Hi! I got another emacs crash, this time I was using 30.1 with both Pip's patch and the gcc flag -fno-tree-sra during compilation, although the crash is probably unrelated, as it is in redisplay instead of GC. The crash also coincided with my Windows computer (remember I am using Cygwin/X to ssh to a linux machine to open up an emacsclient) being forcefully restarted with a frame open. Unfortunately, I have no way of knowing with certainty that the crash happened during my Windows restart, as both took place overnight. I have included the backtrace below, it seems that displayed_buffer is not a valid address. Thread 1 "emacs" received signal SIGSEGV, Segmentation fault. 0x000000000047df16 in redisplay_window_1 (window=window@entry=0x1d17b245) at xdisp.c:18029 warning: 18029 xdisp.c: No such file or directory (gdb) bt full #0 0x000000000047df16 in redisplay_window_1 (window=window@entry=0x1d17b245) at xdisp.c:18029 No locals. #1 0x00000000005a7ea9 in internal_condition_case_1 (bfun=bfun@entry=0x47df0f , arg=0x1d17b245, handlers=, hfun=hfun@entry=0x43ee0b ) at eval.c:1637 val = c = 0xe0fda0 #2 0x000000000046cfe8 in redisplay_internal () at xdisp.c:17526 mini_window = mini_window = mini_frame = w = 0x257ca838 sw = fr = pending = false must_finish = match_p = tlbufpos = {charpos = 8573, bytepos = 330795424} tlendpos = number_of_visible_frames = 4 sf = 0x191ebd60 polling_stopped_here = tail = frame = MAX_HSCROLL_RETRIES = MAX_HSCROLL_RETRIES hscroll_retries = MAX_GARBAGED_FRAME_RETRIES = MAX_GARBAGED_FRAME_RETRIES garbaged_frame_retries = consider_all_windows_p = update_miniwindow_p = count = retry_frame = #3 0x000000000046d411 in redisplay_preserve_echo_area (from_where=from_where@entry=8) at xdisp.c:17749 count = #4 0x000000000053610a in detect_input_pending_run_timers (do_display=do_display@entry=true) at keyboard.c:11576 old_timers_run = 7077069 #5 0x00000000005f8c73 in wait_reading_process_output (time_limit=time_limit@entry=0, nsecs=nsecs@entry=0, read_kbd=read_kbd@entry=-1, do_display=do_display@entry=true, wait_for_cell=wait_for_cell@entry=0x0, wait_proc=wait_proc@entry=0x0, just_wait_proc=0) at process.c:5844 leave = false process_skipped = false wrapped = channel_start = child_fd = last_read_channel = 57 channel = nfds = 0 Available = {fds_bits = {7157535148594949416, 13839864582178052, 9007199254740992, 0 }} Writeok = {fds_bits = {0 }} check_write = check_delay = no_avail = false xerrno = 11 proc = timeout = {tv_sec = 0, tv_nsec = 6772189} end_time = timer_delay = --Type for more, q to quit, c to continue without paging--c got_output_end_time = MINIMUM = MINIMUM TIMEOUT = TIMEOUT FOREVER = FOREVER wait = FOREVER got_some_output = -1 prev_wait_proc_nbytes_read = 0 retry_for_async = count = now = #6 0x00000000005366d9 in kbd_buffer_get_event (kbp=kbp@entry=0x7fffffffdb08, used_mouse_menu=used_mouse_menu@entry=0x7fffffffe0bb, end_time=end_time@entry=0x0) at keyboard.c:4094 do_display = true obj = str = had_pending_selection_requests = false had_pending_conversion_events = false #7 0x00000000005370d4 in read_event_from_main_queue (end_time=end_time@entry=0x0, local_getcjmp=local_getcjmp@entry=0x7fffffffde30, used_mouse_menu=used_mouse_menu@entry=0x7fffffffe0bb) at keyboard.c:2330 c = 0x0 save_jump = {{__jmpbuf = {0, 0, 0, 0, 0, 0, 0, 0}, __mask_was_saved = 0, __saved_mask = {__val = {0 }}}} kb = 0x6df4b30 count = #8 0x000000000053724a in read_decoded_event_from_main_queue (end_time=end_time@entry=0x0, local_getcjmp=local_getcjmp@entry=0x7fffffffde30, prev_event=prev_event@entry=0x0, used_mouse_menu=used_mouse_menu@entry=0x7fffffffe0bb) at keyboard.c:2393 nextevt = frame = terminal = events = {0x0, 0xffffffffffffffff, 0x0, 0x330b335, 0x0, 0x684dda38, 0x2f4ee1e9, 0x0, 0x684dda38, 0x307e0271, 0x3c, 0x0, 0x11fd0, 0x330b335, 0xc8ef563, 0xf4bec416f5a4e600} n = 0 #9 0x0000000000538668 in read_char (commandflag=1, map=map@entry=0x1645e493, prev_event=0x0, used_mouse_menu=used_mouse_menu@entry=0x7fffffffe0bb, end_time=end_time@entry=0x0) at keyboard.c:3015 c = 0x0 local_getcjmp = {{__jmpbuf = {0, 6459013156217622215, 0, 140737488346880, 0, 13113857, -6459042925873656121, 6459043636991954631}, __mask_was_saved = 0, __saved_mask = {__val = {2, 0, 5991556, 67072736, 111988528, 109922016, 5863938, 0, 67072736, 98399184, 5864240, 109922032, 5510427, 0, 4625762720, 0}}}} save_jump = {{__jmpbuf = {0, 0, 0, 0, 0, 0, 0, 0}, __mask_was_saved = 0, __saved_mask = {__val = {0 }}}} tem = save = previous_echo_area_message = 0x0 also_record = 0x0 reread = false recorded = false polling_stopped_here = true orig_kboard = 0x6df4b30 jmpcount = #10 0x0000000000539789 in read_key_sequence (keybuf=keybuf@entry=0x7fffffffe1e0, prompt=prompt@entry=0x0, dont_downcase_last=dont_downcase_last@entry=false, can_return_switch_frame=can_return_switch_frame@entry=true, fix_current_buffer=fix_current_buffer@entry=true, prevent_redisplay=prevent_redisplay@entry=false, disable_text_conversion_p=false) at keyboard.c:10743 interrupted_kboard = 0x6df4b30 interrupted_frame = 0x191ebd60 key = used_mouse_menu = false echo_local_start = 0 last_real_key_start = 0 keys_local_start = 0 new_binding = count = t = 0 echo_start = 0 keys_start = 0 current_binding = 0x1645e493 first_unbound = 31 mock_input = 0 used_mouse_menu_history = {false } fkey = {parent = 0x189f853, map = 0x189f853, start = 0, end = 0} keytran = {parent = 0x15554f4f941b, map = 0x15554f4f941b, start = 0, end = 0} indec = {parent = 0x189f863, map = 0x189f863, start = 0, end = 0} shift_translated = false delayed_switch_frame = 0x0 original_uppercase = 0x0 original_uppercase_position = -1 disabled_conversion = false starting_buffer = 0x13b789a0 fake_prefixed_keys = 0x0 first_event = 0x0 second_event = #11 0x000000000053ac06 in command_loop_1 () at keyboard.c:1429 cmd = keybuf = {0x11ac0, 0x15f855d3, 0x133e0, 0x5982d3 , 0x7fffffffe260, 0x2, 0x30, 0x1785bba5, 0x0, 0x5a770f , 0x1804610, 0x60, 0x0, 0x0, 0x0, 0x5a8d59 , 0xb, 0x111c0, 0x30, 0x1785bba5, 0x7bc0, 0xf4bec416f5a4e600, 0xcf32a0 , 0x1566b533, 0x60, 0x52f4c6 , 0x0, 0xf4bec416f5a4e600, 0x60, 0x15554edf4d83} i = last_pt = prev_modiff = 396499 prev_buffer = 0x13b789a0 #12 0x00000000005a7e25 in internal_condition_case (bfun=bfun@entry=0x53a9ce , handlers=handlers@entry=0x90, hfun=hfun@entry=0x52f35b ) at eval.c:1613 val = c = 0xe0fc60 #13 0x00000000005292ae in command_loop_2 (handlers=handlers@entry=0x90) at keyboard.c:1168 val = #14 0x00000000005a7d42 in internal_catch (tag=tag@entry=0x122d0, func=func@entry=0x529294 , arg=arg@entry=0x90) at eval.c:1292 val = c = 0xea0f40 #15 0x000000000052926b in command_loop () at keyboard.c:1146 No locals. #16 0x000000000052eec4 in recursive_edit_1 () at keyboard.c:754 count = val = #17 0x000000000052f25c in Frecursive_edit () at keyboard.c:837 count = buffer = #18 0x0000000000528660 in main (argc=, argv=0x7fffffffe5a8) at emacs.c:2635 stack_bottom_variable = 0x155553f84458 <_gnutls_lib_state> old_argc = dump_file = 0x0 no_loadup = false junk = 0x0 dname_arg = 0x0 ch_to_dir = 0x0 original_pwd = 0x0 dump_mode = skip_args = 1 temacs = 0x0 attempt_load_pdump = only_version = false rlim = {rlim_cur = 18446744073709551615, rlim_max = 18446744073709551615} lc_all = sockfd = -1 module_assertions = (gdb) p displayed_buffer $1 = (struct buffer *) 0xfffffffffffffffb On Sat, May 31, 2025 at 11:33 AM George P wrote: > Eli's idea of adding -fno-tree-sra to the build options for the next >> build is a good one. > > > Yes, thanks to both for the suggestion! I will make a build with this > option and see if the bug persists. > > Could it also be a dynamic module responsible? I am running at least a few > of these (tree-sitter > https://github.com/emacs-tree-sitter/elisp-tree-sitter, vterm > https://github.com/akermu/emacs-libvterm and pdf-tools > https://github.com/vedang/pdf-tools, maybe a few more). > > Here are the gdb things: > > >> Now we have the other bug, though, it would be interesting again. Maybe >> the same thing happened to a nativecomp constant vector here as happened >> to a bytecode closure's constant vector in the new crash. Do you still >> have the old core file, and can you run x/32gx 0x98e7980? >> > > Yes, here it is: > > (gdb) x/32gx 0x98e7980 > 0x98e7980: 0xc00000001a003007 0x0000000008f680f4 > 0x98e7990: 0x000000001f647ac3 0x00000000098e79dd > 0x98e79a0: 0x00000000098e7a25 0x0000000000000000 > 0x98e79b0: 0x00000000098e7d75 0x00000000098ee6cd > 0x98e79c0: 0x00001555338a2ec0 0x0000000000000000 > 0x98e79d0: 0x000000001cbc0740 0xc00000000e008000 > 0x98e79e0: 0x0000000020e10970 0x0000000003aa20d0 > 0x98e79f0: 0x0000000003aa1ac0 0x00000000006e9960 > 0x98e7a00: 0x000000002265f480 0x0000001a0000001a > 0x98e7a10: 0x0000400700000060 0x0000000000000000 > 0x98e7a20: 0x400000000e008000 0x000000001bfdbe90 > 0x98e7a30: 0x0000000020e10b80 0x000000001bfdb880 > 0x98e7a40: 0x00000000006e98e0 0x000000001fd792e0 > 0x98e7a50: 0x0000001a0000001a 0x0000400700000060 > 0x98e7a60: 0x0000000000000000 0x400000001f000005 > 0x98e7a70: 0x0000000000000606 0x0000000008ae5654 > > Oh, sorry, "p *(struct Lisp_String *)0x000000001cfbfe40". >> > > (gdb) p *(struct Lisp_String *)0x000000001cfbfe40 > $20 = {u = {s = {size = -9223372036854775719, size_byte = -1, intervals = > 0x0, data = 0x18c4d720 > "/u/panagopo/.config/emacs/.local/cache/eln/30.1-1ed0c1e8/lsp-erlang-9f1a9a34-b13245d7.eln"}, > next = 0x8000000000000059, > gcaligned = 89 'Y'}} > >