GNU bug report logs - #63711
30.0.50; Crash in xdisp.c when it->string is 0x0

Previous Next

Full log

Message #11 received at 63711 <at> debbugs.gnu.org (full text, mbox):

From: Thomas Fitzsimmons <fitzsim <at> fitzsim.org>
To: Eli Zaretskii <eliz <at> gnu.org>
Cc: 63711 <at> debbugs.gnu.org
Subject: Re: bug#63711: 30.0.50; Crash in xdisp.c when it->string is 0x0
Date: Thu, 25 May 2023 09:02:26 -0400

Hi Eli,

Eli Zaretskii <eliz <at> gnu.org> writes:

>> From: Thomas Fitzsimmons <fitzsim <at> fitzsim.org>
>> Date: Thu, 25 May 2023 02:27:19 -0400
>> 
>> I have been having long-running Emacs sessions crash, rarely, and I
>> finally caught one case in GDB.  Full backtraces attached.  I don't know
>> how it->string becomes 0x0, but it looks like SCHARS (it->string) then
>> attempts to dereference the null pointer.  I'll keep the session running
>> in case there is anything else someone wants me to check.
>
> Thanks, but with an optimized build and without a recipe to reproduce
> this, it will be hard to debug this.

Thanks for taking a look at this.  Agreed it will be difficult.  After
this session I will rebuild Emacs with CFLAGS="-O0 -g" and run with GDB
attached to try to get a higher quality trace.  (The recipe to reproduce
the crashes I've been seeing may be hard to obtain.  I haven't
identified any particular activity that triggers these crashes, and
maybe there are different causes each time -- this is just the first one
I captured.)

> Still, I ask you below to produce some values from GDB in the hope
> that this would give some ideas.

OK:

>   (gdb) p pos->overlay_string_index

$9 = 0

>   (gdb) p it->current.overlay_string_index

$10 = 0

>   (gdb) p it->sp

$11 = 0

>   (gdb) p it->method

$12 = GET_FROM_BUFFER

>   (gdb) p it->string

$13 = XIL(0)

>   (gdb) xtype

Lisp_Symbol

The session is still open if you want me to check other values.

Thanks,
Thomas

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.