bug#55068: 29.0.50; crashes when trying to set default font - Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors

unofficial mirror of bug-gnu-emacs@gnu.org 
 help / color / mirror / code / Atom feed

From: Po Lu via "Bug reports for GNU Emacs, the Swiss army knife of text editors" <bug-gnu-emacs@gnu.org>
To: Lars Ingebrigtsen <larsi@gnus.org>
Cc: Eli Zaretskii <eliz@gnu.org>, 55068@debbugs.gnu.org, telegraph@gmx.net
Subject: bug#55068: 29.0.50; crashes when trying to set default font
Date: Mon, 23 May 2022 20:29:23 +0800	[thread overview]
Message-ID: <87leusmnz0.fsf@yahoo.com> (raw)
In-Reply-To: <87v8twl9nf.fsf@gnus.org> (Lars Ingebrigtsen's message of "Mon, 23 May 2022 14:24:04 +0200")

Lars Ingebrigtsen <larsi@gnus.org> writes:

> ==3291841== Warning: client switching stacks?  SP change: 0x1ffeffdf60 --> 0x1ffe619240
> ==3291841==          to suppress, use: --max-stackframe=10374432 or greater
> ==3291841== Warning: client switching stacks?  SP change: 0x1ffe619240 --> 0x1ffdc34520
> ==3291841==          to suppress, use: --max-stackframe=10374432 or greater
> ==3291841== Invalid write of size 8
> ==3291841==    at 0x1E43BF: x_menu_show (xmenu.c:1903)
> ==3291841==  Address 0x1ffdc34518 is on thread 1's stack

The stack overflowed because of the two allocas.  Does it still crash
with this patch?

diff --git a/src/xmenu.c b/src/xmenu.c
index aaf53569a7..e9601981ed 100644
--- a/src/xmenu.c
+++ b/src/xmenu.c
@@ -1894,13 +1894,19 @@ x_menu_show (struct frame *f, int x, int y, int menuflags,
 {
   int i;
   widget_value *wv, *save_wv = 0, *first_wv = 0, *prev_wv = 0;
-  widget_value **submenu_stack
-    = alloca (menu_items_used * sizeof *submenu_stack);
-  Lisp_Object *subprefix_stack
-    = alloca (menu_items_used * sizeof *subprefix_stack);
+  widget_value **submenu_stack;
+  Lisp_Object *subprefix_stack;
   int submenu_depth = 0;
+  specpdl_ref specpdl_count;
 
-  specpdl_ref specpdl_count = SPECPDL_INDEX ();
+  USE_SAFE_ALLOCA;
+
+  submenu_stack = SAFE_ALLOCA (menu_items_used
+			       * sizeof *submenu_stack);
+  subprefix_stack = SAFE_ALLOCA (menu_items_used
+				 * sizeof *subprefix_stack);
+
+  specpdl_count = SPECPDL_INDEX ();
 
   eassert (FRAME_X_P (f));
 
@@ -1909,6 +1915,7 @@ x_menu_show (struct frame *f, int x, int y, int menuflags,
   if (menu_items_used <= MENU_ITEMS_PANE_LENGTH)
     {
       *error_name = "Empty menu";
+      SAFE_FREE ();
       return Qnil;
     }
 
@@ -2141,6 +2148,8 @@ x_menu_show (struct frame *f, int x, int y, int menuflags,
 			  entry = Fcons (subprefix_stack[j], entry);
 		    }
 		  unblock_input ();
+
+		  SAFE_FREE ();
 		  return entry;
 		}
 	      i += MENU_ITEMS_ITEM_LENGTH;
@@ -2155,6 +2164,8 @@ x_menu_show (struct frame *f, int x, int y, int menuflags,
     }
 
   unblock_input ();
+
+  SAFE_FREE ();
   return Qnil;
 }
 \f

next prev parent reply	other threads:[~2022-05-23 12:29 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-04-22 18:38 bug#55068: 29.0.50; crashes when trying to set default font Gregor Zattler
2022-04-23 10:43 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-04-24 10:34   ` Gregor Zattler
2022-04-24 10:52     ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-04-24 21:34       ` Gregor Zattler
2022-04-25  0:38         ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-04-25  2:29           ` Eli Zaretskii
2022-04-25  3:12             ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-05-23  8:01 ` Lars Ingebrigtsen
2022-05-23  9:40   ` Gregor Zattler
2022-05-23 10:27     ` Lars Ingebrigtsen
2022-05-23 11:26       ` Eli Zaretskii
2022-05-23 11:58         ` Lars Ingebrigtsen
2022-05-23 12:12           ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-05-23 12:19             ` Lars Ingebrigtsen
2022-05-23 12:24             ` Lars Ingebrigtsen
2022-05-23 12:29               ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors [this message]
2022-05-23 12:36                 ` Lars Ingebrigtsen
2022-05-23 12:40                   ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-05-23 13:59                     ` Eli Zaretskii
2022-05-24  0:23                       ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors

find likely ancestor, descendant, or conflicting patches for this message:
dfblob:aaf53569a dfblob:e9601981e
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://www.gnu.org/software/emacs/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87leusmnz0.fsf@yahoo.com \
    --to=bug-gnu-emacs@gnu.org \
    --cc=55068@debbugs.gnu.org \
    --cc=eliz@gnu.org \
    --cc=larsi@gnus.org \
    --cc=luangruo@yahoo.com \
    --cc=telegraph@gmx.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/emacs.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).