Re: 23.0.50; Crash in ediff-regions-linewise

[Toby Allsopp]

[I apologise if this is a duplicate message; my ISP bounced my first
attempt.]

Richard Stallman <address@hidden> writes:

> The crash occurred trying to print some Lisp data.  Probably some data
> is invalid -- but which data?  Please look at the data to see what if
> anything is invalid.

It appears that Fmake_indirect_buffer creates a buffer object that is
invalid in some way.  This then fails a bufferp check and results in
an error containing the invalid buffer object.

> It appears that the invalid data came from an error.  Please try using
> a breakpoint in Fsignal to catch it when it generates the error.  Then
> you can find out where the invalid data came from.

Thank you for this suggestion.  Stopping at Fsignal was very
educational.

> We need to see where it was created so we can fix the bug there.

The first sign of invalid data that I can find shows up at
buffer.c:603:

  XSETBUFFER (buf, b);

After executing this line trying to pp buf results in a segmentation
fault:

(gdb) pp buf
[
Program received signal SIGSEGV, Segmentation fault.
0x00000000005ca9a9 in print_object (obj=-31378459841363086, 
printcharfun=11387361, escapeflag=1) at 
/usr/local/src/emacs-cvs/emacs/src/print.c:2072

At this point xbacktrace shows:

"make-indirect-buffer" (0x364de598)
"ediff-make-indirect-buffer" (0x364deaa8)
"ediff-make-cloned-buffer" (0x364defc8)
"ediff-clone-buffer-for-region-comparison" (0x364df4e8)
"ediff-regions-linewise" (0x364dfa38)
"call-interactively" (0x364dfe88)
"execute-extended-command" (0x364e01b8)
"call-interactively" (0x364e0518)

The arguments to make-indirect-buffer look fine:

Breakpoint 6, Fmake_indirect_buffer (base_buffer=11255747, name=16778051, 
clone=16709345) at /usr/local/src/emacs-cvs/emacs/src/buffer.c:554
(gdb) pp base_buffer
"*scratch*"
(gdb) pp name
"*scratch*-Region.A-"
(gdb) pp clone
clone

A slightly easier way to reproduce the crash is:

emacs -Q
C-x 4 c

I hope this helps.

Regards,
Toby.