[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#61896: 30.0.50; Emacs crashes because of an invalid free
From: |
Eli Zaretskii |
Subject: |
bug#61896: 30.0.50; Emacs crashes because of an invalid free |
Date: |
Thu, 02 Mar 2023 11:41:05 +0200 |
> From: Philip Kaludercic <philipk@posteo.net>
> Cc: Mattias Engdegård <mattiase@acm.org>,
> 61896@debbugs.gnu.org
> Date: Thu, 02 Mar 2023 08:53:54 +0000
>
> >From what I recall, the address being freed was on the stack. How does
> the byte-code interpreter behave when the input is broken? Is there
> some way of validating if the byte-code is "coherent"? If I manually
> modify the byte code and replace random bytes, is the interpreter
> written to expect this kind of issue?
Sorry, I don't understand the questions. Maybe Mattias will.
My interpretation of this problem is that some corruption happened to
the specpdl stuff, which causes SAFE_FREE decide that some data should
be 'free'd when it was actually allocated off the stack. The question
is how could that happen.
bug#61896: 30.0.50; Emacs crashes because of an invalid free, Rah Guzar, 2023/03/02