bug#58334: 29.0.50; ASAN heap use after free in gui_produce

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs

From:	Gerd Möllmann
Subject:	bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs
Date:	Sat, 08 Oct 2022 08:58:02 +0200
User-agent:	Gnus/5.13 (Gnus v5.13)

I'd like to finish this one way or another, so here it goes...

The call to redisplay in nsterm.m was identified as the problem because
it can free realized faces, that other code relies on not to happen.

The call to redisplay was introduced in the commit below, and I'm
looking at the bugs mentioned in it.

68bd6f3ea9c05637501139c46f1f4304482db95f
Author:     Alan Third <alan@idiocy.org>
CommitDate: Sat Feb 13 22:41:25 2021 +0000

Fix flicker when resizing NS frame programmatically (bug#46155)
; Incidentally fixes bug#21326.

IÄm using Emacs master on macOS 12.6 with

modified   src/nsterm.m
@@ -8672,7 +8672,7 @@ - (void)layoutSublayersOfLayer:(CALayer *)layer
       waiting_for_input = 0;
       block_input ();
 
-      redisplay ();
+      //redisplay ();
 
       unblock_input ();
       waiting_for_input = owfi;


------------------------------------------------------------------------
bug#46155: 28.0.50; Regression: buffer contents flicker on macOS
------------------------------------------------------------------------

The bug complains that

(dotimes (n 10)
  (set-frame-parameter nil 'width (+ 80 n))
  (sit-for 0.1))

leads to flicker.  Not reproducible.

This funny comment by Alan made my day, so I'll quote it here :-)

    Well... I tried something ridiculous and it appears to work...

    I suspect forcing redisplay this way within the NS run loop is bad
    form, but it appears to work.

In the mails under bug#46155, someone mentions that Emacs displays an
empty buffer while busy on startup.  Reproducible.

That's all I checked.

------------------------------------------------------------------------
bug#21326: 24.5; OS X, frame blank while resizing
------------------------------------------------------------------------

Not reproducible.

------------------------------------------------------------------------
Possible solutions:

1. Don't call redisplay, depending on OS version.

2. What Eli said - make uses of realized faces resilient against face
cache clearing.

3. Block input in vertical-motion etc. as Po Lu suggested.

4. Do nothing because that's all esoteric.

I favour (1) or (4) because (2) I'm not motivated to do, and TBH I agree
with Alan's comment above :-).  Can't say much about (3), except that
Eli doesn't seem to like it.

[Prev in Thread]

Current Thread

[Next in Thread]

bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs, (continued)
- bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs, Gerd Möllmann <=
  - bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs, Eli Zaretskii, 2022/10/08

Prev by Date: bug#58342: 29.0.50; noverlay branch is O(N) for important calls
Next by Date: bug#58349: Bug: 28.1; After disabling tool bar, enabling tab bar does not show tab bar
Previous by thread: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs
Next by thread: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs
Index(es):
- Date
- Thread