I have been looking at this bug because I consider it
a showstopper...
I can get the crash now I run this code
(progn
; (setq g (make-glyph (concat (locate-data-directory "time")
"l-0.0.xpm")))
(setq g (make-glyph "doesnotexist.text"))
(setq e (make-extent nil nil))
(setq global-mode-string (list (cons e g)))
; (set-extent-begin-glyph (make-extent 10 20) g)
(redisplay-frame)
(make-frame-on-tty nil)
(hanoi 1)
(garbage-collect))
No crash happens if the glyph is put on a normal extent instead of
in the modeline.
The crash is in compact_string_chars, hitting this assert
string = from_s_chars->string;
assert (!(LRECORD_FREE_P (string)));
Now look it with a debugger...
(gdb) print *from_s_chars
$2 = {string = 0x2d2d2d2d, chars = "R"}
(gdb) print from_s_chars->string
$3 = (Lisp_String *) 0x2d2d2d2d
(gdb) print *(from_s_chars->string)
Cannot access memory at address 0x2d2d2d2d
(gdb) print (char *)(from_s_chars->string)
$4 = 0x2d2d2d2d <Address 0x2d2d2d2d out of bounds>
(gdb) print (char *)&(from_s_chars->string)
$5 = 0x8616fc8 "----Raw-----XEmacs: tok.el doesnotexist.text
(Emacs-Lisp)----All", '-' <repeats 16 times>, "\n"
(
i.e. The assert is going of because the from_s_chars structure has been
overwritten by the text of the modeline...
Jan