Package: emacs;
Reported by: Óscar Fuentes <oscarfv <at> eclipso.eu>
Date: Wed, 30 Jul 2025 20:20:02 UTC
Severity: normal
Found in version 31.0.50
Message #32 received at 79131 <at> debbugs.gnu.org (full text, mbox):
From: Óscar Fuentes <oscarfv <at> eclipso.eu> To: Eli Zaretskii <eliz <at> gnu.org> Cc: gerd.moellmann <at> gmail.com, pipcet <at> protonmail.com, Yuan Fu <casouri <at> gmail.com>, 79131 <at> debbugs.gnu.org Subject: Re: bug#79131: 31.0.50; igc: nested signal, SIGSEGV Date: Thu, 31 Jul 2025 11:26:14 +0200
Eli, Gerd, Pip:
Eli Zaretskii <eliz <at> gnu.org> writes:
>> #12 add_text_properties_1 (start=<optimized out>, start <at> entry=0x1f06a, end=<optimized out>,
>> end <at> entry=0x1f07a, properties=0x7f4fe3c2acc3, object=0x7f4fe645cfbd,
>> object <at> entry=0x0, set_type=set_type <at> entry=TEXT_PROPERTY_REPLACE, destructive=destructive <at> entry=true)
>> --Type <RET> for more, q to quit, c to continue without paging--c
>> at ../../emacs/src/textprop.c:1252
>> i = 0x0
>> unchanged = <optimized out>
>> s = 31770
>> len = 3
>> modified = <optimized out>
>> first_time = <optimized out>
>
> Since this in code that is the result of your local merge, please be
> sure to show the source lines corresponding to the call-stack frames
> where the signal was raised. Otherwise, we are left guessing what is
> line 1252 in your version of textprop.c that could trigger SIGSEGV.
> My guess is that it's here:
>
>
> /* We are at the beginning of interval I, with LEN chars to scan. */
> for (;;)
> {
> eassert (i != 0);
>
> if (LENGTH (i) >= len) <<<<<<<<<<<<<<<<
>
> but I shouldn't be guessing. If my guess is correct, this is some
> snafu with intervals in the buffer that happens to be the current one.
textprop.c was not touched by the merge, is the same as master.
> This tels me that the crash happened insider prepare_menu_bars, which
> called pre-redisplay-function. What is your value of
> pre-redisplay-functions (note: "functions", plural)?
pre-redisplay-functions is a variable defined in ‘simple.el’.
Its value is (redisplay--update-region-highlight)
However, this is in my new session. The crashed one was running for
several days, and it is for sure that it had more features loaded that
the current one.
> The backtrace
> indicates that treesit--pre-redisplay is involved; is that true?
I was editing a file with a treesit-based major mode, that's all I can
say, as the Elisp backtrace is not available.
(gdb) xbacktrace
You can't do that without a process to debug.
Gerd Möllmann <gerd.moellmann <at> gmail.com> writes:
> That would be around here
>
> textprop.c:
> 1251 /* We are at the beginning of interval I, with LEN chars to scan. */
> 1252 for (;;)
> 1253 {
> 1254 eassert (i != 0);
> 1255
> 1256 if (LENGTH (i) >= len)
> 1257 {
>
> and that probably means i is NULL, which is a pointer to an interval. It
> is accessed in LENGTH. Which in would mean that the interval tree is
> kaput. Can you reproduce that?
No idea how to reproduce it, no.
Gerd Möllmann <gerd.moellmann <at> gmail.com> writes:
> Gerd Möllmann <gerd.moellmann <at> gmail.com> writes:
>
>> I'm in the process of merging master, BTW.
>
> Done.
Thanks!
Pip Cet <pipcet <at> protonmail.com> writes:
> It does look like the interval tree was in an inconsistent state.
>
> Please run
>
> p *current_buffer->text
(gdb) fr 13
#13 0x000055e77414774b in Fadd_text_properties (start=make_fixnum(31770), end=make_fixnum(31774),
properties=<optimized out>, object=XIL(0)) at ../../emacs/src/textprop.c:1308
1308 return add_text_properties_1 (start, end, properties, object,
(gdb) p *current_buffer->text
$1 = {
beg = 0x55e77e157f80 "",
gpt = 1,
z = 31775,
gpt_byte = 1,
z_byte = 31793,
gap_size = 1153,
modiff = 53239,
chars_modiff = 53237,
save_modiff = 51987,
overlay_modiff = 55141,
compact = 53237,
beg_unchanged = 0,
end_unchanged = 1,
unchanged_modified = 53011,
overlay_unchanged_modified = 55141,
intervals = 0x7f4fe5280a28,
markers = XIL(0x7f4fdc5dc005),
inhibit_shrinking = false,
redisplay = true
}
> Also, can you print igc__balance_intervals to verify it's false?
(gdb) p igc__balance_intervals
$4 = false
> in the coredump, then
>
> p $i = current_buffer->text->intervals
(gdb) p $i = current_buffer->text->intervals
$2 = (INTERVAL) 0x7f4fe5280a28
> and then repeat
>
> p *$i
> p $i = $i->right
>
> until $i is NULL.
(gdb) p $i = current_buffer->text->intervals
$2 = (INTERVAL) 0x7f4fe5280a28
(gdb) p *$i
$3 = {
gc_header = {
v = 34955678229,
gcaligned = 21 '\025'
},
total_length = 31770,
position = 16392,
left = 0x7f4fe5281708,
right = 0x7f4fe5281748,
up = {
interval = 0x7f4fe645cfbd,
obj = XIL(0x7f4fe645cfbd)
},
up_obj = true,
gcmarkbit = false,
write_protect = false,
visible = false,
front_sticky = false,
rear_sticky = false,
plist = XIL(0x7f4fe528178b)
}
(gdb) p igc__balance_intervals
$4 = false
(gdb) p $i = $i->right
$5 = (struct interval *) 0x7f4fe5281748
(gdb) p *$i
$6 = {
gc_header = {
v = 35065123349,
gcaligned = 21 '\025'
},
total_length = 9680,
position = 25284,
left = 0x7f4fe5282220,
right = 0x7f4fe5284580,
up = {
interval = 0x7f4fe5280a28,
obj = XIL(0x7f4fe5280a28)
},
up_obj = false,
gcmarkbit = false,
write_protect = false,
visible = false,
front_sticky = false,
rear_sticky = false,
plist = XIL(0x7f4fe52822a3)
}
(gdb) p $i = $i->right
$7 = (struct interval *) 0x7f4fe5284580
(gdb) p *$i
$8 = {
gc_header = {
v = 35073341461,
gcaligned = 21 '\025'
},
total_length = 4210,
position = 30022,
left = 0x7f4fe64ae0b0,
right = 0x7f4fe5282260,
up = {
interval = 0x7f4fe5281748,
obj = XIL(0x7f4fe5281748)
},
up_obj = false,
gcmarkbit = false,
write_protect = false,
visible = false,
front_sticky = false,
rear_sticky = false,
plist = XIL(0x7f4fe26e87b3)
}
(gdb) p $i = $i->right
$9 = (struct interval *) 0x7f4fe5282260
(gdb) p *$i
$10 = {
gc_header = {
v = 35073261589,
gcaligned = 21 '\025'
},
total_length = 1748,
position = 30975,
left = 0x7f4fe632d920,
right = 0x7f4fe5283090,
up = {
interval = 0x7f4fe5284580,
obj = XIL(0x7f4fe5284580)
},
up_obj = false,
gcmarkbit = false,
write_protect = false,
visible = false,
front_sticky = false,
rear_sticky = false,
plist = XIL(0x7f4fe26ebedb)
}
(gdb) p $i = $i->right
$11 = (struct interval *) 0x7f4fe5283090
(gdb) p *$i
$12 = {
gc_header = {
v = 35073279509,
gcaligned = 21 '\025'
},
total_length = 787,
position = 31293,
left = 0x7f4fe5284618,
right = 0x7f4fe5284658,
up = {
interval = 0x7f4fe5282260,
obj = XIL(0x7f4fe5282260)
},
up_obj = false,
gcmarkbit = false,
write_protect = false,
visible = false,
front_sticky = false,
rear_sticky = false,
plist = XIL(0x7f4fe3c28afb)
}
(gdb) p $i = $i->right
$13 = (struct interval *) 0x7f4fe5284658
(gdb) p *$i
$14 = {
gc_header = {
v = 35073290261,
gcaligned = 21 '\025'
},
total_length = 471,
position = 31591,
left = 0x7f4fe545fc20,
right = 0x7f4fe55283b8,
up = {
interval = 0x7f4fe5283090,
obj = XIL(0x7f4fe5283090)
},
up_obj = false,
gcmarkbit = false,
write_protect = false,
visible = false,
front_sticky = false,
rear_sticky = false,
plist = XIL(0x7f4fe3c29fab)
}
(gdb) p $i = $i->right
$15 = (struct interval *) 0x7f4fe55283b8
(gdb) p *$i
$16 = {
gc_header = {
v = 38246400789,
gcaligned = 21 '\025'
},
total_length = 179,
position = 31675,
left = 0x7f4fe52ba358,
right = 0x7f4fe5286a28,
up = {
interval = 0x7f4fe5284658,
obj = XIL(0x7f4fe5284658)
},
up_obj = false,
gcmarkbit = false,
write_protect = false,
visible = false,
front_sticky = false,
rear_sticky = false,
plist = XIL(0x7f4fe3c2a5ab)
}
(gdb) p $i = $i->right
$17 = (struct interval *) 0x7f4fe5286a28
(gdb) p *$i
$18 = {
gc_header = {
v = 35073301013,
gcaligned = 21 '\025'
},
total_length = 95,
position = 31705,
left = 0x7f4fe61681b8,
right = 0x7f4fe52ac5c0,
up = {
interval = 0x7f4fe55283b8,
obj = XIL(0x7f4fe55283b8)
},
up_obj = false,
gcmarkbit = false,
write_protect = false,
visible = false,
front_sticky = false,
rear_sticky = false,
plist = XIL(0x7f4fe3c2a7eb)
}
(gdb) p $i = $i->right
$19 = (struct interval *) 0x7f4fe52ac5c0
(gdb) p *$i
$20 = {
gc_header = {
v = 35073731093,
gcaligned = 21 '\025'
},
total_length = 60,
position = 31740,
left = 0x7f4fe52ba3f0,
right = 0x7f4fe52ba430,
up = {
interval = 0x7f4fe5286a28,
obj = XIL(0x7f4fe5286a28)
},
up_obj = false,
gcmarkbit = false,
write_protect = false,
visible = false,
front_sticky = false,
rear_sticky = false,
plist = XIL(0x7f4fe3c2ab1b)
}
(gdb) p $i = $i->right
$21 = (struct interval *) 0x7f4fe52ba430
(gdb) p *$i
$22 = {
gc_header = {
v = 35073096981,
gcaligned = 21 '\025'
},
total_length = 30,
position = 31736,
left = 0x7f4fe52c7b50,
right = 0x7f4fe52c7b90,
up = {
interval = 0x7f4fe52ac5c0,
obj = XIL(0x7f4fe52ac5c0)
},
up_obj = false,
gcmarkbit = false,
write_protect = false,
visible = false,
front_sticky = false,
rear_sticky = false,
plist = XIL(0x7f4fe52d076b)
}
(gdb) p $i = $i->right
$23 = (struct interval *) 0x7f4fe52c7b90
(gdb) p *$i
$24 = {
gc_header = {
v = 35073148437,
gcaligned = 21 '\025'
},
total_length = 10,
position = 31745,
left = 0x7f4fe52d0108,
right = 0x7f4fe52d0148,
up = {
interval = 0x7f4fe52ba430,
obj = XIL(0x7f4fe52ba430)
},
up_obj = false,
gcmarkbit = false,
write_protect = false,
visible = false,
front_sticky = false,
rear_sticky = false,
plist = XIL(0x7f4fe52d0c23)
}
(gdb) p $i = $i->right
$25 = (struct interval *) 0x7f4fe52d0148
(gdb) p *$i
$26 = {
gc_header = {
v = 35073154325,
gcaligned = 21 '\025'
},
total_length = 5,
position = 31752,
left = 0x7f4fe52d06b8,
right = 0x7f4fe52d06f8,
up = {
interval = 0x7f4fe52c7b90,
obj = XIL(0x7f4fe52c7b90)
},
up_obj = false,
gcmarkbit = false,
write_protect = false,
visible = false,
front_sticky = false,
rear_sticky = false,
plist = XIL(0x7f4fe64c0a73)
}
(gdb) p $i = $i->right
$27 = (struct interval *) 0x7f4fe52d06f8
(gdb) p *$i
$28 = {
gc_header = {
v = 35073135893,
gcaligned = 21 '\025'
},
total_length = 1,
position = 31770,
left = 0x0,
right = 0x0,
up = {
interval = 0x7f4fe52d0148,
obj = XIL(0x7f4fe52d0148)
},
up_obj = false,
gcmarkbit = false,
write_protect = false,
visible = false,
front_sticky = false,
rear_sticky = false,
plist = XIL(0x7f4fe3c2acf3)
}
(gdb) p $i = $i->right
$29 = (struct interval *) 0x0
(gdb) p *$i
Cannot access memory at address 0x0
(gdb)
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.