bug#35429: 27.0.50; Arbitrary xdisp.c related crashes when working with

From: Kaushal Modi
Subject: bug#35429: 27.0.50; Arbitrary xdisp.c related crashes when working with overlay-using packages
Date: Thu, 25 Apr 2019 16:39:29 -0400

Hello Eli,

On Thu, Apr 25, 2019, 4:26 PM Eli Zaretskii <address@hidden> wrote:
> From: Kaushal Modi <address@hidden>
> Date: Thu, 25 Apr 2019 11:36:27 -0400
> In the past one-two weeks

Any chance for a more accurate time frame?  Or maybe even bisection?

Sorry, I don't have a to consistent way to reproduce this. But I have noticed that no crash has happened since I disabled the beacon package. 

Thanks.  Unfortunately, the backtrace makes no sense to me.  The
buffer was pure ASCII, right? 

If you mean the presence of Unicode characters, then I have the unicode box drawing characters too. The Org file content is not 100% 8-bit ASCII. 

At least for the first 2K characters it
seems the answer is yes, because:

> #4  0x0000000000584793 in line_number_display_width (address@hidden, address@hidden, address@hidden) at indent.c:1981
>         startpos = {
>           charpos = 2874,
>           bytepos = 2874
>         }

As you see, the character and the byte positions coincide, which is a
sign of a plain ASCII buffer text.

So it makes little sense that the assertion is violated, because it is
called to validate the same character position of 2874:

> #1  0x00000000005a1232 in die (address@hidden "charpos == BYTE_TO_CHAR (bytepos)", address@hidden "xdisp.c", address@hidden) at alloc.c:7221
> No locals.
> #2  0x0000000000456b44 in init_iterator (address@hidden, address@hidden, charpos=2874, bytepos=<optimized out>, row=<optimized out>, address@hidden) at xdisp.c:3047

So something strange is at work here, and I cannot see what it could
be, especially with all those "optimized out" variables.

This time, I enabled logging to a file as there was no way I would be able to copy all that info screen by screen into the email. Does that option optimize out certain variables?

I would suggest to try an unoptimized build,

Hmm, I am already building Emacs with your suggested switches of -ggdb3 and -Og (from an earlier gdb debug in a different thread). Let me know if a different set of switches are needed.  

and if the same crashes
happen there as well, perhaps the backtrace will tell something more
useful.  It would help to know the value of bytepos argument to
init_iterator, and if it indeed is equal to charpos, the next thing to
look at is the buffer's markers.

I still have the gdb session alive if you want me to run some debug commands for you. 



