Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 12:36:59 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 08:36:59 2022 Received: from localhost ([127.0.0.1]:34724 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogmb5-0004up-DM for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:36:59 -0400 Received: from mail-ej1-f46.google.com ([209.85.218.46]:42949) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <gerd.moellmann@HIDDEN>) id 1ogmb3-0004ud-DR for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:36:57 -0400 Received: by mail-ej1-f46.google.com with SMTP id kg6so10986048ejc.9 for <58334 <at> debbugs.gnu.org>; Fri, 07 Oct 2022 05:36:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=aOPSlJ5UcdUTW1C42lRIv+GSaIwEqe197mnOkmuhrmw=; b=kAlP1PYWnA0cYn8YfpNl/Gy4hAVSV80vUvvvB7zuRcgyKN0NnVSXKtX6O1ck/lryfN AifniQ0rhfzvTmMkFNopR9k/kzu8yIIEWB19LWd0uesKZnzui3zGR/BEzD1wD4s0CshT ZJbsqxgXkDBeT2SjN74mNtYuICDYVK5vinX6BrAvnlv2ZYCaB8g6tZ9Oa/L/9c8KNlSO B3Tc0rcxUsp8BpXdXLl/EQ0fCCyA45cQHoE/zDVGV09eiGokdBctt1FxfmkE/ao0Y3B1 QsSgx6gor8VHrF4xdmgsRGYFRY+z/v/5ux++ojWmNRaGq5EBPNOnZHt1Td/9XEyr7VYx OyOg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=aOPSlJ5UcdUTW1C42lRIv+GSaIwEqe197mnOkmuhrmw=; b=26uHYWB2MAHuQOp8Egy/aYwJb15n8/Y9HAEihhD+D7Ga1GFyrjG4aQT2kofk13/nFa 8O62mbEpAS7yMOz3ahFlo80nchH+zOGnvaM/kUuBr7vt/awzczMpvQQ3byWV6AmjAI5J 2/Kt2XL2M6wYMmICRojhpDkGeZYbfEjGLzRfs/7/veCuQv9RRQ2kFiZx5Kg8dEV9/fj4 j0chRSQQrpccJiLQd9g1OOCMQE6T0YNsD5xwbYCo1QyBwF7LoIGzpiqlRLRuqbhqHSVA KwCkeQq7q7Bx67UIwxuE/kU2V+8+xdplDOhppNfFAOuU4q5LxpG2NeEwjRZh+EaXU/Td ITqQ== X-Gm-Message-State: ACrzQf1FuTNIHXWtwV59f96u6zb/Yhd3lQDtnB9q58/3LYmFd69IESyK Uly/YA3/oG8dlJGfzXFGv24= X-Google-Smtp-Source: AMsMyM4L4CTblqONQBXda41JG57isKDpXwLjR5vY/WLR2fSkQWCUEcTRtWjXfL2CtII9SB5xoLIDtw== X-Received: by 2002:a17:907:60c7:b0:78c:c600:6e06 with SMTP id hv7-20020a17090760c700b0078cc6006e06mr3790641ejc.521.1665146210252; Fri, 07 Oct 2022 05:36:50 -0700 (PDT) Received: from [192.168.178.21] (pd9e36c8d.dip0.t-ipconnect.de. [217.227.108.141]) by smtp.gmail.com with ESMTPSA id 9-20020a170906328900b0073d84a321c8sm1165063ejw.166.2022.10.07.05.36.49 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 07 Oct 2022 05:36:49 -0700 (PDT) Message-ID: <cb2b618e-d22e-047c-b2dd-bf26732ce836@HIDDEN> Date: Fri, 7 Oct 2022 14:36:48 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.13.0 Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs Content-Language: en-US To: Po Lu <luangruo@HIDDEN> References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN> <83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN> <m2wn9c83bu.fsf@HIDDEN> <83r0zjopre.fsf@HIDDEN> <m2zge7zxb1.fsf@HIDDEN> <83h70foo3h.fsf@HIDDEN> <m2r0zjhmfm.fsf@HIDDEN> <87ilkvq19o.fsf@HIDDEN> <3bb5a223-f0bf-3915-c8d6-f44ff5d20b05@HIDDEN> <877d1bq0wn.fsf@HIDDEN> From: =?UTF-8?Q?Gerd_M=c3=b6llmann?= <gerd.moellmann@HIDDEN> In-Reply-To: <877d1bq0wn.fsf@HIDDEN> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Score: -1.8 (-) X-Debbugs-Envelope-To: 58334 Cc: 58334 <at> debbugs.gnu.org, Eli Zaretskii <eliz@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -2.8 (--) On 22-10-07 14:22 , Po Lu wrote: > Gerd Möllmann <gerd.moellmann@HIDDEN> writes: > >> Is drag-to-resize the "normal" resizing with the mouse? > > Yes. > >> That seems to work fine here (macOS 12.6). > > I tried on Mac OS 10.12.1. Then I propose to make the call to redisplay in layout... conditional on OS version, and let's forget about it until a bug report comes in.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 12:34:17 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 08:34:17 2022 Received: from localhost ([127.0.0.1]:34716 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogmYT-0004qn-FK for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:34:17 -0400 Received: from mail-ej1-f51.google.com ([209.85.218.51]:36398) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <gerd.moellmann@HIDDEN>) id 1ogmYR-0004qZ-Th for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:34:16 -0400 Received: by mail-ej1-f51.google.com with SMTP id 13so11043030ejn.3 for <58334 <at> debbugs.gnu.org>; Fri, 07 Oct 2022 05:34:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:in-reply-to:subject:from:references:cc:to :content-language:user-agent:mime-version:date:message-id:from:to:cc :subject:date:message-id:reply-to; bh=cz4AE2t8YsOeTcS4YqXw3BFjCMs2Tt6ElKMHIZXdz7s=; b=Z0VYO9v+pkliKUa9hyHAPaGLmlvLurpi4Q1MwC+z3t7BAYaN9U5WQQ606EoBUeSPYM NPdxSZfb/17EIaSdRHr7UF27UZCb7ju48KotpEOvO5qzoZOz5Rt9tSZuFu3hmiTqumjB XPVDiLESLGrZb4jHHsPWXIEt1HCtLQod0fT7tezIzKV8Ob5OBQ/bI+IYFfE3Fh+Ju53T n2uSWwGVFil64riE34o25GWttFziUusvAUbnn7cwwys0BUQJqzX2u50JWkXiehQRk+k8 RMbp3C8iEWuwegQXIWXNVRYEs3942QO3iv9NPP/Le3IeDJW7gGrs4pP2cdtAtReolQ7o qVgg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:in-reply-to:subject:from:references:cc:to :content-language:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=cz4AE2t8YsOeTcS4YqXw3BFjCMs2Tt6ElKMHIZXdz7s=; b=fM+/WklH2FzqTauhCqUf+yO1cPhzbUrA+4C9NVVYAEhSyTFhJdtFgyws4u/Oz4vVAW eynCTeuBHQQyEXEJ8ua3k+kGNfpoaifAXVpI/tDRr34TbQ2VudKJV5SN7/rMV4D0iFR2 WmJ1jl1XdiQJwYWUQUrnsz6WMHeW67hlkIcT6GlLfZ20+iFPDziE9zP0+zMbFMScFg35 iV9gevtEG+ud5a+Ims2q9WwXzvP/AoKXCSmEczMjCV2rDXJm1ypmEQGjbFada08//cr9 fx5Rv7CfZOlTA48JrPxU4qNZ0WLRJu0O3C3ZbnUqntNOC8g6Bd13OVFl89j3NmgO3hDX DLYA== X-Gm-Message-State: ACrzQf2UPaYBMrp2XbnmZJDSMLpLYjpOmtTupxDkQr80yByO3f18zpRm 353v/y+dCndJVfRHpHwnocU= X-Google-Smtp-Source: AMsMyM5LeJCLUBbo2veNVwBQpxFAuKOqpgZzCgmDfsIcUssqiAzGPur7H3JPqFczEc+acAPnQnHoNQ== X-Received: by 2002:a17:907:3ea7:b0:782:fe85:a2e with SMTP id hs39-20020a1709073ea700b00782fe850a2emr3856577ejc.550.1665146049943; Fri, 07 Oct 2022 05:34:09 -0700 (PDT) Received: from [192.168.178.21] (pd9e36c8d.dip0.t-ipconnect.de. [217.227.108.141]) by smtp.gmail.com with ESMTPSA id 1-20020a170906218100b0073ddd36ba8csm1143908eju.145.2022.10.07.05.34.09 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 07 Oct 2022 05:34:09 -0700 (PDT) Message-ID: <c4e25abf-d142-6cfb-607c-b37af97ef373@HIDDEN> Date: Fri, 7 Oct 2022 14:34:08 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.13.0 Content-Language: en-US To: Eli Zaretskii <eliz@HIDDEN> References: <m2a669atai.fsf@HIDDEN> <83fsg1osb1.fsf@HIDDEN> <m24jwgbzm6.fsf@HIDDEN> <837d1cpzxk.fsf@HIDDEN> <a2f0425f-f335-55df-120f-81819c412d24@HIDDEN> <83czb3on9w.fsf@HIDDEN> <ef057f2d-74ec-284d-6813-7059a1ab7b7b@HIDDEN> <83a667on2a.fsf@HIDDEN> <5481395d-f7d1-8b9f-59d5-f681c113f6dd@HIDDEN> <835ygvomo0.fsf@HIDDEN> From: =?UTF-8?Q?Gerd_M=c3=b6llmann?= <gerd.moellmann@HIDDEN> Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs In-Reply-To: <835ygvomo0.fsf@HIDDEN> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: -1.8 (-) X-Debbugs-Envelope-To: 58334 Cc: 58334 <at> debbugs.gnu.org, luangruo@HIDDEN X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -2.8 (--) On 22-10-07 14:14 , Eli Zaretskii wrote: >> int count = inhibit_garbahe_collection (); >> redisplay (); >> unbind_to... > > Could be dangerous, unless we also inhibit all the hooks that > redisplay can call, because who knows what arbitrary Lisp can do to > memory? And some of the Lisp called by redisplay can't be easily > disabled. Example: the :eval forms in the mode line. I don't care. Then let them not write shitty Lisp :-).
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 12:27:36 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 08:27:36 2022 Received: from localhost ([127.0.0.1]:34692 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogmRz-0004dz-TH for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:27:36 -0400 Received: from eggs.gnu.org ([209.51.188.92]:58768) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <eliz@HIDDEN>) id 1ogmRy-0004dn-Dy for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:27:34 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:50242) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1ogmRs-0002Du-Qu; Fri, 07 Oct 2022 08:27:29 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date: mime-version; bh=zUaNyTAFrFtGgaDHL1Z4w6ax7AJpUKDu6jxnPBEltNc=; b=aT+1OQKX/f/r 0VFvWh+XRAUlkgEHd5VBapDBKcig4yAna9u8UFE7/WoPE+9hYwZObm68Wy/bG28ibBBgIV50RMaKs /PJzXLV62XsR2dzZ6GEwbVIN3u3KwdoXuqb38uDgo5SqSpR6PC/pudBaYqyrbFY1XH5wx6YyWjQBD +JyJxlhmWu0O9Zeu/dQvGATSpVn2uQNzJO4nN13xHDajeMZlId/EXn2i8yT1GY6jYfGp3RfL9hH80 W+cc3C7C8jgxrWkOuGs3hjWDqC9NlpOIzyKWds5M42amRKONryY+69UM7kpygFEgwiIaigvb3fBkQ pUYhv7fhvBbZuZDV5Iurtg==; Received: from [87.69.77.57] (port=1199 helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1ogmRY-0005yo-Gy; Fri, 07 Oct 2022 08:27:25 -0400 Date: Fri, 07 Oct 2022 15:27:04 +0300 Message-Id: <8335bzom3r.fsf@HIDDEN> From: Eli Zaretskii <eliz@HIDDEN> To: Po Lu <luangruo@HIDDEN> In-Reply-To: <87edvjq15g.fsf@HIDDEN> (message from Po Lu on Fri, 07 Oct 2022 20:16:43 +0800) Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN> <83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN> <m2wn9c83bu.fsf@HIDDEN> <874jwgqbd6.fsf@HIDDEN> <m27d1c10ad.fsf@HIDDEN> <87zge8orla.fsf@HIDDEN> <83k05boos0.fsf@HIDDEN> <87edvjq15g.fsf@HIDDEN> X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 58334 Cc: gerd.moellmann@HIDDEN, 58334 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) > From: Po Lu <luangruo@HIDDEN> > Cc: gerd.moellmann@HIDDEN, 58334 <at> debbugs.gnu.org > Date: Fri, 07 Oct 2022 20:16:43 +0800 > > Eli Zaretskii <eliz@HIDDEN> writes: > > > You don't need process_pending_signals, it's enough that some hook > > calls 'redisplay' from Lisp. > > process_pending_signals called from probably_quit and unblock_input > calling handle_async_input, and thus gobble_input, is what will run that > hook calling redisplay, right? I meant that the problem is much wider and more general: any Lisp can call redisplay at will. And we call Lisp from C all over the place.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 12:24:13 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 08:24:13 2022 Received: from localhost ([127.0.0.1]:34682 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogmOj-0004Yw-9i for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:24:13 -0400 Received: from sonic305-21.consmr.mail.ne1.yahoo.com ([66.163.185.147]:43993) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <luangruo@HIDDEN>) id 1ogmOh-0004Yk-TM for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:24:12 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1665145445; bh=p3mKOCSdVcd8QLOSFpxYHfsTabPSeAgu2+j12h+QMek=; h=From:To:Cc:Subject:References:Date:In-Reply-To:From:Subject:Reply-To; b=QyKjjoyowiaSY2b9GmWYbvq0NE9j6HWT6ZXH6at5XW0Qhng3J6EjvrHS3pb5IPJId3yIPe43L7vXRJaGR1TJBeznNxmnt1xWX09Nod2h/RBZErbOI+UzuDQhwZx7ihmvPTGkKfwsREkNzhK/aCGcn0zVa6MnEbXNSenyU4iruOKim/U5Lz1m0yemMLe6f7mWTMIhxSoeVuoz9pIoStT3aUC8qfdhd+KrDyhL8MqzKnn+FMD9nc7Kk5h+etgZXD5Om2Cz8AAN4K60J9FJvrvriudEpU3DdOV1+zYkWtDlvyyRsQvx7c43CMXVtrX6IRVQ6uMMAylWBTrXNlDxJzGWIg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1665145445; bh=rnaMm9nX48xoSuEqlCvo6xpiZo8k5/PEvsrLs8q0Qxf=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=lUl9nHs48Fa8ebXgenBrKT69j8HJNqfk8l/x/gzCZO0rrokbocfd7zAe6kwyBE1leAxoq63TWV7fWIMgUugzMwHfM5wUunXXisZHEXJb19DqOLBsn6zfHN3/mdiYqV3XfiYe1L+pCRTmssyTqcASRhfExlhLjlVadJbrlFDX1grrhANdEP8T1WQRUlLoqVhVbSmlqPp9S6vfjncmAYdIVM92i294b0pe/I7HXPngNCofrgeBBFL2K8rArcTv76FuE3p7gVpjQhwPeBNoNh9oDHLzClxHMu711l1UNEJijyeXx65Jsn3ifqJeORIEQEhSvhTyL120mu6aXbev2TbPqg== X-YMail-OSG: SKssA58VM1kiHZt9NnKmbOyev1DhGocGj69_CmXyMyMl5sAYHsjT707M8CTWWLS b3b5Pp9sk6KfwOhygDbBVfj2OyKp3e5jCpFgsdGqDtg7i3cp50ozUPg4ggxLUrLGK8OL2VWO97w9 G8BUYOotawP5ypTidveo2JYY5OV905ARjJTaS7lHLcba.k2rML.1e9TvURBHNuu2h6iYZmnKUSlG Kt95C2C2_SMSxXqIbhChd8MFcnW1TzOqGe4BToi5PshizlOzrT.pXUKlby0cKTVt26YHp0T2P7rN luAPdgralnJVvgMCapDOesQyRL6V8YSXvxnhkNL8Phz8YlWqqHt.6mDD57QodrHLE8G8JfnC8MiE TfuGzhCBfrCGJhgsdsaRu.2Szp67FlzQtUYsb.W8072h0vSmz1cMN2NaCVlt0PpH1emasgYHuh5p UhaMg4tg1l0AEkdUwcZgGDtVY.TqeO2tby_c5962T4g1N6d3q7LJ5eC.RYaDMLXy8_2JcDCPlFu2 HQsVEEEBg6o7CIaQZMLEKKqHqAvEBD9ezKT.gPFtegV9W1y56ft4UXi_XpTI5hjABJeTZOVB_kGV 9HeVgkxEXsK8ZoGQiQWSglWvUHlAR3HqnKQtKnbv7R.e8xZhsvQR9JlriyPnzI2YS66i7enXsz0G sAzhJUD.WLmj2vM8fenJUoPhMY6coE3Q8wjb3FR6EscJrM.mfwzmbEyMfJMWpJA64ZiJdP3nKr5p bPFECQWIQ.fyKzS24V9NoQ40Kr9dG.52SreV78NeHFWqZ0LJ228J5vYGCv_a6UlapSrotNaCr2nd H.8Rx1.Q5SYvqQtlVsoUgwjO_1UwgfLIGUyoyvl2OlvRPZGIFUGfad3FVc8FOelfKae9vwJNhHip Nqn19xBscPR4lMV1RntAWs7I.L32vgofkyAR6epg.8G9XSUV1P3pUK.xLlucoQn9wVrWaFGgWI9x FlVWOerWltLGrAosA4UzF9Ma4JczJ30M7BD6DKk43tLj1_Pe9inaEwyFFumqTbks13xVP.NWbV.T D0L2VUqj36IvEJ3Ashg_sph7DQpHqAAWB23CVy5Sc8BYRsjEtE9uo8fUb_yfue586kFNl5ZS.RTO nViIgnllqSOflg2o3nRhNb3sNIJR6XTP.JHFQsGGAyfqmmA6Dc_LD6zC4LxcGqCbFWVZ6KMMH8qn v.AE9ihHnZfetBPT92H9MKMIZfSMNrmkuns08FRW6LTworN5ulSADXLsPAZpPmOi6FLv.pROWb7e Fb2Mi90V61VqTlhmbH3YIPy2FIxGxk_08VrXKFqJ9ieWXcarCUEgsVYpHhTFaSB2vu6Rn7h6Ask4 aChDFbLqzbjm.u.uOW9Hn1o_I4rn.KHw4lsW6Bi69m3fYHuXynb63OLuBJSPDHPEjCJ1fxsUhAhx UarRchomraPYk8F89INHFqTvSfFs130Ukn0GEn5hgYbm0QSFxZx2q_6a0zuKLbSre8_ayv_aiiQ4 EOd9D7mNd5pd.cZlxQA5Weo0AI9O6ECuUcbgA5ZOk.ouU0dl5KKzYvc9fkFIVNBk3FYdTPg7jwWO RuMxSp39pY5vlGhoYaAndPiEG4S8rM7dRTw9iDl.yC408187DB4T0WUVD8__N.fAwOb_.SEFNYQE Nty0etJxQ2aIWDXnwrli_bX9RGV4_NDWlNIwzhDnKRYYkIlGfSwmBvTib6zU_WG8_f9eN4flN7_5 i_ft.iZp4CU3zyBnoF4hhok0S5hYjupBoJN5fMpbj35c7Ov4sFzfH5.EXJXdnfKzpCzNi6YmhCGh ERGbFu2LB9RVz_z7oJkuZbscKfPqAsynFs44BJde12ydBvYJzbDZhyR4tlvIRU0K_xa1ZkhF16g5 nDwyoTLGhHmdYi6tpglbibQ6Ke.a.G.xNbuuCA2YnT46spNlA2oybquRKsTzbSd6RRxdifkDpdLY FtBiY9kprPCge0CF6NCs0GGSfFyskimOcpQ_mcQYUGr_4NbNaaZDNNTjioscNSCjXDkH7xkaXJiB TMAZHawTV_S.cEQijP2FVG2OJnRBIHDZbNqbBQeAHMYdlGOhs0hCYID2hFDn6NuQeBZ7_sCUk_cZ Bp7k_23zbyHp4CBRYbo5J66FRsirmvN_w1CAz2JqE173mLfF10Fqk_MrMzscWaxm4YuEih7wgS.y zV9OrKaOt6iI_K8rM2zcMx54_eHo06T7avOSm8KTWr6SpGnbJclsNWwmmvTfBJR54jsz1Ul36krh JXO67KJgGvEOmHgjvlHkri9i9CFpHC6sHtZM6YrOwWxWxvTWv7VApdAtwfvxJZNRVV_uq98Al5Se AeTzYgA-- X-Sonic-MF: <luangruo@HIDDEN> Received: from sonic.gate.mail.ne1.yahoo.com by sonic305.consmr.mail.ne1.yahoo.com with HTTP; Fri, 7 Oct 2022 12:24:05 +0000 Received: by hermes--production-sg3-cf9dc7f8d-4879b (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID b3f47052d66203c0b8408f1773434a31; Fri, 07 Oct 2022 12:23:58 +0000 (UTC) From: Po Lu <luangruo@HIDDEN> To: Eli Zaretskii <eliz@HIDDEN> Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs References: <m2a669atai.fsf@HIDDEN> <83fsg1osb1.fsf@HIDDEN> <m24jwgbzm6.fsf@HIDDEN> <837d1cpzxk.fsf@HIDDEN> <a2f0425f-f335-55df-120f-81819c412d24@HIDDEN> <83czb3on9w.fsf@HIDDEN> <ef057f2d-74ec-284d-6813-7059a1ab7b7b@HIDDEN> <83a667on2a.fsf@HIDDEN> <5481395d-f7d1-8b9f-59d5-f681c113f6dd@HIDDEN> <87mta7q1bp.fsf@HIDDEN> <834jwfomkz.fsf@HIDDEN> Date: Fri, 07 Oct 2022 20:23:53 +0800 In-Reply-To: <834jwfomkz.fsf@HIDDEN> (Eli Zaretskii's message of "Fri, 07 Oct 2022 15:16:44 +0300") Message-ID: <8735bzq0ti.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.91 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Mailer: WebService/1.1.20702 mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo Content-Length: 279 X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 58334 Cc: gerd.moellmann@HIDDEN, 58334 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Eli Zaretskii <eliz@HIDDEN> writes: > Why should it cause problems? what kind of problems? Okay, I guess I got this bug report messed up with the other bug report(s) regarding the execution of Lisp inside read_socket_hook. I thought I was replying to something in bug#58042.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.
Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 12:22:19 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 08:22:19 2022
Received: from localhost ([127.0.0.1]:34673 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1ogmMt-0004Vc-Ls
for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:22:19 -0400
Received: from sonic303-21.consmr.mail.ne1.yahoo.com ([66.163.188.147]:45791)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <luangruo@HIDDEN>) id 1ogmMr-0004VP-LL
for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:22:17 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
t=1665145331; bh=rKp7+QTQLO/wcEhi9rSqI/RFZJFMCUBSh+W51MxRwbQ=;
h=From:To:Cc:Subject:References:Date:In-Reply-To:From:Subject:Reply-To;
b=OAUTwhQ7s5iieH2h+Hf6rpfJExAR3418LsWyQ3glnmFQ6LRM3LS5Dc28A3PAEfGv5hkopayPaMbTbxkTRVy8JAXnUlGb731ChMgYD39I2FUY19ZQdl7096oRCdApt5rd74xL7dsZ8d+mjsdNuj0R83EnJ/b4TNTMZaPQzimgxnFleJLLTOY+xeUF8KoHTY1+bCizoU5WhKBcB/XDdO3SBNMcJiMVsH52RLTj9cdgzPPABk8pRC6knhySJvuNA1D5TFrBDnIGsvhZQjzgztHn4iSj71KIEQI+08SOmmiERrY+4nBArBPyC9ZD3hqvluTcaykyETtVqTgl2TjHTj7+3w==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
t=1665145331; bh=RcfoG6SXxx1RpQcMILArFYmYE+bb25xzg0P2QhaCRse=;
h=X-Sonic-MF:From:To:Subject:Date:From:Subject;
b=in8XX6mPc6ij+WHf07T9A2Vw4Zr7XDNmX8XTZyQ/I3NGPJY+BdbJvsFInyVLKD2VN9Sf2OrTrHZU7XtIZxbYtzarNFucNW5HHAgk5it3S84fi4thjLFNe4hJSdwH4wBg6D4lCvKoHaEbsU7psUvxtW6lXaC1mgZl6id1a9CNPPdxWP32ejDWzABMk0niYPeSpWQPctyD8NgvabcnO1vSsMoGot6hzsvoYXtYeHU/jLraY9ZT5wfeZr/URS1A/cnWRrhZlvJahMYy9+5KrSTGOlfBLf2gbptmqtSzmtXZA3aklB6GHxvQ6lfuWFNxCblA6CYEWamXXy9VKY7qNEPyHQ==
X-YMail-OSG: SyoTEgwVM1mMEtaKb0J.OuLtCefKkZWL7UYaIJ2wDiOtV5FJMBS90VnUGggY3hO
jhAShgobNIhynvMYKVC.4yQ7rTpVMkCpKX4lDlFlv4g54qrTx1CmSZ73gFutCXmjoq.hHW2ZJQ0F
jif_ZAYBZ4iIBpa78rffnWrdF8OGn2VvkOWuvsSp8nd._jEGxajlIpn.GZOuKCVt.pn8FQw2AUKG
R1.pHe6ag3LvN5Ub1ZUWmh7QZnVapPcsb8Dbji..37xY5kbVOpl419qNPDfQWXTuJXPsdUGT4GUt
dyRlo3InRKlsXHltElS0L0qS9ip97F.xBgeQTGqMCd.Qik6rDZ3TNy244vxiio.4l3c1SZbG.qtb
aqxmnsNuWusUX1KS7yn1zdRzxYcYsRkkEaZudpQWC8GSX2_YDkqtQEJqJ9NGWDMWWvd4Oocurq2M
CmbdfTx4tLvgPaMG1kMcPL.valirYYniNGyRVMaBmEG4ke_eqCo4NEHiqY6tb0sG5FJPSUmN3XdO
ZDejFYXdpzq5TWzs91pEigcMi.Xvu_PLayMKuvMljnD2W.Fi47Tho7t6FcegAgNY0AIpjoW4i9NX
EPsd2TVkE0VG3.2kiWTJxPsne5r5jVaMm5MAP0jskzCQxhNebLads24Us6cCVp4u4E2mDXAmHA2G
gBkyqZZffICdUVS8NpQ.KDueVUpgwGJnZDMMzn09.Thyc3ggf0i0H7lDvOYJr3KrBIfQOdqRNoGw
60POHHFHoy4S71qIZB5z48s7y80wPq47wMIsAUzLix8DE9k66RBoEi2F4WcSXXSJpNWV7BiCVElF
y9NdimDaf9ftIvLGx0VcwavwzHG6CHNmxLDjYN7uvPmCKLVTKZZKTnOn2wwEu_5miF1XUDjEctdi
FC6YsJLU16crF5d_F_qLYC6mTucgK6D3JCYUjR7ktiRHEwFqjV9tupaEojCRKfFEUz4HZa3HhJnS
VmS07urgN6B5l126iOJM3j0Cl7OV_0Mr9fTvuaMXEyI9egZwHBmorURPpth4u9Nm2sP7LrAHMKVa
pMs4a8OIUgg27dL8hDVJmXlHuePPWACDsn5sfvEu182cqDPrN_Fc0.z_4yg7Sy1EatvyuI4HdJI5
fCjschSEfj1Cz5HGOKNkTFdmENp7Vg5vhHJjpbYCK0O6CEa7kwLqCLbYglWCJyojgRj5oaRY5.k8
d8l85Ex11JVz9PNqF7i3o1by7Yik30GwrnyFb2xht7fjcQFvMpKHrihazCz26UTCfmlrn860m4gW
JK75li6qiZuqDzuyeS1DPuvJXAdWksMOCN5PAve917E3XHafTacRdAHPY8N.3UCLprlLu_Q9vNCr
qV29rDwu0Uz7AwQUYqhfLc0fDSoiaISCqqHuS1SrwbIzTT2EY7_A3ygc6zNnYxcCqJir1ak6Y12D
aSdstD1U8N31BZjechIoKxAGiVLksI.XiLq3u6TnuY3iOyj01KTfmebp3mGpVCF.DJfp4aA4jWB7
LwGTepy7u58qPFHNYzuCyTppjOppMhbZixFQVdFBJIeANckxzn59U66aHvWq5c4YXm4Utr4bnGuL
HacyhV2LWfs_rjE13PYpYggX6wRYz2VoJaWm0S1OrFFT5OXzPSEW2.wwGrcVaU2QsfQ1o0hY9pUo
5MHHk1aEefMxG4MGqaFi4.nj9D62Xoy44e8sEkXc6TKU.htOFfkeCOs32IY9PwAu72pQghkX0Bo1
_RC_0URnJ3JiJ9rhdvr8JPRMYMpg_maQBXAMRcBb0rYGrEZk8XmrrUGpi23JbPD0C.8kmiXPaGpF
XVEr9RGWboa4rU1c7aZfzo3b3nT5RU8I4Wng98BeDA68szN._u.9akoRS_zGzoReVFeQBowWCJNS
VfLgOeMROIFPM4knp0gfKMDHgT8ad73PNg25cAEYvCFwDtauK1nTSr9qEDkV3l1kYMjvzf.5hlcp
pbkrLQpkxTbks5qXawxoX55PodyDMMcy0.U.I0sQ8t88GZlvKzjkcOhZO3A3v1e7axNxTbjTSUuH
vHeW0obKNpYXn8cejq5XvGT9l7h3oMpeltPBS_DY4eniHeGtq4GslLjaUHCeSvm4j181t_ro2Z1C
l5_phOCUCdt7H9upfYiXyB8haS295zXJk.YEGKQVvNiOyhPjwR2R432WLQA1sg9I7cKys3.OUBnj
E5FvdFGESfm_G0i.RI83E_V.JO7i3chA9QBLjoKLcLjnXXfylSRjr7Ic860jniEyDbAB_ikX.V79
jTD2QiRIa4uufIPlcWBjylomrsSIa0cO0RZYm144C.qHNIPDlMBH8L.p9UVuV31iiMGVnZsRH0iy
9aQ--
X-Sonic-MF: <luangruo@HIDDEN>
Received: from sonic.gate.mail.ne1.yahoo.com by
sonic303.consmr.mail.ne1.yahoo.com with HTTP; Fri, 7 Oct 2022 12:22:11 +0000
Received: by hermes--production-sg3-cf9dc7f8d-5h5f2 (Yahoo Inc. Hermes SMTP
Server) with ESMTPA ID bf004ef2bec28d88fbc5df157aa1737a;
Fri, 07 Oct 2022 12:22:05 +0000 (UTC)
From: Po Lu <luangruo@HIDDEN>
To: Gerd =?utf-8?Q?M=C3=B6llmann?= <gerd.moellmann@HIDDEN>
Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs
References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN>
<83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN>
<m2wn9c83bu.fsf@HIDDEN> <83r0zjopre.fsf@HIDDEN>
<m2zge7zxb1.fsf@HIDDEN> <83h70foo3h.fsf@HIDDEN>
<m2r0zjhmfm.fsf@HIDDEN> <87ilkvq19o.fsf@HIDDEN>
<3bb5a223-f0bf-3915-c8d6-f44ff5d20b05@HIDDEN>
Date: Fri, 07 Oct 2022 20:22:00 +0800
In-Reply-To: <3bb5a223-f0bf-3915-c8d6-f44ff5d20b05@HIDDEN> ("Gerd
=?utf-8?Q?M=C3=B6llmann=22's?= message of "Fri, 7 Oct 2022 14:17:22 +0200")
Message-ID: <877d1bq0wn.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.91 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Mailer: WebService/1.1.20702
mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo
Content-Length: 193
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 58334
Cc: 58334 <at> debbugs.gnu.org, Eli Zaretskii <eliz@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
Gerd M=C3=B6llmann <gerd.moellmann@HIDDEN> writes:
> Is drag-to-resize the "normal" resizing with the mouse?
Yes.
> That seems to work fine here (macOS 12.6).
I tried on Mac OS 10.12.1.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 12:17:31 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 08:17:31 2022 Received: from localhost ([127.0.0.1]:34661 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogmIF-0004ND-7L for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:17:31 -0400 Received: from mail-ej1-f42.google.com ([209.85.218.42]:36671) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <gerd.moellmann@HIDDEN>) id 1ogmIE-0004N1-2R for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:17:30 -0400 Received: by mail-ej1-f42.google.com with SMTP id 13so10946929ejn.3 for <58334 <at> debbugs.gnu.org>; Fri, 07 Oct 2022 05:17:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=+CgVWyqd5nq2rxjn6dQXQbF68d5SpmN3VU5IclcC4Xk=; b=NBI1vyBrY6SD7k8roFbROwQrx5Lsw0MJ0BQzY8NNLe5r64p/bvEA37kxsdQGpAdlNn EOLMS4IRYk0GYweBsFHeI1pTaX9UCv46wxcsEhtm+tgBzxva9lqGVmcoJPfkvuNBRsWj x/yuX/xz7/fF3YodurKflNo+ku8x/dN8Qq7jCkVmXq16yhOcGlmPwmhRhtsthLnqd4X0 744nwKfReuPOYFAS+dJLL9WfgOMNenp8HdzPkg5DLt5+3Nn3LKbCbnvMOJ/MZd+IUNEu J6DNKVGZxgNvHs8QBI+09YdoyVfnbO3z0I97LSvG3+rmIIdHqQmRVkoT7fXDIhE+4ej1 fWVw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=+CgVWyqd5nq2rxjn6dQXQbF68d5SpmN3VU5IclcC4Xk=; b=UQ078TMINYY2dh5FkDyclgkqBgGdD4We45a7EQUQbJeCnoJrB0CUihz9IH22mrcSd2 un1BZpyQoKaCAhBEk1wzziX7Sp7G8zJBUvc+ir/kUhucs4vskDhxGp0vRhKhvkawmCK3 ETfUsGfHwWU2s/VA0DfH3JQj2yyDBlXKrOuyZ8Ax7+YDtNypXu9W9/C31gKb7GbzeNss 5CODpZUtZKy9V42l7ZuhvftZpcegl0jWGU2he7h4KHEJXCZA4zTUhUB6AJrYqQn+MLxi aaJzXhQ2IYELz5Tp+wZg2Cjp+ZeTdeVVkyloqLIqhN5ABf53iwhu+jysaAXAcGIPN4Ej +PuA== X-Gm-Message-State: ACrzQf0UM74oCmbknLWx6PhyYkW0WwxG/+bwPo7yPx184FWBNmYwK/c3 6csFUVmRkcN4TEGAoIWnFMM= X-Google-Smtp-Source: AMsMyM6qKdHB+w1mRw4Go8B8xalFZCokeEMJIAeDW8YoJb07B9p69SiCN60FbPOUqhoTPHwXehsD1A== X-Received: by 2002:a17:907:1b22:b0:741:8809:b4e6 with SMTP id mp34-20020a1709071b2200b007418809b4e6mr3872007ejc.84.1665145044090; Fri, 07 Oct 2022 05:17:24 -0700 (PDT) Received: from [192.168.178.21] (pd9e36c8d.dip0.t-ipconnect.de. [217.227.108.141]) by smtp.gmail.com with ESMTPSA id ch2-20020a170906c2c200b0073d7ab84375sm1154016ejb.92.2022.10.07.05.17.23 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 07 Oct 2022 05:17:23 -0700 (PDT) Message-ID: <3bb5a223-f0bf-3915-c8d6-f44ff5d20b05@HIDDEN> Date: Fri, 7 Oct 2022 14:17:22 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.13.0 Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs Content-Language: en-US To: Po Lu <luangruo@HIDDEN> References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN> <83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN> <m2wn9c83bu.fsf@HIDDEN> <83r0zjopre.fsf@HIDDEN> <m2zge7zxb1.fsf@HIDDEN> <83h70foo3h.fsf@HIDDEN> <m2r0zjhmfm.fsf@HIDDEN> <87ilkvq19o.fsf@HIDDEN> From: =?UTF-8?Q?Gerd_M=c3=b6llmann?= <gerd.moellmann@HIDDEN> In-Reply-To: <87ilkvq19o.fsf@HIDDEN> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Score: -1.8 (-) X-Debbugs-Envelope-To: 58334 Cc: 58334 <at> debbugs.gnu.org, Eli Zaretskii <eliz@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -2.8 (--) On 22-10-07 14:14 , Po Lu wrote: > Gerd Möllmann <gerd.moellmann@HIDDEN> writes: > >> BTW, I've commented out the call to redisplay in nsterm.m >> layoutSomething now in my branch. Let's see what the effect is. So far >> I don't notice anything. > > It prevents drag-to-resize from working at all on the Mac OS system > where I tried. Is drag-to-resize the "normal" resizing with the mouse? That seems to work fine here (macOS 12.6).
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 12:17:13 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 08:17:13 2022 Received: from localhost ([127.0.0.1]:34658 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogmHw-0004Mh-VM for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:17:13 -0400 Received: from sonic304-21.consmr.mail.ne1.yahoo.com ([66.163.191.147]:41706) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <luangruo@HIDDEN>) id 1ogmHv-0004MV-HS for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:17:11 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1665145024; bh=+aIU1caqmciz7gXAVTboZXSjVrNoLtiKgLwO2xO4xcg=; h=From:To:Cc:Subject:References:Date:In-Reply-To:From:Subject:Reply-To; b=YoJ1h8ifgzYrHrVRIjbOR+Y6RIFoa7HvSWql9zvs0MdCzQRTDZpTccKoXqlg63IV8Ojr0VgeRXQilt0I7O/D0ra8lf0pHKF7YpjxHQzMAeTgMAErWdbrgt+TjiYoOHG9Ee8LfHoT7gHXh0y0HmDt1CvO94acvYiRG3gKzY88s43fd2+b07rqt8z5k/IN8ciy3LpUqzm0GOJ+Kx8gCsVofOiy5t0jRZkpINGQricsiZ32cmhp4GxZZeRg8THP4Mo9Lf7d+k5Mrpw5LqP/qi/NKIoGqMIgFk7GXxU3/ZrBexDT0EyNd9uaEPPaMccckqUsgnyZv5d5V08h+Z/ke2k/mA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1665145024; bh=2jTBPU4+O3P/148Ay9P9+dbhLXHTO2xHls/u9jdE5xt=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=Wy0aiLSHjRzQ0c3SJu1QDX/NkPw8JVQ5e01HxZ0B2DHSCV2eml1bvUMeaKb8szQEdhK4Wdx5NtHx/WC7nOpozixoiYTr8tqfpcHb43rM/NcFUxV5ucEfLFw8++32HGhfGYabIdAbuxl3vGEPx1OzcesQyMBJ2pTAGatAeOSm/yEiufj9SfdOwtaJ/mDaG1+mm4tmjRTfAr7KbzEdQPrEMhe5ssk50E/Q3uItlQ1l1U5Va+I41Dga1cHb6jKDMesKUvrEts8TD/Cm0XZ06/BuhElzQ7D0OZDhOHH2a+Da4yFsXZQrzfoCdI3ngarGVaM8z37DDD0zraNA/UOar/MArQ== X-YMail-OSG: yy8o4CMVM1lLAKB6gAgQH0Rqxz9DedHmA40Eizcv.B6mds1iByiOXY1JpEehDFL nw0gOililLfbQqa4cFpfixvwcbAK85Ja1hz8gkuSAhVhofT9_w7xjMGm5PKS0e7HMG_A0vD6N9QT 2Jct6j6ewAYKIBmunow1bc_iSRIpniD97V8EDnUKgyvfIpfP57UrL9b2mVQ_psXqJzy5bGi1Eb6R OhcrB1DZPO3A2EdGmzjSuMV.LK3dHhsZfwMzaONqgKQAITnTQVPOBaVXI31yFR4FicqJRsQrZTb1 k3do4XrNeDrTOc8zfNwAgVI_fsW3w1rrLiemHEi3ciS6WCp9cpFIMpY5q2r1ZQfbUJUcATgZ0Rmo L6l1Ckgok_3fKfTn_By8GwCIbeoCqpI6Gd.3xKa0wBvpCL45alZaOoWVP9esxZIYk6rGNkLd.K0Z Dmt4yOQHA3hst4BIj5Gx0rBU5uuqa.SRNQIx5t61X8lrJJ6NU_viTbaWl6eZF1abOVkAUQTU8OKk MMB8aOvhmkonLgcsnKfdhINsGss2o.gMaoWJK4Z2Qb6uib9E8hl2pZqNrKE.uFb7dHz6XwO_Zd8O rnfoSjPdJs58im5c.WpBb5zxyvZIfF9BLQkVaOqDuh9BtkGfenT9KpXCG.Nl7Gi5m.9fc3McyyZS XSxXjbI.f4QjVZjRtwJC1UviKaI4tuaMmemDiZRmskxmHUTYW3G9PpPjYXbJEjFEJZW0gitOY.eA Na5S7MZxsTB23hZWc443SAasBbERC1QL1Ft6D3Aojf8JfYe7opeKp3dlqLD0J04xAT0Br5RG2YI7 gaKCB4xQ8WrunDJCSqiCBtspet1PcS24VTOiDyctoLiJhNszLDJH2WNkj.hWzet5Smz5agWRtP_6 gvtzKrdcC8pOBhsV6H6R4HlKg1kmPnYNqf2npSy632EC0e4RSQ8OWwKZBi3lbBwjp2yrgO9xNHzw UEbGQtM9Tphhtc7MNEWjiQWzkS66bRRW0NIC9sr4bLjTc.9GoswszZCuJo6KJZPrhw5lPA8w8i1v mh4ifeCytfv6JO5ecPo8J_Q42lVW0OtnI_Yvv3A2Bur0IG17cd4NCn1yVwS883FbdgUU623opCpx dmWlDQKw4uL9juvtnng9Tge7hMeQGzEYF9z.dRoXzZ.lp2Wa71jqpDj8qhvUXphdXN4XbTuTBvx4 hpfiA3Nidrbbj6U9VwLE0Zx8wSByYxLfBwvLlUluCpb7XxzwvOTiRQTushv9w4iovX8TrcW3Qa.x zT6V9XXqawFmZINpoIes7t05YhD14FiKRXszB1nElM5d3mbFl66oaiYm6jPGjg5wtuPX1ARacMWi iFgX4bCTBNz_1wsD4AnUL_mTb4l.962ZVdaUwIy01Y7MSom_OU8AVwy0BqWXdWk_Fe60Xe4FxBen X18Nk2_hXlJ8SgKDeSXhVwt811GqSA_y43Uw.Li6kku2eDwl7DVWjr6Je9ystb7nvjlJGD56gtOR sFRNgVJkF4VEMEFQe6lh8Bqy52jpSBeIJYgwyq9PgnYQe3ea9NM3IbB7OIrO8UodPbsGsG9M1CbQ 1oRi7gfJySFc8fB07oAIr2TBv2X3AtsIEi1wvkUoS4KatLYr.NrcrL8UWcZwgPDJCUTY6CKeuRzg LSu0ebZDQAlDd8RQsSAcyhlSdmbByP8QdhLSEcrP8Y_nQBJmOsusHPRHyN8Ltfp01FTYYIYTt0ng OnsRBkTVPoh_HfH1Bgp.G01NG4gKNEFh2nombUrC9qJZdpu6PbR7RFH.PZhieSjeZ7qeXD_hdGn3 PZpkfU49cub9gxOJNw8BBCySRcLhGW4YwO.vzJoCWBPXrfNjLmyY6YPVpCRHsD8Zc9kyobaeS16y wJeA7Ah6tMaLRcdO0dgsYNHloxLADRW.WwiZhS6HjtQN2MUIc0PpYXovChjaOUx_rW_4R.hjLqpf qZ8ANO3.zkxEPIJhHkwAzMmryAWkqYMCYj3r72d5Lqfnd.qp4zEkeJOja.xJu0Qoyx4KL.4408p3 8hNh54BRi18ati_E.UlSd3jbSmP8gM3CDnPH35_OLcmJIdcL82uDw1Jc3DRtqB06EypVZ_PT2k_t m6_.cA60fHI7Pz37AKfdEpB3WO2ctwFvYsyflJuh4veNk4aOQ2SDvbdgsaIGSpb98xbnvCdxumDf uCaYLcpecpDGu2epDZMcMuz84l4jMG6qT8RMXkI.jFAYSrbKAw1Cv19ueR4JA_28HwaH2NxtQlKA bPOoH_Fqu7wmLeFjTLYLXVxbeSh2lcRLD6m9mQdUx_Oe9y.D4807FIyIbOBRvGz8rz5WxKA_7.wd urQ-- X-Sonic-MF: <luangruo@HIDDEN> Received: from sonic.gate.mail.ne1.yahoo.com by sonic304.consmr.mail.ne1.yahoo.com with HTTP; Fri, 7 Oct 2022 12:17:04 +0000 Received: by hermes--production-sg3-cf9dc7f8d-qc2lq (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 483838364ffc4765f311824f8e5c8a1f; Fri, 07 Oct 2022 12:17:00 +0000 (UTC) From: Po Lu <luangruo@HIDDEN> To: Eli Zaretskii <eliz@HIDDEN> Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN> <83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN> <m2wn9c83bu.fsf@HIDDEN> <874jwgqbd6.fsf@HIDDEN> <m27d1c10ad.fsf@HIDDEN> <87zge8orla.fsf@HIDDEN> <83k05boos0.fsf@HIDDEN> Date: Fri, 07 Oct 2022 20:16:43 +0800 In-Reply-To: <83k05boos0.fsf@HIDDEN> (Eli Zaretskii's message of "Fri, 07 Oct 2022 14:29:19 +0300") Message-ID: <87edvjq15g.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.91 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Mailer: WebService/1.1.20702 mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo Content-Length: 382 X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 58334 Cc: gerd.moellmann@HIDDEN, 58334 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Eli Zaretskii <eliz@HIDDEN> writes: > You don't need process_pending_signals, it's enough that some hook > calls 'redisplay' from Lisp. process_pending_signals called from probably_quit and unblock_input calling handle_async_input, and thus gobble_input, is what will run that hook calling redisplay, right? Since the unwanted execution of Lisp happens inside read_socket_hook.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.
Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 12:16:52 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 08:16:51 2022
Received: from localhost ([127.0.0.1]:34653 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1ogmHb-0004Lh-JY
for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:16:51 -0400
Received: from eggs.gnu.org ([209.51.188.92]:44650)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <eliz@HIDDEN>) id 1ogmHa-0004LV-A3
for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:16:50 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:59650)
by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <eliz@HIDDEN>)
id 1ogmHV-0000k1-3K; Fri, 07 Oct 2022 08:16:45 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date:
mime-version; bh=ZMlozQgvoh+aLOFWNT8Vgx6SxaT62M//FOwsUaFdbbs=; b=mk1//xWLXfz5
wRmsPSw6g7k32BpQYRm/wY5qZg//uSMR1sfJEf1WF2ah0Tt0oWwIe4D6YC/84114l6N2hNNBkSbGI
K8s1RVX2EKpVsDJCJPKDR16LGYHBN8B73hgP0b8Z6LINr2ATL4bmBoRLcdo7Gcf07J1pf3ikqyXe8
StcHIWwVM96na5PB+pt5EjTsvYHL0S9M4PaUh6vyDGhvLqe6W+ztox5R9Tx5axVGcBa5CkykLLi/o
anRBKpDsXVbLidpUJoap6tCpJCQXseKKsguPeIfvv5tJPK+5M03gcxxU0ANcOxGb7M0i9T4iT7STZ
Bz/3WINxZJFYZL4K/kpqhA==;
Received: from [87.69.77.57] (port=4497 helo=home-c4e4a596f7)
by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <eliz@HIDDEN>)
id 1ogmHU-0004ys-Fp; Fri, 07 Oct 2022 08:16:44 -0400
Date: Fri, 07 Oct 2022 15:16:44 +0300
Message-Id: <834jwfomkz.fsf@HIDDEN>
From: Eli Zaretskii <eliz@HIDDEN>
To: Po Lu <luangruo@HIDDEN>
In-Reply-To: <87mta7q1bp.fsf@HIDDEN> (message from Po Lu on Fri, 07 Oct
2022 20:12:58 +0800)
Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs
References: <m2a669atai.fsf@HIDDEN> <83fsg1osb1.fsf@HIDDEN>
<m24jwgbzm6.fsf@HIDDEN> <837d1cpzxk.fsf@HIDDEN>
<a2f0425f-f335-55df-120f-81819c412d24@HIDDEN>
<83czb3on9w.fsf@HIDDEN>
<ef057f2d-74ec-284d-6813-7059a1ab7b7b@HIDDEN>
<83a667on2a.fsf@HIDDEN>
<5481395d-f7d1-8b9f-59d5-f681c113f6dd@HIDDEN> <87mta7q1bp.fsf@HIDDEN>
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 58334
Cc: gerd.moellmann@HIDDEN, 58334 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)
> From: Po Lu <luangruo@HIDDEN>
> Cc: Eli Zaretskii <eliz@HIDDEN>, 58334 <at> debbugs.gnu.org
> Date: Fri, 07 Oct 2022 20:12:58 +0800
>
> In the recent past, Emacs also used to run Lisp as part of the character
> conversion of keyboard input, straight from handle_one_xevent:
>
> if (nchars < nbytes)
> {
> /* Decode the input data. */
>
> /* The input should be decoded with `coding_system'
> which depends on which X*LookupString function
> we used just above and the locale. */
> setup_coding_system (coding_system, &coding);
> coding.src_multibyte = false;
> coding.dst_multibyte = true;
> /* The input is converted to events, thus we can't
> handle composition. Anyway, there's no XIM that
> gives us composition information. */
> coding.common_flags &= ~CODING_ANNOTATION_MASK;
>
> SAFE_NALLOCA (coding.destination, MAX_MULTIBYTE_LENGTH,
> nbytes);
> coding.dst_bytes = MAX_MULTIBYTE_LENGTH * nbytes;
> coding.mode |= CODING_MODE_LAST_BLOCK;
> decode_coding_c_string (&coding, copy_bufptr, nbytes, Qnil);
> nbytes = coding.produced;
> nchars = coding.produced_char;
> copy_bufptr = coding.destination;
> }
>
> How come that never caused problems?
Why should it cause problems? what kind of problems?
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 12:15:04 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 08:15:04 2022 Received: from localhost ([127.0.0.1]:34647 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogmFs-0004J0-6H for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:15:04 -0400 Received: from eggs.gnu.org ([209.51.188.92]:51044) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <eliz@HIDDEN>) id 1ogmFq-0004I7-PP for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:15:03 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:48350) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1ogmFl-0000L2-CA; Fri, 07 Oct 2022 08:14:57 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-version:References:Subject:In-Reply-To:To:From: Date; bh=+3MIlHH6gpKDarYMF9jbmOrOr7nnw5zR69jOPHKyI2E=; b=P0EsD26VzSSlOh7caEeR fKLoBFGuJeXAAkEOc1cxEAIPdikpv8NSMSWFnjC1at7hIa7gCkz0qAXp6Q9zHHmHGYG8YujfgM66R 7fa5I+U4GQohvQ383jp4IOy0zN+7yOl9hxIURjGBrAYbRTZ5dHYX9qCHyVVvX2dd1fuChZxaVSKMn YlcyMLS7I9L4/R0gAyiRor3nI9tzB5KbMmlL4AjAWk0H5QaiOibcglx6GGyGjMjkdXqk2Njtt7Ma6 2+NzIM5QHrf07MVEuFLAWtI/6IWXaVFHaScT8o7w2X4MPcQjJJoEJxKXd3ko2PwQeJ7d+0a5Zgtmp +eu+WVpcZJez4g==; Received: from [87.69.77.57] (port=4386 helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1ogmFk-0004nK-MO; Fri, 07 Oct 2022 08:14:57 -0400 Date: Fri, 07 Oct 2022 15:14:55 +0300 Message-Id: <835ygvomo0.fsf@HIDDEN> From: Eli Zaretskii <eliz@HIDDEN> To: Gerd =?utf-8?Q?M=C3=B6llmann?= <gerd.moellmann@HIDDEN> In-Reply-To: <5481395d-f7d1-8b9f-59d5-f681c113f6dd@HIDDEN> (message from Gerd =?utf-8?Q?M=C3=B6llmann?= on Fri, 7 Oct 2022 14:08:02 +0200) Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs References: <m2a669atai.fsf@HIDDEN> <83fsg1osb1.fsf@HIDDEN> <m24jwgbzm6.fsf@HIDDEN> <837d1cpzxk.fsf@HIDDEN> <a2f0425f-f335-55df-120f-81819c412d24@HIDDEN> <83czb3on9w.fsf@HIDDEN> <ef057f2d-74ec-284d-6813-7059a1ab7b7b@HIDDEN> <83a667on2a.fsf@HIDDEN> <5481395d-f7d1-8b9f-59d5-f681c113f6dd@HIDDEN> MIME-version: 1.0 Content-type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 58334 Cc: 58334 <at> debbugs.gnu.org, luangruo@HIDDEN X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) > Date: Fri, 7 Oct 2022 14:08:02 +0200 > Cc: 58334 <at> debbugs.gnu.org, luangruo@HIDDEN > From: Gerd Möllmann <gerd.moellmann@HIDDEN> > > On 22-10-07 14:06 , Eli Zaretskii wrote: > >> Date: Fri, 7 Oct 2022 14:03:58 +0200 > >> Cc: 58334 <at> debbugs.gnu.org, luangruo@HIDDEN > >> From: Gerd Möllmann <gerd.moellmann@HIDDEN> > >> > >> On 22-10-07 14:01 , Eli Zaretskii wrote: > >>> I don't see how "GC inhibited" is related, except by chance. It > >>> sounds wrong to conflate the two. > >> > >> Couldn't we bind it in nsterm.m? > > > > Bind what? > > int count = inhibit_garbahe_collection (); > redisplay (); > unbind_to... Could be dangerous, unless we also inhibit all the hooks that redisplay can call, because who knows what arbitrary Lisp can do to memory? And some of the Lisp called by redisplay can't be easily disabled. Example: the :eval forms in the mode line.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.
Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 12:14:31 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 08:14:31 2022
Received: from localhost ([127.0.0.1]:34642 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1ogmFK-0004HS-Rz
for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:14:31 -0400
Received: from sonic308-56.consmr.mail.ne1.yahoo.com ([66.163.187.31]:35276)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <luangruo@HIDDEN>) id 1ogmFK-0004HH-36
for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:14:30 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
t=1665144864; bh=N0w22XJH8nnNTzW/QoHuaCCCTWHOTbmdT+NGpVxdpsw=;
h=From:To:Cc:Subject:References:Date:In-Reply-To:From:Subject:Reply-To;
b=rKFD7A626CyNbSiOgommDhJ3fGgpc1UMLYDQXng4iSc0REa8JZOmQXY5eg3wC0QTRP+/FxVbb539eBXO1RBIoMjDecv9Pwo5pUtewz0EGw8040lYt/aoWqax58hkubDiNG12GkLPEvh88MenyElJ2hzjsJcX1lgMgGWy/neGvEmcssicWPV41x5atXiA29UsSJgW10ZDS32NTc7dZpOsBm881LNtpS9Q6tPQAODpHf8W7xQ66lHJyWp/elVGNEFv8bs57RUGFyrsAHAqnHz4qwcyU0q/YoZl/IlBX98ifzoGMeScBcsORoZyfszqh2nL7yKztNjy/mVWNmPPPG6fOg==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
t=1665144864; bh=P9PQCSLYLrcjsgvfE5IBtSA/nFRoe3GEGDJAH+/+078=;
h=X-Sonic-MF:From:To:Subject:Date:From:Subject;
b=tPf5vwAJ+xLBGY8WfZDWDY6mwwIJ6Bnb4gt5Ou1N/s5ikpyURMrutw8an1WzMwsfgux21KCQsCYogvZWKacRFJeSRg0gJ39CT04+pmyWu6Gvf6ex7Mp8fqFG87+WvxLYFeCJ03GWqJU+jjMi52Dkoq4iP99+9DoyxAGm5qpHn5B2Z92Lbs0eMOTBJJXdrXm+vHLeOUY4BBIaZakjA6UteqOMW7vQq6cSbTHPDYNIaorKpyIXIzzslhQd+xiv2jx02RpKlTwtUBrZFvIhonBeAi8P2/3+FUmItAS6PY2d+QWTcFMBXiIbkL5I9XZU/l3WOTSEbsHP6EI10EmK+lZdzA==
X-YMail-OSG: eaj4hvoVM1mS.iAiFB2DHQ7GBIPN1GWnFiSEVoQqHh0gpnkaSxWp00cvl.5daKz
zgJDTmufygg3dm2TshBODqOOurNEIFU0KodipjueKi.Bb_yft3yWe8pwygOWBNWowkkIi8uPW4Lo
KgzTSj3Sx3G_Mqdgholag3DOyBWZvmqot_.D8khUqgbLCytml3wG7ypjuLiTo6Xd5D6nxRXhS0tA
NP.NiGpjRC2lWk.BCzNi8OmqdJU7gFPfpHcgU_5JKw3My65QJEHfo0QM04gIYth.OkcihCSKYPqD
gVvvyzppRVwON46sBypNjLTwMVdx4umufQtT0iQUrYfC8s9ICHwaTwCKYFc.pMCtjTKRmuPfo2GH
6Dg.YQafaKyEoJKrT_oVwK8yILi7Dk1dNggrOdCpPRMHszJKitN1g3VllnJ8PyJsd2XT501rTAW5
IUxRMxB5.fOZqBngkzeKoJslaSUfrRIh.Q8zoY.oTBT71sgimZgI579lAjcjBaVsdWnYXvApl1Zi
O3BPlTCOy_CBnN.rZfuGP136sYFGLvQwApu9puR1dj7nRfvX4ZPRA_bll3Qtvmu9zYnc1iSnImHC
tKd1AYKaC4fXp2K1F._h7.X7AoAgShSu53zPiy9rtvLX0pr1EjO6e5yoxPa8kZo8_cs93fGq3P9V
pNw1lrhwN9id1cXRCj21YJe.eACF8NNjkEyby2Z.XvWUCfCZZhGiw8Cx2yb29br.zlHzlXunoOgk
v1hiNjzJnmCYxiB6_zziQl9pliCbAdPVpxnEKGm.h6ErSEoJcUJcFLYwZVGGyWYf1xdi1G62YP4M
jfmCYgLZEyv7Na.4NehEOuKf22xbXBdSbzFvgXvahCH1gKKThuEXjVZU8I5pDXdQZEUjXcYV59Dt
hyFlE4mVeZOEwQR.RMVlWmdZWorm0XZi0wqcvgOp5BXQzrD.gp9gKxYWEuGS4CjvRAbz0rlOvSOn
UiAZ_u7O3ZlOQJq68aA5PVcY_474UGE.HlmYIINLx9dEwEMhLxJdRA332.A_89kjmlDLw2HvLqOz
687EQSbdK7ETcElN10VCbS2jCeJz241THlN5..DEY.NKn0fPeYa6ibuMlB3fRGUe9hxJL1mNfxAc
1a0eXPmm5UwYJ8eC31sjjUW54JOVoT.OM4g3IUFhI9QslSk1Sbq6JNHRcnym_.79g4BJ.IGQ6LW5
ccxFk0mNdO1SvIYqHVbnVOh.PUq2yZ91SbWv7FhtavNE3iRi560i_L7pnnT5A2NSKD1h.3CwvIPD
tbpBfNUFlw6hMXxgEgsslKWvGWzhqnnVvNVu3qdsUNeIhZuB.bmeqRxaTSo2XSkS.sfzNg1LWbUR
1cUdeMuTYmcaUWlwytP.lGOOig3iO0NVQDE4eFite9eRWEELeXRN3XGDTwkTI2qbZxc0LeYEO6.W
qBcOrE8A5jM2zWEEmpbk4tYEu3Utx9aHjZW1AK0Aaz3Kh1CcbPEgIkznVGn.DMdgGxU9EAZ2oh.L
TmUiotTfdcLZhs2Rpy0Got1pSS5AroKaKSJHk9KnJ1a3nmmEfPyBv8hgy2KL3RnSxxc6RvWLafI6
mAP13MDdOd0s3IHtXuLUqPHsz7F58ucL80xauLQkMWLxheD0XTc_W.d4Q1_ato..MdycrPz.8J42
Durdxi4RrevT4Xj0UNxOIp.sAX0v2otMcaDBsogJ_VHdPKBZ3i7SNe5U94ObAZwycm.kVcQVDyom
4eKgIgQ4rw_LgLOI2Ld7jtsAsbbJIhP6WlOtxGmgENYdaghSfk2hO__3Z3zecRqZCb6P2S.KLo8i
.XWwxVQBY4mghPYRYe55LDgv6EpkFE.WUQLfyHMtm3D7xRji7UNEddcHRIiUO0K5MHMGyryBCBe4
xeXkRl6HRWoIsCB5Kux8zR8Jh4JywwAlpFa_9mQ_iGDg8NVWaq1PsUBjBbm.dx.Xrc1zhPF3hlOL
TMODM14.qqN8yrrzZ8On8d5OGpErUFDw.wTo6MayM42O3E3NqbAD7etBWz3Gh_FXCT8_Dp5fQPcq
bLn7R9sbywDTNhCQUwZfTh7suqDRpl0zOiTbAt893gJtM9mUADdAos0S4q3iutYA1R1BQMFJWSoP
ERVb8dgGNEvzsdk8Pv5GyNyaYXSlvqI2P0wzLcDmNzNfkUUFLwGd279MdrrQdM4GTwGRgHugVjaY
F97CAv_yiyxvPs9Tdv8_edcWTdlwXF19z_PszsMKuarU3bE5Mh_enMZ5guKjXBmTFU8_TNTfASgv
C3FyQH.TNwSsQHiJe_O1nKzZzgxhoML623mn4YTN7iQKVLGz8zioSf3K.0MXKZd_V4Oaln3yoSsJ
l
X-Sonic-MF: <luangruo@HIDDEN>
Received: from sonic.gate.mail.ne1.yahoo.com by
sonic308.consmr.mail.ne1.yahoo.com with HTTP; Fri, 7 Oct 2022 12:14:24 +0000
Received: by hermes--production-sg3-cf9dc7f8d-tskmz (Yahoo Inc. Hermes SMTP
Server) with ESMTPA ID 5c82cb93d4e9de91eee083557f4a9f91;
Fri, 07 Oct 2022 12:14:19 +0000 (UTC)
From: Po Lu <luangruo@HIDDEN>
To: Gerd =?utf-8?Q?M=C3=B6llmann?= <gerd.moellmann@HIDDEN>
Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs
References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN>
<83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN>
<m2wn9c83bu.fsf@HIDDEN> <83r0zjopre.fsf@HIDDEN>
<m2zge7zxb1.fsf@HIDDEN> <83h70foo3h.fsf@HIDDEN>
<m2r0zjhmfm.fsf@HIDDEN>
Date: Fri, 07 Oct 2022 20:14:11 +0800
In-Reply-To: <m2r0zjhmfm.fsf@HIDDEN> ("Gerd =?utf-8?Q?M=C3=B6llman?=
=?utf-8?Q?n=22's?= message of "Fri, 07 Oct 2022 14:01:49 +0200")
Message-ID: <87ilkvq19o.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.91 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Mailer: WebService/1.1.20702
mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo
Content-Length: 301
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 58334
Cc: 58334 <at> debbugs.gnu.org, Eli Zaretskii <eliz@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
Gerd M=C3=B6llmann <gerd.moellmann@HIDDEN> writes:
> BTW, I've commented out the call to redisplay in nsterm.m
> layoutSomething now in my branch. Let's see what the effect is. So far
> I don't notice anything.
It prevents drag-to-resize from working at all on the Mac OS system
where I tried.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.
Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 12:13:20 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 08:13:20 2022
Received: from localhost ([127.0.0.1]:34637 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1ogmEC-0004FZ-DA
for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:13:20 -0400
Received: from sonic302-21.consmr.mail.ne1.yahoo.com ([66.163.186.147]:34290)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <luangruo@HIDDEN>) id 1ogmEA-0004FL-2I
for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:13:18 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
t=1665144791; bh=C7zf263+gXI/b6ydlaYA+ht3UPy+1EvBsI81yqP9+kE=;
h=From:To:Cc:Subject:References:Date:In-Reply-To:From:Subject:Reply-To;
b=bBqTJTR78YCY05qm/1Q23Go7pZGVcBmkX8jHT2C+c8oJWWGf9rhAInkjmx+CBDyuezS5QnoktEezylpxeWLSo9bgOkIaa23l5bdcURpMpiILFbpAQYBAtNngbW+b5KjCXKijPLBe61yjslmdZUSFQL//8JN2Sr7oHAS9Q5WUAHagzoFpWngqgV88FAHAKKx4YEp1FE5caWFlghfYIubjgpe8GtBDekO1QtrPtVEoVV5wSu9HaQkaM1JRNCdq3aXBKS/Q2AodKu2jt4JJ6094o1C0pdOlmpb+2eAmqMpD7k0Vj8+rpseJavts3M9yxJFKK4dled6Q/lwU4dGGOqar/Q==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
t=1665144791; bh=xpAtnjIPWp37mlB8IQHGlG5taFmcACM03DhyJLMOxJf=;
h=X-Sonic-MF:From:To:Subject:Date:From:Subject;
b=NU6RPnkdqioeBKyhwuI6GRZNOZEnMMz6m2tmoihLy4YxQrsAiuijr0p6YdP9qdRNwN9WOxToIGT1JS7Q4ZXdRz62BCe4RGU84vdN2AcBg7TKI+Psz5Aiv0ob5+l9N7UzP+RC7Oolp0AOYfF422k7fxvwtQtP+weMwQoL6NlCAUHS78oHdxj+GRbzzwk7DAvXA4I9yEJ0Sz62K00XstpD9x4kAq0ermZ2YX+xhDSaXVDPvQbMC0wAjI5XcQoZPtHAZ3gqzNxXUKGX2VT5K1abYZ1GqI7fpKP6bn906Kc/1JQhbk6yHWwj+tCYm1JIR2JMiFNA4txPM5E9xqNSGUcKQA==
X-YMail-OSG: dw8GWAQVM1mqnNNzCXVhUAy0MqllAG_MgXSOstdiXtz9ZsEgB77tCT0.Zxier1o
MxLBXUXwHdIGdlhDBKpt6tMosLaq2zhX5PGFxIvL9RPMeZk2JSHxl9eBX_ENLHIsGCkVb7z3cvoj
u4AQBHDFvQLhmqJl8or2VL1JuWHouAxZ7Yi_WM_aGmr3YK3p5s8hl9FMGo8s7tvHv9IwpIpX88Ik
uxh01IJIYOyyKbzrpDW2yjtU2gMUFbvOJF0wAiSW6uMP0zwy7TJysO1DLe1skJSbzPN_72ZNHQQd
HAPDlyNBSCGIc9G3GqeXQb51xvNpHIJAcgqAqLsd9RAQwXu3hJ5U5o9yJiumrA5AHbKbTrXm0VIk
Yi9o64DgVA4fwFjZcAAawZaPyin8K7aTtS4fMWpWzapJ96yYBtSq_ky6ZI7__DQ1nOe7vIsEM264
c3XVrqcR70zKHgBOsAXRT7XzPVhOzPPDSPoyF0fk7ZyisWX_h0Pui_gaxjmu5j9wX3n7ohYhKlQk
vF9lbZA7NfRCrcdwa0uiKBRsYNRt9kO_S8.3qXpr5SPZ6Tzt8bJSjE_A5epOXqBYIse9KeKmNS.d
FJs6McLBn3ASsS6TDvxVdptQCNPWoMCGKrIgnY_r2qw6c7pvG5psG_UOprDcmEXoHiC8wgM8DZ9M
zQwekNAz2I3bsi.j5m.yfEdW.Epf6945B.nSFwJWdg.3DdJA.LG7r.KA3d_7.hl5abanL23rEN00
_rpQDw0iZrcTlesp0c5xBsOS4W7Bb8emj8kBtlV3EkXUcJtU5fhudNbWIq5IICfZt0BA6sBZdMP7
Aj2fZ4rxfEAJmnmxMv1kuBGQFyvFWMpMpYmtZWIdH8RsZ2.DLUepQHRKt6vnEyQt49gfQwaruuHA
6cFgRa71u6lKK5tGBtTwvELDCd5ck_oWPW70PU9E_Nz8oNFrOWeWllXUTC20hmx7DYXiEYr_Dalt
vhl5Ur7stkFHpInx1xIPq0dnI5sRxvrR.bFIS6gDcJtkO0Rc4ZlVju4AzV3Pek3ki7.L__nB.oKM
J1QQLCZ_LBwMgLThbznMD8_Fn7zugVoSskZMIQNRDuVtA_AwNILkoWEvKmEV5YegChn98P7rYhmZ
LV_DY5eK9cckxIAprRYVu56sVW0Pl9Cf5qdYXMTmQcUeITqPcargoYdFbqUYuMNiUvj9Tluzh9MP
kVArsfxF2kaoN6By8edr9a.B2mMfogvJB851d8CdndcKEpy9W3mgFOa0cmzvIavgtavZ6jNf03KW
hUlnycwICZ9JykxMDS8Ve59bAGrjbgG7lGLQKruXx5w9R.I500yHDpLUKeCe5t7mJf2kNc44V2r7
rpAv1qrMLj1AkeXeN3mGgCseBRSc3f4JmmqarqktYSW8xdoxNv.qGIBNVYvGiXoMSOQBqsr0QKEe
hYSXbkJOmY_abglIV2wMyJrOcRR.uMhplwj2YKQlOqbfqdF8rdYmemM5I83bbVHMvHNojvUeAYxX
NgNfGoF4pWZj8wrkda8u60G3br2u4Ad9koR4.Nvk8dFccewxZBzrxbZxbSLsnf.LdhDPH_Z1pywj
1vsleSM6kMr7lkksQkeBd2dfqwpPn3tgE5Tin8hsfhO1NzuKyabbW2kRe_mHTTxVUaXzciE9hee3
0AoZvVFSKOaAtASV9dHnuufYuki9nht4HyAJGDXY6Kht4trE3gagNBrAFQDzKlW2bHD1LCPL6nnF
WnR51UqC6HcmnLV68LVanJ_sMlZaKujHY9Kr1q1LWHsZ6oTUlufbqKOy45fSucYh.Bpjo6_JIm4B
x7Gc8lUVOrOsQxJzcBRhW8B4Lg2m45XMm0F5evNNsfNH4jqTsQYvtvVfoAwz.kfb1Ux6iEA9emSG
WDen.EdIGubtBspPjOT3QvT9a_OYlr_Y19lGPbxS8Qj8Vw.HauWCiqZgQ9F6C5SQmLHYhyVnBNGa
1z3i2Ty2F76GgWAb.Ldc1V36R1nrV8.NcJDdLqP.Y8Y7BXH4CR4C9W2WfWPAqz_KNR2IwT2CcLJy
I4DopuoTI7a7mg4lwJ63emGBBOuPK8HwLbRH3A2qI3C8v2x2oYhBDqYy21d1unbY2oCZ0njwQ506
nze8UVOOnWVhK5custymnnQ9FeLI7LBhVQ8aXcZkr2IoovLCBlnvIvn_jWcoSV6dUQrXAwWAIfjJ
4HZAjlDRFobDoDp_wPhnF0Esblyxh5irGvkvaFHleaaMTMLvMEVB4ZiL582X5z4ljG251FKC3AeE
ZbVgTbCkrZRSBTLv6DzUTiPEvWYRNX47xy6OLLmDgfNjEO19qwJC3SkZ0cA8bTvUBLIG2jZpS8L0
-
X-Sonic-MF: <luangruo@HIDDEN>
Received: from sonic.gate.mail.ne1.yahoo.com by
sonic302.consmr.mail.ne1.yahoo.com with HTTP; Fri, 7 Oct 2022 12:13:11 +0000
Received: by hermes--production-sg3-cf9dc7f8d-tskmz (Yahoo Inc. Hermes SMTP
Server) with ESMTPA ID 11f6cc482bbc75c640f4994d6732d154;
Fri, 07 Oct 2022 12:13:04 +0000 (UTC)
From: Po Lu <luangruo@HIDDEN>
To: Gerd =?utf-8?Q?M=C3=B6llmann?= <gerd.moellmann@HIDDEN>
Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs
References: <m2a669atai.fsf@HIDDEN> <83fsg1osb1.fsf@HIDDEN>
<m24jwgbzm6.fsf@HIDDEN> <837d1cpzxk.fsf@HIDDEN>
<a2f0425f-f335-55df-120f-81819c412d24@HIDDEN>
<83czb3on9w.fsf@HIDDEN>
<ef057f2d-74ec-284d-6813-7059a1ab7b7b@HIDDEN>
<83a667on2a.fsf@HIDDEN>
<5481395d-f7d1-8b9f-59d5-f681c113f6dd@HIDDEN>
Date: Fri, 07 Oct 2022 20:12:58 +0800
In-Reply-To: <5481395d-f7d1-8b9f-59d5-f681c113f6dd@HIDDEN> ("Gerd
=?utf-8?Q?M=C3=B6llmann=22's?= message of "Fri, 7 Oct 2022 14:08:02 +0200")
Message-ID: <87mta7q1bp.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.91 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Mailer: WebService/1.1.20702
mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo
Content-Length: 1396
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 58334
Cc: 58334 <at> debbugs.gnu.org, Eli Zaretskii <eliz@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
Gerd M=C3=B6llmann <gerd.moellmann@HIDDEN> writes:
> int count =3D inhibit_garbahe_collection ();
> redisplay ();
> unbind_to...
Why would you only inhibit garbage collection there? What if some
finalizer function calls preedit text inside process_pending_signals?
Also, what about where we decode X preconversion text?
In the recent past, Emacs also used to run Lisp as part of the character
conversion of keyboard input, straight from handle_one_xevent:
if (nchars < nbytes)
{
/* Decode the input data. */
/* The input should be decoded with `coding_system'
which depends on which X*LookupString function
we used just above and the locale. */
setup_coding_system (coding_system, &coding);
coding.src_multibyte =3D false;
coding.dst_multibyte =3D true;
/* The input is converted to events, thus we can't
handle composition. Anyway, there's no XIM that
gives us composition information. */
coding.common_flags &=3D ~CODING_ANNOTATION_MASK;
SAFE_NALLOCA (coding.destination, MAX_MULTIBYTE_LENGTH,
nbytes);
coding.dst_bytes =3D MAX_MULTIBYTE_LENGTH * nbytes;
coding.mode |=3D CODING_MODE_LAST_BLOCK;
decode_coding_c_string (&coding, copy_bufptr, nbytes, Qnil);
nbytes =3D coding.produced;
nchars =3D coding.produced_char;
copy_bufptr =3D coding.destination;
}
How come that never caused problems?
Thanks.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 12:08:11 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 08:08:11 2022 Received: from localhost ([127.0.0.1]:34625 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogm9D-00047S-E2 for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:08:11 -0400 Received: from mail-ej1-f47.google.com ([209.85.218.47]:45050) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <gerd.moellmann@HIDDEN>) id 1ogm9B-00047E-AM for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:08:10 -0400 Received: by mail-ej1-f47.google.com with SMTP id o21so10794771ejm.11 for <58334 <at> debbugs.gnu.org>; Fri, 07 Oct 2022 05:08:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=0TbJuIeg0zOZt3JJqIUymuw4jn/CMTRGMOQzMb/UeaM=; b=WI2ZBnYVuLuN5wziE5CBuc9QABUqsGv8taliR9Ks4PjpIfVcjT1eg04tAWdahlLTVC My0mnheWkWGEf2lFj/Zwu2AAntUZuyf/ozT9aZigfVRuTTXX5DE5wH0JNPKZqGs6iikU c9M73cMVSvrMMExOcsq7nfTJbP1I/a0eJpffqldYl8IzjuBR/zIt/ETqF9IX58TgtkjY YgDensSWMeoOui59FDqGGXF+c1Up7O4qetzDPdy1lJ6Ss9E9i8wbXGY2qn9VpFmsZlmj g3++GiMsA2K1hDCnsjXsAj0EwCCVrf1T8S6fjfMycOIBzmoBECo+xXJdhZEpeXTWpuwW fNkg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=0TbJuIeg0zOZt3JJqIUymuw4jn/CMTRGMOQzMb/UeaM=; b=3wavGjvJg2RsaD6+ln95cjepq039bZR91wP9LrSwMPAICMLNyp8G1fvbV+QP4nwqpS yetpm2YmJ8K/BBH1tg2vWtUcIFahZJiL7WHAl0m5nGd8A8LsfUQua5oSUN7YRzmslwa6 MY+2jzUrI4XItCXhYl8yPKcEJA+yRs6sS9cjgwbuxcJNqZXK8JRd2JMcQhQ2WLK5ZIgn +s+atuoSPjYDzE+lxeWQugQi0rlAHuqF3ealA8xXhj7eyLp2m/mwT01NkTuF7WEecUMJ JeCRrvyjsoHMzfl4X5GptMAVnt0ERWm3fx3LgD3QI7vFw16B3IiNinJm0Rnki+Y/s3tD NvZQ== X-Gm-Message-State: ACrzQf00yMGXaQaJ4ZTZQpuz9PfGqMWBlhRKyWDnGGZ4JTVy9U/wA+ij ZGegBjgcLIhyAPQQqKwhyJo= X-Google-Smtp-Source: AMsMyM5MS0iiZv0ZCqhhdTfqTXnVb+vauRannqtflAdcONUKWouppYiGqgkhhEswsXx0Iuer9N+sRQ== X-Received: by 2002:a17:907:728f:b0:78c:336b:d8c0 with SMTP id dt15-20020a170907728f00b0078c336bd8c0mr3690901ejc.429.1665144483665; Fri, 07 Oct 2022 05:08:03 -0700 (PDT) Received: from [192.168.178.21] (pd9e36c8d.dip0.t-ipconnect.de. [217.227.108.141]) by smtp.gmail.com with ESMTPSA id e3-20020a170906314300b0078d44511979sm1122010eje.138.2022.10.07.05.08.02 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 07 Oct 2022 05:08:03 -0700 (PDT) Message-ID: <5481395d-f7d1-8b9f-59d5-f681c113f6dd@HIDDEN> Date: Fri, 7 Oct 2022 14:08:02 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.13.0 Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs Content-Language: en-US To: Eli Zaretskii <eliz@HIDDEN> References: <m2a669atai.fsf@HIDDEN> <83fsg1osb1.fsf@HIDDEN> <m24jwgbzm6.fsf@HIDDEN> <837d1cpzxk.fsf@HIDDEN> <a2f0425f-f335-55df-120f-81819c412d24@HIDDEN> <83czb3on9w.fsf@HIDDEN> <ef057f2d-74ec-284d-6813-7059a1ab7b7b@HIDDEN> <83a667on2a.fsf@HIDDEN> From: =?UTF-8?Q?Gerd_M=c3=b6llmann?= <gerd.moellmann@HIDDEN> In-Reply-To: <83a667on2a.fsf@HIDDEN> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Score: -0.8 (/) X-Debbugs-Envelope-To: 58334 Cc: 58334 <at> debbugs.gnu.org, luangruo@HIDDEN X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -2.8 (--) On 22-10-07 14:06 , Eli Zaretskii wrote: >> Date: Fri, 7 Oct 2022 14:03:58 +0200 >> Cc: 58334 <at> debbugs.gnu.org, luangruo@HIDDEN >> From: Gerd Möllmann <gerd.moellmann@HIDDEN> >> >> On 22-10-07 14:01 , Eli Zaretskii wrote: >>> I don't see how "GC inhibited" is related, except by chance. It >>> sounds wrong to conflate the two. >> >> Couldn't we bind it in nsterm.m? > > Bind what? int count = inhibit_garbahe_collection (); redisplay (); unbind_to...
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 12:06:32 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 08:06:32 2022 Received: from localhost ([127.0.0.1]:34613 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogm7b-000445-Qf for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:06:31 -0400 Received: from eggs.gnu.org ([209.51.188.92]:41654) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <eliz@HIDDEN>) id 1ogm7a-00043t-VN for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:06:31 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:46462) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1ogm7V-0007eL-Iq; Fri, 07 Oct 2022 08:06:25 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-version:References:Subject:In-Reply-To:To:From: Date; bh=kODOHNONm/zthfLAhWJAqkBXjaMCI6lzGfw1vT50uPQ=; b=K7ILWwu+AjltOVpJakg1 QxQSUchlAVum40vPRBcUHXjOsARRPjGcFUdrXz80ORzSaqpYl/OCRt0PcHXs28CYfW+rYTsr9lAhq VAGzKeL7CsS9zDreylWLdu5aEBF1XQRAgDnMcttFNpjEb5deJ/ghI+nFTpCcHnL0XRSC/Sl6XdbaM CbtJNRfxfQo8S6PZnfVg6aQFGkkNWYnzlnQjZ5e0u15O7WHju7xCJqPQTLmtA7BJnKSXRMX51AvAj VkssdCmRh1HayXOeLHYJzbz92VixDUVyb39THfJGpgk35fbZRd6dGlhThxXYHwMu0zbd4yysF/CYf KopD7b5jvZk+uA==; Received: from [87.69.77.57] (port=3860 helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1ogm7U-0003j5-RI; Fri, 07 Oct 2022 08:06:25 -0400 Date: Fri, 07 Oct 2022 15:06:21 +0300 Message-Id: <83a667on2a.fsf@HIDDEN> From: Eli Zaretskii <eliz@HIDDEN> To: Gerd =?utf-8?Q?M=C3=B6llmann?= <gerd.moellmann@HIDDEN> In-Reply-To: <ef057f2d-74ec-284d-6813-7059a1ab7b7b@HIDDEN> (message from Gerd =?utf-8?Q?M=C3=B6llmann?= on Fri, 7 Oct 2022 14:03:58 +0200) Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs References: <m2a669atai.fsf@HIDDEN> <83fsg1osb1.fsf@HIDDEN> <m24jwgbzm6.fsf@HIDDEN> <837d1cpzxk.fsf@HIDDEN> <a2f0425f-f335-55df-120f-81819c412d24@HIDDEN> <83czb3on9w.fsf@HIDDEN> <ef057f2d-74ec-284d-6813-7059a1ab7b7b@HIDDEN> MIME-version: 1.0 Content-type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 58334 Cc: 58334 <at> debbugs.gnu.org, luangruo@HIDDEN X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) > Date: Fri, 7 Oct 2022 14:03:58 +0200 > Cc: 58334 <at> debbugs.gnu.org, luangruo@HIDDEN > From: Gerd Möllmann <gerd.moellmann@HIDDEN> > > On 22-10-07 14:01 , Eli Zaretskii wrote: > > I don't see how "GC inhibited" is related, except by chance. It > > sounds wrong to conflate the two. > > Couldn't we bind it in nsterm.m? Bind what?
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 12:05:50 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 08:05:50 2022 Received: from localhost ([127.0.0.1]:34604 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogm6w-00042U-3R for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:05:50 -0400 Received: from eggs.gnu.org ([209.51.188.92]:33312) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <eliz@HIDDEN>) id 1ogm6u-00042H-ES for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:05:48 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:40592) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1ogm6p-0007ZZ-7S; Fri, 07 Oct 2022 08:05:43 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-version:References:Subject:In-Reply-To:To:From: Date; bh=SWAPVHnf7IAVw+B/261Mb2EJQTzz55RCZHWMiQ711MQ=; b=aVI1qRgQqB6iCwxR7tXq hpx4xPHM5uhGrqpV8YvMAY8ZuICnTWqt4Hlli690iLlrQCkTgCm04TnGzMntdN3np3v05CCwKQyYg 6TrOg7jp0BqLEfT7i9vPsqq/01tF1yeWHrPtBXIus0NznQ8ESFmpOF2a+zMqEgpcyD6PY/74Js+Ea RFQ0HQqXQi8ZAcKtPEwg1cLi3koZOSFO20rYvc98CizkmdHVvirD4jKo/ejIjVHIXsu5DNlcHVF92 zKKbpYX9Yajv1DHY3y5lJb4oJTSm89qV1hK84kbg6gLqSE3Ls+PXDhgDi+kE92f7//Cc5tkMzLf36 6bokjACpNkSE+g==; Received: from [87.69.77.57] (port=3818 helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1ogm6o-0003ga-LW; Fri, 07 Oct 2022 08:05:43 -0400 Date: Fri, 07 Oct 2022 15:05:41 +0300 Message-Id: <83bkqnon3e.fsf@HIDDEN> From: Eli Zaretskii <eliz@HIDDEN> To: Gerd =?iso-8859-1?Q?M=F6llmann?= <gerd.moellmann@HIDDEN> In-Reply-To: <m2r0zjhmfm.fsf@HIDDEN> (message from Gerd =?iso-8859-1?Q?M=F6llmann?= on Fri, 07 Oct 2022 14:01:49 +0200) Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN> <83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN> <m2wn9c83bu.fsf@HIDDEN> <83r0zjopre.fsf@HIDDEN> <m2zge7zxb1.fsf@HIDDEN> <83h70foo3h.fsf@HIDDEN> <m2r0zjhmfm.fsf@HIDDEN> MIME-version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 58334 Cc: luangruo@HIDDEN, 58334 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) > From: Gerd Möllmann <gerd.moellmann@HIDDEN> > Cc: luangruo@HIDDEN, 58334 <at> debbugs.gnu.org > Date: Fri, 07 Oct 2022 14:01:49 +0200 > > Eli Zaretskii <eliz@HIDDEN> writes: > > > So I would recommend to fix FACE_FROM_ID to re-generate the basic > > faces if needed, on the assumption that the cases where we have > > problems with using face ID are limited to basic faces. If, after > > that, we will find cases with non-basic faces, I'd first look for more > > opportunities to use inhibit_free_realized_faces. > > Sigh, I'd rather do something easy I'm not sure there are any "easy" solutions to this. We could keep sprinkling inhibit_free_realized_faces some more (over the last years, I added quite a few of them, and in other cases added calls to realize_basic_faces). > BTW, I've commented out the call to redisplay in nsterm.m > layoutSomething now in my branch. Let's see what the effect is. So far > I don't notice anything. If Git history for the code which calls redisplay shows commits that have references to bug reports in their log messages, perhaps read those bug reports to see if they show recipes for problems that were supposed to be fixed by adding that call.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 12:04:06 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 08:04:06 2022 Received: from localhost ([127.0.0.1]:34588 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogm5G-0003zU-EI for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:04:06 -0400 Received: from mail-ej1-f48.google.com ([209.85.218.48]:33294) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <gerd.moellmann@HIDDEN>) id 1ogm5E-0003z0-Vy for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:04:05 -0400 Received: by mail-ej1-f48.google.com with SMTP id q9so6310342ejd.0 for <58334 <at> debbugs.gnu.org>; Fri, 07 Oct 2022 05:04:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=ZUFPCV85XMa59IM9tSMR138bpGYSSHep1fiDZUmf57c=; b=n1PQCSdPewLEMEXudkBWAcmRxvSTkEYa4tV1TD5tXIEs4tB5nMKdXpzIkYcMRSrJ64 9n1kqgbjfn/iTZqSGMdIoi7Cfk2623Ji+laBml8BargPd2GHWiY0Vus9Az7IZM33MTvf yQ6ZnTgDKinF1p9Jkaw9l6WZ10uv4D8A4PHXtoIeHgRU+TlSrLXh3sMjVxwVsaTS4J2C bPHr8jz7hk2ZQJnFhhA/KOSlKIRYhZWwulcnjiyRzFL/YglXZmU5BnVz7nvZ6W7MpRIQ bvvdc6wpkMyt8bDAdEN3sgpiXpeXp2s36rJlc5p8SEBZyfRL023xhjW2bAIC7gKgjhOv xkmA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=ZUFPCV85XMa59IM9tSMR138bpGYSSHep1fiDZUmf57c=; b=dcwjsiOhAUdW2VNhAsVWCFiYd3XCJy33MDQNEMT2Qzoihn0dWw0F+hbpUN9bRFvUTQ 7o43EnNZTqUbQlwdHHrE0InPX7L4gGW6/4G4baB2DVtO1bYpbxAmtUBvPvcGbFGIyZ63 kxYbfck9mAeWkwuCuxZ3M7z9s6FCeAhQVsteZhiHJurEo/d8vvjlVGVzgQFp434SSy75 /iU4cviROtbnK7qbzHc9dRUzuzSjlE89Nwzo5r6ZfmRfRziajksUuST4cTg5q5IrloLP oHGDfYnKobSKKQjcO/oNo8IMwZtctsNJf/V6vmFuSqrbQJRDUy1RBoAksDr7WpSb+dha MXhw== X-Gm-Message-State: ACrzQf2wG8eIwwPgisSntA/UOJFletbhIdctkHmQNcV2wzJPz0qx7rZZ 3YWMqx6L8Q/EoIXzo1+3eZ9FnsCZlQHgOg== X-Google-Smtp-Source: AMsMyM4MDg9019b9LDw+qfLg6NM+fZtARr95w5D+WfLgcNasPbVVBNXfhTUcVLHStHWpwC6f0sEDHA== X-Received: by 2002:a17:906:eec7:b0:733:189f:b07a with SMTP id wu7-20020a170906eec700b00733189fb07amr3868757ejb.230.1665144239405; Fri, 07 Oct 2022 05:03:59 -0700 (PDT) Received: from [192.168.178.21] (pd9e36c8d.dip0.t-ipconnect.de. [217.227.108.141]) by smtp.gmail.com with ESMTPSA id os22-20020a170906af7600b0078d76ee7543sm727161ejb.222.2022.10.07.05.03.58 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 07 Oct 2022 05:03:58 -0700 (PDT) Message-ID: <ef057f2d-74ec-284d-6813-7059a1ab7b7b@HIDDEN> Date: Fri, 7 Oct 2022 14:03:58 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.13.0 Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs Content-Language: en-US To: Eli Zaretskii <eliz@HIDDEN> References: <m2a669atai.fsf@HIDDEN> <83fsg1osb1.fsf@HIDDEN> <m24jwgbzm6.fsf@HIDDEN> <837d1cpzxk.fsf@HIDDEN> <a2f0425f-f335-55df-120f-81819c412d24@HIDDEN> <83czb3on9w.fsf@HIDDEN> From: =?UTF-8?Q?Gerd_M=c3=b6llmann?= <gerd.moellmann@HIDDEN> In-Reply-To: <83czb3on9w.fsf@HIDDEN> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: -1.8 (-) X-Debbugs-Envelope-To: 58334 Cc: 58334 <at> debbugs.gnu.org, luangruo@HIDDEN X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -2.8 (--) On 22-10-07 14:01 , Eli Zaretskii wrote: > I don't see how "GC inhibited" is related, except by chance. It > sounds wrong to conflate the two. Couldn't we bind it in nsterm.m?
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.
Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 12:02:00 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 08:02:00 2022
Received: from localhost ([127.0.0.1]:34583 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1ogm3D-0003w1-SU
for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:02:00 -0400
Received: from mail-ej1-f51.google.com ([209.85.218.51]:46614)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <gerd.moellmann@HIDDEN>) id 1ogm3B-0003vc-U0
for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:01:58 -0400
Received: by mail-ej1-f51.google.com with SMTP id bj12so10738488ejb.13
for <58334 <at> debbugs.gnu.org>; Fri, 07 Oct 2022 05:01:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112;
h=mime-version:user-agent:message-id:date:references:in-reply-to
:subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to;
bh=+dK6t403RI0LSPOlk36rpTkpoOuBy1PMM0/4MtYlVu8=;
b=BjILsyRXU7qLkjZWXfClxjL4eh4MihLzTZ0vHrpCTFUZqgaROI+jFv4k39qXS1ivhK
fHYq4ml0fEZWKCbNZoJZqpzxZdmjfINKkjtp6p6bmKFGDRa8UuKyLhQx0+BnSZzh+OqR
+jcfwenak1i9efNEaaYeP86kJFpGk508hRp91FKdjta6FSvI9KScYajVh/eeH2jshJ9x
l8YWovaYaz4Q6EO5SoEbet9JwRC9arVzqBkxAhMcuyjRZqhV7pIgDzugxC+/iUHmU2yC
8+lUR1gPArLFbyD2ULgqON3zxs/AkH28EjoR6SjVqr+3Y+KOJJgxyi/ki7dk/HeM2Qg7
I2nw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=mime-version:user-agent:message-id:date:references:in-reply-to
:subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date
:message-id:reply-to;
bh=+dK6t403RI0LSPOlk36rpTkpoOuBy1PMM0/4MtYlVu8=;
b=W/lueumU2BtGKq7hnINveT6fB+wNa14AhQ/sPfa053uBk0MlkoYlHgheJn+Q/7jbAe
ZH2A9Avq+v71AYVaZrvFYn2A0VW5Dd3wcjmdgf7WsjQQSivjcKqbnrxOv6zv3WXB+BSa
jobu0XQZtx6n5Pk6zRHcRuSNIWO+na2+fOL+oyORIpLaI/MavvqjxCkxeQo2CRDnw0AR
ktHeXF4otBNFaAuLR+9R6Qmhw8L16pAN9qZNMhyguk19ZOTIaGicJ1dGKm1ASULi8eua
VgP0IjQngZuYoygXfdDMuAOoBtErMKCx7sW4ZoZnBietInJaS6fsligra+kRkt3vNzj7
CFgA==
X-Gm-Message-State: ACrzQf1dzPs0I48TOJ0gaq7Q4DqQj6dUcDRZUHp8RuBAPWsskVOk6WYx
CNJqMbb+u3f7KNamGYgVS/qLfPGCom9/lg==
X-Google-Smtp-Source: AMsMyM4/wEM/y43s+98vLDuKPEhWppuFTC8NmL7iMfkYNcF7No4rirSIGthJuXVuGPlbc76m+sMvKA==
X-Received: by 2002:a17:906:b08d:b0:782:d526:3e36 with SMTP id
x13-20020a170906b08d00b00782d5263e36mr3826080ejy.358.1665144111643;
Fri, 07 Oct 2022 05:01:51 -0700 (PDT)
Received: from Mini.fritz.box (pd9e36c8d.dip0.t-ipconnect.de.
[217.227.108.141]) by smtp.gmail.com with ESMTPSA id
sb25-20020a1709076d9900b0077077b59085sm1111182ejc.184.2022.10.07.05.01.50
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Fri, 07 Oct 2022 05:01:51 -0700 (PDT)
From: =?utf-8?Q?Gerd_M=C3=B6llmann?= <gerd.moellmann@HIDDEN>
To: Eli Zaretskii <eliz@HIDDEN>
Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs
In-Reply-To: <83h70foo3h.fsf@HIDDEN> (Eli Zaretskii's message of "Fri, 07 Oct
2022 14:44:02 +0300")
References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN>
<83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN>
<m2wn9c83bu.fsf@HIDDEN> <83r0zjopre.fsf@HIDDEN>
<m2zge7zxb1.fsf@HIDDEN> <83h70foo3h.fsf@HIDDEN>
Date: Fri, 07 Oct 2022 14:01:49 +0200
Message-ID: <m2r0zjhmfm.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 58334
Cc: luangruo@HIDDEN, 58334 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
Eli Zaretskii <eliz@HIDDEN> writes:
> So I would recommend to fix FACE_FROM_ID to re-generate the basic
> faces if needed, on the assumption that the cases where we have
> problems with using face ID are limited to basic faces. If, after
> that, we will find cases with non-basic faces, I'd first look for more
> opportunities to use inhibit_free_realized_faces.
Sigh, I'd rather do something easy, and continue with what I wanted to
try out in the branch here. It has only gpt one commit so far, in 3 or
4 days.
> One other thing is that inhibit_free_realized_faces is a boolean, so
> if nesting is possible, it cannot support such nesting; we'd need a
> reference count instead.
Yes, that's why I asked if we get by with something like this:
diff --git a/src/xdisp.c b/src/xdisp.c
index 9534e27843..fd94509fe4 100644
--- a/src/xdisp.c
+++ b/src/xdisp.c
@@ -3179,7 +3179,8 @@ init_iterator (struct it *it, struct window *w,
free realized faces now because they depend on face definitions
that might have changed. Don't free faces while there might be
desired matrices pending which reference these faces. */
- if (!inhibit_free_realized_faces)
+ if (!inhibit_free_realized_faces
+ && !garbage_collection_inhibited)
{
if (face_change)
{
BTW, I've commented out the call to redisplay in nsterm.m
layoutSomething now in my branch. Let's see what the effect is. So far
I don't notice anything.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 12:01:57 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 08:01:57 2022 Received: from localhost ([127.0.0.1]:34580 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogm39-0003vl-9R for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:01:57 -0400 Received: from eggs.gnu.org ([209.51.188.92]:37960) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <eliz@HIDDEN>) id 1ogm37-0003vX-IL for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 08:01:53 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:52718) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1ogm32-0006kZ-47; Fri, 07 Oct 2022 08:01:48 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-version:References:Subject:In-Reply-To:To:From: Date; bh=+aUeDXpLU+Q8rzuW6Us+d/pFZ0ljGPGF4VAoQE51cmU=; b=eAORmaln3ZtT1qRkRaqg pp+icd4ZT9xZJx3nFyopMBRI7+EN4YzgG7DeVwxyx4+hob4U7+T39JmEWAYaIwzOsMlDezcZ6te59 atwQC5HuOGxghW3MQJ+zsML5ABVxGisE8n7S8SBQMaxiVtHWPKSIMta42H8MX1G9jNqW2EHOOVt4k BwyY8EOhYwtxptMh2s1L/PiZd8NCDvLQWY4uKIEGU1Nahi5l/adGl+4D6w+sIBazlvpdACrQoORHz fcbPFHMA5uv1g6mw7eiFEvtJqtiiu/4J97iliEpLN+NXPUWiSU4YvPOIVXWmFkGRzVya+Ylglvb+v n/DPvdk5U5Cnyw==; Received: from [87.69.77.57] (port=3575 helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1ogm31-0003HS-I3; Fri, 07 Oct 2022 08:01:47 -0400 Date: Fri, 07 Oct 2022 15:01:47 +0300 Message-Id: <83czb3on9w.fsf@HIDDEN> From: Eli Zaretskii <eliz@HIDDEN> To: Gerd =?utf-8?Q?M=C3=B6llmann?= <gerd.moellmann@HIDDEN> In-Reply-To: <a2f0425f-f335-55df-120f-81819c412d24@HIDDEN> (message from Gerd =?utf-8?Q?M=C3=B6llmann?= on Thu, 6 Oct 2022 20:36:22 +0200) Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs References: <m2a669atai.fsf@HIDDEN> <83fsg1osb1.fsf@HIDDEN> <m24jwgbzm6.fsf@HIDDEN> <837d1cpzxk.fsf@HIDDEN> <a2f0425f-f335-55df-120f-81819c412d24@HIDDEN> MIME-version: 1.0 Content-type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 58334 Cc: 58334 <at> debbugs.gnu.org, luangruo@HIDDEN X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) > Date: Thu, 6 Oct 2022 20:36:22 +0200 > Cc: 58334 <at> debbugs.gnu.org, luangruo@HIDDEN > From: Gerd Möllmann <gerd.moellmann@HIDDEN> > > On 22-10-06 20:30 , Eli Zaretskii wrote: > > Actually, I no longer think this will help, because redisplay_internal > > sets inhibit_free_realized_faces to zero at the beginning... > > Yeah, I've seen the specbind right now. > > > Any way of figuring out which face is it that triggers the ASAN? Is > > it one of the basic faces, or some non-basic face? > > I'm afraid no. What about the idea to additionally check for inhibited > GC? That is, free faces only if not imhibit_free and not imhibit_gc? I don't see how "GC inhibited" is related, except by chance. It sounds wrong to conflate the two.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 11:44:12 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 07:44:12 2022 Received: from localhost ([127.0.0.1]:34552 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogllz-0003QZ-SO for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:44:12 -0400 Received: from eggs.gnu.org ([209.51.188.92]:56892) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <eliz@HIDDEN>) id 1ogllx-0003QM-SP for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:44:10 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:54326) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1oglls-0003xh-FJ; Fri, 07 Oct 2022 07:44:04 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-version:References:Subject:In-Reply-To:To:From: Date; bh=EZelO/4HG4len7mCSOZZe1Cnoc8fYViEFhAp0T6gi3w=; b=J4heywzN80tV72OrZLIm VYANeSx4WLu+EUT/1iwEimZDTAFvpZCCMP6YsMs3GE9GakrQMuktnB/bmN0ZmV3j9U/V8/j1QvMHJ +Q1jcGyjLJFQg827NPZ36oo4h5dpCgtq68lDMKEJI9SwqXdreEgUfYUeeAGFUBLCcfXKWjTohEdz/ rEnuQz8mYAnZIs2Es0fctehsqNpPh6HPk6ojwpQovMCOYqsTGPqeYwQTu3xmtVwkXXK/lrTTjefht uBJ5VjyHvzTDWgsZkIgQFejWwjPGXXLfi8ZlXk255+1ZBED5UROxx3u6MyOqAk2FOa8hVR+jQp+eL BiDaRgq3AfENBA==; Received: from [87.69.77.57] (port=2486 helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1ogllr-0006hO-SO; Fri, 07 Oct 2022 07:44:04 -0400 Date: Fri, 07 Oct 2022 14:44:02 +0300 Message-Id: <83h70foo3h.fsf@HIDDEN> From: Eli Zaretskii <eliz@HIDDEN> To: Gerd =?utf-8?Q?M=C3=B6llmann?= <gerd.moellmann@HIDDEN> In-Reply-To: <m2zge7zxb1.fsf@HIDDEN> (message from Gerd =?utf-8?Q?M=C3=B6llmann?= on Fri, 07 Oct 2022 13:29:38 +0200) Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN> <83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN> <m2wn9c83bu.fsf@HIDDEN> <83r0zjopre.fsf@HIDDEN> <m2zge7zxb1.fsf@HIDDEN> MIME-version: 1.0 Content-type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 58334 Cc: luangruo@HIDDEN, 58334 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) > From: Gerd Möllmann <gerd.moellmann@HIDDEN> > Cc: luangruo@HIDDEN, 58334 <at> debbugs.gnu.org > Date: Fri, 07 Oct 2022 13:29:38 +0200 > > If we don't change some other shared state, then we're safe if we > prevent freeing faces? That's would be good. Yes, I think so. But preventing freeing the faces is a losing game, in the long run, because we cannot prevent that forever without adversely affecting the Emacs memory footprint. I think a better way is to re-generate the faces when we discover they were freed. This is easy for the basic faces, but fundamentally impossible for non-basic ones. That's why I asked you earlier whether the offending face was a basic one. However, I think we can rely on inhibit_free_realized_faces to avoid freeing non-basic faces, if we use that flag in strategic places. Basically, non-basic faces are realized and cached by redisplay itself, so theoretically we should be able to prevent their freeing (and perhaps we already have that in place, see redisplay_internal). So I would recommend to fix FACE_FROM_ID to re-generate the basic faces if needed, on the assumption that the cases where we have problems with using face ID are limited to basic faces. If, after that, we will find cases with non-basic faces, I'd first look for more opportunities to use inhibit_free_realized_faces. One other thing is that inhibit_free_realized_faces is a boolean, so if nesting is possible, it cannot support such nesting; we'd need a reference count instead.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 11:38:18 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 07:38:18 2022 Received: from localhost ([127.0.0.1]:34539 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1oglgI-0003HT-F9 for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:38:18 -0400 Received: from mail-ed1-f51.google.com ([209.85.208.51]:44012) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <gerd.moellmann@HIDDEN>) id 1oglgG-0003HF-4N for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:38:16 -0400 Received: by mail-ed1-f51.google.com with SMTP id z3so5649995edc.10 for <58334 <at> debbugs.gnu.org>; Fri, 07 Oct 2022 04:38:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=CA+H6qgG/ca2ix/G2Ok4YRE337ri2fY4cAplmLWAXxk=; b=mTU4V+0YVkzpCyeCHGEXJGWtAi6mmIePlV6J3JqeiicFeENoecTvchfx2tsLf6USW1 lP7R8MnuFBq6o35gSz/Fktmc+POVpHXCXks3rg0W05yYSBX4Flw76hf169/iUmh7MRIP o8hq4ZGbGmz2Qnzrg1GLtjlZXfeSIHvwaYq7AQWxuSGm7f2iC6XZLxpG2m2cqFFkmcPU eRWF+UaoJEkASG9NE0v5kDQ5klYc31HYlMiXfZzkDPMYYOQYVPBz5BuCdjy5Bu6hukV2 J3zh6nTfNLN3mlTePKfTeKD9IseSlUBA+otnptAHTKmFCrK24Kan5oX4CI0fOwM4Jg5t XGJQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=CA+H6qgG/ca2ix/G2Ok4YRE337ri2fY4cAplmLWAXxk=; b=NabnlCHF1dUJOOLqe7MJbvTC0//L4RCG1HWORUVCwaG7G08FEt2oncYhomiEduTuh4 US7f+0INdQjVwCcy3mWCEo3NwvxAZbV6fDaznPnDm+sYtQJh9f9bDj4pA4we8fAR9dwm bfF2efsC55ZGBuRSkW4qq4kVSskhvPNyTFsgZdvpbasr6aXE3mpLuXVD0E7ZFadjOW8R jUwt5XM8o7hMw01TZeeQ7LMfgG2AZ/x3UlIh1wYAJlIJE/qZUewYVXheK93OH8Eu1iir V64Pglt39Q1yF64yzZNLeHJqxom5h2kHbOgw6P6NmEk0JVS/aaAmL2iJ0eKKDopdZOuS 81qw== X-Gm-Message-State: ACrzQf1RZt5VKGRT5/LWEjCa/IIlWGOTFEVUmmj8Tf7YFv8b8FWXYlkg o7e6DYjRmnLyU9QHv8plkGdZcMjTvnf/pg== X-Google-Smtp-Source: AMsMyM78wtYhmflQt36TbGaYV1nXwrwb+51UDeeQBlH5Al2WzXOw8guvyd91bDagnyjrQLwg+AphTQ== X-Received: by 2002:a05:6402:2926:b0:459:675b:38a9 with SMTP id ee38-20020a056402292600b00459675b38a9mr4193440edb.60.1665142690529; Fri, 07 Oct 2022 04:38:10 -0700 (PDT) Received: from [192.168.178.21] (pd9e36c8d.dip0.t-ipconnect.de. [217.227.108.141]) by smtp.gmail.com with ESMTPSA id k25-20020a50c099000000b004592ede1bb9sm1293829edf.89.2022.10.07.04.38.09 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 07 Oct 2022 04:38:09 -0700 (PDT) Message-ID: <a2cc67a9-62e0-c108-e6c4-67b2081b73aa@HIDDEN> Date: Fri, 7 Oct 2022 13:38:09 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.13.0 Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs Content-Language: en-US To: Po Lu <luangruo@HIDDEN> References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN> <83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN> <m2wn9c83bu.fsf@HIDDEN> <874jwgqbd6.fsf@HIDDEN> <m27d1c10ad.fsf@HIDDEN> <87zge8orla.fsf@HIDDEN> <m235bz28ic.fsf@HIDDEN> <87r0zjq3s6.fsf@HIDDEN> From: =?UTF-8?Q?Gerd_M=c3=b6llmann?= <gerd.moellmann@HIDDEN> In-Reply-To: <87r0zjq3s6.fsf@HIDDEN> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Score: -1.8 (-) X-Debbugs-Envelope-To: 58334 Cc: 58334 <at> debbugs.gnu.org, Eli Zaretskii <eliz@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -2.8 (--) On 22-10-07 13:19 , Po Lu wrote: > Gerd Möllmann <gerd.moellmann@HIDDEN> writes: > >> So, do you agree that block_input wouldn't solve the problem? Or does >> it? > > It should, because it prevents the read_socket_hook from being called. > However, you must keep in mind that anything that can call unblock_input > can also run redisplay, as unblock_input reads pending async input if > the input is completely unblocked. Thanks.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 11:35:21 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 07:35:21 2022 Received: from localhost ([127.0.0.1]:34534 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogldQ-0003DJ-Sm for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:35:21 -0400 Received: from eggs.gnu.org ([209.51.188.92]:58320) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <eliz@HIDDEN>) id 1ogldO-0003D4-QL for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:35:19 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:37064) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1ogldG-0002zX-O5; Fri, 07 Oct 2022 07:35:12 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-version:References:Subject:In-Reply-To:To:From: Date; bh=c2q56osyvadmYpm3y93uu2Vh1lVqtmZvx5LkycYieDg=; b=NEKFfhjNPRvBbyPYr46j 2+Mop+BDVSExbDv2H7STRuYVYiqiCJbQA+izmUfmate4tyk5imnYWC8+bagBqFpFLGMIX1Ann9HU3 TxTDSK6/9HjAwHDGhol6ldzmKMtkQnZWYmJoACGvSHlstJIZa5mP8Di27yFPDW6QPxDeBIJjKG8fR QzYCMlzxd/xCX09xdGKC1HFe3xWflnVi9S5T5ZdWmsqJeYm0Gb8VPe3mxoTLR/uCh/wCjGn/aUYqt CNFRnW2Du3Zz96+tngj4y4f4FHG1+s5Wt1syNB9JOFAZaTR9SxiQ7jjMaT48Zh0pc5VtSrSoaj00P uGN4QLQxv1db/w==; Received: from [87.69.77.57] (port=1935 helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1ogld4-00068o-OY; Fri, 07 Oct 2022 07:35:09 -0400 Date: Fri, 07 Oct 2022 14:34:57 +0300 Message-Id: <83ilkvooim.fsf@HIDDEN> From: Eli Zaretskii <eliz@HIDDEN> To: Po Lu <luangruo@HIDDEN> In-Reply-To: <87r0zjq3s6.fsf@HIDDEN> (message from Po Lu on Fri, 07 Oct 2022 19:19:53 +0800) Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN> <83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN> <m2wn9c83bu.fsf@HIDDEN> <874jwgqbd6.fsf@HIDDEN> <m27d1c10ad.fsf@HIDDEN> <87zge8orla.fsf@HIDDEN> <m235bz28ic.fsf@HIDDEN> <87r0zjq3s6.fsf@HIDDEN> MIME-version: 1.0 Content-type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 58334 Cc: gerd.moellmann@HIDDEN, 58334 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) > From: Po Lu <luangruo@HIDDEN> > Cc: Eli Zaretskii <eliz@HIDDEN>, 58334 <at> debbugs.gnu.org > Date: Fri, 07 Oct 2022 19:19:53 +0800 > > Gerd Möllmann <gerd.moellmann@HIDDEN> writes: > > > So, do you agree that block_input wouldn't solve the problem? Or does > > it? > > It should, because it prevents the read_socket_hook from being called. > However, you must keep in mind that anything that can call unblock_input > can also run redisplay, as unblock_input reads pending async input if > the input is completely unblocked. IMNSHO, we cannot start blocking input left and right, because it will make Emacs unresponsive. I think a better alternative is to audit the uses of FACE_FROM_ID and see what we can do to protect their callers from a situation where the frame's face cache was freed since the face ID was obtained. We could even make the remedy be part of FACE_FROM_ID itself, so it will "self-heal", so to speak.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 11:35:06 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 07:35:06 2022 Received: from localhost ([127.0.0.1]:34530 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogldC-0003Cm-IQ for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:35:06 -0400 Received: from mail-ed1-f51.google.com ([209.85.208.51]:45821) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <gerd.moellmann@HIDDEN>) id 1ogldB-0003CE-83 for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:35:05 -0400 Received: by mail-ed1-f51.google.com with SMTP id m3so6588951eda.12 for <58334 <at> debbugs.gnu.org>; Fri, 07 Oct 2022 04:35:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to; bh=9ivIpz+F28hx7MhqXF6Zy8dy/iQ9D6DGEkhtkoQs2vc=; b=OrU32YFe1x+YeCJlGb2WQVt8uF/52+UdijjonJx2nS+y9nF3iwWOnKADnUFmhKmkOZ XUMUtVnircE1xNAL0b8rPJiHOwovX3iqn19MJID/NZI0bHQBV3O2etWeQ7+vPE70FRHZ bzgtoPff6AXdLyGKpM7YOTiZ/PZygZjwMC11f9Z/9L4g3vd8lhfraxKyzfDj4eH9cECz y5WqsnBpqpWQbNz0lnJpjD6jH5w2vgmvoja7peTDHy+0xSRkVJYzE7mHEdhO17uRU5PU GjNZK3jV2pktugBCk0f7pZjb5PD5fIYTeQKILLyO76DmhhdhYZ+/GUIH7ukMYIqOMWQF eRMg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=9ivIpz+F28hx7MhqXF6Zy8dy/iQ9D6DGEkhtkoQs2vc=; b=DFgnvepSx8rzAUaT0XISgjIdQEttTaJ4WRpLZfZS2rbBtfGrPATMbF42OI28g3mE0C KNSrkaM6E16Ot/lnGqR/Zwe+nWWcFdsUclSPoIFQQnXNyj0bfjhXGbTCPJxNEGLr9Pry FdjDKZOjkBw0CjDpF7qtDe+aliZE/D9X2C/Vt2GdaMdN2OBqIsLXQRyyCJKCwjz16lwQ suVDRPoC3DsXGI/R4KokAM8rK8KHn6UmAi74pXdPaoR91iVZcE3RLajeshaOMXdW6/B9 OpmWfJIe/tdrOr/DsYUfi/OY+ughaXQ0Neqqb+EdA0oYErll4UXohUVgTH38x/zofSA8 1Gzw== X-Gm-Message-State: ACrzQf3igQQzFdQw+JX/2iviYjh4c0WTvpLAntPlUBwJfAdJ+ypKHjOc 7zUnUAmBxYRJRFQebNYMKMgpPG6vvoSuoQ== X-Google-Smtp-Source: AMsMyM5THUuutEAkuV7z5C6+KGMNF1HhFtqrc10qTTT7VIREIPjoINgm1+AwOqQ41bXPGml9uKcUWA== X-Received: by 2002:a05:6402:5189:b0:451:791e:f328 with SMTP id q9-20020a056402518900b00451791ef328mr4067331edd.282.1665142499097; Fri, 07 Oct 2022 04:34:59 -0700 (PDT) Received: from Mini.fritz.box (pd9e36c8d.dip0.t-ipconnect.de. [217.227.108.141]) by smtp.gmail.com with ESMTPSA id u17-20020a1709061db100b0073d796a1043sm1064252ejh.123.2022.10.07.04.34.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 07 Oct 2022 04:34:58 -0700 (PDT) From: =?utf-8?Q?Gerd_M=C3=B6llmann?= <gerd.moellmann@HIDDEN> To: Eli Zaretskii <eliz@HIDDEN> Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs In-Reply-To: <83mta7op7l.fsf@HIDDEN> (Eli Zaretskii's message of "Fri, 07 Oct 2022 14:19:58 +0300") References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN> <83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN> <m2wn9c83bu.fsf@HIDDEN> <874jwgqbd6.fsf@HIDDEN> <m27d1c10ad.fsf@HIDDEN> <83mta7op7l.fsf@HIDDEN> Date: Fri, 07 Oct 2022 13:34:57 +0200 Message-ID: <m2wn9bzx26.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 58334 Cc: luangruo@HIDDEN, 58334 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Eli Zaretskii <eliz@HIDDEN> writes: > If you are thinking about expose_frame and friends, then that was > changed years ago not to run from the signal handler, so it cannot > cause any problems to code that modifies the glyph matrices. Again what learned. I was indeed thinking of that. Thanks.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 11:29:47 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 07:29:47 2022 Received: from localhost ([127.0.0.1]:34525 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1oglY2-0000sA-QX for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:29:47 -0400 Received: from mail-ed1-f48.google.com ([209.85.208.48]:44900) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <gerd.moellmann@HIDDEN>) id 1oglY2-0000rx-1P for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:29:46 -0400 Received: by mail-ed1-f48.google.com with SMTP id g27so6572192edf.11 for <58334 <at> debbugs.gnu.org>; Fri, 07 Oct 2022 04:29:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=CFeYcESFSJNRG+cZYIiikiqLJ8roSldTupupPJ2bHDE=; b=enRViIhrVEeufC7dliVRUdUnctah1mOrlaXQAV38BSjpS5hLftysIa8nxTg4018ulG nQHifWX4uHWvju9m70XBXzxDzL2Cfw3Siy/0JUvXm90uuG7R4PAqLcVknVAXpxiQuzor /ZNKAAKq43lZ47Mgu4hx7iphjQ8DTqaK/ZMan8xQufhp2fmUylKbdU1Eaobmg+iADfeE n3UaFDYc2jRXXeZOPkRMIV6tYCULvwgojPNqw4HRSxTDnmShLVr66lT6GmYiK8S/7SkK xCrHHMGnk3vapc5fpI+yuEHj+0OSCuAZopciO4gN6YIQ8xbGBsEFO4+WQDWvQOViMfEb pe1Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=CFeYcESFSJNRG+cZYIiikiqLJ8roSldTupupPJ2bHDE=; b=XkvityQJK6KU6U0IR5EmmjoFkLaPnJbGFjPyAzHaXbqT6lZApXsNnsSuZLeuyRgPi4 zGhcHjcG16jnbhCSXQR26LjXPJvK9vAZAu3YhijCxQ/fOUxPqnWaY0R0kfIDxcs9+tki e7vLBcaY7lV1kZOYy/vUapuwVPkZjAboIx2Nfe70e4U/UYuRj/GbSqO3Q654t9B78zVx ktqGnytJhaWybLY0kqCS9MjKrKb0OA2qp48U8IPFrFc7sNNp8+6Azre834HF+td/TzZk YHeGThza3xHuggtSBpnNwRxvk+TQhYEbAp89FkFfMhRi35yA63jNPeRi6NKAi/nc3PPl iiYg== X-Gm-Message-State: ACrzQf2yWyklkxCqJCjPLDtVuNoU1b8WtQ+PvULgP2pmKzBTzVma+Qvo NlUUw2ILT2hS5V9Aw2RUlkQgS8LBihcDAw== X-Google-Smtp-Source: AMsMyM4MUpYB/vzHTsg56K8cDeMvuPmbIRwyi43a88e0Qf1UXd676ag08WwUqXGCiZoKgmJd3UBcDA== X-Received: by 2002:aa7:dd45:0:b0:458:7474:1fbe with SMTP id o5-20020aa7dd45000000b0045874741fbemr4114902edw.334.1665142179730; Fri, 07 Oct 2022 04:29:39 -0700 (PDT) Received: from Mini.fritz.box (pd9e36c8d.dip0.t-ipconnect.de. [217.227.108.141]) by smtp.gmail.com with ESMTPSA id 13-20020a170906308d00b0078c1e174e11sm1073580ejv.136.2022.10.07.04.29.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 07 Oct 2022 04:29:39 -0700 (PDT) From: =?utf-8?Q?Gerd_M=C3=B6llmann?= <gerd.moellmann@HIDDEN> To: Eli Zaretskii <eliz@HIDDEN> Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs In-Reply-To: <83r0zjopre.fsf@HIDDEN> (Eli Zaretskii's message of "Fri, 07 Oct 2022 14:08:05 +0300") References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN> <83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN> <m2wn9c83bu.fsf@HIDDEN> <83r0zjopre.fsf@HIDDEN> Date: Fri, 07 Oct 2022 13:29:38 +0200 Message-ID: <m2zge7zxb1.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 58334 Cc: luangruo@HIDDEN, 58334 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Eli Zaretskii <eliz@HIDDEN> writes: >> From: Gerd M=C3=B6llmann <gerd.moellmann@HIDDEN> >> Cc: Po Lu <luangruo@HIDDEN>, 58334 <at> debbugs.gnu.org >> Date: Fri, 07 Oct 2022 10:07:01 +0200 >>=20 >> Gerd M=C3=B6llmann <gerd.moellmann@HIDDEN> writes: >>=20 >> > Eli Zaretskii <eliz@HIDDEN> writes: >> >> IOW, I don't see how block_input anywhere can solve this particular >> >> problem. >> > >> > I wonder too. >>=20 >> And, while vaccuming, I also wondered what happens with the glyph >> matrices, and maybe other global state? > > Fvertical_motion (and other functions that call the move_it_* > functions) in general don't rely on glyph matrices. So I'm not sure > what exactly worries you. I not yet worried, just wondering :-). If we don't change some other shared state, then we're safe if we prevent freeing faces? That's would be good.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 11:29:38 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 07:29:38 2022 Received: from localhost ([127.0.0.1]:34522 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1oglXu-0000ro-Ei for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:29:38 -0400 Received: from eggs.gnu.org ([209.51.188.92]:35896) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <eliz@HIDDEN>) id 1oglXs-0000rb-O8 for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:29:37 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:38052) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1oglXc-0001y3-N9; Fri, 07 Oct 2022 07:29:31 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-version:References:Subject:In-Reply-To:To:From: Date; bh=I2wvP9oomFIKmC2EolujtwQ1VjLyC9YM9WQ9fYFBhBk=; b=lYAatGA+PzlVhPDf715G B90BiXXgzo8SGk7J3h/Cgf585hWxUhJrKtICEIw6EzVjeKC14LHtpAp+YnKPrJpbeznHn/0bQ6uB6 x5N65UF06QjENa1ok/KNL77cMwVIW3mEFDRd4F9yywvqAS73VC20NXRHlT115pRcim4hDt/Zuixl9 hJ9hP2pCUlCMUNadLX4BDaw9xkwu2QENIyYJU47KniZgE/QUvpF17Dx9WCqIo2xYFatSGGNFQp9qu hQadQaEFF20rCtJ4yslGsM0mTGtxiEUsFAvd1pfabnFiQdIeTPMb/rAbN75CHjvVXeoyd/Jt5c8e6 dZ2sxnkzIAgRFw==; Received: from [87.69.77.57] (port=1590 helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1oglXb-0003NC-Eg; Fri, 07 Oct 2022 07:29:20 -0400 Date: Fri, 07 Oct 2022 14:29:19 +0300 Message-Id: <83k05boos0.fsf@HIDDEN> From: Eli Zaretskii <eliz@HIDDEN> To: Po Lu <luangruo@HIDDEN> In-Reply-To: <87zge8orla.fsf@HIDDEN> (message from Po Lu on Fri, 07 Oct 2022 18:28:33 +0800) Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN> <83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN> <m2wn9c83bu.fsf@HIDDEN> <874jwgqbd6.fsf@HIDDEN> <m27d1c10ad.fsf@HIDDEN> <87zge8orla.fsf@HIDDEN> MIME-version: 1.0 Content-type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 58334 Cc: gerd.moellmann@HIDDEN, 58334 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) > From: Po Lu <luangruo@HIDDEN> > Cc: Eli Zaretskii <eliz@HIDDEN>, 58334 <at> debbugs.gnu.org > Date: Fri, 07 Oct 2022 18:28:33 +0800 > > Gerd Möllmann <gerd.moellmann@HIDDEN> writes: > > > Redisplay has two phases: > > > > 1. Building desired matrices, that is, what should be on the screen > > after redisplay. > > Well, at least there's this in redisplay_internal (I think you wrote > it): > > /* I don't think this happens but let's be paranoid. */ > if (redisplaying_p) <================================= > return; > > So perhaps the right thing to do would be to replace the comment with > one saying that process_pending_signals can potentially cause redisplay > to be called within itself. You don't need process_pending_signals, it's enough that some hook calls 'redisplay' from Lisp.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.
Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 11:20:12 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 07:20:12 2022
Received: from localhost ([127.0.0.1]:34515 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1oglOm-0000eI-Bu
for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:20:12 -0400
Received: from sonic310-23.consmr.mail.ne1.yahoo.com ([66.163.186.204]:40793)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <luangruo@HIDDEN>) id 1oglOi-0000dh-NE
for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:20:08 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
t=1665141602; bh=uvX2y7fUzFGYQcmnsIWHX1P8Sc1I4E0EU+Jt4YnVhf8=;
h=From:To:Cc:Subject:References:Date:In-Reply-To:From:Subject:Reply-To;
b=ggqWo0IdYO6ggMi0/4Zt528pmVsuQHGlNBjN3FqjDmBM/7TnzM+9dPGpcRU6kOEBVuvDzkzAxRszHBGWw8K8ecen6JKQdSDnMQCiTZzjw1tG/t/hCc8TO3kbJqxbMH0ln1v3rIl3hv/uRMpyGvrhxR9EXMbxDv8LLEpEQ5enYo6fEW7edGnEF0jPK3+d/SZb78mOLYWa6M7lkZglAd8/Jt6sAVlKwX/laW1OX7h0uj7DFtIforI3YIyq0Ca5av5EQSS6yvy4E8582RIMl/z02wZotXTbLsn0ErzYB9ceuXoW82eZNbaZgr69De/bqT2MsEi4sWjHll3wWU5R3VkDXw==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
t=1665141602; bh=uJLLwOYHum5q7wpP4HIwSusCqxiym/IUtbmJ4KLL9Hz=;
h=X-Sonic-MF:From:To:Subject:Date:From:Subject;
b=QEZfWKgIHAyKn25JVNGZPKOcf6APUTIREPe1/cNIn4spAq57NFEZ5HEcTSWI7R00N8hmYQtwkqFDWgyUHO02vBjFBPLGd+lLeisO1XTgi7cmur3JzlwUAn7ykZUb0GdYJGsfKw5Ba3rca74tYeaGYAMHCJkGgpr89G6LUx4W4KSMt+vx0E1GwpjET9XlzEMvYWN8nv9aVTpaJ53ypoo0NiQIvONmrUbtRUZcq9Kg6xFx438w3rTHYZbOj6Lpm2K/S0CukpFIHFWZwVLo/Ko/nwWlt9eE6/cxfKxfDm+1ePQJfocffO0zmna8T1gyPus3lvWP9Rhc+7UDF5ot/PzOTw==
X-YMail-OSG: NQ9w2akVM1nxv.0GfahU6IhECe4pqd8FFgj4yfYB7iwKCyxdOHixnf8b3t8k.S6
qXpvvRBjUMVM97tsE0fHiegWGqhd8IGis5YsVcllJbzauvbZ1n.iEnxkTy3qKYnXKqC4UdWiCYJh
X5yFSy3Qx5gNmJ9OPXkpi3W2jtwD5PMRq3_yjRHeXNq34WnRphNhJ8v9wvr1UTmzuMJ_HMP2H2oA
NVnVCUgTZ_R878otl9grifYGTI_fc3I01GcX.qljL5ZQMy02dC2VfVTygvhgT0JC9PPVOpRkyfIZ
pfDm2ITjJ9wqlIt5Msztd2Zjbnc5TNg6DYOwG2.AgiAq8aPzdgWcluklcxcI_2joSaYFwPN726RA
zqGQjHAadPftews0EpQpR4odmtSdbuG2lin5JfQQYwf.l5QXOckgEIjpcnZVBgpoeSvkBG8dm6ah
Qo2jtqXlE4O_1MfXx_m2PCy.ao08jfZ.V2aTn807E625vnC6bVpmrz4wYA0CrvFP0j5NqM1HDr3t
heIMlCEy_3_KoYWJwRdRY4TrN51iXpMLoUT4P9F_Fw7qZjCRAVvb1D8WuQrbukXOkaSq1g.yKUfJ
5Y7niKW.fHvRy3J728wYsXBMhYK4TzJUe_DRmOa3LbuOH2A51jEaymM2ABhYTi0Ez1WvL0ZONa09
Nl.goMUG4rbi.xiaPrTKrf7edOCjQ6haE5XD_FkEEf1UxrLikmFiRvyGSTeRC3Ip4iuvZGP5zaGD
F03t.LvTsl9KTTwjmD8nLMoqCbY30y6nru635bo6Hws2eNw0DOGDzqRMUP8wv1NaWl6.qSBhuGpr
nDEYb.d4.31dT6uwL_zcyGXQs4IZscai53dPxxdFPmK9CusODjJlBU9Y6wDNsivVxwi_6cP4m5n8
zfP3ryatscQUPZY1UTOEzrgQa.MSeDlXOhQrAu7LJwjnyLwJMqFlqngm_hnkEGAMHzS0PDPoBztS
ZbUEC02VANs5AwO3JKNjFWNLvsM0WCZWSSD2W4t4XwuXv_Ddx05.QeqHM5wqH_gEGwzqppeng1jg
o5X8ABeTLdIZISsmymBK.tBQgVMFCZkp3O8EgEeNKyaEvvIMN0khWUH3lJN68E5.BpQ_fjTzhvhd
VI_yNBoqSTF01ATe6FHUK03oBL2iK8iHGkwMq63A24VLuzFMvn8pOW0jcN70EM9AFmNxQbk3jtqI
Df61ksvF3GzTF_AyBqjR72jiMIEDI58OuHhT25jtR7riFVBHhWypIJLNCJiiexkSkYqq5H0AjB.f
29C5Od.aDgwQc2i8uM8wPsQYn3WpLOCrPxMxbc98LKLfJrmK7iDsNoFEaau8JMuDXLV9Ps18ayF.
ODphefC9M3GE0tOPZuyhiZE6uIbPweJ0NKOS0TPIkQ6znlpieps05kb0WbTGa_t_MunDJIrWba1z
QlHM20nMbrBuKJ2lo3mf2UObJG1ksgaF_M1Tg4u5j6vmY_t7WkZF.LmzD2I0zh05L1Xhy14UrsaN
aJW2icigSqgFuYvacpBAKu1X8l1RqHCzv2VYG.Py3k23B988.GyXtvfbrPX_jcCva0Aso3UAP8yk
5m4GFLbMGoUeZvnoLvQ8aVa85QhEWnTdk3RTRd5Pq2zswB4M91DYQXmCmSnBA.YLfTfAf1LAVaWi
60yZMJj9ivBpM9RISKKQosqRJG5VSowyLo0VKSpteBP.DHBIlMiLILHTkVNtIWhc0bnCDdeSR8KU
mg_SvgVlXB7OMOIb..7O6GSkoxioa_JxNURPtaXOhrdQQceBdwktKFxhCdIThIgXgRjnfouQdykJ
IETjmfE2CHo_t3DUt.Eb7eZpebOoIt.wPsY2qx3KKdof5qEeTluJN.OcrLCjJ5lylkwiKDNW55lP
vZH_rnPCNsaZzlTcsCdE9hkZsfa35ZlMDdW17qu9cyY_EtrrYmvXHq9u22V6I66b_BxoLoxx1Adl
sB_dXOEAqXeVwRmMH1pVYfWUylna0uWT_Cav1SIzD3VHffprjPEthAivhRqLYkqgs37mIZZav2au
6UTnQsssk0iCRxwGmcxGOSF5BbJuE4oHpXuuvpyvCSZuwHlWfiI2przHuYPw.JdlRMjIyi8Rmfg3
JgfVstigd5YwgAhLz72aQhxxuuuW6mW0XhUMHZ2huIoC2ih0NVCoWObY734rVBHM0GXREtIMeUVl
BZUEqT5tOyURPQXCl0pZS.nEFbX7B3nlEPoJCNnmG8dhmbDLpfCTI6tvv7E89qf_14A20mF3BjEm
RtETOOdhb_QWT1pCe04Eq3tYDj9c8OFOM5IiArZ4apHetIGE1qm8LysByci2HM3srtjorPNrbyzh
R
X-Sonic-MF: <luangruo@HIDDEN>
Received: from sonic.gate.mail.ne1.yahoo.com by
sonic310.consmr.mail.ne1.yahoo.com with HTTP; Fri, 7 Oct 2022 11:20:02 +0000
Received: by hermes--production-sg3-cf9dc7f8d-rww6r (Yahoo Inc. Hermes SMTP
Server) with ESMTPA ID 9ef8ae3e4f9e2d322e161eeb2fe3ff2a;
Fri, 07 Oct 2022 11:19:58 +0000 (UTC)
From: Po Lu <luangruo@HIDDEN>
To: Gerd =?utf-8?Q?M=C3=B6llmann?= <gerd.moellmann@HIDDEN>
Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs
References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN>
<83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN>
<m2wn9c83bu.fsf@HIDDEN> <874jwgqbd6.fsf@HIDDEN>
<m27d1c10ad.fsf@HIDDEN> <87zge8orla.fsf@HIDDEN>
<m235bz28ic.fsf@HIDDEN>
Date: Fri, 07 Oct 2022 19:19:53 +0800
In-Reply-To: <m235bz28ic.fsf@HIDDEN> ("Gerd =?utf-8?Q?M=C3=B6llman?=
=?utf-8?Q?n=22's?= message of "Fri, 07 Oct 2022 13:11:39 +0200")
Message-ID: <87r0zjq3s6.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.91 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Mailer: WebService/1.1.20702
mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo
Content-Length: 384
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 58334
Cc: 58334 <at> debbugs.gnu.org, Eli Zaretskii <eliz@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
Gerd M=C3=B6llmann <gerd.moellmann@HIDDEN> writes:
> So, do you agree that block_input wouldn't solve the problem? Or does
> it?
It should, because it prevents the read_socket_hook from being called.
However, you must keep in mind that anything that can call unblock_input
can also run redisplay, as unblock_input reads pending async input if
the input is completely unblocked.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 11:20:09 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 07:20:09 2022 Received: from localhost ([127.0.0.1]:34513 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1oglOi-0000dz-WA for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:20:09 -0400 Received: from eggs.gnu.org ([209.51.188.92]:33240) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <eliz@HIDDEN>) id 1oglOh-0000da-H0 for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:20:07 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:48140) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1oglOb-0000LU-PV; Fri, 07 Oct 2022 07:20:02 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-version:References:Subject:In-Reply-To:To:From: Date; bh=ECjtVTr+g5XD/OEcqQ2oC4TITEkczlvcXavF7ziQtB4=; b=qJWMS9bOuJuDC37YfpVL zleqcAZNdglce+R6LMqbSciv4DQHEvkzVTXcCtnFuSQRR2jMp/HU9xAqWRsUpZgZ5oH5VLsW3Opas QihixBnyEO0rysrtqaJ2SD4UHw0b08wcruQZ/gexyrLzyKbK1bqFeXGDboKcVscIJTNIfY9nBCzU2 0uSCSaSnHfkS0ts8N6wjWqrE6oSeSzVIdVa+taSLmlNlSMgbH76c+PvdTptL2ZCIitxI42i08HYhX zBoGFsJDeSdWK86bTEkzyOfRcO1KQpwOxlkKtjoc09mdrmaQaX1qn8G+u76b0MmAwpi171gJe/lcV Q6liJa+IkzgfMg==; Received: from [87.69.77.57] (port=4992 helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1oglOa-00029s-Ck; Fri, 07 Oct 2022 07:20:01 -0400 Date: Fri, 07 Oct 2022 14:19:58 +0300 Message-Id: <83mta7op7l.fsf@HIDDEN> From: Eli Zaretskii <eliz@HIDDEN> To: Gerd =?utf-8?Q?M=C3=B6llmann?= <gerd.moellmann@HIDDEN> In-Reply-To: <m27d1c10ad.fsf@HIDDEN> (message from Gerd =?utf-8?Q?M=C3=B6llmann?= on Fri, 07 Oct 2022 10:54:34 +0200) Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN> <83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN> <m2wn9c83bu.fsf@HIDDEN> <874jwgqbd6.fsf@HIDDEN> <m27d1c10ad.fsf@HIDDEN> MIME-version: 1.0 Content-type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 58334 Cc: luangruo@HIDDEN, 58334 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) > From: Gerd Möllmann <gerd.moellmann@HIDDEN> > Cc: Eli Zaretskii <eliz@HIDDEN>, 58334 <at> debbugs.gnu.org > Date: Fri, 07 Oct 2022 10:54:34 +0200 > > Po Lu <luangruo@HIDDEN> writes: > > > Gerd Möllmann <gerd.moellmann@HIDDEN> writes: > > > >> And, while vaccuming, I also wondered what happens with the glyph > >> matrices, and maybe other global state? > > > > Isn't input blocked wherever the glyph matrices are modified? > > If not, > > Partly. Eli please correct me if this has changed. > > Redisplay has two phases: > > 1. Building desired matrices, that is, what should be on the screen > after redisplay. > > 2. Updating current matrices from desired matrices, and bringing that on > the screen. > > Only phase 2 has input blocked because the current matrices are > modified, which are shared state with the GUI code. I don't see input blocked in phase 2, either. We interrupt phase 2 if input is pending, but even that only in some cases. The GUI code runs in the same thread as phase 2, so there's no reason to synchronize anything here, AFAIU. If you are thinking about expose_frame and friends, then that was changed years ago not to run from the signal handler, so it cannot cause any problems to code that modifies the glyph matrices.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 11:13:44 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 07:13:44 2022 Received: from localhost ([127.0.0.1]:34499 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1oglIQ-0006jA-Vs for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:13:44 -0400 Received: from eggs.gnu.org ([209.51.188.92]:58716) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <eliz@HIDDEN>) id 1oglIO-0006iw-7T for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:13:37 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:39394) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1oglII-0007xA-RZ; Fri, 07 Oct 2022 07:13:30 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-version:References:Subject:In-Reply-To:To:From: Date; bh=YS3lfQrVEkfjHZrxJ8hxZq6HhOoOrZxE2EzgG6NdP+c=; b=UHYLBF3j9bAlyn6xHcL4 cVdEzJN1BVkkpWIKQdfvJRjtyGqx1zSz69lIaPGQYANt++D1Zw1kY0xWKNgsRQBBnJPSZvaDzwqxf +lK4RnWXbBb2q2/HT9HPwW5kdK3oe3wcJAPJVw50f9oE01IX7k1k4PL6WwTC+nGQnrfP5PPjHzit/ /3S4sCGRw1hc6kB/kGV0KYenUDZ6ELYF9tSzyOs4wCq6s9o+FAwG79HYefY+ZSw/gdV3gYNxLzbys 1bo2OfyPZxPN8CTV/x7mDOL/gGHDA4iseNTD3BSRPpzBfd2RjnB2Nu4fYwSo6QyPA1ijM7J/C0M5B HMsJyir/XBM3WA==; Received: from [87.69.77.57] (port=4592 helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1oglII-0005a1-1G; Fri, 07 Oct 2022 07:13:30 -0400 Date: Fri, 07 Oct 2022 14:13:30 +0300 Message-Id: <83o7unopid.fsf@HIDDEN> From: Eli Zaretskii <eliz@HIDDEN> To: Po Lu <luangruo@HIDDEN> In-Reply-To: <874jwgqbd6.fsf@HIDDEN> (message from Po Lu on Fri, 07 Oct 2022 16:36:05 +0800) Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN> <83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN> <m2wn9c83bu.fsf@HIDDEN> <874jwgqbd6.fsf@HIDDEN> MIME-version: 1.0 Content-type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 58334 Cc: gerd.moellmann@HIDDEN, 58334 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) > From: Po Lu <luangruo@HIDDEN> > Cc: Eli Zaretskii <eliz@HIDDEN>, 58334 <at> debbugs.gnu.org > Date: Fri, 07 Oct 2022 16:36:05 +0800 > > Gerd Möllmann <gerd.moellmann@HIDDEN> writes: > > > And, while vaccuming, I also wondered what happens with the glyph > > matrices, and maybe other global state? > > Isn't input blocked wherever the glyph matrices are modified? No, not in general. Why would it? We don't allow re-entering redisplay anyway. > If not, how come expose_frame always works correctly? expose_frame doesn't modify glyph matrices, it only uses them, i.e. accesses them in read-only fashion. At least AFAIK, that is.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 11:11:48 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 07:11:48 2022 Received: from localhost ([127.0.0.1]:34494 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1oglGe-0006gJ-IJ for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:11:48 -0400 Received: from mail-ej1-f49.google.com ([209.85.218.49]:44773) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <gerd.moellmann@HIDDEN>) id 1oglGd-0006g7-4J for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:11:47 -0400 Received: by mail-ej1-f49.google.com with SMTP id o21so10500599ejm.11 for <58334 <at> debbugs.gnu.org>; Fri, 07 Oct 2022 04:11:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=zgn8CEhkpP5fsbQbv9FnZ0XHjwCxZyQaH0KMBF9QDyQ=; b=fnQyPIg88PUaes8oNyHqga489vhyhuTJEjxqEcm/FyI7aDEkyLyd6XKJFc1JZ1Xutr iAlA+j1H7WBeKB7VsHx32WGTLLdT4ZYOy5bRuHw1bIw2VJCbFB6vLMKAq7Oa1MAqRyvl 4tH68fFXwD8c2cK50zcTpG5llfYJJ1BDWPJa4bVVN2xGWOXmTN1kAad5fbiojL8XQF+U jysFhcPN6i8r9GxnGa3KWwVtOOp0FHS/eiHxIDt/g4vfdKWLSfRLXiFmJm0Z9bH0W8L8 IfJZweh1n2YWd/tlAtn/pV7Ar0hQSD9WdcL+AAiWBEfz3WA3YilD2lp/TCtnkZv46V6h 3COg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=zgn8CEhkpP5fsbQbv9FnZ0XHjwCxZyQaH0KMBF9QDyQ=; b=nt2EsxOhum56cGmc5/AUsnly7qENaE5tHm1aImr1gwnTnQVwJQHrnTLjT3cGIBdeqb 2AJjulcbvvhGP1rHasBo/9mQPwCpXOGAh1kbH/H+LgCQuWIDsgb+Dj9qHzyF/RPclqCB d/SdgumoiZXEa5rDDD/yv1JYY0MsAQkEoYUNcLGJ7WaPeG1exTZj4J8lGWY6zdR/6zQF yZMd7I9z00nVBFXuXd2N1vZIn3vyXSoxRuJbyoFiOLXanVTdnCAwLicAxPOkG+gupxbR qqXTa6LeXY6uNounJj4HApZMvQU+PBNQdIHzBSHdUrY9SLNPYj47eZNBTcAHG1+jzgEo CLKg== X-Gm-Message-State: ACrzQf3Ypheb7TziMCOnOj+4AmKqIrZio4WVAIa/68FMt1LP2F3ZVkqe auJBmd4CsgGtO7VrgLGovPuqVPZh2H0PpQ== X-Google-Smtp-Source: AMsMyM7uIXRbOmQi1uuCYe3YQFffTWRywINgAqJZ3Bjh4zQG6uJPks3VLCgwNTxFiQzL0W1ILHzGLw== X-Received: by 2002:a17:907:b07:b0:78d:23f4:421e with SMTP id h7-20020a1709070b0700b0078d23f4421emr3542321ejl.515.1665141100911; Fri, 07 Oct 2022 04:11:40 -0700 (PDT) Received: from Mini.fritz.box (pd9e36c8d.dip0.t-ipconnect.de. [217.227.108.141]) by smtp.gmail.com with ESMTPSA id b17-20020aa7c911000000b00458f82462a5sm1236156edt.25.2022.10.07.04.11.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 07 Oct 2022 04:11:40 -0700 (PDT) From: =?utf-8?Q?Gerd_M=C3=B6llmann?= <gerd.moellmann@HIDDEN> To: Po Lu <luangruo@HIDDEN> Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs In-Reply-To: <87zge8orla.fsf@HIDDEN> (Po Lu's message of "Fri, 07 Oct 2022 18:28:33 +0800") References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN> <83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN> <m2wn9c83bu.fsf@HIDDEN> <874jwgqbd6.fsf@HIDDEN> <m27d1c10ad.fsf@HIDDEN> <87zge8orla.fsf@HIDDEN> Date: Fri, 07 Oct 2022 13:11:39 +0200 Message-ID: <m235bz28ic.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 58334 Cc: 58334 <at> debbugs.gnu.org, Eli Zaretskii <eliz@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Po Lu <luangruo@HIDDEN> writes: > Gerd M=C3=B6llmann <gerd.moellmann@HIDDEN> writes: > >> Redisplay has two phases: >> >> 1. Building desired matrices, that is, what should be on the screen >> after redisplay. > > Well, at least there's this in redisplay_internal (I think you wrote > it): > > /* I don't think this happens but let's be paranoid. */ > if (redisplaying_p) <=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > return; > > So perhaps the right thing to do would be to replace the comment with > one saying that process_pending_signals can potentially cause redisplay > to be called within itself. I'd rather first understand what happens and why, which I don't. Otherwise the comment would be no good. So, do you agree that block_input wouldn't solve the problem? Or does it?
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 11:08:14 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 07:08:14 2022 Received: from localhost ([127.0.0.1]:34481 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1oglDB-0006ab-PL for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:08:14 -0400 Received: from eggs.gnu.org ([209.51.188.92]:50686) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <eliz@HIDDEN>) id 1oglDA-0006aM-7c for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 07:08:12 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:58414) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1oglD4-0006eR-3Z; Fri, 07 Oct 2022 07:08:07 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-version:References:Subject:In-Reply-To:To:From: Date; bh=FZGXGnPpvEJR1yDEzN9rdT0cUe9Rxypk8D+JgEuGTN4=; b=Oo6L5jiC7UcjgvG0/v0x k7rPreUrGSeBQ6UMBUfW2tgqXwIU4ygdJ/t8fwYChESa9PcjUVbV2m6c0US75ORZUiOGQ6lZp87pz KU+AKCoI0ArSW3rTQt50CqDIdSP3P2wQ3IAP8l1BuNkmLEMwRJesvhlRvz3TEu+ccBeljr+6zTNc6 9w1C6s+ZRmUdx8B8nhYks6K5desyxomyGMfDBwtnDv+37XlUKdC5hQ6x1SlE+UElls6pQMs9CGMOr gCspLLsEX872R8U5btutlOdDKFk3+z0BvNhfEwVgpWdSeQHDibYHnJpLEqPLRkiLrpVUaQ4qIFVO1 kP1PsNm8W1MI2Q==; Received: from [87.69.77.57] (port=4261 helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1oglD3-0008Ks-DX; Fri, 07 Oct 2022 07:08:05 -0400 Date: Fri, 07 Oct 2022 14:08:05 +0300 Message-Id: <83r0zjopre.fsf@HIDDEN> From: Eli Zaretskii <eliz@HIDDEN> To: Gerd =?utf-8?Q?M=C3=B6llmann?= <gerd.moellmann@HIDDEN> In-Reply-To: <m2wn9c83bu.fsf@HIDDEN> (message from Gerd =?utf-8?Q?M=C3=B6llmann?= on Fri, 07 Oct 2022 10:07:01 +0200) Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN> <83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN> <m2wn9c83bu.fsf@HIDDEN> MIME-version: 1.0 Content-type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 58334 Cc: luangruo@HIDDEN, 58334 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) > From: Gerd Möllmann <gerd.moellmann@HIDDEN> > Cc: Po Lu <luangruo@HIDDEN>, 58334 <at> debbugs.gnu.org > Date: Fri, 07 Oct 2022 10:07:01 +0200 > > Gerd Möllmann <gerd.moellmann@HIDDEN> writes: > > > Eli Zaretskii <eliz@HIDDEN> writes: > >> IOW, I don't see how block_input anywhere can solve this particular > >> problem. > > > > I wonder too. > > And, while vaccuming, I also wondered what happens with the glyph > matrices, and maybe other global state? Fvertical_motion (and other functions that call the move_it_* functions) in general don't rely on glyph matrices. So I'm not sure what exactly worries you. In any case, glyph matrices are kept as long as their windows are kept. They aren't "freed" like faces or images.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.
Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 10:28:58 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 06:28:58 2022
Received: from localhost ([127.0.0.1]:34421 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1ogkbC-0003Fi-04
for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 06:28:58 -0400
Received: from sonic308-56.consmr.mail.ne1.yahoo.com ([66.163.187.31]:46543)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <luangruo@HIDDEN>) id 1ogkb6-0003FS-Ey
for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 06:28:55 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
t=1665138524; bh=EUl+MmY1n1lLZL+C/m76ba9x1Eio7KCmkGBXbUcfFpc=;
h=From:To:Cc:Subject:References:Date:In-Reply-To:From:Subject:Reply-To;
b=AmLO2IMaRrHDMarEygdtu3dUu1mZRnsYAfFEXRCT4HFNRHa8Rmo7jb5x2B7XWpujBXMrSeDs7KLLEiIFSvqXPPsKTmJ9iT0YbLNsDQ9VpEbXIvrppm6B3u9LJYQ96SjUHwvMutejkWMtnHgvgSLBZZ+5uUD4jx9sPFoynResKO+BVC4dmOszOhyBlGGQQikMr8K4EFEXfRVe5cF/NBHIQ7I48qeg4DS8c9gB/PWy+WXyKOG+bCfNC65S4ukrHIp1CX+JshKF+Y0FOTiIJ3KJPk2m1w1YsNvteid2RH8+w3CAChivLs6A1vUA9xUrgDqf6bSghGOdY6z91HfbchuW0w==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
t=1665138524; bh=pShLbX6v3YHdtIF83Vb3Ar84C+PqeGwy90X1HF8m7qt=;
h=X-Sonic-MF:From:To:Subject:Date:From:Subject;
b=DoY/R33m9iUIY1o++eCFojwTbhmoXm+ZKe08e9WtHBF9ijOISlpa4WF2xDkNhe/1gucMfz01175eoRfQY4gDff4goT8JIr16AF618Hle8As8rM1urh5pbUdJ514LVMHX1wRSKAs8UrQNXwMyHeJXb8LggkMiqCnaiekoG9bjIA3m/flACaSxdkq0D3cjT9nDofGPh7DqeKjIqO4Yn+0wVbv0x3NsFmkddv2SouZxSSi+n7dbw9tr29ZhmC5q0KgPQLXiMjcM/OZ48pTeG/majLu3eixKc1zp07Iln+8U9lH0gDk6zhf3KzHcuCWNppRop2eTdYgrtu3dw43KUrALyg==
X-YMail-OSG: elz4CdQVM1n3NJzOXuf2pUmJFdBv1rTFMeyxkTKwEQTPp3eodrbbTSAjzCwYSH9
ikdT_qPtnBWjYySjEEa2mwUIgVIA3jlm9YvjtFNvJnqSMODHI.rc2xtF5HNFqgDa7IAbgKU0ATIL
FjK3D1a.JWmPkoNHV2rjvDUAiwozk47QjSh52d3ATw0JfsWjvQImchp7DzY4qiBtaJRQBoI3Ch7f
fPZuPhKJe5qE3D1k6qvSkzRF1QaKqcalw74NuLOMprRKe6qXxmgKTAh5v53MBSqHrr2.7LheFRNA
TLN1T.NTOQX4NgoxpMubXFpCgB5.IxmbNxS0VKXOClktzeb1bLDTmiqTEg.bRqmUfA11lRMfbuOK
j5w6uQ6N4EzAgnW_K1gOYW81Vdr4tVcxN3p4ROSS.4ODS7Dzx33J_Xe8rTC8I3Coqwa1KmkLsDSS
efbZPYAfXxlsdA1XOycG5nmI_h0_VMnLXZdTo0_xgYY3B1qxgMtIv1CGMjl9HK09gmiZcq3kGoJ5
Mv44h6D53i7x1JrLsbU2lZi6KysYOh0dTxH99mJuN9icmBQo39VTCWsu6hU9wfQXLFbTQkoJe3iW
qKqMaLftelTZQQ2t7aucLpah8boIpBgsQ.oF_nyAXywWqAV8SVqw2fy7.XEYjEdiLVt1_wi0gOSQ
jwyDpCpcLwjB0QW7ISGoQ5bc9cQIzxIzhbvFaBc_gsbkcp0bti2k8u_cnMBXykYYoZiJaxdpr7CR
CtYRR_pZMxVMupcrpsTZNhNBoVEZjDGRZTRQogUUO.i03XsfV1QIxDBzGM8CoNhvQwL59UAcwEBV
PtKAPQswHEoPCByM7mM49QtJJ8fvA1Xrf.3BIaSI5ujuofxPIs.RX8XrpCx227TD4rpLT2R.cWNk
j6jem0Wnq6WhK81fBKdQrvukbuz3ayVYIwGEKu8lAjNyd9tXZrDN8IaKJ6yoPlHM_Ko7jEJHw1UX
fhJpL88cj.ihTJ92YIVBYvyc4Om8UiZqfJkgxGsJ3m6Ju84l6o5_7_IndCUf44GlnLsYeQWso6lQ
n9aCE6kIgEJR1t2tTdhDW6aiSi.Zh.7aprFyWY3dR_i31JzTcNPBM6yxWJt8LDkC6VAZrXV6xdFl
DfJ4P7g1LMZZZPX3V6A9rNRYkjABceQyli97S5DbCcdxf0N.cZFAEw2ko_Xza8zV5ln7W3llmGlS
O3qRRZt4HAJDqHM7FXHZkboq99rezoZ3Od9orfGFFYLUCFH.XhSjmaHEc7nzJd.P7uxq6mkgCAQn
3W.ml0k.QM6v6AbxIGfNrnwK1Ecr3yY74f3psPvJSPPClkvZBXPzswuvjize4dHtIQk1KhlBVVT5
hG6mf.V_G_Zdw3WC0cZZDRtrR96Oh.r6xp.zXmKMqNJtuvIAI_lER..56Mf2ZMzpfQiStqRIUfwy
rUG8WVxX6ByIfh0sFCKnHs0NUH4JFD9F2D2uXd66B4xykmluNQcAlQYyoqhwB4jSxZcGUxIWjsF7
zg8oPDNFG8xCta3c.Kj2trLNU5iUOXv0529moH6MFbXatc2sX7SCr.Yo2ixNcdD4Tih6XSzlIfz4
lD6.i0grg0GymLw26rjvzc.7Ie5THmJlYuah2Zj3b6yOWOQ1h2aN.38eKbCC8EXCAyqBXSl_aHPz
ddWV1jVfn6rbZoepmRevGUMU9I00fj5RI5rCGL42m81.V.DHgg7XKdc3ldA2eqm7kptJ6SwpJsDL
dING4s9SewgLY56tbJeaNdHlowrkzBD7lojhtX8YcxdeAwEfWlnoZk0xrK3bdc_wXQAT6UOlH7C.
p_HB.J9wUoiDUm25vb1VDz4RXIf.yEOOhh8g3qx.OGZWyCIlKe.UbqdF3oNizWH45FSeDnI5Dojf
UL._r5_vmQQhU5xjjiR231wq3KpiPTMq7o5fm4FqkRV5KJd4tKZrHUiiawCI84ecY0hCak7Ra4w6
w5iPcgv4XnqvTU6mnRpiQcrNmqJD2ulkqONUFHNEK2sNto1.PEF04IUNr873nwHLCYkdyz98F7Wg
di8PWoTxklU6melAHnl69G3uYUzl7CH2yj0pBOoPk3IZEq7Ug4gb4WYcDC2oGcLIfAKXcXol9K4G
whemZXw4M4Fe4xXtw6zvVNaItL3J1CXFGSwq7ndDTRCKZ5vrVNqmJYNoSYV7R.HX5dv2heXp7JO3
7_6odObn5QY_k4hyprSHya_9Nh5F4C0L6tj7S5mFqYWqR1SaQth5pXwTpZZoA5vsTNQZFIGKzQlb
L4Ic4rRBLMU_HgxvtycSXc4RmvJrl2_HFhtBTcTahDCDo9FLfdIi7mkVKJXSkwZpbVhXp2LJJ
X-Sonic-MF: <luangruo@HIDDEN>
Received: from sonic.gate.mail.ne1.yahoo.com by
sonic308.consmr.mail.ne1.yahoo.com with HTTP; Fri, 7 Oct 2022 10:28:44 +0000
Received: by hermes--production-sg3-cf9dc7f8d-vdvzk (Yahoo Inc. Hermes SMTP
Server) with ESMTPA ID 30acba1e4f48e608701dcefd1e9bd1fc;
Fri, 07 Oct 2022 10:28:38 +0000 (UTC)
From: Po Lu <luangruo@HIDDEN>
To: Gerd =?utf-8?Q?M=C3=B6llmann?= <gerd.moellmann@HIDDEN>
Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs
References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN>
<83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN>
<m2wn9c83bu.fsf@HIDDEN> <874jwgqbd6.fsf@HIDDEN>
<m27d1c10ad.fsf@HIDDEN>
Date: Fri, 07 Oct 2022 18:28:33 +0800
In-Reply-To: <m27d1c10ad.fsf@HIDDEN> ("Gerd =?utf-8?Q?M=C3=B6llman?=
=?utf-8?Q?n=22's?= message of "Fri, 07 Oct 2022 10:54:34 +0200")
Message-ID: <87zge8orla.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.91 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Mailer: WebService/1.1.20702
mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo
Content-Length: 617
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 58334
Cc: 58334 <at> debbugs.gnu.org, Eli Zaretskii <eliz@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
Gerd M=C3=B6llmann <gerd.moellmann@HIDDEN> writes:
> Redisplay has two phases:
>
> 1. Building desired matrices, that is, what should be on the screen
> after redisplay.
Well, at least there's this in redisplay_internal (I think you wrote
it):
/* I don't think this happens but let's be paranoid. */
if (redisplaying_p) <=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
return;
So perhaps the right thing to do would be to replace the comment with
one saying that process_pending_signals can potentially cause redisplay
to be called within itself.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 08:54:46 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 04:54:46 2022 Received: from localhost ([127.0.0.1]:34339 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogj82-0000pn-50 for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 04:54:46 -0400 Received: from mail-ej1-f41.google.com ([209.85.218.41]:44632) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <gerd.moellmann@HIDDEN>) id 1ogj7y-0000pW-6O for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 04:54:45 -0400 Received: by mail-ej1-f41.google.com with SMTP id o21so9804094ejm.11 for <58334 <at> debbugs.gnu.org>; Fri, 07 Oct 2022 01:54:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:from:to:cc:subject:date; bh=+Z1kKklZ4kFADtGjANflSquezM2KT4EXE7CctJX+BlM=; b=cUBl9+7HdGipXgw1+/WCRTti5XL4kaxRAm4/IFgaemhTpt6O0pTFS0WH6YHU9lU2oX iwf0llWX+v6rTeOSUQLKX7udRkZQaTDZlI03YWvV/jA+gpdJLXSDJ5OR2bcox51cU2xY PPCpq9h5S9K2v39/Tn9/kyR4VPy0UD8i1DjxjtVLcGNYoP4weZvaWxrtydUGjbfSe4yi 4TxXszJkkVGtY4dOTi5KRcfTERfRvaK2HPjmZNZskv4LDHuQf8JW2v32iNAyDCK5QXxB +FL+FJFrbskBeKF2E80JgzABcpId2OrAOI8OOENr/GzLfXhVlb0x12dupd+8GMRhpCkr mLjw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:x-gm-message-state:from :to:cc:subject:date; bh=+Z1kKklZ4kFADtGjANflSquezM2KT4EXE7CctJX+BlM=; b=5vQ8U+woh4bfy1UDFKIXdzbx/9IkOVvTxzfsEdw3AIIb0K3Jj9K4mTYR6DMcsBas0Z Hvje8kamTWMDfXllClWk9sFIdM8LkklY9w4pzaN70hS+12J0UELT8Y1xGJ2KVDQYQqtf pCq8V0hZEeD+Zp0gmv6guzY/JtxQUf49K/qrIigFQKpFWXfPg5TZ5pCEs34fSaJaQ4tn 9S5P6CO33tuVWcokTUxD5f3opKojjHnTSjJ1Vh+IY1sntB+ehHbPi0jBpxt0edadJnEv eNTJmhCc6lqSzB1ZCpb/wURX0v/85Inu2My47WcjYbRHYDxX1hG+ITVbdfyiafELJydr J+7Q== X-Gm-Message-State: ACrzQf0+BDz+hdZEG4Ad7J+ybXhMp5z3KaS+OYBGS+7L+KkyVEv41b0a w5g3lTVRdbnx9Pjaik8mJwaixJ3dByutlA== X-Google-Smtp-Source: AMsMyM4ogIWNFPdRxO6q2BlblG3WK3I+Ru9JyebxH2hlWkN7+XeWKAY1JLwx7c5tMl9i1Li0SEfkSg== X-Received: by 2002:a17:907:75dc:b0:783:9c71:5e20 with SMTP id jl28-20020a17090775dc00b007839c715e20mr3212319ejc.125.1665132875713; Fri, 07 Oct 2022 01:54:35 -0700 (PDT) Received: from Mini.fritz.box (pd9e36c8d.dip0.t-ipconnect.de. [217.227.108.141]) by smtp.gmail.com with ESMTPSA id o14-20020a50fd8e000000b00459148fbb3csm1023558edt.86.2022.10.07.01.54.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 07 Oct 2022 01:54:35 -0700 (PDT) From: =?utf-8?Q?Gerd_M=C3=B6llmann?= <gerd.moellmann@HIDDEN> To: Po Lu <luangruo@HIDDEN> Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs In-Reply-To: <874jwgqbd6.fsf@HIDDEN> (Po Lu's message of "Fri, 07 Oct 2022 16:36:05 +0800") References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN> <83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN> <m2wn9c83bu.fsf@HIDDEN> <874jwgqbd6.fsf@HIDDEN> Date: Fri, 07 Oct 2022 10:54:34 +0200 Message-ID: <m27d1c10ad.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 58334 Cc: 58334 <at> debbugs.gnu.org, Eli Zaretskii <eliz@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Po Lu <luangruo@HIDDEN> writes: > Gerd M=C3=B6llmann <gerd.moellmann@HIDDEN> writes: > >> And, while vaccuming, I also wondered what happens with the glyph >> matrices, and maybe other global state? > > Isn't input blocked wherever the glyph matrices are modified? > If not, Partly. Eli please correct me if this has changed. Redisplay has two phases: 1. Building desired matrices, that is, what should be on the screen after redisplay. 2. Updating current matrices from desired matrices, and bringing that on the screen. Only phase 2 has input blocked because the current matrices are modified, which are shared state with the GUI code. > how come expose_frame always works correctly? Expose uses only current matrices.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.
Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 08:36:24 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 04:36:24 2022
Received: from localhost ([127.0.0.1]:34300 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1ogiqG-0006an-EB
for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 04:36:24 -0400
Received: from sonic302-20.consmr.mail.ne1.yahoo.com ([66.163.186.146]:37032)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <luangruo@HIDDEN>) id 1ogiqF-0006aY-0i
for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 04:36:23 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
t=1665131776; bh=rO6L11PEFC8QAU9Z86ZAvMJZSyD5Yvo1NHRkqW74Jks=;
h=From:To:Cc:Subject:References:Date:In-Reply-To:From:Subject:Reply-To;
b=Q5KMCqmw1LZ33SJEDA5iOOzJaA2OYgVZ1ZyHqz5uvT5u2ouhNVPiycmyY3Ye/UmgDoEq7nyVu7fqh1pzkeiG3e6AF0lDzfbkek2j3hXPqvgwxtvrzSbwvKxqvj2YLv+2KwOuYdh3p3aWVjlnMpl2IxhbBEnb+OBpHGV8OMq+RcZe68a4PF1FTzZAng3AZfz6AktJS7nzWEbNPK7NtrOqIwgWaXfr3QOYfnIhgTrWVTKhkyAZ+ju336JX44CIhHStuqr/7nAaauOCi9d8LUJ+EtRT2+Z744ofufGENoV/k1x6kqsA+H9PPav5EPXAdG6eiiyqE+YWbkwvEjOb1yT27g==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
t=1665131776; bh=svXDxcA3XprxuI+ABayKBdkd3/zFak/fYvQ3OLn0gcF=;
h=X-Sonic-MF:From:To:Subject:Date:From:Subject;
b=od7MtRU7u7m6NeDCsKoSVrjqQriC/27/YviFRGf3dR9bl0IjV3ZkteZTnhs9rM66cRG+nmRJSWyERTtUYIQm5k+dknFsGg0NFBbDhdTx3gec84EXxW/vvqBVIiWhA1BROrVtscx1TSJMH/4wNV3rLIWG62CPFnQnxPE3z44vcF+RbQX4SuHRCsc32P1JZDrPVdPOFPsrMtqHqW2KAYf6KxyLp6FRGCtSRmYJxU4ku3SQiqO93saZ8hdkRE8fdIzMK5pxbO+BPZJFoXYcYYxiKaqhbkvABfmAFJMtts/x4QnVjR+IkssZ5ER+SBhrjsLAFj9cjugNEfxKIrw78WEM8A==
X-YMail-OSG: lAdwbJwVM1m3PGMZA2w9ans1fPv.B_BTX61R6dEzT7FeGCRYg5.Ypflv9.H3q34
BDPcBYMPhXHGMZTV5LKC0mZoQgqma02boLnEOpONVaP.BMsQG0V1L4G7Y9JRwvjVUI1OsvM2Lpyn
dmJ6bZ4vASxHp976Pb8v76X7367mc0S_QnmDXbvAl6TPkI.pS5oKnd2scBGj.w.K8fSnTNrt7rGJ
dbFd4iJV08xP_JjEziDHEosQ0ZekfgELZF3FcpnFnRkBBYwqQ9Le.c9O92VURg5h97Mm_8qc6fVe
MZYChviPgkcv2jO44QbDD.yM_6HNOGPg7g6ICsp8APerqCccje6sDNEakC4Si_fac1jmDTreoHkf
McWzDZhg1SD37JHyVI9F2Zfge6kMmyemWjiAtVRGgfyTb4sYJhp6WNf9wkhBl7eCy54FRJxpKKuf
ZGUlaTzoan8STYSmV2jQZUYhooc1z.kODuMLjkluCINU0VDsy71HdMGXfwingj8Wf2PqROA6FK2y
soVs1YmHAiIjLHiEDwJrvvH63tqXg9JpuJyWxfsdIDAEQBScq8EBU7ZdvIbUXT27I3h4O5oigVHi
pBOH9VY4UhCefOMorG84j4Gvs_NHyenguEgWE1PgfYvHH74KKPnqqbd8ZRqacbdgsjdL2YlbGTIX
0hLuT72WiMvP0KHRQzHhv4NXo4qgmDosgBka9axr.RCrRrMIwB1xFZY.DD.kairuRxVxG6_a2w1q
eeY6AlxG1pitWlnaunVIpBye4KAj9ekdGWfBq75p3n8KZwQO5NpIU6tX19bYsTtO_2CxpeHmXL_J
pVy74gjh76vnDYM6N6wS.OjYYFK799oUtUxFEtoCFGzJxtMIirSaeHbCxAeO4_JXQIzO4.4h6NoF
ekBozO.xcmZIqY96mWKXCkCEEfHnJl4uom9uW6TRTQmYcgMHTNTnatfgQ2HJf4YSAnVKIPv1oQcP
Ft1nlfY.IVOaLYiNwjx_m6JY.upXTJzUTkZEB_Lg5gFZEd6f9MbswIlXyeKjl0RhMJQpB0v2kUdE
DT8sHUuVzf5R1Mf_Dc_C5jzjO0oZbYLKRpfV5vL7DcmX4xjY3WPSF8NhRoakKNZsK6_u7yAF3hSM
uJVi.uQsUd9e6gwjNgSbWn4IhFdVqRYmK74VpOBrRi8H9tvlPjyGkbYhygE1gtoHuVgU4K50WlX1
xOiCutxtRg_OqdJDEaR2wg5sd0HEQrznbb4NCFf3Z7ufb2MkMyHplkQf8kKWAURdrwb_mKbIrYyf
8ySQJ0voGqIzlku43Z7Q1HGu4mMC.L8ZV5Db7.jfeKw343J24Cor0YtRRKowzPcg9Z7.hScWvyZm
BUF2ENEkdqg9jRgwZtaxWWjCWhE46HTopqBInM05dHhhfXpiDh71aLQ_Ay02Mbp2HVveI3PlZ8Ie
oe1g8TzCqA0T_rswjeEAOJhekPzdQCH094uI5gS7NFE2gv4T83uUG.iwtJYnMdMWdzvIH5tx45cL
N4F2qiHfOS98YzouccYCHHQ4uZ7t3s_zNbaY8HajaMRUIJI.wK8JonyoL_0ACmSc2.SLntCIBzMj
DDoc8ZS8RW_zMVJjgiF_MQqBMO0OQkmb2RaGav623huMAchRH_CYen_PQz_S6pZ8Ux6uR8rgZJMp
uGOAKZz1JRn1d1VX4LFeU.pnvAW5Ms8WjmKE6FnNKMU1GNmV_xNY7BezRF_TOPs92C1EwPlKK0y1
foa4qWppGLsHBx9Nd15TP.EktgsVtUyYBJOrK32pO2_u_cTr3RHSOksCU0CKpu5DpszT9nZdb670
2.dEnMi4PK2Y2xfXuL4DCkLPRxvn1IybgTUXNgkxv8OCWTPA1T18EvZWl8.FU6HsHZkIX.Abs4Cy
cs4PcL1igdqW4zhLuAMsYEQwcmXLJSFmFvo1S8hRNqlCX.nq9cTybmZ2qa3x9B2XaWMi8DhbRF1h
QkKq9WldnLvX5WtjqcBbZkY_Z5Djj_qyZOz2UJ0yX1UmUCA7YjcJyG1QF1tc_gWsRVN2xsrKH3cW
2L8d7aENHKOURjhXMMOYet86eBctgRTpWKUaRbyiQhI.rh1vvN42v8ZOAx644vRb756DnFOnNZMl
LKm34foHVKOXroAjtcqXzWXpcPzQ70bX1CTSM3h5_cVt0HYJVTyN9zn5bejG7QBTY31QVwJjNKk7
0yo0g2VpZyO.eJssBYKkbZHbxJRIkus.ubsbVoeHEO9lQpZBsIWpaTU7EwT2KsDlE7qo5M8sCcyF
Lf7yDHq2ymRf3mQS3HZ10ieLDoh.Yen7HuLCpOyb_0bSu_iupodipJX.0rOgT4nsDzcU1FcCbpQ-
-
X-Sonic-MF: <luangruo@HIDDEN>
Received: from sonic.gate.mail.ne1.yahoo.com by
sonic302.consmr.mail.ne1.yahoo.com with HTTP; Fri, 7 Oct 2022 08:36:16 +0000
Received: by hermes--production-sg3-cf9dc7f8d-4vdwh (Yahoo Inc. Hermes SMTP
Server) with ESMTPA ID 2f133b725e88a7239ce02edfce7e8908;
Fri, 07 Oct 2022 08:36:10 +0000 (UTC)
From: Po Lu <luangruo@HIDDEN>
To: Gerd =?utf-8?Q?M=C3=B6llmann?= <gerd.moellmann@HIDDEN>
Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs
References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN>
<83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN>
<m2wn9c83bu.fsf@HIDDEN>
Date: Fri, 07 Oct 2022 16:36:05 +0800
In-Reply-To: <m2wn9c83bu.fsf@HIDDEN> ("Gerd =?utf-8?Q?M=C3=B6llman?=
=?utf-8?Q?n=22's?= message of "Fri, 07 Oct 2022 10:07:01 +0200")
Message-ID: <874jwgqbd6.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.91 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Mailer: WebService/1.1.20702
mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo
Content-Length: 283
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 58334
Cc: 58334 <at> debbugs.gnu.org, Eli Zaretskii <eliz@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
Gerd M=C3=B6llmann <gerd.moellmann@HIDDEN> writes:
> And, while vaccuming, I also wondered what happens with the glyph
> matrices, and maybe other global state?
Isn't input blocked wherever the glyph matrices are modified? If not,
how come expose_frame always works correctly?
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.
Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 08:07:14 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 04:07:14 2022
Received: from localhost ([127.0.0.1]:34250 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1ogiO1-0005rQ-Po
for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 04:07:14 -0400
Received: from mail-ed1-f45.google.com ([209.85.208.45]:43927)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <gerd.moellmann@HIDDEN>) id 1ogiNx-0005rC-Pt
for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 04:07:11 -0400
Received: by mail-ed1-f45.google.com with SMTP id z3so4969838edc.10
for <58334 <at> debbugs.gnu.org>; Fri, 07 Oct 2022 01:07:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112;
h=content-transfer-encoding:mime-version:user-agent:message-id:date
:references:in-reply-to:subject:cc:to:from:from:to:cc:subject:date;
bh=No7mL7UuC5b5H22v1TbZfOQPRWWAWsqqcjnFW4a63Qc=;
b=b6kXClqpD9McGPB6ReV1nPuvNyHKVk35gCke1Imf7Yd0FnId1B0OMpz8cl4eZENxSg
TAeGEnlljEs3c+L8C5Y9r2dql2gMEjVtAxW3F/HXUVkkPV8XUog5wYTYAsqirE3zHlYB
Zp2szjrZlGGvZDFDkpBD9boYs4GhOBaeeIxsLAHpRt7bjst9dAOz6BEkMSPCZ5ppDcFq
Q83i3MIyX88RZZNbl13VKq3gNLqqIrlF6ogH6iFfRURBbURf2dH/clbjgBqaZAncp89k
RyDdzdkAv12tdWHV84vflz8v0CWNLz+MGq6ftCM1rivJLYqNuH4ghqsdmk/ncGW4Kp3w
/9fg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=content-transfer-encoding:mime-version:user-agent:message-id:date
:references:in-reply-to:subject:cc:to:from:x-gm-message-state:from
:to:cc:subject:date;
bh=No7mL7UuC5b5H22v1TbZfOQPRWWAWsqqcjnFW4a63Qc=;
b=LnVctofANEDV4oPe508lf8+uXJAYvikLYDHRIFl1el/edDhA+ENuC/58uNHuIs14Rc
OHoz56cTNqu85yhLvVHj3EMLRTDNC7froDZbNvYCqaRIjm9/9RjiiZ7STWuP9dO11Y28
rLjlzWRslEqObqzP/YiG5HAr6Dgmjaf0ILAgaupNqtdKIqeIacozKrTNcsC8+QCR9rYg
9YzzVHGFwd4WOgYiyZKespAEjPp4UdiQ6Y5TO5Xd9Lsv6DCfYYEtFyVEBCmVDAMcG2q8
FmGvRxvUwZcMvHzPAFhJPDkKof4qEJRjKP1u0DzIU+QbKl4DKUAV/Ne9WfPFDlGthsOg
2BwQ==
X-Gm-Message-State: ACrzQf2D/mFXVwHp/EspQOTbf3GrgpofCGstbVM9JrLmYaTqKZyxSCYC
I6qF9RzmeBj4MxHVmQ8lGz7TeoZD20M1oQ==
X-Google-Smtp-Source: AMsMyM6Bai7+MXU9bjHsEcYk87nbWlK00kSShQo6sWmNHoCZVrtqV73DZLsHNCYrHyW4ib3TE3rqgQ==
X-Received: by 2002:a05:6402:249f:b0:453:eb1b:1f8b with SMTP id
q31-20020a056402249f00b00453eb1b1f8bmr3353496eda.235.1665130023460;
Fri, 07 Oct 2022 01:07:03 -0700 (PDT)
Received: from Mini.fritz.box (pd9e36c8d.dip0.t-ipconnect.de.
[217.227.108.141]) by smtp.gmail.com with ESMTPSA id
o8-20020a50c908000000b004533fc582cbsm971762edh.21.2022.10.07.01.07.02
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Fri, 07 Oct 2022 01:07:02 -0700 (PDT)
From: =?utf-8?Q?Gerd_M=C3=B6llmann?= <gerd.moellmann@HIDDEN>
To: Eli Zaretskii <eliz@HIDDEN>
Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs
In-Reply-To: <m2edvk9k24.fsf@HIDDEN> ("Gerd =?utf-8?Q?M=C3=B6llman?=
=?utf-8?Q?n=22's?= message of "Fri, 07 Oct 2022 09:20:19 +0200")
References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN>
<83v8ownmi1.fsf@HIDDEN> <m2edvk9k24.fsf@HIDDEN>
Date: Fri, 07 Oct 2022 10:07:01 +0200
Message-ID: <m2wn9c83bu.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/29.0.50 (darwin)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 58334
Cc: Po Lu <luangruo@HIDDEN>, 58334 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
Gerd M=C3=B6llmann <gerd.moellmann@HIDDEN> writes:
> Eli Zaretskii <eliz@HIDDEN> writes:
>> IOW, I don't see how block_input anywhere can solve this particular
>> problem.
>
> I wonder too.
And, while vaccuming, I also wondered what happens with the glyph
matrices, and maybe other global state?
I don't wana know. Little kittens, little kittens, little
kittens... :-).
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 07:20:53 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 03:20:53 2022 Received: from localhost ([127.0.0.1]:34173 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1oghfB-0004gh-Iu for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 03:20:53 -0400 Received: from mail-ed1-f53.google.com ([209.85.208.53]:43730) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <gerd.moellmann@HIDDEN>) id 1oghf8-0004gN-CX for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 03:20:52 -0400 Received: by mail-ed1-f53.google.com with SMTP id z3so4835560edc.10 for <58334 <at> debbugs.gnu.org>; Fri, 07 Oct 2022 00:20:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:from:to:cc:subject:date; bh=T7nqyLymrAPWRu1Qfx/KDRMDQXwkMp4kJvJcfMl8Kkk=; b=Nyx9+bGh61oWewykcI3GpkKU1Hk/Yuq42yjiLpgUw0x5SfTHKZbP2C+T1bca2G7v8B i2loRF49yxtHfkdNAuwVBSU48vkMeIOzg74EZw8kpgGgymRhxilqAYKH/ZEzb6ev22Q4 GOEpbYEvCvBuSYLf1RtatJU1T9VYtQKBHd56ppe5Kc+zKLnj/atxzp0xQsqA3LE2UUN9 RN8GuoluLsBky2iKOM3Kju1ppa9S8d7992wl5IjgM6cx57TJ9PEnRvvWRi61Iw9JtLSq /a16nFsCgSHzvCFJK3/6KNMPQAz7HBlZrkjLyKBEZ2aTq1qpcF65LC+ojqH/8CcsadiV 4MEg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:x-gm-message-state:from :to:cc:subject:date; bh=T7nqyLymrAPWRu1Qfx/KDRMDQXwkMp4kJvJcfMl8Kkk=; b=AB3vGjv77cKGKj2CcvwDkkRzKVQ9efKkE9oyFTcfj5vdfq1Es+NcvMl30iddIRPtDf MC/6dU8jjuXXU1bNvXpmufo2ogBDA28AkEuvLlWuHlEhNOQW0vN5hbGpOOpMu7Epfvrk +dQ5deJNkE6T2D26+OycJCDBiDUhP8CA/XR7ElahKgXwdJedokj3HdRE1XCELis35iMk ghDhPb4uSnzRY8bkurVWJAO4OnPnVB6HmpXyOuVrRu2OFa7q1KXFBenJBex2aB3++n3b hs74qBwgdjnuuc2Ac7I1x3lRkYE0j7NQ55FTzy1iIvJqcMYKYww19TI8A4NXIyHUIhhK p0wA== X-Gm-Message-State: ACrzQf3SRSSknU1DAbHnKBxLaMP83VvKpY4i3yi9G0mYI8O+4L22zJde bOG+ZkfV45sQQELGBLKt2CspVVnxPzolJw== X-Google-Smtp-Source: AMsMyM6ghu3di447QY5Wk0SWGsMRzihNLlLg+1ke2knEEToScc3qapWERgtmW6VKIaxtYiFpGNNEMg== X-Received: by 2002:a05:6402:1a31:b0:458:587e:e397 with SMTP id be17-20020a0564021a3100b00458587ee397mr3256271edb.31.1665127244333; Fri, 07 Oct 2022 00:20:44 -0700 (PDT) Received: from Mini.fritz.box (pd9e36c8d.dip0.t-ipconnect.de. [217.227.108.141]) by smtp.gmail.com with ESMTPSA id e13-20020a170906314d00b0077205dd15basm785779eje.66.2022.10.07.00.20.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 07 Oct 2022 00:20:43 -0700 (PDT) From: =?utf-8?Q?Gerd_M=C3=B6llmann?= <gerd.moellmann@HIDDEN> To: Po Lu <luangruo@HIDDEN> Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs In-Reply-To: <87edvkqf94.fsf@HIDDEN> (Po Lu's message of "Fri, 07 Oct 2022 15:12:07 +0800") References: <m2a669atai.fsf@HIDDEN> <83fsg1osb1.fsf@HIDDEN> <m24jwgbzm6.fsf@HIDDEN> <87r0zkqxjb.fsf@HIDDEN> <m2mta89q94.fsf@HIDDEN> <87edvkqf94.fsf@HIDDEN> Date: Fri, 07 Oct 2022 09:20:42 +0200 Message-ID: <m2a6689k1h.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/29.0.50 (darwin) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 58334 Cc: 58334 <at> debbugs.gnu.org, Eli Zaretskii <eliz@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Po Lu <luangruo@HIDDEN> writes: > Gerd M=C3=B6llmann <gerd.moellmann@HIDDEN> writes: > >> So it can call redisplay in some cases, and we have to protect against >> it? > > Yes. But only inside a popup menu or drag-and-drop. Thanks
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 07:20:31 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 03:20:31 2022 Received: from localhost ([127.0.0.1]:34165 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1oghep-0004fw-3c for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 03:20:31 -0400 Received: from mail-ej1-f48.google.com ([209.85.218.48]:42596) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <gerd.moellmann@HIDDEN>) id 1oghel-0004fh-48 for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 03:20:29 -0400 Received: by mail-ej1-f48.google.com with SMTP id kg6so9377647ejc.9 for <58334 <at> debbugs.gnu.org>; Fri, 07 Oct 2022 00:20:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:from:to:cc:subject:date; bh=rVqw9HlUaFlWVR0DD7i9Efb8BnvzpUJo/gskHO/vOeE=; b=mGPuAvNaW50w5N0x/n1VL2RR7lnQ+YF/I1A1GwUhW1Ur6LYIYX1nX2gDcVS0VDG3YG 7NdpJxEmKgsD3F4xtc08SZlmwbvU16WG+194mPlS2xcg6vIZtDUP0q8Oy88ID2LP4mGI NcG8fX7z9bmpoxL7VyQKQQ9GqvzMmEvAtxlrmI/7sthT1O8T8tGqiOkA9kPmw9bwHnUj YmuPHbe+Bn1nyFx54MnTCRH2UTbQOI2b+CHZuJwhzKUXA3BhEnxGlqHscU9FzhKLeT5y /hUQU8D3FiqcoDQ7+kpAa/mCzIrou4gMAYuB3nzzii/ID75Q3PAlvHctxR8JTcK8uDR5 q4NQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date; bh=rVqw9HlUaFlWVR0DD7i9Efb8BnvzpUJo/gskHO/vOeE=; b=fv5jvw4E56vBux/Mj3FimuL3MRqeDoIlG664JL3fwVD0gfuolR+Kb8jBbUnZSNvGcO sFvh33o2LwOPAHRUHRR9JGjtlV/47XfIoBYqApNN4LKpm9lz2Jz1Q6CPCg1C0zyaolwA HLW/40RnNsT6uYrB7EO+fe2xzOi0YZ1YGKFnSCg8ck/i9p1ktZHnZcftTjtzDa0ovj/x 3/qRWJC5Z0xsansynPLAht1xjQECjZNJK4U/Ln8PHdqgWDTv58aCP5557b2i3H6C484x F96wVomYzlE31ST2I0M/BVlJEaMCCQQPvKGXSfobvFn+QYYBwxjdmn0tT5XQ1xvBrEqk eZbA== X-Gm-Message-State: ACrzQf3Qdz5DNq64aX7YJIMjIjoxiTdeqqmXcEFs1F+Sny+CKZ3VjvD9 ev5ZRHdKAEOs5J7o3j+IXpCvvlNaRVXWYw== X-Google-Smtp-Source: AMsMyM44S/nbeytjJBBx6R6CE+mW6+ogsKwRgTnZTafGNntolPzThjQ3jtVjuuYp+TwhNDxpZbUNYw== X-Received: by 2002:a17:907:75c1:b0:783:a2c1:860a with SMTP id jl1-20020a17090775c100b00783a2c1860amr2961627ejc.641.1665127220818; Fri, 07 Oct 2022 00:20:20 -0700 (PDT) Received: from Mini.fritz.box (pd9e36c8d.dip0.t-ipconnect.de. [217.227.108.141]) by smtp.gmail.com with ESMTPSA id bt6-20020a0564020a4600b00458dda85495sm941066edb.0.2022.10.07.00.20.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 07 Oct 2022 00:20:20 -0700 (PDT) From: =?utf-8?Q?Gerd_M=C3=B6llmann?= <gerd.moellmann@HIDDEN> To: Eli Zaretskii <eliz@HIDDEN> Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs In-Reply-To: <83v8ownmi1.fsf@HIDDEN> (Eli Zaretskii's message of "Fri, 07 Oct 2022 10:03:50 +0300") References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN> <83v8ownmi1.fsf@HIDDEN> Date: Fri, 07 Oct 2022 09:20:19 +0200 Message-ID: <m2edvk9k24.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/29.0.50 (darwin) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 58334 Cc: Po Lu <luangruo@HIDDEN>, 58334 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Eli Zaretskii <eliz@HIDDEN> writes: > (Gerd, was your build with --enable-checking?) No, it's with -g -O0, ASAN, and without native comp. With enable-checking on top, it's so slow I can't stand it anymore. > IOW, I don't see how block_input anywhere can solve this particular > problem. I wonder too.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.
Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 07:12:27 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 03:12:27 2022
Received: from localhost ([127.0.0.1]:34128 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1oghX0-0004Ss-Q6
for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 03:12:27 -0400
Received: from sonic316-22.consmr.mail.ne1.yahoo.com ([66.163.187.148]:41147)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <luangruo@HIDDEN>) id 1oghWy-0004Sc-5h
for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 03:12:25 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
t=1665126738; bh=VrmO5b6a8xgQEHHbGvkqPEIuHF1uBbgWGOs5qBC2wn0=;
h=From:To:Cc:Subject:References:Date:In-Reply-To:From:Subject:Reply-To;
b=XBu4lZFulxH+GfdsFp9odId/L5DjbjdSxkpDtYwey4Iz0zSkOpYxGCagXUn8QCgwe7u/spJvU+lL1prDKjDsDnk2fPKtmZOEmOvtKLk8JWMvAOeFZiR5UtfskUPSboLsAB+chKnVQ4QWISMkSNj/40rXFm3lkddAWAvR3jISPOxaz8w0mM8CFXmb6W6nN7RCp+AGbsZGmPieY0A0TE/QuyArOgnhHdVSAYZI6Xd3q14ZMj+9BB8trzt7MyBiS5EYhJYRgXr3o1qhqFD1lZFVqla3ehhYRtY/Stc5b0gG/hYKwVcivuDDKymMR58KsCqKNDizR+kGwU8YEWZ82ZJD9g==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
t=1665126738; bh=X0a7mmIOPZfjfvQfLLPMHUetfxX2yNnELvA/10Lq6tC=;
h=X-Sonic-MF:From:To:Subject:Date:From:Subject;
b=a+K7sw9GhyFVMdIsuJpbwFF7lgiB87YsCWfkLULKtRcTpYihpgr9rDwnRmWBXFH8i2SIFaqVkiUMHlr4HFCluWsc3tzlSmvtxzVzBk22G4IxX++tZPwW40bULw5pCHpn1TYy6k9YhCxJD1CxJboBa7zNUfsV1Vp/yg1Uapd1EgduwwmSLF9T6NGCLUkD88pGHJXGj5Tjav3RIDZH2y3KSb2L54mDS1KPO0qiMwvMTsOwNuyq0BkWKo6RJICbtch5THcck044bBV2zNdEvmnUCmrRTB/EntkT7HBipU8vEJ5J2wL6Hp22ouanpU5vf5eZ1pGWOUM2Ba+FJoU9httTIg==
X-YMail-OSG: sQhjZPEVM1mM5d07tvUTn9txSvFo.AL_BUuKsAYhqn88iNHPG1jYwQmuJe4Pisi
moF_2NVJ5941YQL_Zbt3l0bzjaNqVCGTrF7jQBCuj28YMDfnGReQ3Bd7pwFVPV5qwxevCIB64Dxb
D23MgdDMPgUJPaoTOHZbm6Epa0HZmOCKW.B5sVzkQaKO7KhHT2fin.OasS9viRHnUrxWekiiRZY8
ff7R6GmyM_rtPrhkAjtW8emEr1cCgZsfNWrYWRGaiNIIWG7rJm2.FxgEyUg3hJ_vLAAyILwNJQDk
tEc4oiGOVLSF.Mqyktlnv1KTXiW0j8K6TwX52LKOYAzHnzfVviihF4LCnptT3weCVHaeOyhWbExG
_HejvydU7dmdvojuYpDZSPlyDpUPxlI1zMcWybR6NOo2tDQkbbC2My5wXWH8doDLC4lY1Udk0cnk
nSTlJ0QVmXDcO9vTUUVg.1l4918pafzc6v9BNw4fQ.fLRC4ZbntmLzEK.bJQ6d4tkvcjoVErmPvl
caaiG8Db57rR_o1w4KIhPSQOHFokVZsEwtKmd4Wh1TYWWyAhK0eIc9RYZVfu0EXWnDz7NQ0.J.Or
1L7nOuvMEL0rCNo6HzCVzYQxj5ghrkjBOAxGDEeacrFE1vV5yKMqJB00ATr6DaLJzHlIysNz3ayJ
YxFgw6xb9Wf2XnB1lcPULp8IWbRIrCmGLP8iKYmqP68B9tXnGCpdW39WHJJJ9pOqPznYDgdL74QA
2sJckyG1DRkWhi_g52TnR6thLkzemjCtngXLwjhIom8Ygh9Gc.vOs7PDXy6BN6yQIjKyBBXK8soZ
8IzWDNqjsAjcaUY08gsSDh7kWptg6SZ1UawWhsWGqmS4PST3M0eLt1BDrJkWkGmLHV3TzftFEIOj
VlQh19FeaRtH0imJponRwCB.NOam2grZaXdSl3hghaLKnamCTAZJYC5LXrquTzg1M15gFnJU7OXY
jDQHf5LbOYocyzLfhYgViMtC_t5.Qz7lB_imwhrfTUdDYXFcZVJPa.GujPihLv07UYOZmWO5nbcI
H7SlZmACqFZeU2D26n7URHSRUAtL.7rBOh9jroHaAbTPvlnoCeLuv2bJGnqKH0N53S.sRj92k0xv
xBwS2dsC62wqeXI2a.OV5sYYe9N.4mjH1_KiR2091A1cCsKCHn5gYIhnMpcxSG7pT59gDzsFEJAr
BePfrwY.EFk0z8Kjiv6rkVEL2qsqHX7IyXlWmlZDiw6BPyslekol90_GZyEjaeMbOssUKRIe9jSR
2PDgs_1JhDn6PTmuGTyXrpScZlRdzXHDOIxfC.4jsolre7Iax3pQOowXf.EFyk54FUooQNumbZCi
DlOYJRuC.z9jS0K1oDHtHJKoJkqoz4o90MV_pZJkbCYCvG8SbalPUoTmEcNjUIPwrYDjEgyLpDi2
sqDjMO_ok36FPxgkEaqN4b1aO3wYBp5si1YnYF3bDpOoT7rIiXvGcoJTt.y1pjkxZUePzuPTwliC
dBqTOFggEGeKCSIHMkanqbIZ_38Fkkcf_3T9lA6unOx9CzeFSPq_pgSJzEpAoeojJT9VqNAq6Kw6
2xm9epV0aV47m_mYRRkmyrwqjbCFLeSaj7gw7JcGMXWmxxpCTW3XnAD_6Y5ZAJhxB11hw_uQN0od
EB2356KXKbKyrfOUZ3o2sa2S6GdDcYGEZgHpJuEuHLQLzuTKZQUb_8j4ZUP30_ywqKyS9_KyUPzQ
k0UiTF8kXuGYs8i.6nGYS4RC5uuikghGCGPPsY5xmeCBY.WW4Pnr9ncNzVAJByzeoOUzLHfgUuju
GfGNUvCfnEIi5OYWH87Z93XrYwLB2RwIi8oLdgmecWx9639QzzTOfzYk8WSUNbNZeuiHWewsCJ37
NwbMMaEkN5o6R4BM33N.ZpH1JXyr7j54Lt7ATsSX3Nj7FNTknd7PY2SiYcXgRHW3GuhnZLrE.seH
cbJ4R8u2.4qZhIvc2NWJ1BLpBaVS21HepAHNbXoPENRIX_rnm5fC94fQ7hNIXo5zJu5rGFuIfoSl
8cOQhwBIi_7hMoGlDxiOH.lqe9AxAEThy_aEyqhUj5.4RaLHD.vwRHzZTw3jACe1CIuSxeEuwkBz
Z.rlpKJHHypJCXq__rPPQKfcl0wNYpj8ZtKJyGYPxv34YQZxTQu.0OQYmdCgr_EeM1gPUTfhEzts
xlrxHhGWYhH5k5YL4Y5M5g_LX7mcGWLFlhNT8lMGHISW1P72PAPYKXwDjrR4wKt7y4mLcuCKcP0A
FKwEwlSU_BCk3LqVCdKBpzn14fO08s582MIHaa3nlF8hyyMsL_u0Vh4cRWQ3gBbZBBy3Gcw--
X-Sonic-MF: <luangruo@HIDDEN>
Received: from sonic.gate.mail.ne1.yahoo.com by
sonic316.consmr.mail.ne1.yahoo.com with HTTP; Fri, 7 Oct 2022 07:12:18 +0000
Received: by hermes--production-sg3-cf9dc7f8d-4vdwh (Yahoo Inc. Hermes SMTP
Server) with ESMTPA ID a0007af40900c11a07985fecc06761b3;
Fri, 07 Oct 2022 07:12:12 +0000 (UTC)
From: Po Lu <luangruo@HIDDEN>
To: Gerd =?utf-8?Q?M=C3=B6llmann?= <gerd.moellmann@HIDDEN>
Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs
References: <m2a669atai.fsf@HIDDEN> <83fsg1osb1.fsf@HIDDEN>
<m24jwgbzm6.fsf@HIDDEN> <87r0zkqxjb.fsf@HIDDEN>
<m2mta89q94.fsf@HIDDEN>
Date: Fri, 07 Oct 2022 15:12:07 +0800
In-Reply-To: <m2mta89q94.fsf@HIDDEN> ("Gerd =?utf-8?Q?M=C3=B6llman?=
=?utf-8?Q?n=22's?= message of "Fri, 07 Oct 2022 07:06:31 +0200")
Message-ID: <87edvkqf94.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.91 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Mailer: WebService/1.1.20702
mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo
Content-Length: 188
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 58334
Cc: 58334 <at> debbugs.gnu.org, Eli Zaretskii <eliz@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
Gerd M=C3=B6llmann <gerd.moellmann@HIDDEN> writes:
> So it can call redisplay in some cases, and we have to protect against
> it?
Yes. But only inside a popup menu or drag-and-drop.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 07:04:11 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 03:04:11 2022 Received: from localhost ([127.0.0.1]:34111 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1oghOx-0004Fa-Bj for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 03:04:11 -0400 Received: from eggs.gnu.org ([209.51.188.92]:46150) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <eliz@HIDDEN>) id 1oghOs-0004F1-3Y for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 03:04:05 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:53022) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1oghOm-00057D-Hl; Fri, 07 Oct 2022 03:03:56 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-version:References:Subject:In-Reply-To:To:From: Date; bh=ULxdV9onmU8zcUtd7xRG0mcRXNHGtlm/uGC/WKzGL0w=; b=RpoKH4j32ip81vvFtkPZ GpdqxEM7/+dt11AGSSVuS1KwXn8pkqMK7PTZst1sHUHIyKPkp45BuQDAZBE/t4zsBoSBWZlcaeC5l x3aVnn6P5NPxRic9v8pK5vkld4SzPhThVbAr19POi5zRwX8UQ9zTfhR1X0XaDRU6pKSH8AgxOj7Sc yRCkZyiWBXxJHU5yU3jAVuwJ7+GkZuG01lkP/ixsN/8wLKiJ8Rz2dHmxI/UWUEKwMJNbh9sF2oWbi II94QlLFLTIDNswogfmMW4dJ7UqKGDNPcEhYHdPUze5522I+g+SkrkGTiW14WNxYOEVpfUggLi+O2 lMSbDVWZGDko/w==; Received: from [87.69.77.57] (port=1238 helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1oghOi-0001gl-6a; Fri, 07 Oct 2022 03:03:54 -0400 Date: Fri, 07 Oct 2022 10:03:50 +0300 Message-Id: <83v8ownmi1.fsf@HIDDEN> From: Eli Zaretskii <eliz@HIDDEN> To: Po Lu <luangruo@HIDDEN> In-Reply-To: <87mta8qx48.fsf@HIDDEN> (bug-gnu-emacs@HIDDEN) Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN> MIME-version: 1.0 Content-type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 58334 Cc: gerd.moellmann@HIDDEN, 58334 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) > Cc: 58334 <at> debbugs.gnu.org > Date: Fri, 07 Oct 2022 08:46:15 +0800 > From: Po Lu via "Bug reports for GNU Emacs, > the Swiss army knife of text editors" <bug-gnu-emacs@HIDDEN> > > Gerd Möllmann <gerd.moellmann@HIDDEN> writes: > > > #0 0x1033f2ca8 in wrap_malloc+0x94 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x3eca8) > > #1 0x1005af4f4 in lmalloc alloc.c:1361 > > #2 0x1005af40c in xmalloc alloc.c:751 > > #3 0x1003f92b4 in make_realized_face xfaces.c:4471 > > #4 0x1003f5c00 in realize_gui_face xfaces.c:6023 > > #5 0x1003e4000 in realize_face xfaces.c:5954 > > [...] > > > #14 0x1005592d8 in Fvertical_motion indent.c:2241 > > I'm pretty sure the right fix is to block input around realize_face and > Fvertical_motion, since that code is clearly not reentrant. Why isn't Fvertical_motion reentrant? Anyway, the problem is not that realize_face was interrupted, the problem is that the face realized above was later freed as a side effect of calling redisplay. And the display code (which is invoked by Fvertical_motion) almost everywhere assumes that FACE_FROM_ID will never yield a freed face, it just returns FRAME_FACE_CACHE (f)->faces_by_id[id] without checking whether ID is beyond the limit of the frame's current face cache. The assertion there is not compiled in a production build. (Gerd, was your build with --enable-checking?) So if the frame's face cache can be freed like that as a side effect of maybe_quit, we'll have to introduce cache checking into FACE_FROM_ID, and if the ID is not in the cache do whatever it takes to correct the situation. IOW, I don't see how block_input anywhere can solve this particular problem.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 05:23:18 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 01:23:18 2022 Received: from localhost ([127.0.0.1]:34011 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogfpO-0001dZ-FH for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 01:23:18 -0400 Received: from mail-ej1-f43.google.com ([209.85.218.43]:35448) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <gerd.moellmann@HIDDEN>) id 1ogfpM-0001dL-1y for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 01:23:17 -0400 Received: by mail-ej1-f43.google.com with SMTP id k2so8989514ejr.2 for <58334 <at> debbugs.gnu.org>; Thu, 06 Oct 2022 22:23:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:from:to:cc:subject:date; bh=yNCmRMFIG5THEdDYu8zn2awL4w22VKRBGTQC2AX4cQ0=; b=HjN01agLWE/gZkclkxttd3HD55IwCc59awlKNmQJeUM9Z48tdXjVW7Yj47qZfL4ZQp srDdve4NXruNFFWfmVbBdU1xHgO/shnQZ0D+siS+IW/E2cnlNjHe5cpBr9FYFj/rUMaq 3Y1aMaoncT4XRo0ZRK2MTPkihEofCTZN1uD21GyqXHCTqt47db2VFAz3mFE+z8JHleDo EMaINvfPjQzJsrgPFTY21fR+/yDdrGhhlrkBeY3gd3VaySjdRdK+wB4PnjizkNAWCKai Jh9GQA5jg0P8TZ2nbiwVCXEoOw40sU5dSE36rkHaKPLc27kHnmgxGsBoEGPwr2az/q6I ey0g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:x-gm-message-state:from :to:cc:subject:date; bh=yNCmRMFIG5THEdDYu8zn2awL4w22VKRBGTQC2AX4cQ0=; b=suH1w1RGA4oB++8f2JrpKXx38D/SP42hxsejeE/I+Nlpcok1afcwBqJPAJp5oZEzBz ZsdhSr7HEIT2Qr2J+TRA4Q1vD0ahspekUmUxxN/d+VyRHykypN/8xy0bm6swX/UR63W5 i3Mv2wytLkE8skqfENIp+L3Of/5aaXa+uShOxTUQDbbSmC6ZK7dqi6vR0GCC/nI9tYbJ HNpEu+SfuGuX+w7e3D4Ob7fx5uzs+kEKslAdtHHlEZ58YTd8WT2xVp7Uvix/YcDh7rVq 6gD3CMwVsp1LoRXv4A/k1MR21r29JRQ7YP+L0L0BDqE0kq6gS5Cd4JPCZNo1jzZik2+a pXtg== X-Gm-Message-State: ACrzQf0oNP46KSAAA+4+FbSN2h6Iz3io7E5vJrLr2AlmJ1bnWB8Ina5P pdY7WIrxQ3iI1idGAQUq2N/x54E493NTrA== X-Google-Smtp-Source: AMsMyM7A3Pj+0fbZaSBbHLoFT4hHKfJDgD4pdBwi1e7UoMMGtAACc71nv4HgCUQBRkpGTbAzwbW+Ug== X-Received: by 2002:a17:907:7f02:b0:73d:dffa:57b3 with SMTP id qf2-20020a1709077f0200b0073ddffa57b3mr2745521ejc.19.1665120189691; Thu, 06 Oct 2022 22:23:09 -0700 (PDT) Received: from Mini.fritz.box (pd9e36c8d.dip0.t-ipconnect.de. [217.227.108.141]) by smtp.gmail.com with ESMTPSA id lb6-20020a170907784600b0078c468bd604sm651753ejc.57.2022.10.06.22.23.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 06 Oct 2022 22:23:09 -0700 (PDT) From: =?utf-8?Q?Gerd_M=C3=B6llmann?= <gerd.moellmann@HIDDEN> To: Po Lu <luangruo@HIDDEN> Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs In-Reply-To: <87mta8qx48.fsf@HIDDEN> (Po Lu's message of "Fri, 07 Oct 2022 08:46:15 +0800") References: <m2a669atai.fsf@HIDDEN> <87mta8qx48.fsf@HIDDEN> Date: Fri, 07 Oct 2022 07:23:07 +0200 Message-ID: <m2ilkw9phg.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/29.0.50 (darwin) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 58334 Cc: 58334 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Po Lu <luangruo@HIDDEN> writes: > Gerd M=C3=B6llmann <gerd.moellmann@HIDDEN> writes: > >> #0 0x1033f2ca8 in wrap_malloc+0x94 (libclang_rt.asan_osx_dynamic.dyl= ib:arm64e+0x3eca8) >> #1 0x1005af4f4 in lmalloc alloc.c:1361 >> #2 0x1005af40c in xmalloc alloc.c:751 >> #3 0x1003f92b4 in make_realized_face xfaces.c:4471 >> #4 0x1003f5c00 in realize_gui_face xfaces.c:6023 >> #5 0x1003e4000 in realize_face xfaces.c:5954 > > [...] > >> #14 0x1005592d8 in Fvertical_motion indent.c:2241 > > I'm pretty sure the right fix is to block input around realize_face and > Fvertical_motion, since that code is clearly not reentrant. If we can find one, I would prefer a broader solution, even if it is a bit heavy-handed. I'm a bit afraid of finding these problems piecemeal, and it's getting a bit tiresome, but that's just me - why do I run with ASAN... > >> The problem here, it seems to me, is that the redisplay done in >> -[EmacsView layoutSublayersOfLayer:] nsterm.m:8675, frees realized faces >> at a moment that the code doesn't cannot expect. > > Also, how come layoutSublayersOfLayer is called so often? AFAIU it's > only there to coax the system into actually resizing Emacs while the > system blocks the input loop from returning control to Emacs, which > should only happen during drag-to-resize. I don't know. Does it help if I describe what I did? The backtrace I showed was from starting Emacs with my init file. It was busy with restoring desktop, I think, and at the point where frame size and poisitino was restored (just a guess), it crashed. Today, I got basically the same crash modulo Lisp frames in the backtrace when finding a file in another frame.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 05:06:41 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Oct 07 01:06:41 2022 Received: from localhost ([127.0.0.1]:34002 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogfZJ-00015t-Kh for submit <at> debbugs.gnu.org; Fri, 07 Oct 2022 01:06:41 -0400 Received: from mail-ej1-f50.google.com ([209.85.218.50]:35510) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <gerd.moellmann@HIDDEN>) id 1ogfZG-00015e-JX for 58334 <at> debbugs.gnu.org; Fri, 07 Oct 2022 01:06:40 -0400 Received: by mail-ej1-f50.google.com with SMTP id k2so8938487ejr.2 for <58334 <at> debbugs.gnu.org>; Thu, 06 Oct 2022 22:06:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:from:to:cc:subject:date; bh=68jeuXfAbjp1ZW9WmKCjDvhmiN4eR+ETQ94MNiEmjXw=; b=SM2n+SUpNxgGsA/j+i/0Rdn/ZXHp/u09UqAR5b2kp3mAEEHotjQSnXkUGpgeK7yCCO BS1d/gRj/8K+2vKum/y2nQQGQ/VUO6hiG1X2NjwEQo8Xl9i5t+kaJGLmawJB0fktW9z3 9GpVq3N6AmSelbMhuzBy2k9s4mHcLmzzw0nRRPnsD8pxUSOnGr8Am3ndOQKKUqEzzWjO Du52APh91fKGl1Y8GTG6CNAnyNxcqeQ8n+hWAD//MUUnnLaJzp/aU8tXWxh7X62A0vIB v+kaOPAy/zi6A777/c8XlEJqzED3JdFVV42n4VvnfHLQF5SoljAEdeqQXnpNiiAzoVFJ nOGw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:x-gm-message-state:from :to:cc:subject:date; bh=68jeuXfAbjp1ZW9WmKCjDvhmiN4eR+ETQ94MNiEmjXw=; b=KggNecG8LmaRmsVbC+wzRdqSsSmFtTSqiVF7uSBz/JIuU6Efq4N9tvAfdLgzP8974b h32EIf1IiB2lsi5YsqQoX3zzWjZ4s6uDrZGS70fgyctUORECp6NDXaDEfDP5A/s0p7tH E3ABFkpGVKWqcY8tFhx1EaiXal45ToM5LpT+CVjHH+EisYTIwj2H6wNngfib5rM+2aPG 3TP1oioPz4wd4x+KfrT4bxMiIkDFT8PvDNiPg0ON77dFWkWHLCSG+oQE2e1w7Mu9xy5T 6abo5pAwJrBUHJAbCIgtPuWZjqqQzTsTLYoBbTAew6Sxpc4R2h1mqUbcQODkTWmjOjzf BFVA== X-Gm-Message-State: ACrzQf3bwJHVwFqVEfgbMSw+Iyy5PLh/QqW86aWdT1sDpDQBZZ958TKL 59n6MX+p40YRUa0zCAfYgtMkonZGAOY/VQ== X-Google-Smtp-Source: AMsMyM6KtzRwZ1LNhv+urM9CzBUB30EsbSWofIyTFIqaCHWqN4wiOFCVHcx9YlHXOyCig2GxMiK2bg== X-Received: by 2002:a17:907:a407:b0:783:5465:902 with SMTP id sg7-20020a170907a40700b0078354650902mr2627359ejc.35.1665119192632; Thu, 06 Oct 2022 22:06:32 -0700 (PDT) Received: from Mini.fritz.box (pd9e36c8d.dip0.t-ipconnect.de. [217.227.108.141]) by smtp.gmail.com with ESMTPSA id g9-20020aa7c589000000b00456d2721d93sm686624edq.64.2022.10.06.22.06.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 06 Oct 2022 22:06:31 -0700 (PDT) From: =?utf-8?Q?Gerd_M=C3=B6llmann?= <gerd.moellmann@HIDDEN> To: Po Lu <luangruo@HIDDEN> Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs In-Reply-To: <87r0zkqxjb.fsf@HIDDEN> (Po Lu's message of "Fri, 07 Oct 2022 08:37:12 +0800") References: <m2a669atai.fsf@HIDDEN> <83fsg1osb1.fsf@HIDDEN> <m24jwgbzm6.fsf@HIDDEN> <87r0zkqxjb.fsf@HIDDEN> Date: Fri, 07 Oct 2022 07:06:31 +0200 Message-ID: <m2mta89q94.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/29.0.50 (darwin) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 58334 Cc: 58334 <at> debbugs.gnu.org, Eli Zaretskii <eliz@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Po Lu <luangruo@HIDDEN> writes: > Gerd M=C3=B6llmann <gerd.moellmann@HIDDEN> writes: > >> Po Lu, is this also something for Haiku? > > Haiku calls Lisp in internal hooks (via safe_call) in > gui_produce_glyphs. It does not call redisplay itself in input > callbacks during normal exxecution. > > An exception is made when control over user input is transferred to > another GUI thread as part of a popup or dialog. xselect.c and xmenu.c > do pretty much the same thing. So it can call redisplay in some cases, and we have to protect against it?
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.
Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 00:46:36 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Oct 06 20:46:36 2022
Received: from localhost ([127.0.0.1]:33884 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1ogbVb-0002iN-Mi
for submit <at> debbugs.gnu.org; Thu, 06 Oct 2022 20:46:35 -0400
Received: from sonic314-21.consmr.mail.ne1.yahoo.com ([66.163.189.147]:38768)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <luangruo@HIDDEN>) id 1ogbVZ-0002i9-Er
for 58334 <at> debbugs.gnu.org; Thu, 06 Oct 2022 20:46:34 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
t=1665103586; bh=hbVZCeak24swYn4qwIUp/r7qVJBmx7nFe20WMY7AlB8=;
h=From:To:Cc:Subject:References:Date:In-Reply-To:From:Subject:Reply-To;
b=A6+Qn7bkqTwr0j4NQ12W89FJ4hwUl8MRHm3HyaeGEJCNK4tZU7ZLaZmkFxnuWa7zGoUO8C//301hqFbH7VV5SWRddSOBB9DnYlCECXNtS3C1QFEZFHc4IviVeXlfVyu2c+e+psCgcEVv9PZjUnG70jidILERWuttCrTh3oirT2JBNchIkxUY80imcJMacAY2VEPh0YXXFWjMyFsqqs03Al2xXUxhuJH319ECWS/SCEKV5hdS/ps6gThUWQhp3/3OG7/l3aXHtjxDHpadkjbQ909hBVI4gCTbmATw5hoPONsr6FFR32hbi09kjwSzI7a4Q35F8SQDqydtk5hCmbqmMg==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
t=1665103586; bh=Z81AkvViGkcWkBaIWDe45OZ5a77p6SoDJD7fAkmqgzw=;
h=X-Sonic-MF:From:To:Subject:Date:From:Subject;
b=L/QHJwsup0NDFUgR0M6cHvu+CZvsHepaDZkE6/3pvn7vMXUJ23pdriGU4bijgN2LOvBqeomjQ030YQADsExmbibmZAS+hfXs1mxYNqQ5Tioks3PNqKQmjsBoejwl2Dx37lGkOngRkGFjR4vhvpTGu3sKg5pYbQ95lVi6Hdkq6CeLpPoKOn/tdbH64zArM5iO3HOeFfi8YHVUw8an8SWYPcJwNbK8Wdo+t/Ythn8sactvtT5tSh8YrvOt9ZIdVLm/j1Nhdq6SgyyPzCMGM3sQ/KuvAZijOiAesOgPO0B310Mc+5EQyXaKQVNEMFs09LFwUOlILzhKuZBW3NJwOgmMpg==
X-YMail-OSG: p6Ygv_8VM1nlBGjjXAnY19V.3arwbvQ2jBLnBpA0APxe1U9Jij3fUxQ.xo_aMJc
6.eXVW9WQtCzSK5.4mJ9pgiOX5bjuZiPebPZXtQ_5pPFL_O6nKjL_NYM82.r23BwRjCyfUJU7J9n
zoLceuV0FzCJdwofhO41wT5CNMDGM_os1QJAo70DtDPN3e9t34TIoLvU5ZDXlQYCO.YGoXPKr1EJ
JIQ9kW3l7jg.eLQ5UqIjlg3X3at10CGFOsuRGttn1dYP5FJNxIjBjADiJJQwu5z9x7ZzKKQEO.N8
79nDq372iRREy0w.5f54Y2SA8LWSTrMtc1tXBSJzUb5ahVIo4FPhHFtrqu.gJcL3cznEYWspfJD2
5W8DDN4DipVWCfGUGwJ6wzgbxmMFzZAcZiHJqhKZotldXOd7QSrGPXoV9jGVv4LWwzB.VVVK0aAC
1Q0OfwtE7rggV5PlvUe1qAvRl6SSzS9mw72xedwRdOH_fguOy9OER_trrSw_nTvGZKaD.Kx7ShoG
0RqRI7dr6DC5aAOiaILpIumlRCCHpjvUh1UmaYQxbMunBds.T282BCxJ2EWHglsAdqMgTUQgZzem
KaLAjjaJ9qoMwAsdsaebEiw3xr5p5qGNWwHwIv_gwVFsZAlX9vlikl1s6p8sCUmE_X5na8XjKGXw
0Zva2OHqYx8p6.xgwYLFS7dxFGvPuygK8Svl6QYHTb54liDI.kcH0wmnfTn.YkKIbagW_57FtKNl
_XJGXCD6rPFqpCUHk0mI0tNa8IOwMcjDzA1r3uTZ5iHh3JbTt9mxLkiDkd5jJ2SXLL7LEMJYkuXG
NRu7tMfJse8wbZVq1jrIvZdS8fIEe565YUChUL9nFvXnnk.w4xP4igBACnHd98xwR.vXTMuhr0rl
lBqdXJyzsWc8jGZgtjHmDuLfqCmHTfiEABBmYzHHiToDOHKcS9.myxSWDK9Ff7uXhxyCwG9MgODS
KV8b5hUQ1TEzszVIs7KROz8tIDriomAMlHJC3Wkg6EDUA01yDgeVJ8mIWwdQlgvDDDKMiNbR6_Wx
9lPtWil5PT7dcs..c3CYnN31evQKqQLQEL323mAO7I2TuczpwaiRkViIt3nNCE06Dd12Flr0EJQ1
R1XBMhPLaS8VzKYNTXUHuk9.GQpY0UMsmSMk6H6icBEt2Hus65CiaIbZztW29CWk1.EjFZ0t626R
dfmqldtcXCVZh5.l6TMal35N5vgzyAiM_lwvM3YvFz79RDHxo9m2yrYfQ0f9BFz.GFKKMo0VTNmA
e8dEB4vWkp7vCxtTsPBL4nu3Q7PolDMt5uipWY9AGfdcbrwK5hqeMUe12LVA4sTRy4ueEMK9SYtB
poXN_pY6NZVrKp5et_WVNvjboM06T5u5lAJU4crxI9tU4GRCScMjF.dY_RNa0RYahOicbij6u3vR
RNFkqTVadYEqnAPP7iXoMp_uI24qzkR6nm1U41kAWoy98fnqOq1IKkrdd1FkF42mFkreCOnApt43
kejR8_1K_7G9cA2_40Ti3YasJ5X8ir7TbpVN5jQexkykLudlEAL1Fvs._272dTffsx.K2OFwr4PF
FuBiCJVc5yGIOa.Pj7RfYQnNSohESt6TWq7UEsGvsCnK.I10XJbNzMm0mJuX6BWyGtbNMxHJ58P_
2s_ekHGT91FtZ6l_RoMBjedMXSTv.pmYaCSAi2qqZxjH90wscdVEO9o99.hybX7p_u2jes8geLmN
KzVAfZQjqpQbsfw4Ynm3zKr3cpKjV.JIW2eWKGVx4n7QBcgVvhwk5hBOSORCx.RxcOtoQRkCKrBS
a1EtH5VReKkVDNQjS38ws31KAbrjjRAe.UdY_idWJjX2p1IW.mYvLEJUTooHw5ZdwB94FXbJkVzy
Vp7dAocbmJi6uYgdPkXr2471RIarPxSWM7MFBYIHoQEVwuri5WlLnNz0_BgB8eyqoI9ZZ6GLzeYG
tLt6bnInZ_caU3dM8ZhAE8yhHCU9V9U0REzQ_Hx.BWcbpPXlAFf6qbA.h0EGlYDaUJi02D7bBJWH
NWGPIjKRCUOgMMVlt6meGjzwZ1yU1EOS9vZEvPjJwCjvDdwYdo_sfPOwIjV.uOwx1bJTVc7utcbQ
hGgUhlPNmFDeDgxwl6CL32K4ErXnmg3GB3ZrzpVwldZvfYQnF0uCgOhqRn9f_jCPRWTsPOzOfR6W
eNdEDkrCH0GKky6x.oQjBeIVjVGqgQxGd6fvCZk.FvACMoyyQ_kGqzjEmW5QH_kP_naMuOiJqRM1
ZbJdTVUsIoON6aHapfHsuFqQ1iI33gEcZqeAX4PjMDFdFZykmauyHQDVTNtB70ATV0qyDkbA-
X-Sonic-MF: <luangruo@HIDDEN>
Received: from sonic.gate.mail.ne1.yahoo.com by
sonic314.consmr.mail.ne1.yahoo.com with HTTP; Fri, 7 Oct 2022 00:46:26 +0000
Received: by hermes--production-sg3-cf9dc7f8d-rww6r (Yahoo Inc. Hermes SMTP
Server) with ESMTPA ID 82f6e26cc52ec5f7e28eae81e310fd88;
Fri, 07 Oct 2022 00:46:20 +0000 (UTC)
From: Po Lu <luangruo@HIDDEN>
To: Gerd =?utf-8?Q?M=C3=B6llmann?= <gerd.moellmann@HIDDEN>
Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs
References: <m2a669atai.fsf@HIDDEN>
Date: Fri, 07 Oct 2022 08:46:15 +0800
In-Reply-To: <m2a669atai.fsf@HIDDEN> ("Gerd =?utf-8?Q?M=C3=B6llman?=
=?utf-8?Q?n=22's?= message of "Thu, 06 Oct 2022 17:03:17 +0200")
Message-ID: <87mta8qx48.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.91 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Mailer: WebService/1.1.20702
mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo
Content-Length: 1042
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 58334
Cc: 58334 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
Gerd M=C3=B6llmann <gerd.moellmann@HIDDEN> writes:
> #0 0x1033f2ca8 in wrap_malloc+0x94 (libclang_rt.asan_osx_dynamic.dyli=
b:arm64e+0x3eca8)
> #1 0x1005af4f4 in lmalloc alloc.c:1361
> #2 0x1005af40c in xmalloc alloc.c:751
> #3 0x1003f92b4 in make_realized_face xfaces.c:4471
> #4 0x1003f5c00 in realize_gui_face xfaces.c:6023
> #5 0x1003e4000 in realize_face xfaces.c:5954
[...]
> #14 0x1005592d8 in Fvertical_motion indent.c:2241
I'm pretty sure the right fix is to block input around realize_face and
Fvertical_motion, since that code is clearly not reentrant.
> The problem here, it seems to me, is that the redisplay done in
> -[EmacsView layoutSublayersOfLayer:] nsterm.m:8675, frees realized faces
> at a moment that the code doesn't cannot expect.
Also, how come layoutSublayersOfLayer is called so often? AFAIU it's
only there to coax the system into actually resizing Emacs while the
system blocks the input loop from returning control to Emacs, which
should only happen during drag-to-resize.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.
Received: (at 58334) by debbugs.gnu.org; 7 Oct 2022 00:37:30 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Oct 06 20:37:30 2022
Received: from localhost ([127.0.0.1]:33869 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1ogbMo-0002Uu-85
for submit <at> debbugs.gnu.org; Thu, 06 Oct 2022 20:37:30 -0400
Received: from sonic309-22.consmr.mail.ne1.yahoo.com ([66.163.184.148]:38211)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <luangruo@HIDDEN>) id 1ogbMl-0002Uf-2x
for 58334 <at> debbugs.gnu.org; Thu, 06 Oct 2022 20:37:28 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
t=1665103041; bh=c922lEgranOCrc21B+sE3pDvG4dkurnPacfzGMjUK0k=;
h=From:To:Cc:Subject:References:Date:In-Reply-To:From:Subject:Reply-To;
b=a3YBSprWvzMU0DIerONJCkCabTmQW+K52q4JmrEpaRX5A/zRROx5O6OYz+DVRVh1FRXH9ec3gVTKjnvDmjpva4yrqyOqpog+ihHTriuamKm2ufpyxJX1VwduJiQtcBgT97PEaogJ5gBb4zdky81r3Yk5t71wjMXBB2c2rle2O626ytvPVChknvLnfm4K/zWQErK6iQZyPj9v1OoLBUeBflcEliK5r/TaoApzcdIh0DbFkMuU+Z7cF39F/+9hy/1PlMJu83UzduBFqnIt7bDGEVhM5vJZHUifeir8d7gCelqn3VobP+bpgRbamOAhnfrMxLGURPIBHRKBlQnRt6oJmA==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
t=1665103041; bh=y5a9J31HIQqxVbZjuvccTwsbQJMvKIwPvUb3we1go0d=;
h=X-Sonic-MF:From:To:Subject:Date:From:Subject;
b=IchIKYf2Opr70v603eyphwpvwRZ/qSyfgJZdhFQ+83NJ7CWwqcESb514MF3j3dqKa4OkyWeXOVXrFr5R7B4GxgvW15ICHKN6tCfNQL6+BsykErqESY0gQz/Td0MZiaCmz6yV6jUbqaPdAR4vZAn3vZ/zP95hIA5JI2xwJ1lJa5wl9PbZRH6mhuDRpBbQdzG0CBw3WaxukGFooytP8Zhyn2agbc/Hu4CGtevhN00jTPXWJ/VDFU65p08283Vn0OlOgDC1ZfelZ14cU/A8QB1/9DSWTKuOMWM5Byl6fC6A92EpZfSpRri54FyHV+7aSMgg/bbxyrDwSKaoREIsfWyIUw==
X-YMail-OSG: KRcJVooVM1mylC6xAV2Kz.rSj2isWtqaYBrW4XhlLEc9hfc9hFBcR.HMaxrIRhw
SuDUW9Cv2iK7Hh68xPt7koQMYuWQomZE2MH4ajmvUNsCuyyzB_tNlisbzlO7nD.zLABiSCQSvokF
QKXrjAe1YbzjcujLfwiFENuAzy73SGYrfjp0EZOeCbWra.eNiNh2sSlL7X2MeXUZlB4Tb_5c.T7D
wb_Cnt3sb3C8Y4bS488AEQ2PzIJ3NE1OlN5ny1LYIeFT1pVov_Wlbt0Oau7ricEKJMz9nfY.GT8a
SQGGYopVcM7sKXjEDd_C6RnIf9FlnjB0ITbGmBqKXjhEU_OaBurZfZFvgpdx2ofWLPKOJUbs4COI
pQJhF8NAhiYhu8TAPG7V9UT6XalKcYUouD7IcZOWWsL8GIvNl08JRwmaRy5TkAJ7tbas.uyZ1d5P
lSK_gNZblDLo3TaJuoN8CeOTnZ4H4N.ZriyLws5KaKG0XhhcH3GOV0R0qyVB7WGTmQArmY9zzfNx
wJ2XlPk3ubZ3tjxPxGfqWyGi2Orsml2_eliP7Zt9g5pg9yWD7vVsyMb.RBdQN.RvpIkW4_f8rLTa
2GjRc61qP_ZiOW.sZYlIfZ5EPo8h06gHdxSsZJcfsqY14KjqkvfL2B5TI6L_oO4q2.3I20e7BkfH
fdwY.A0AnXdX_jWubwbyBauvilKgwv67yMefFG60wU4sTt5v7_TTiP_e2YpOYcs4D5jeoG7tocUE
gLr84PvAnEFQkdiFws0rq3BA2P9QJhWg7l4bT8wBfqo9bfuAXM5ifCjB.VhQa3a5MndjIvc5aE07
anBzBTw5wb3kRFJPtEnVlj1fRYn7_tl_m_MTSswOOpGQTsZ_6QaVMpQzqIyVXE4iQhWJYbBKIlSa
t.wtC5xADi8WAs_kbrLeut5Fqz6YncvWXI8Vu7QtQqf9jha63ARr9tIGbimdvIVVyCyuDHT69Jpv
4gEuT9Tf07YbQjyPUj1WK161o8AIeYZnQ6b9DFIBw5rt1lFgyNGSUnghH.NBIs7ACWMWvRifcgmk
kFJ4xLqlqa11Le06bsdXmi_A2JzD0Oa7zE73jxk1Ed6PjMRSokdYAkcskvmCx6fduiqGcZn29EBs
s03GrX_OWmHhwYuIDQ5lPn3kKm3f620SEoNmrvxJwqZ8TlBDUlTlBRhagltVdmBuQfuI2uI.KXRw
X_79HI_srkc6UIHsq0GXpTkDZjxgAJv6e2GcETniQ1B0GLCS_DxcWVqpHCeYXefGkNu6tmitE7t4
F6h80SPpgYbLB8_zkF.fp2k5JvFmTHu1pQg6BpFSJFIpPCzTNQwclK1DUTYllNF6L_.V8Pnzq6TP
0A0pKbPiH6JgszzMe7xyVDgNbkp0tX4T4505.kynK9b4_o6aFHRblrlzMywf.mPDIgbjAZ2UAq6m
_wge1M7vPvV6VY4AX9RD_xuBnvZmNFnKNOxTXtwfLZBV3XUPYthwd038W.TMLeJbhHKBzcC49P4e
lgzebXH9SBsWlCpiIY1Yh2O1Id.WViWSdeuFKlgRq0rIVc_DvC2BtstPvLaELIsudoeAN7uPmJ9c
QKBminHM43xPcz8taoOd9Yh5b8enrtfxGhDx28.w8eoDrlPLb6ETWh8SnmUOhixtb.vv7.SZEmvi
PC.pOY.KBDUr93Y0qc6y0wCUWU14fMjwVENwbcLxsSZttSCG95EKv4w2fJcZUxnY8fOLxXCV2zN3
_smQSMW.cmmrZinX1iXf4zhfN2MLBYLW6ue40hGzeNvxHQrUs6BFs5q8uXUZKA4ZMW8GTu2VdDul
EyGOHtm1XzheRs7M.iwpAmNklTRFKrYu2ggAERPEsszFSN8xq6Ml5qcr4Jgi_jbY4.TORBzeGdkM
c7Pn836U4986_uSM2o5pXgAypFOpqY8KoowM43TJWyNv9Qzn.cL9jJmOrYWTp_x.cwOEEvJxyQOW
lV3LIQXsfcERAYcmIhfGINMGnweNG84xu6IaS6sDU2aqBeMjBItlRmLCg5FOZGmt9ji3vN6AghT7
zRSClDizX8xfsQgTTu5WfYsN8bhAPJlOCFjK8IYwyt_eXo0AwuKZdQ6k1cJCxSkIN1NVABgpmeCi
h34IAviylEb9sC6UYbHM12PQl7O_pcxU8Dfh.qLCRwT_Gnl4l83grznzTxJt9eg3ZcRvHbRu5swh
oK.UVeW_nr_vsjh5jX3xw7sqbGjTlMYhL3uWR3jRhP1pqBqLsBl6EtTrNdpANWhJiB.nf5zSxXez
cosEnRQ31fAIEbtllnNgwIlaWFX_G78HDkIQS_V1oNAVg2ueOvaRK2cBWHRqb3Zm1GAVnptBb6A-
-
X-Sonic-MF: <luangruo@HIDDEN>
Received: from sonic.gate.mail.ne1.yahoo.com by
sonic309.consmr.mail.ne1.yahoo.com with HTTP; Fri, 7 Oct 2022 00:37:21 +0000
Received: by hermes--production-sg3-cf9dc7f8d-4vdwh (Yahoo Inc. Hermes SMTP
Server) with ESMTPA ID 8c2ae6bfaad5ea3040e1a60c71379e23;
Fri, 07 Oct 2022 00:37:17 +0000 (UTC)
From: Po Lu <luangruo@HIDDEN>
To: Gerd =?utf-8?Q?M=C3=B6llmann?= <gerd.moellmann@HIDDEN>
Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs
References: <m2a669atai.fsf@HIDDEN> <83fsg1osb1.fsf@HIDDEN>
<m24jwgbzm6.fsf@HIDDEN>
Date: Fri, 07 Oct 2022 08:37:12 +0800
In-Reply-To: <m24jwgbzm6.fsf@HIDDEN> ("Gerd =?utf-8?Q?M=C3=B6llman?=
=?utf-8?Q?n=22's?= message of "Thu, 06 Oct 2022 20:01:21 +0200")
Message-ID: <87r0zkqxjb.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.91 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Mailer: WebService/1.1.20702
mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo
Content-Length: 425
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 58334
Cc: 58334 <at> debbugs.gnu.org, Eli Zaretskii <eliz@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
Gerd M=C3=B6llmann <gerd.moellmann@HIDDEN> writes:
> Po Lu, is this also something for Haiku?
Haiku calls Lisp in internal hooks (via safe_call) in
gui_produce_glyphs. It does not call redisplay itself in input
callbacks during normal exxecution.
An exception is made when control over user input is transferred to
another GUI thread as part of a popup or dialog. xselect.c and xmenu.c
do pretty much the same thing.
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 6 Oct 2022 18:36:33 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Thu Oct 06 14:36:33 2022 Received: from localhost ([127.0.0.1]:33569 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogVjV-0001e0-1D for submit <at> debbugs.gnu.org; Thu, 06 Oct 2022 14:36:33 -0400 Received: from mail-ej1-f54.google.com ([209.85.218.54]:33681) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <gerd.moellmann@HIDDEN>) id 1ogVjR-0001dX-7I for 58334 <at> debbugs.gnu.org; Thu, 06 Oct 2022 14:36:29 -0400 Received: by mail-ej1-f54.google.com with SMTP id q9so1981711ejd.0 for <58334 <at> debbugs.gnu.org>; Thu, 06 Oct 2022 11:36:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date; bh=Sncow3erFB87WWwyS7v+8yju70nPwv9sqdGHXKNemz8=; b=VBJQD6//5IAMyqlvPgUflGGbGIDUqXB5AblDGz4pWCf0lSqLc1tEDGVOhjhTlj7Ut/ XahcPm0AiWVb2fpFrZeCnTMOxlyTvTs6G3o7Z6Xgt1m+K+OtFlivyKsILkgN8uxuCT4L 2ngtIqxlIJbqL2KdGJ+toM3RClkzNMxmNrihf6nkzQZ2BAuzVNapSBu1UYsdbTrHvBFi K0pud8QF4q3v5gSjDSJwkXWoanVupP4rCUiGVsaMTjKSsEFNhI/UIPu83nXLKi4HicNC omibHrgVAzKmMfdDs3AwYa+q9kCX7qxZh0xJumTGWdMKQ2F7xEEglDKDckiPhXJGBewD TibA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date; bh=Sncow3erFB87WWwyS7v+8yju70nPwv9sqdGHXKNemz8=; b=gSAAElDHJcQFZw6C1GsP6yWkxnT1XIaoSeIqp6mFUPl6TqS4a8Xh/et1vOXXkU605W rVzP6dsTpZBZNKhwDAcoF6SNosIibUJwI5YNTGV+Bo7iRhM9K7VLOZJUeDFUBm1H6yNa 6m9PwunT3PVjEDI4ppPXmzu+wyTvpzA9Tlkk44kXawvD3G7IdTqxKDj2o+mnkwzm3JxL 5WZEbH6LXPocUZMf4I6qq3ejN4TvRZISkjXODk2Ck0L9467tLhPT4pSyleNELtIFvHfP PNpVg/2VwKlg5QV6oKb6y4bFl6CquKMu4WHgQ8qVlEQrln3mcP5r5IZLh8Uo5iyJ6yot Fqww== X-Gm-Message-State: ACrzQf0LIQrENJVUdO9V4KsY1fEpmVfvHVEFMhP5XS/gAtgq3FLgOacQ winmLP02CM1bXpwZrxFFzsPNATaIV2IQhg== X-Google-Smtp-Source: AMsMyM59A0apw8mz7QRmFkazec0zE48F0HyM7P+qIZaHSF32pt9eA4mEKvvnDIFJHhxEdOGL2Mhuvw== X-Received: by 2002:a17:907:d07:b0:72e:ec79:ad0f with SMTP id gn7-20020a1709070d0700b0072eec79ad0fmr1095689ejc.296.1665081383540; Thu, 06 Oct 2022 11:36:23 -0700 (PDT) Received: from [192.168.178.21] (pd9e36a85.dip0.t-ipconnect.de. [217.227.106.133]) by smtp.gmail.com with ESMTPSA id 18-20020a170906301200b0073d9a0d0cbcsm71170ejz.72.2022.10.06.11.36.22 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 06 Oct 2022 11:36:22 -0700 (PDT) Message-ID: <a2f0425f-f335-55df-120f-81819c412d24@HIDDEN> Date: Thu, 6 Oct 2022 20:36:22 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.13.0 Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs Content-Language: en-US To: Eli Zaretskii <eliz@HIDDEN> References: <m2a669atai.fsf@HIDDEN> <83fsg1osb1.fsf@HIDDEN> <m24jwgbzm6.fsf@HIDDEN> <837d1cpzxk.fsf@HIDDEN> From: =?UTF-8?Q?Gerd_M=c3=b6llmann?= <gerd.moellmann@HIDDEN> In-Reply-To: <837d1cpzxk.fsf@HIDDEN> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: -1.8 (-) X-Debbugs-Envelope-To: 58334 Cc: 58334 <at> debbugs.gnu.org, luangruo@HIDDEN X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -2.8 (--) On 22-10-06 20:30 , Eli Zaretskii wrote: > Actually, I no longer think this will help, because redisplay_internal > sets inhibit_free_realized_faces to zero at the beginning... Yeah, I've seen the specbind right now. > Any way of figuring out which face is it that triggers the ASAN? Is > it one of the basic faces, or some non-basic face? I'm afraid no. What about the idea to additionally check for inhibited GC? That is, free faces only if not imhibit_free and not imhibit_gc?
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 6 Oct 2022 18:31:27 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Thu Oct 06 14:31:27 2022 Received: from localhost ([127.0.0.1]:33555 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogVeZ-0001W6-Dg for submit <at> debbugs.gnu.org; Thu, 06 Oct 2022 14:31:27 -0400 Received: from eggs.gnu.org ([209.51.188.92]:42334) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <eliz@HIDDEN>) id 1ogVeX-0001Vt-Mp for 58334 <at> debbugs.gnu.org; Thu, 06 Oct 2022 14:31:26 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:34784) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1ogVeS-000382-7h; Thu, 06 Oct 2022 14:31:20 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-version:References:Subject:In-Reply-To:To:From: Date; bh=QIW6OP3iUWHPF/9QB3wzqaomUQUs4Fb+p576b//43Ik=; b=csjhy2uXjcAv8sOOym6n c8QmZ5yJ7mfFrv7WZQ3vsjX0V/rs2f/4/RgGbtf3WTgEGEJnAIPEfb+jcWQOWaBq+TZ/nxU0cvJJG q5DMJPFTtCpZWG9LYphwXdVHQ1+qz/aJDe0YH6oEN0nBv7aczLxIZ4vka7NP2J4txVfC8T7VVqVqH EGVt/4Llr1PDrifZ3KYMQcMitpPkss4447UKyl84doHLMe/+fRi80xTqb1vJzWOgioFxLG3yddPHc zJqJG62B2kftZKmtCbSWIsL57RFzF92n4zpeKVWEcKZgHNuSryTj1pW2lWwMEp+6IElpD9+eMAQi/ qGRh4Ry3da9wow==; Received: from [87.69.77.57] (port=2874 helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1ogVdy-00005m-1M; Thu, 06 Oct 2022 14:31:14 -0400 Date: Thu, 06 Oct 2022 21:30:47 +0300 Message-Id: <837d1cpzxk.fsf@HIDDEN> From: Eli Zaretskii <eliz@HIDDEN> To: Gerd =?iso-8859-1?Q?M=F6llmann?= <gerd.moellmann@HIDDEN> In-Reply-To: <m24jwgbzm6.fsf@HIDDEN> (message from Gerd =?iso-8859-1?Q?M=F6llmann?= on Thu, 06 Oct 2022 20:01:21 +0200) Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs References: <m2a669atai.fsf@HIDDEN> <83fsg1osb1.fsf@HIDDEN> <m24jwgbzm6.fsf@HIDDEN> MIME-version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 58334 Cc: 58334 <at> debbugs.gnu.org, luangruo@HIDDEN X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) > From: Gerd Möllmann <gerd.moellmann@HIDDEN> > Cc: 58334 <at> debbugs.gnu.org, Po Lu <luangruo@HIDDEN> > Date: Thu, 06 Oct 2022 20:01:21 +0200 > > Eli Zaretskii <eliz@HIDDEN> writes: > > >> Is there a way to prevent freeing realized faces? > > > > Yes: set inhibit_free_realized_faces non-zero (and record > > unwind_protect to restore it). > > Thanks. Actually, I no longer think this will help, because redisplay_internal sets inhibit_free_realized_faces to zero at the beginning... Any way of figuring out which face is it that triggers the ASAN? Is it one of the basic faces, or some non-basic face?
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 6 Oct 2022 18:01:32 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Thu Oct 06 14:01:32 2022 Received: from localhost ([127.0.0.1]:33494 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogVBc-0006x1-0S for submit <at> debbugs.gnu.org; Thu, 06 Oct 2022 14:01:32 -0400 Received: from mail-ed1-f45.google.com ([209.85.208.45]:38747) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <gerd.moellmann@HIDDEN>) id 1ogVBY-0006wa-Lx for 58334 <at> debbugs.gnu.org; Thu, 06 Oct 2022 14:01:29 -0400 Received: by mail-ed1-f45.google.com with SMTP id l22so3945791edj.5 for <58334 <at> debbugs.gnu.org>; Thu, 06 Oct 2022 11:01:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:from:to:cc:subject:date; bh=itRPnot+IY3gzkDYI2IIynWhDSH8YTnB5Cy0O8StXW4=; b=lv1GxUvzhbR1UnaM6JzE6JVH+PQNaJxyDjIRaSMx2oPtoquFwwPp0LWTvKFEHZl2np F5hiumZK7Vt2yNsIQudGIE8zyQH76SU4yPSg/fHZv4hrQg2QNnH1V0qddFG36MAoc75C QDQ8Ft6tmpiyIEbjsvFCU/fJ/7fHAT/3zl5ehpHVzs001cfhrZBzqpaBhMLNLGJufwwW tGsiuk2ii396pyNTXcMNRmaGzYsM9CCcXdYKpsOlqZ10x1huPr2jALpTX1VjiOkeVnt2 izv6MiDrpQV1Ui4y167lwUi/nfs/xqhlc0HKBv2UI+LG0Qgnn6YF5HzMOUz2yJKxX6/f wWJQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date; bh=itRPnot+IY3gzkDYI2IIynWhDSH8YTnB5Cy0O8StXW4=; b=qk7JUy14u6HMEAYmCUOxNA++A+/lAl7oPGsPKcD2/DtJkmr8fHdAOC/ICzMnZtxi2O Zwp0VIg7rry5zAIdhi6gckAHIsRiTKzCGpW0axXadhXDTJyPsbTYCmjtUd1kxgHyW5VZ 1aVEuXCvEk+ulxj2Q/nID6rxpMc5iIEJbLl3pT2vfZmNraEo6v4Si8ppMzLSr7EGo9gQ A+tOipHY4XjeHf49hUqn7+5tlDkZwZIlQ+64tQOo0VvebLutg2mndiDdE6q2BmAwbe2Z ni10sSNlSR6Ppv+kURffcWxmv7Mal867T0azFH2WLUjgJrz3AV8qIMo65nBcy8rMZzs/ DaiA== X-Gm-Message-State: ACrzQf15ecpOzefCQs+gv5cYKRTDFxyNfyxY4MvqkO9vObRXuG4PNOkK k+fgYf1IhR8c80y7Bjewt2c= X-Google-Smtp-Source: AMsMyM4CjdQMTOPoxfiUs54Zeoj5fBeqFf+Bng+PsZk7+zp5R1VrtxtabbWebMrlzNH86otGqSI9QQ== X-Received: by 2002:a05:6402:170f:b0:458:9653:6466 with SMTP id y15-20020a056402170f00b0045896536466mr943756edu.181.1665079282688; Thu, 06 Oct 2022 11:01:22 -0700 (PDT) Received: from Mini.fritz.box (pd9e36a85.dip0.t-ipconnect.de. [217.227.106.133]) by smtp.gmail.com with ESMTPSA id r5-20020aa7d585000000b00459148fbb3csm6248456edq.86.2022.10.06.11.01.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 06 Oct 2022 11:01:22 -0700 (PDT) From: =?utf-8?Q?Gerd_M=C3=B6llmann?= <gerd.moellmann@HIDDEN> To: Eli Zaretskii <eliz@HIDDEN> Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs In-Reply-To: <83fsg1osb1.fsf@HIDDEN> (Eli Zaretskii's message of "Thu, 06 Oct 2022 19:00:50 +0300") References: <m2a669atai.fsf@HIDDEN> <83fsg1osb1.fsf@HIDDEN> Date: Thu, 06 Oct 2022 20:01:21 +0200 Message-ID: <m24jwgbzm6.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/29.0.50 (darwin) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 58334 Cc: 58334 <at> debbugs.gnu.org, Po Lu <luangruo@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Eli Zaretskii <eliz@HIDDEN> writes: >> Is there a way to prevent freeing realized faces? > > Yes: set inhibit_free_realized_faces non-zero (and record > unwind_protect to restore it). Thanks. > > It sounds like we need to do that in probably_quit, at least for NS > builds, because it could trigger redisplay, sigh... Right, sigh... But it's getting easier to make sense of this weird stuff. Po Lu, is this also something for Haiku?
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.Received: (at 58334) by debbugs.gnu.org; 6 Oct 2022 16:01:28 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Thu Oct 06 12:01:28 2022 Received: from localhost ([127.0.0.1]:33283 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ogTJP-0001Wk-TV for submit <at> debbugs.gnu.org; Thu, 06 Oct 2022 12:01:28 -0400 Received: from eggs.gnu.org ([209.51.188.92]:41864) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <eliz@HIDDEN>) id 1ogTJO-0001WY-Ey for 58334 <at> debbugs.gnu.org; Thu, 06 Oct 2022 12:01:26 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:45036) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1ogTJI-0004Sc-2K; Thu, 06 Oct 2022 12:01:21 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-version:References:Subject:In-Reply-To:To:From: Date; bh=bmeIvp32cm6UHFkRgAJdtWYaHj0zWFEniwL1pNeblqs=; b=pRDcrvEfpVBeQ/rag5Pt TKBqI082MrtNDFo95rLIVuwIT9YGu0+amFrv8iz7mJUO3m/8YMZt984aRr8BKCpcIi964/s+k/X3+ 2/a3/zypxBa/yKscSmZtruxScrrziMhYM5Lg9tz/MtkWe7ZHvCMTQDJHA27+RK1UshJQYpzaf3biI LPZKPFgXDcVceSJqZKaqz128YxiT/WU+drNeGZLYoOakD5FeIVL7L5EViGnjmFzV/nAP11t7gKINf Ccy0M6Jf/BQYPrnRRApuled5atZRgGbsu4GZFEqDNFMCJAsqCqvNFjsGUdMV2TjyrRpuiFYmgHwHX rQ8O0MWuro1jJw==; Received: from [87.69.77.57] (port=1617 helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1ogTIr-0004yz-1l; Thu, 06 Oct 2022 12:01:16 -0400 Date: Thu, 06 Oct 2022 19:00:50 +0300 Message-Id: <83fsg1osb1.fsf@HIDDEN> From: Eli Zaretskii <eliz@HIDDEN> To: Gerd =?iso-8859-1?Q?M=F6llmann?= <gerd.moellmann@HIDDEN> In-Reply-To: <m2a669atai.fsf@HIDDEN> (message from Gerd =?iso-8859-1?Q?M=F6llmann?= on Thu, 06 Oct 2022 17:03:17 +0200) Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs References: <m2a669atai.fsf@HIDDEN> MIME-version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 58334 Cc: 58334 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) > From: Gerd Möllmann <gerd.moellmann@HIDDEN> > Date: Thu, 06 Oct 2022 17:03:17 +0200 > > This is again on my local branch based on master. Recent fixes for ASAN > are contained in that branch. It seems to be pretty good at producing > this... > > ==19549==ERROR: AddressSanitizer: heap-use-after-free on address 0x0001393095c0 at pc 0x000100144340 bp 0x00016fdc16b0 sp 0x00016fdc16a8 > READ of size 4 at 0x0001393095c0 thread T0 > #0 0x10014433c in gui_produce_glyphs xdisp.c:31875 > #1 0x1000a8bc0 in move_it_in_display_line_to xdisp.c:9813 > #2 0x10009a5c0 in move_it_to xdisp.c:10373 > #3 0x1000dcbac in move_it_vertically_backward xdisp.c:10745 > #4 0x100089ca4 in move_it_by_lines xdisp.c:10940 > #5 0x10055a7a4 in Fvertical_motion indent.c:2381 Sigh... > The problem here, it seems to me, is that the redisplay done in > -[EmacsView layoutSublayersOfLayer:] nsterm.m:8675, frees realized faces > at a moment that the code doesn't cannot expect. Right. > I'm too lazy too look further. I'm pretty sure the story goes pretty > much like what we had before with relocating strings. > > Is there a way to prevent freeing realized faces? Yes: set inhibit_free_realized_faces non-zero (and record unwind_protect to restore it). It sounds like we need to do that in probably_quit, at least for NS builds, because it could trigger redisplay, sigh...
bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.
Received: (at submit) by debbugs.gnu.org; 6 Oct 2022 15:03:32 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Oct 06 11:03:32 2022
Received: from localhost ([127.0.0.1]:33165 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1ogSPM-0008Ro-0P
for submit <at> debbugs.gnu.org; Thu, 06 Oct 2022 11:03:32 -0400
Received: from lists.gnu.org ([209.51.188.17]:46256)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <gerd.moellmann@HIDDEN>) id 1ogSPH-0008Re-Lb
for submit <at> debbugs.gnu.org; Thu, 06 Oct 2022 11:03:30 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:59794)
by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <gerd.moellmann@HIDDEN>)
id 1ogSPE-00040e-UP
for bug-gnu-emacs@HIDDEN; Thu, 06 Oct 2022 11:03:27 -0400
Received: from mail-ed1-x52b.google.com ([2a00:1450:4864:20::52b]:37471)
by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
(Exim 4.90_1) (envelope-from <gerd.moellmann@HIDDEN>)
id 1ogSPB-00036R-Oj
for bug-gnu-emacs@HIDDEN; Thu, 06 Oct 2022 11:03:24 -0400
Received: by mail-ed1-x52b.google.com with SMTP id w10so3242884edd.4
for <bug-gnu-emacs@HIDDEN>; Thu, 06 Oct 2022 08:03:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112;
h=mime-version:message-id:date:subject:to:from:from:to:cc:subject
:date; bh=WmFV1n0wTyayLCaHxD8PERmupv6cx3lCK4SZA8xTHUM=;
b=hlW4YDxJax/MTRxi3rf7/D3obTw6jVPZrn5viI0M4lb/c9QH2YzexdaOFcVwbHZHcF
aUsr91r0BkM+HhRN2eJIs9ivJsaRmml1JoPm6Pm/C5xZcR53mvls7GKGn7Q1TljLc4Nx
NPjyXJDSZnrpXR3G3L3j+CM5XsABLIUDTparWEMfP5wAUujB+BGYA180SP9NHqDve29M
LRYolcgO3pehETTfYfofBhO/yx1N+fb8fnaS4wcyBRWppwuxvQfvcfzjg7pOz1PnjJY+
KRg0OgHIqLSWhBAzWAuGT8ScOpus80HMbW2fUkqVQAV0OSxbGaquKAwgGTbxgqDNmoJx
l+hw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=mime-version:message-id:date:subject:to:from:x-gm-message-state
:from:to:cc:subject:date;
bh=WmFV1n0wTyayLCaHxD8PERmupv6cx3lCK4SZA8xTHUM=;
b=cDCP5NMRDaRjcqw7lN+dQnPoB/ndTL6DmE1G/C4LlNC4U6+fqeGUXM9TfFqvk/+hZO
b+VIqDjeIGrKddHaNFnTeRpKC7Ex3thzkMwinfmG2Izy3j5GNbTiv/+RXV+WwqI404AY
2kJOVRB6QpqUUQDLtwyjU4Jk00n8Q/FR5ZYjwZ8jziUzkfPBi+mOyPidtKqPh2pLlug8
eNOcLMOv6uzqfqeazzNYvAPvmHLFz0F6OdZb9829ZqUxW18rOtCAHbhAl9aHZ9SaKOmG
GS9YgRFD7YyJaXOu7mzGB2rTUqVB8AjesG4UTA0WztPDsxpXvsz1AFPiRGmi+XxB4K/0
jxpw==
X-Gm-Message-State: ACrzQf2ioeX59MAyvCaiVgi+u9L68tiWIFQy3KXYMHUH+JqJuZKAXwHe
czhT3mkuZxdRj+dF6VSnb8AYEieKicatrw==
X-Google-Smtp-Source: AMsMyM4r7EpZHldDtXPw/zSzDahiuZOu8plWfr95FdhhUiyD1q9DozrAYu7UmDZ8LyviQvB7Xrb09A==
X-Received: by 2002:a05:6402:909:b0:435:a8b:5232 with SMTP id
g9-20020a056402090900b004350a8b5232mr202585edz.240.1665068598908;
Thu, 06 Oct 2022 08:03:18 -0700 (PDT)
Received: from Mini.fritz.box (pd9e36a85.dip0.t-ipconnect.de.
[217.227.106.133]) by smtp.gmail.com with ESMTPSA id
ec26-20020a0564020d5a00b00458a243df3esm5926603edb.65.2022.10.06.08.03.17
for <bug-gnu-emacs@HIDDEN>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Thu, 06 Oct 2022 08:03:18 -0700 (PDT)
From: =?utf-8?Q?Gerd_M=C3=B6llmann?= <gerd.moellmann@HIDDEN>
To: bug-gnu-emacs@HIDDEN
Subject: 29.0.50; ASAN heap use after free in gui_produce_glyphs
Date: Thu, 06 Oct 2022 17:03:17 +0200
Message-ID: <m2a669atai.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain
Received-SPF: pass client-ip=2a00:1450:4864:20::52b;
envelope-from=gerd.moellmann@HIDDEN; helo=mail-ed1-x52b.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: -1.3 (-)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -2.3 (--)
This is again on my local branch based on master. Recent fixes for ASAN
are contained in that branch. It seems to be pretty good at producing
this...
==19549==ERROR: AddressSanitizer: heap-use-after-free on address 0x0001393095c0 at pc 0x000100144340 bp 0x00016fdc16b0 sp 0x00016fdc16a8
READ of size 4 at 0x0001393095c0 thread T0
#0 0x10014433c in gui_produce_glyphs xdisp.c:31875
#1 0x1000a8bc0 in move_it_in_display_line_to xdisp.c:9813
#2 0x10009a5c0 in move_it_to xdisp.c:10373
#3 0x1000dcbac in move_it_vertically_backward xdisp.c:10745
#4 0x100089ca4 in move_it_by_lines xdisp.c:10940
#5 0x10055a7a4 in Fvertical_motion indent.c:2381
#6 0x100642f20 in eval_sub eval.c:2488
#7 0x10064440c in Fprogn eval.c:436
#8 0x100618360 in Fsave_excursion editfns.c:886
#9 0x1006424a0 in eval_sub eval.c:2435
#10 0x100647ba4 in FletX eval.c:931
#11 0x1006424a0 in eval_sub eval.c:2435
#12 0x10064440c in Fprogn eval.c:436
#13 0x1006424a0 in eval_sub eval.c:2435
#14 0x10064af5c in Funwind_protect eval.c:1298
#15 0x1006424a0 in eval_sub eval.c:2435
#16 0x10064440c in Fprogn eval.c:436
#17 0x1006185a4 in Fsave_current_buffer editfns.c:899
#18 0x1006424a0 in eval_sub eval.c:2435
#19 0x10064440c in Fprogn eval.c:436
#20 0x100648d50 in Flet eval.c:1023
#21 0x1006424a0 in eval_sub eval.c:2435
#22 0x10064440c in Fprogn eval.c:436
#23 0x100656f78 in funcall_lambda eval.c:3218
#24 0x1006528f4 in apply_lambda eval.c:3088
#25 0x100643d28 in eval_sub eval.c:2572
#26 0x10064440c in Fprogn eval.c:436
#27 0x1006424a0 in eval_sub eval.c:2435
#28 0x1006441ac in Fif eval.c:391
#29 0x1006424a0 in eval_sub eval.c:2435
#30 0x10064440c in Fprogn eval.c:436
#31 0x100656f78 in funcall_lambda eval.c:3218
#32 0x100655384 in funcall_general eval.c:2941
#33 0x10064a08c in Ffuncall eval.c:2979
#34 0x100457288 in safe_run_hooks_1 keyboard.c:1829
#35 0x10064cc80 in internal_condition_case_n eval.c:1555
#36 0x100424970 in safe_run_hook_funcall keyboard.c:1887
#37 0x100654690 in run_hook_with_args eval.c:2838
#38 0x100424edc in safe_run_hooks_maybe_narrowed keyboard.c:1920
#39 0x10041c68c in command_loop_1 keyboard.c:1511
#40 0x10064c3d8 in internal_condition_case eval.c:1471
#41 0x10041aacc in command_loop_2 keyboard.c:1123
#42 0x10064ab64 in internal_catch eval.c:1194
#43 0x100418ab8 in command_loop keyboard.c:1093
#44 0x1004185cc in recursive_edit_1 keyboard.c:710
#45 0x1004fa414 in read_minibuf minibuf.c:903
#46 0x1004f7994 in Fread_from_minibuffer minibuf.c:1371
#47 0x100643510 in eval_sub eval.c:2506
#48 0x10064440c in Fprogn eval.c:436
#49 0x1006424a0 in eval_sub eval.c:2435
#50 0x10064af5c in Funwind_protect eval.c:1298
#51 0x1006424a0 in eval_sub eval.c:2435
#52 0x10064440c in Fprogn eval.c:436
#53 0x100648d50 in Flet eval.c:1023
#54 0x1006424a0 in eval_sub eval.c:2435
#55 0x10064af5c in Funwind_protect eval.c:1298
#56 0x1006424a0 in eval_sub eval.c:2435
#57 0x10064440c in Fprogn eval.c:436
#58 0x100648d50 in Flet eval.c:1023
#59 0x1006424a0 in eval_sub eval.c:2435
#60 0x10064440c in Fprogn eval.c:436
#61 0x10064465c in Fcond eval.c:416
#62 0x1006424a0 in eval_sub eval.c:2435
#63 0x10064440c in Fprogn eval.c:436
#64 0x1006480b4 in FletX eval.c:955
#65 0x1006424a0 in eval_sub eval.c:2435
#66 0x10064440c in Fprogn eval.c:436
#67 0x1006185a4 in Fsave_current_buffer editfns.c:899
#68 0x1006424a0 in eval_sub eval.c:2435
#69 0x10064440c in Fprogn eval.c:436
#70 0x100656f78 in funcall_lambda eval.c:3218
#71 0x1006528f4 in apply_lambda eval.c:3088
#72 0x100643d28 in eval_sub eval.c:2572
#73 0x10064af5c in Funwind_protect eval.c:1298
#74 0x1006424a0 in eval_sub eval.c:2435
#75 0x10064440c in Fprogn eval.c:436
#76 0x100648d50 in Flet eval.c:1023
#77 0x1006424a0 in eval_sub eval.c:2435
#78 0x10064be50 in internal_lisp_condition_case eval.c:1425
#79 0x10064b18c in Fcondition_case eval.c:1340
#80 0x1006424a0 in eval_sub eval.c:2435
#81 0x10064af5c in Funwind_protect eval.c:1298
#82 0x1006424a0 in eval_sub eval.c:2435
#83 0x10064440c in Fprogn eval.c:436
#84 0x100648d50 in Flet eval.c:1023
#85 0x1006424a0 in eval_sub eval.c:2435
#86 0x10064440c in Fprogn eval.c:436
#87 0x100656f78 in funcall_lambda eval.c:3218
#88 0x100655384 in funcall_general eval.c:2941
#89 0x10064a08c in Ffuncall eval.c:2979
#90 0x100653d68 in Fapply eval.c:2650
#91 0x1006429d0 in eval_sub eval.c:2454
#92 0x10064440c in Fprogn eval.c:436
#93 0x1006441fc in Fif eval.c:392
#94 0x1006424a0 in eval_sub eval.c:2435
#95 0x10064440c in Fprogn eval.c:436
#96 0x1006441fc in Fif eval.c:392
#97 0x1006424a0 in eval_sub eval.c:2435
#98 0x10064440c in Fprogn eval.c:436
#99 0x100648d50 in Flet eval.c:1023
#100 0x1006424a0 in eval_sub eval.c:2435
#101 0x10064440c in Fprogn eval.c:436
#102 0x100656f78 in funcall_lambda eval.c:3218
#103 0x100655384 in funcall_general eval.c:2941
#104 0x10064a08c in Ffuncall eval.c:2979
#105 0x100653d68 in Fapply eval.c:2650
#106 0x1006429d0 in eval_sub eval.c:2454
#107 0x10064440c in Fprogn eval.c:436
#108 0x1006424a0 in eval_sub eval.c:2435
#109 0x1006441ac in Fif eval.c:391
#110 0x1006424a0 in eval_sub eval.c:2435
#111 0x10064440c in Fprogn eval.c:436
#112 0x1006441fc in Fif eval.c:392
#113 0x1006424a0 in eval_sub eval.c:2435
#114 0x10064440c in Fprogn eval.c:436
#115 0x100648d50 in Flet eval.c:1023
#116 0x1006424a0 in eval_sub eval.c:2435
#117 0x10064440c in Fprogn eval.c:436
#118 0x100656f78 in funcall_lambda eval.c:3218
#119 0x1006528f4 in apply_lambda eval.c:3088
#120 0x100643d28 in eval_sub eval.c:2572
#121 0x10064440c in Fprogn eval.c:436
#122 0x100656f78 in funcall_lambda eval.c:3218
#123 0x100655384 in funcall_general eval.c:2941
#124 0x10064a08c in Ffuncall eval.c:2979
#125 0x100635fbc in Ffuncall_interactively callint.c:248
#126 0x1006564d4 in funcall_subr eval.c:3044
#127 0x1006551dc in funcall_general eval.c:2925
#128 0x10064a08c in Ffuncall eval.c:2979
#129 0x100652d64 in Fapply eval.c:2603
#130 0x100636ce8 in Fcall_interactively callint.c:340
#131 0x100655b14 in funcall_subr eval.c:3021
#132 0x100730088 in exec_byte_code bytecode.c:809
#133 0x10065e22c in fetch_and_exec_byte_code eval.c:3066
#134 0x100656a54 in funcall_lambda eval.c:3138
#135 0x10065522c in funcall_general eval.c:2929
#136 0x10064a08c in Ffuncall eval.c:2979
#137 0x10042645c in call1 lisp.h:3313
#138 0x10041c518 in command_loop_1 keyboard.c:1496
#139 0x10064c3d8 in internal_condition_case eval.c:1471
#140 0x10041aacc in command_loop_2 keyboard.c:1123
#141 0x10064ab64 in internal_catch eval.c:1194
#142 0x100418b64 in command_loop keyboard.c:1101
#143 0x1004185cc in recursive_edit_1 keyboard.c:710
#144 0x100419588 in Frecursive_edit keyboard.c:793
#145 0x1004116c8 in main emacs.c:2521
#146 0x101555088 in start+0x204 (dyld:arm64e+0x5088)
0x0001393095c0 is located 256 bytes inside of 296-byte region [0x0001393094c0,0x0001393095e8)
freed by thread T0 here:
#0 0x1033f2de4 in wrap_free+0x98 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x3ede4)
#1 0x10098d5e0 in rpl_free free.c:48
#2 0x1005af84c in xfree alloc.c:810
#3 0x1003f32ac in free_realized_face xfaces.c:4511
#4 0x1003e5e40 in free_realized_faces xfaces.c:4702
#5 0x1003d4a6c in free_all_realized_faces xfaces.c:4742
#6 0x1000cee18 in init_iterator xdisp.c:3193
#7 0x1001001ac in gui_consider_frame_title xdisp.c:13497
#8 0x1001d72cc in prepare_menu_bars xdisp.c:13612
#9 0x1000f2c64 in redisplay_internal xdisp.c:16529
#10 0x100109858 in redisplay xdisp.c:16111
#11 0x100896f90 in -[EmacsView layoutSublayersOfLayer:] nsterm.m:8675
#12 0x1900a9624 in CA::Layer::layout_if_needed(CA::Transaction*)+0x224 (QuartzCore:arm64e+0x20624)
#13 0x1901f661c in CA::Context::commit_transaction(CA::Transaction*, double, double*)+0x1c0 (QuartzCore:arm64e+0x16d61c)
#14 0x19008b4c8 in CA::Transaction::commit()+0x2bc (QuartzCore:arm64e+0x24c8)
#15 0x18bee1698 in __62+[CATransaction(NSCATransaction) NS_setFlushesWithDisplayLink]_block_invoke+0x12c (AppKit:arm64e+0x1ac698)
#16 0x18c646754 in ___NSRunLoopObserverCreateWithHandler_block_invoke+0x3c (AppKit:arm64e+0x911754)
#17 0x1892101a0 in __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__+0x20 (CoreFoundation:arm64e+0x841a0)
#18 0x18920fff0 in __CFRunLoopDoObservers+0x24c (CoreFoundation:arm64e+0x83ff0)
#19 0x18920f524 in __CFRunLoopRun+0x300 (CoreFoundation:arm64e+0x83524)
#20 0x18920ea80 in CFRunLoopRunSpecific+0x254 (CoreFoundation:arm64e+0x82a80)
#21 0x191e4e334 in RunCurrentEventLoopInMode+0x120 (HIToolbox:arm64e+0x32334)
#22 0x191e4dfc0 in ReceiveNextEventCommon+0x140 (HIToolbox:arm64e+0x31fc0)
#23 0x191e4de64 in _BlockUntilNextEventMatchingListInModeWithFilter+0x44 (HIToolbox:arm64e+0x31e64)
#24 0x18bd76518 in _DPSNextEvent+0x358 (AppKit:arm64e+0x41518)
#25 0x18bd74e10 in -[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:]+0x52c (AppKit:arm64e+0x3fe10)
#26 0x18bd66fdc in -[NSApplication run]+0x250 (AppKit:arm64e+0x31fdc)
#27 0x1008744f4 in -[EmacsApp run] nsterm.m:5813
#28 0x1008cb450 in ns_read_socket_1 nsterm.m:4693
#29 0x1008b1e74 in ns_read_socket nsterm.m:4711
previously allocated by thread T0 here:
#0 0x1033f2ca8 in wrap_malloc+0x94 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x3eca8)
#1 0x1005af4f4 in lmalloc alloc.c:1361
#2 0x1005af40c in xmalloc alloc.c:751
#3 0x1003f92b4 in make_realized_face xfaces.c:4471
#4 0x1003f5c00 in realize_gui_face xfaces.c:6023
#5 0x1003e4000 in realize_face xfaces.c:5954
#6 0x1003e70fc in lookup_face xfaces.c:4890
#7 0x1003eef98 in face_at_buffer_position xfaces.c:6641
#8 0x1001a2d9c in face_at_pos xdisp.c:4499
#9 0x10019ee18 in handle_face_prop xdisp.c:4600
#10 0x100198810 in handle_stop xdisp.c:3947
#11 0x1000d72e4 in reseat xdisp.c:7582
#12 0x1000d7ab8 in reseat_at_previous_visible_line_start xdisp.c:7445
#13 0x10008c204 in start_display xdisp.c:3581
#14 0x1005592d8 in Fvertical_motion indent.c:2241
#15 0x100642f20 in eval_sub eval.c:2488
#16 0x10064440c in Fprogn eval.c:436
#17 0x100618360 in Fsave_excursion editfns.c:886
#18 0x1006424a0 in eval_sub eval.c:2435
#19 0x100647ba4 in FletX eval.c:931
#20 0x1006424a0 in eval_sub eval.c:2435
#21 0x10064440c in Fprogn eval.c:436
#22 0x1006424a0 in eval_sub eval.c:2435
#23 0x10064af5c in Funwind_protect eval.c:1298
#24 0x1006424a0 in eval_sub eval.c:2435
#25 0x10064440c in Fprogn eval.c:436
#26 0x1006185a4 in Fsave_current_buffer editfns.c:899
#27 0x1006424a0 in eval_sub eval.c:2435
#28 0x10064440c in Fprogn eval.c:436
#29 0x100648d50 in Flet eval.c:1023
SUMMARY: AddressSanitizer: heap-use-after-free xdisp.c:31875 in gui_produce_glyphs
Shadow bytes around the buggy address:
0x007027281260: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
0x007027281270: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x007027281280: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fa fa
0x007027281290: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
0x0070272812a0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
=>0x0070272812b0: fd fd fd fd fd fd fd fd[fd]fd fd fd fd fa fa fa
0x0070272812c0: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
0x0070272812d0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0070272812e0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fa
0x0070272812f0: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
0x007027281300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==19549==ABORTING
(lldb) AddressSanitizer report breakpoint hit. Use 'thread info -s' to get extended information about the report.
The problem here, it seems to me, is that the redisplay done in
-[EmacsView layoutSublayersOfLayer:] nsterm.m:8675, frees realized faces
at a moment that the code doesn't cannot expect.
I'm too lazy too look further. I'm pretty sure the story goes pretty
much like what we had before with relocating strings.
Is there a way to prevent freeing realized faces?
Gerd Möllmann <gerd.moellmann@HIDDEN>:bug-gnu-emacs@HIDDEN.
Full text available.bug-gnu-emacs@HIDDEN:bug#58334; Package emacs.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.