GNU bug report logs - #61896
30.0.50; Emacs crashes because of an invalid free

Previous Next

Full log

View this message in rfc822 format

From: Mattias Engdegård <mattiase <at> acm.org>
To: Philip Kaludercic <philipk <at> posteo.net>
Cc: Eli Zaretskii <eliz <at> gnu.org>, 61896 <at> debbugs.gnu.org
Subject: bug#61896: 30.0.50; Emacs crashes because of an invalid free
Date: Thu, 2 Mar 2023 13:20:03 +0100

2 mars 2023 kl. 09.53 skrev Philip Kaludercic <philipk <at> posteo.net>:

>> Byte-code saw quite a bit of changes on master.  Adding Mattias in
>> case he has some ideas.
> 
> From what I recall, the address being freed was on the stack.  How does
> the byte-code interpreter behave when the input is broken?  Is there
> some way of validating if the byte-code is "coherent"?  If I manually
> modify the byte code and replace random bytes, is the interpreter
> written to expect this kind of issue?

The very first thing is to make sure you don't have any lingering *.elc files generated during the period of incompatibility regarding `save-restriction`. That issue should have been resolved by now; let's not chase ghosts. The indication of a specpdl imbalance does point to this being a possible cause.

The byte-code interpreter normally assumes the code to be correct and performs few checks since every cycle counts here. There are some additional checks to be enabled: the general --enable-checking=all, and/or compiling with -DBYTE_CODE_SAFE=1 (or just adding

#define BYTE_CODE_SAFE 1

early in bytecode.c, which is what I tend to do).

These checks do not audit the specpdl balance directly but that would be something to add if you don't make further progress.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.