From: "Gerd Möllmann" <gerd.moellmann@gmail.com>
To: Eli Zaretskii <eliz@gnu.org>
Cc: 58042@debbugs.gnu.org
Subject: bug#58042: 29.0.50; ASAN use-after-free in re_match_2_internal
Date: Sun, 25 Sep 2022 09:06:59 +0200 [thread overview]
Message-ID: <m2h70wx78s.fsf@Mini.fritz.box> (raw)
In-Reply-To: <83mtaom0a9.fsf@gnu.org> (Eli Zaretskii's message of "Sun, 25 Sep 2022 09:32:46 +0300")
Eli Zaretskii <eliz@gnu.org> writes:
> #14 0x1000f2340 in redisplay_internal xdisp.c:16523
> #15 0x100108f34 in redisplay xdisp.c:16105
>
> AFAIU, this says that the GC which freed the string data was caused by
> safe__call1 inside prepare_menu_bars, which was called from
> redisplay_internal.
Ah, okay! Sorry, I didn't remember that redisplay on the stack. Please
see below.
> Yes, but I have difficulty with the fact that GC was caused by
> redisplay, and redisplay cannot be invoked while we are in
> re_match_2_internal, AFAIK. So something else is missing here (or
> maybe I'm misinterpreting the ASAN report you posted).
The second and third backtrace that ASAN displays (freed by, and
previously allocated) are not backtraces directly involved in the crash.
They display some history related to the pointer that causes the crash.
When something is allocated or freed, ASAN records callstacks that show
from where that happens. Also, in the case pf free, it somehow arranges
that accessing that freed memory leads to a signal. I think it uses VM
page protection for that.
next prev parent reply other threads:[~2022-09-25 7:06 UTC|newest]
Thread overview: 65+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-24 13:45 bug#58042: 29.0.50; ASAN use-after-free in re_match_2_internal Gerd Möllmann
2022-09-24 14:17 ` Gerd Möllmann
2022-09-24 14:48 ` Gerd Möllmann
2022-09-24 14:56 ` Eli Zaretskii
2022-09-24 15:08 ` Gerd Möllmann
2022-09-24 15:24 ` Eli Zaretskii
2022-09-25 5:50 ` Gerd Möllmann
2022-09-25 6:32 ` Eli Zaretskii
2022-09-25 7:06 ` Gerd Möllmann [this message]
2022-09-25 8:08 ` Eli Zaretskii
2022-09-25 8:28 ` Gerd Möllmann
2022-09-25 8:43 ` Eli Zaretskii
2022-09-26 5:13 ` Gerd Möllmann
2022-10-04 14:33 ` Gerd Möllmann
2022-10-04 16:35 ` Eli Zaretskii
2022-10-05 4:37 ` Gerd Möllmann
2022-10-05 6:16 ` Eli Zaretskii
2022-10-05 6:58 ` Gerd Möllmann
2022-10-05 7:22 ` Eli Zaretskii
2022-10-05 7:34 ` Gerd Möllmann
2022-10-05 9:00 ` Gerd Möllmann
2022-10-05 9:23 ` Eli Zaretskii
2022-10-05 10:14 ` Gerd Möllmann
2022-10-05 10:24 ` Gerd Möllmann
2022-10-05 10:43 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-05 10:49 ` Gerd Möllmann
2022-10-05 11:10 ` Gerd Möllmann
2022-10-05 11:15 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-05 11:37 ` Gerd Möllmann
2022-10-05 13:37 ` Eli Zaretskii
2022-10-05 13:52 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-05 14:09 ` Eli Zaretskii
2022-10-05 14:24 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-05 13:27 ` Eli Zaretskii
2022-10-05 13:31 ` Gerd Möllmann
2022-10-05 13:55 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2023-05-08 14:01 ` Stefan Monnier via Bug reports for GNU Emacs, the Swiss army knife of text editors
2023-05-09 1:04 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2023-05-09 2:25 ` Stefan Monnier via Bug reports for GNU Emacs, the Swiss army knife of text editors
2023-05-09 5:30 ` Eli Zaretskii
2022-10-05 10:45 ` Gerd Möllmann
2022-10-05 11:10 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-05 11:15 ` Gerd Möllmann
2022-10-05 11:23 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-05 11:35 ` Gerd Möllmann
2022-10-05 12:02 ` Gerd Möllmann
2022-10-05 12:08 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-05 13:40 ` Eli Zaretskii
2022-10-05 13:53 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-05 14:10 ` Eli Zaretskii
2022-10-05 12:05 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-05 12:32 ` Gerd Möllmann
2022-10-05 12:38 ` Gerd Möllmann
2022-10-05 12:49 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-05 12:48 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-06 5:20 ` Gerd Möllmann
2022-10-05 13:39 ` Eli Zaretskii
2022-10-05 13:13 ` Eli Zaretskii
2022-10-05 13:24 ` Gerd Möllmann
2022-10-05 12:59 ` Eli Zaretskii
2022-10-06 5:35 ` Gerd Möllmann
2022-10-06 6:59 ` Eli Zaretskii
2022-10-06 7:21 ` Gerd Möllmann
2022-10-06 8:08 ` Eli Zaretskii
2022-10-06 8:23 ` Gerd Möllmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m2h70wx78s.fsf@Mini.fritz.box \
--to=gerd.moellmann@gmail.com \
--cc=58042@debbugs.gnu.org \
--cc=eliz@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.