Yes, that is precisely what it says....

(gdb) p displayed_buffer
$1 = (struct buffer *) 0xfffffffffffffffb
(gdb) p *displayed_buffer
Cannot access memory at address 0xfffffffffffffffb


On Sun, Jun 15, 2025, 09:08 Eli Zaretskii <eliz@gnu.org> wrote:
> From: George P <georgepanagopo@gmail.com>
> Date: Sun, 15 Jun 2025 08:22:54 -0400
> Cc: Eli Zaretskii <eliz@gnu.org>, 78444@debbugs.gnu.org, acorallo@gnu.org
>
> I got another emacs crash, this time I was using 30.1 with both Pip's patch and the gcc flag -fno-tree-sra
> during compilation, although the crash is probably unrelated, as it is in redisplay instead of GC. The crash
> also coincided with my Windows computer (remember I am using Cygwin/X to ssh to a linux machine to open
> up an emacsclient) being forcefully restarted with a frame open. Unfortunately, I have no way of knowing with
> certainty that the crash happened during my Windows restart, as both took place overnight.
>
> I have included the backtrace below, it seems that displayed_buffer is not a valid address.
>
> Thread 1 "emacs" received signal SIGSEGV, Segmentation fault.
> 0x000000000047df16 in redisplay_window_1 (window=window@entry=0x1d17b245)
>     at xdisp.c:18029
> warning: 18029 xdisp.c: No such file or directory
> (gdb) bt full
> #0  0x000000000047df16 in redisplay_window_1 (window=window@entry=0x1d17b245) at xdisp.c:18029
> No locals.
> #1  0x00000000005a7ea9 in internal_condition_case_1 (bfun=bfun@entry=0x47df0f
> <redisplay_window_1>, arg=0x1d17b245, handlers=<optimized out>, hfun=hfun@entry=0x43ee0b
> <redisplay_window_error>) at eval.c:1637
>         val = <optimized out>
>         c = 0xe0fda0
> #2  0x000000000046cfe8 in redisplay_internal () at xdisp.c:17526
>         mini_window = <optimized out>
>         mini_window = <optimized out>
>         mini_frame = <optimized out>
>         w = 0x257ca838
>         sw = <optimized out>
>         fr = <optimized out>
>         pending = false
>         must_finish = <optimized out>
>         match_p = <optimized out>
>         tlbufpos = {charpos = 8573, bytepos = 330795424}
>         tlendpos = <optimized out>
>         number_of_visible_frames = 4
>         sf = 0x191ebd60
>         polling_stopped_here = <optimized out>
>         tail = <optimized out>
>         frame = <optimized out>
>         MAX_HSCROLL_RETRIES = MAX_HSCROLL_RETRIES
>         hscroll_retries = <optimized out>
>         MAX_GARBAGED_FRAME_RETRIES = MAX_GARBAGED_FRAME_RETRIES
>         garbaged_frame_retries = <optimized out>
>         consider_all_windows_p = <optimized out>
>         update_miniwindow_p = <optimized out>
>         count = <optimized out>
>         retry_frame = <optimized out>
> #3  0x000000000046d411 in redisplay_preserve_echo_area (from_where=from_where@entry=8) at
> xdisp.c:17749
>         count = <optimized out>
> #4  0x000000000053610a in detect_input_pending_run_timers (do_display=do_display@entry=true) at
> keyboard.c:11576
>         old_timers_run = 7077069
> #5  0x00000000005f8c73 in wait_reading_process_output (time_limit=time_limit@entry=0,
> nsecs=nsecs@entry=0, read_kbd=read_kbd@entry=-1, do_display=do_display@entry=true,
> wait_for_cell=wait_for_cell@entry=0x0, wait_proc=wait_proc@entry=0x0, just_wait_proc=0) at
> process.c:5844
>         leave = false
>         process_skipped = false
>         wrapped = <optimized out>
>         channel_start = <optimized out>
>         child_fd = <optimized out>
>         last_read_channel = 57
>         channel = <optimized out>
>         nfds = 0
>         Available = {fds_bits = {7157535148594949416, 13839864582178052, 9007199254740992, 0
> <repeats 13 times>}}
>         Writeok = {fds_bits = {0 <repeats 16 times>}}
>         check_write = <optimized out>
>         check_delay = <optimized out>
>         no_avail = false
>         xerrno = 11
>         proc = <optimized out>
>         timeout = {tv_sec = 0, tv_nsec = 6772189}
>         end_time = <optimized out>
>         timer_delay = <optimized out>
> --Type <RET> for more, q to quit, c to continue without paging--c
>         got_output_end_time = <optimized out>
>         MINIMUM = MINIMUM
>         TIMEOUT = TIMEOUT
>         FOREVER = FOREVER
>         wait = FOREVER
>         got_some_output = -1
>         prev_wait_proc_nbytes_read = 0
>         retry_for_async = <optimized out>
>         count = <optimized out>
>         now = <optimized out>
> #6  0x00000000005366d9 in kbd_buffer_get_event (kbp=kbp@entry=0x7fffffffdb08,
> used_mouse_menu=used_mouse_menu@entry=0x7fffffffe0bb, end_time=end_time@entry=0x0) at
> keyboard.c:4094
>         do_display = true
>         obj = <optimized out>
>         str = <optimized out>
>         had_pending_selection_requests = false
>         had_pending_conversion_events = false
> #7  0x00000000005370d4 in read_event_from_main_queue (end_time=end_time@entry=0x0,
> local_getcjmp=local_getcjmp@entry=0x7fffffffde30,
> used_mouse_menu=used_mouse_menu@entry=0x7fffffffe0bb) at keyboard.c:2330
>         c = 0x0
>         save_jump = {{__jmpbuf = {0, 0, 0, 0, 0, 0, 0, 0}, __mask_was_saved = 0, __saved_mask = {__val = {0
> <repeats 16 times>}}}}
>         kb = 0x6df4b30
>         count = <optimized out>
> #8  0x000000000053724a in read_decoded_event_from_main_queue (end_time=end_time@entry=0x0,
> local_getcjmp=local_getcjmp@entry=0x7fffffffde30, prev_event=prev_event@entry=0x0,
> used_mouse_menu=used_mouse_menu@entry=0x7fffffffe0bb) at keyboard.c:2393
>         nextevt = <optimized out>
>         frame = <optimized out>
>         terminal = <optimized out>
>         events = {0x0, 0xffffffffffffffff, 0x0, 0x330b335, 0x0, 0x684dda38, 0x2f4ee1e9, 0x0, 0x684dda38,
> 0x307e0271, 0x3c, 0x0, 0x11fd0, 0x330b335, 0xc8ef563, 0xf4bec416f5a4e600}
>         n = 0
> #9  0x0000000000538668 in read_char (commandflag=1, map=map@entry=0x1645e493, prev_event=0x0,
> used_mouse_menu=used_mouse_menu@entry=0x7fffffffe0bb, end_time=end_time@entry=0x0) at
> keyboard.c:3015
>         c = 0x0
>         local_getcjmp = {{__jmpbuf = {0, 6459013156217622215, 0, 140737488346880, 0, 13113857, -
> 6459042925873656121, 6459043636991954631}, __mask_was_saved = 0, __saved_mask = {__val = {2,
> 0, 5991556, 67072736, 111988528, 109922016, 5863938, 0, 67072736, 98399184, 5864240, 109922032,
> 5510427, 0, 4625762720, 0}}}}
>         save_jump = {{__jmpbuf = {0, 0, 0, 0, 0, 0, 0, 0}, __mask_was_saved = 0, __saved_mask = {__val = {0
> <repeats 16 times>}}}}
>         tem = <optimized out>
>         save = <optimized out>
>         previous_echo_area_message = 0x0
>         also_record = 0x0
>         reread = false
>         recorded = false
>         polling_stopped_here = true
>         orig_kboard = 0x6df4b30
>         jmpcount = <optimized out>
> #10 0x0000000000539789 in read_key_sequence (keybuf=keybuf@entry=0x7fffffffe1e0,
> prompt=prompt@entry=0x0, dont_downcase_last=dont_downcase_last@entry=false,
> can_return_switch_frame=can_return_switch_frame@entry=true,
> fix_current_buffer=fix_current_buffer@entry=true, prevent_redisplay=prevent_redisplay@entry=false,
>     disable_text_conversion_p=false) at keyboard.c:10743
>         interrupted_kboard = 0x6df4b30
>         interrupted_frame = 0x191ebd60
>         key = <optimized out>
>         used_mouse_menu = false
>         echo_local_start = 0
>         last_real_key_start = 0
>         keys_local_start = 0
>         new_binding = <optimized out>
>         count = <optimized out>
>         t = 0
>         echo_start = 0
>         keys_start = 0
>         current_binding = 0x1645e493
>         first_unbound = 31
>         mock_input = 0
>         used_mouse_menu_history = {false <repeats 30 times>}
>         fkey = {parent = 0x189f853, map = 0x189f853, start = 0, end = 0}
>         keytran = {parent = 0x15554f4f941b, map = 0x15554f4f941b, start = 0, end = 0}
>         indec = {parent = 0x189f863, map = 0x189f863, start = 0, end = 0}
>         shift_translated = false
>         delayed_switch_frame = 0x0
>         original_uppercase = 0x0
>         original_uppercase_position = -1
>         disabled_conversion = false
>         starting_buffer = 0x13b789a0
>         fake_prefixed_keys = 0x0
>         first_event = 0x0
>         second_event = <optimized out>
> #11 0x000000000053ac06 in command_loop_1 () at keyboard.c:1429
>         cmd = <optimized out>
>         keybuf = {0x11ac0, 0x15f855d3, 0x133e0, 0x5982d3 <set_default_internal+530>, 0x7fffffffe260, 0x2,
> 0x30, 0x1785bba5, 0x0, 0x5a770f <do_one_unbind+319>, 0x1804610, 0x60, 0x0, 0x0, 0x0, 0x5a8d59
> <unbind_to+105>, 0xb, 0x111c0, 0x30, 0x1785bba5, 0x7bc0, 0xf4bec416f5a4e600, 0xcf32a0 <globals>,
> 0x1566b533, 0x60,
>           0x52f4c6 <cmd_error+363>, 0x0, 0xf4bec416f5a4e600, 0x60, 0x15554edf4d83}
>         i = <optimized out>
>         last_pt = <optimized out>
>         prev_modiff = 396499
>         prev_buffer = 0x13b789a0
> #12 0x00000000005a7e25 in internal_condition_case (bfun=bfun@entry=0x53a9ce <command_loop_1>,
> handlers=handlers@entry=0x90, hfun=hfun@entry=0x52f35b <cmd_error>) at eval.c:1613
>         val = <optimized out>
>         c = 0xe0fc60
> #13 0x00000000005292ae in command_loop_2 (handlers=handlers@entry=0x90) at keyboard.c:1168
>         val = <optimized out>
> #14 0x00000000005a7d42 in internal_catch (tag=tag@entry=0x122d0, func=func@entry=0x529294
> <command_loop_2>, arg=arg@entry=0x90) at eval.c:1292
>         val = <optimized out>
>         c = 0xea0f40
> #15 0x000000000052926b in command_loop () at keyboard.c:1146
> No locals.
> #16 0x000000000052eec4 in recursive_edit_1 () at keyboard.c:754
>         count = <optimized out>
>         val = <optimized out>
> #17 0x000000000052f25c in Frecursive_edit () at keyboard.c:837
>         count = <optimized out>
>         buffer = <optimized out>
> #18 0x0000000000528660 in main (argc=<optimized out>, argv=0x7fffffffe5a8) at emacs.c:2635
>         stack_bottom_variable = 0x155553f84458 <_gnutls_lib_state>
>         old_argc = <optimized out>
>         dump_file = 0x0
>         no_loadup = false
>         junk = 0x0
>         dname_arg = 0x0
>         ch_to_dir = 0x0
>         original_pwd = 0x0
>         dump_mode = <optimized out>
>         skip_args = 1
>         temacs = 0x0
>         attempt_load_pdump = <optimized out>
>         only_version = false
>         rlim = {rlim_cur = 18446744073709551615, rlim_max = 18446744073709551615}
>         lc_all = <optimized out>
>         sockfd = -1
>         module_assertions = <optimized out>
> (gdb) p displayed_buffer
> $1 = (struct buffer *) 0xfffffffffffffffb

This value is garbled, I guess?  What does this show:

  (gdb) p *displayed_buffer

If it says "cannot access", I have no idea how this garbage could have
ended up there.