gnu-emacs@gnu.org; Fri, 26 Apr 2019 15:14:03 -0400 Original-Received: from debbugs.gnu.org ([209.51.188.43]:48280) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hK6IL-0003Az-Sh for bug-gnu-emacs@gnu.org; Fri, 26 Apr 2019 15:14:01 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1hK6IL-0006bm-Na for bug-gnu-emacs@gnu.org; Fri, 26 Apr 2019 15:14:01 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Kaushal Modi Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Fri, 26 Apr 2019 19:14:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 35429 X-GNU-PR-Package: emacs Original-Received: via spool by 35429-submit@debbugs.gnu.org id=B35429.155630599625333 (code B ref 35429); Fri, 26 Apr 2019 19:14:01 +0000 Original-Received: (at 35429) by debbugs.gnu.org; 26 Apr 2019 19:13:16 +0000 Original-Received: from localhost ([127.0.0.1]:33590 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hK6Hc-0006aX-3n for submit@debbugs.gnu.org; Fri, 26 Apr 2019 15:13:16 -0400 Original-Received: from mail-lj1-f172.google.com ([209.85.208.172]:35351) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hK6HZ-0006aJ-QR for 35429@debbugs.gnu.org; Fri, 26 Apr 2019 15:13:14 -0400 Original-Received: by mail-lj1-f172.google.com with SMTP id z26so3923433ljj.2 for <35429@debbugs.gnu.org>; Fri, 26 Apr 2019 12:13:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=maxn0AeZi8EEqSQbJfCM3Q7x+coFwHcqrdSXIAhKaMQ=; b=jk5FO0+sRrdhw9HsInrg3rpZunXdAwHj6Mqh/cAoQMdMfdpWkXD8QDG/KTwtolx4tw xzw9y+uJyywTJu2X6X33y8N+hnNh1SHw4p05AfPyd9aaTscZ3Vugjm+t0UFaturSlz8q +SSnJ5L2YqKXMuPMbi153h6me8cwjwLYvua2svvObu71hnmbqnNjRAFGDBWX9Vy6VKY3 rDFo9QLXWG7o0WZ0YjehXgkGEeLhi6bhgT5tEK+doMqX1UrzRfFsXpFhVibfXfoECr0e 9b4MXybr+syzwR6dlvQ+jMnXfiJ/qLwwvFSKe8WonnsJRd7cxKHQ01B2kyVZSVLljzJ6 fUyw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=maxn0AeZi8EEqSQbJfCM3Q7x+coFwHcqrdSXIAhKaMQ=; b=jpeHVpdUa7eZuMmqN+y0r1v5zXtVlOnxiaomvORcFnPHQalqZAZQ4HpJYeOWimaay8 3VkJBOZ4M5WEBexgvNgtVRSLs1E1Nl2rxUuyp5nDlAs9MgTGpaHFzTfBXACE215QybYy qCPe/5ougpuUTZrZYkRHNLJZ3pa7PivugLthEnInrsYscxxSzLW6DNpto0Zw4IKIHFtX iOVur4U646sPtncjSv1Voc8A18D+wFcGxxcfgXGdMvWUJCv1hX4F7Vnapc5jFUyOyC+n rqjX0YGjTjZo7aJ5oDT+hVwu8xD+Cwovx4Pi931pFSW9bq74n4dvd28oV2yPxhQPEgx+ jXOQ== X-Gm-Message-State: APjAAAVLRy49DuJ/rdqJ/PseNGLuJuBjf0zrFFtsGaxqHlVs8i2rghq6 3eAOW5DsbA4fZWJ0VbTfd0O+xdkDV/5IeGtV6xs= X-Google-Smtp-Source: APXvYqwo1FLxrU9jPmqq22yIprPUzTVSM7vmCNRZvW9GW+gVkJ8PNd1BPK4qeSTxBateJxwUxTBVTg6ohNJobToEsZc= X-Received: by 2002:a2e:7c0f:: with SMTP id x15mr11848218ljc.154.1556305987706; Fri, 26 Apr 2019 12:13:07 -0700 (PDT) In-Reply-To: <83o94swpt5.fsf@gnu.org> X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.51.188.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:158310 Archived-At: --0000000000008f25d5058773b931 Content-Type: text/plain; charset="UTF-8" On Fri, Apr 26, 2019 at 3:05 PM Eli Zaretskii wrote: > > So the window's start point is outdated. How did that happen? What > kind of stuff do you have on window-scroll-functions? This should > show us: > > (gdb) pp Vwindow_scroll_functions > Seems like that caused gdb to crash again? (gdb) pp Vwindow_scroll_functions xdisp.c:3047: Emacs fatal error: assertion failed: charpos == BYTE_TO_CHAR (bytepos) Thread 1 "emacs" hit Breakpoint 1, terminate_due_to_signal (sig=sig@entry=6, backtrace_limit=backtrace_limit@entry=2147483647) at emacs.c:375 375 { The program being debugged stopped while in a function called from GDB. Evaluation of the expression containing the function (safe_debug_print) will be abandoned. When the function is done executing, GDB will silently stop. (gdb) But from an uncrashed emacs, with beacon loaded as before, C-h v window-scroll-functions gives ... (beacon--window-scroll-function) beacon--window-scroll-function: http://git.savannah.gnu.org/cgit/emacs/elpa.git/tree/packages/beacon/beacon.el#n425 > Also, what buffer does the window-start marker record? > > (gdb) fr 2 > (gdb) p w->start > (gdb) xmarker > (gdb) p $->buffer->name_ > (gdb) xstring > (gdb) pp Vwindow_scroll_functions xdisp.c:3047: Emacs fatal error: assertion failed: charpos == BYTE_TO_CHAR (bytepos) Thread 1 "emacs" hit Breakpoint 1, terminate_due_to_signal (sig=sig@entry=6, backtrace_limit=backtrace_limit@entry=2147483647) at emacs.c:375 375 { The program being debugged stopped while in a function called from GDB. Evaluation of the expression containing the function (safe_debug_print) will be abandoned. When the function is done executing, GDB will silently stop. (gdb) fr 2 #2 0x0000000000456b44 in init_iterator (it=it@entry=0x7ffffffef990, w=w@entry=0x89da880, charpos=2874, bytepos=, row=, base_face_id=base_face_id@entry=DEFAULT_FACE_ID) at xdisp.c:3047 3047 eassert (charpos == BYTE_TO_CHAR (bytepos)); (gdb) p w->start $16 = XIL(0x89daa95) (gdb) xmarker $17 = (struct Lisp_Marker *) 0x89daa90 (gdb) p $->buffer->name_ $18 = XIL(0x7960234) (gdb) xstring $19 = (struct Lisp_String *) 0x7960230 "standard-reading.org" (gdb) That "standard-reading.org" is the Org file whose ~3000 character snippet that I linked earlier. --0000000000008f25d5058773b931 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
= On Fri, Apr 26, 2019 at 3:05 PM Eli Zaretskii <eliz@gnu.org> wrote:

So the window's start point is outdated.=C2=A0 How did that happen?=C2= =A0 What
kind of stuff do you have on window-scroll-functions?=C2=A0 This should
show us:

=C2=A0 (gdb) pp Vwindow_scroll_functions

Seems like that caused gdb to crash again?

(gdb)= pp Vwindow_scroll_functions

xdisp.c:3047: Emacs fatal error: assert= ion failed: charpos =3D=3D BYTE_TO_CHAR (bytepos)

Thread 1 "ema= cs" hit Breakpoint 1, terminate_due_to_signal (sig=3Dsig@entry=3D6,=C2=A0=C2=A0=C2=A0 backtrace_limit=3Dbacktrace_limit@entry=3D2147483647) a= t emacs.c:375
375=C2=A0=C2=A0=C2=A0=C2=A0 {
The program being debugge= d stopped while in a function called from GDB.
Evaluation of the express= ion containing the function
(safe_debug_print) will be abandoned.
Whe= n the function is done executing, GDB will silently stop.
(gdb)

But from an uncrashed emacs, with beacon loaded as before,= C-h v window-scroll-functions gives ...

(beacon--= window-scroll-function)


=C2=A0
Also, what buffer does the window-start marker record?

=C2=A0 (gdb) fr 2
=C2=A0 (gdb) p w->start
=C2=A0 (gdb) xmarker
=C2=A0 (gdb) p $->buffer->name_
=C2=A0 (gdb) xstring

(gdb) pp Vwindow_s= croll_functions

xdisp.c:3047: Emacs fatal error: assertion failed: c= harpos =3D=3D BYTE_TO_CHAR (bytepos)

Thread 1 "emacs" hit = Breakpoint 1, terminate_due_to_signal (sig=3Dsig@entry=3D6,
=C2=A0=C2=A0= =C2=A0 backtrace_limit=3Dbacktrace_limit@entry=3D2147483647) at emacs.c:375=
375=C2=A0=C2=A0=C2=A0=C2=A0 {
The program being debugged stopped whi= le in a function called from GDB.
Evaluation of the expression containin= g the function
(safe_debug_print) will be abandoned.
When the functio= n is done executing, GDB will silently stop.
(gdb) fr 2
#2=C2=A0 0x00= 00000000456b44 in init_iterator (it=3Dit@entry=3D0x7ffffffef990, w=3Dw@entr= y=3D0x89da880, charpos=3D2874,
=C2=A0=C2=A0=C2=A0 bytepos=3D<optimize= d out>, row=3D<optimized out>, base_face_id=3Dbase_face_id@entry= =3DDEFAULT_FACE_ID)
=C2=A0=C2=A0=C2=A0 at xdisp.c:3047
3047=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 eassert (charpos =3D=3D BYTE_= TO_CHAR (bytepos));
(gdb) p w->start
$16 =3D XIL(0x89daa95)
(gd= b) xmarker
$17 =3D (struct Lisp_Marker *) 0x89daa90
(gdb) p $->buf= fer->name_
$18 =3D XIL(0x7960234)
(gdb) xstring
$19 =3D (struct= Lisp_String *) 0x7960230
"= standard-reading.org"
(gdb)

That "= ;standard-reading.org" is = the Org file whose ~3000 character snippet that I linked earlier.
=
=C2=A0
--0000000000008f25d5058773b931--