GNU bug report logs -
#71694
30.0.50; heap-use-after-free in tty_defined_color
Previous Next
Reported by: Daniel Clemente <n142857 <at> gmail.com>
Date: Fri, 21 Jun 2024 10:48:02 UTC
Severity: normal
Merged with 71693
Found in version 30.0.50
Done: Stefan Kangas <stefankangas <at> gmail.com>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
> From: Daniel Clemente <n142857 <at> gmail.com>
> Date: Fri, 21 Jun 2024 10:47:01 +0000
>
> I enabled -fsanitize. I'm using an X terminal to run TTY Emacs inside.
> I opened the daemon inside gdb with emacs --fg-daemon -Q
>
> I don't remember what exactly I was doing here, but it only involved
> slowly opening 2 or 3 terminals like this
> urxvt -e "emacsclient" "-c" "-e" '(dired "~")'
> and then I might have opened 2 or 3 with this (in the same session)
> xterm -e "emacsclient" "-c" "-e" '(dired "~")'
> Plus switching between them and closing them.
> However that's not a reproduction formula, it's just what I was doing
> when this crash randomly happened. I don't know how to reproduce this
> yet.
>
> =================================================================
> ==9677==ERROR: AddressSanitizer: heap-use-after-free on address
> 0x625000123b30 at pc 0x55555695b2c9 bp 0x7fffffff9900 sp
> 0x7fffffff98f8
> READ of size 1 at 0x625000123b30 thread T0
> #0 0x55555695b2c8 in tty_defined_color /w/emacs/src/xfaces.c:1115
I think this is bogus: -fsanitize doesn't understand the Emacs memory
management, in particular what's going in GC when we relocate strings.
In any case, the line numbers seem off: line 1115 of xfaces.c is a
comment. Are your sources in sync with the Git repository?
This bug report was last modified 164 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.