[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#58042: 29.0.50; ASAN use-after-free in re_match_2_internal
|
From: |
Po Lu |
|
Subject: |
bug#58042: 29.0.50; ASAN use-after-free in re_match_2_internal |
|
Date: |
Tue, 09 May 2023 09:04:03 +0800 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) |
Stefan Monnier <monnier@iro.umontreal.ca> writes:
> Really?
Yes.
> The problem was not if it's run from within the GC, the problem was what
> this code does when *it* runs the GC (or other state-changing functions).
> [ And indeed, the fix Gerd installed was to prevent GC while running
> pending_signals. But I suspect this is not sufficient because there
> are other forms of global state that can get messed up. ]
>
> In bug#62732 we have a related problem when code run from `maybe_quit`
> (an atimer in that case) from the regexp engine, and that atimer
> itself performs a regexp-operation, which messes up the outer regexp
> engine invocation because the regexp engine is still not re-entrant (in
> that bug, the problem is the `gl_state` global variable).
bug#62732? That's:
29.0.60; uniquify-trailing-separator-p affects any buffer whose name
matches a dir in CWD
I don't see how it's related to reentrant use of the regexp engine.
BTW, which atimer is it?