Created attachment 102761 [details] proposal fix I was unable to create small and isolated example, so the only way to reproduce this bug is to run GNU Emacs with multiple X servers (Xnest is OK too). So steps to reproduce are: 1. Compile Emacs with Lucid toolkit (--with-x-toolkit=lucid) and internal checking enabled (--enable-checking). 2. Run Xnest on :1 3. Run Emacs with: emacs -Q --eval '(let ((f (selected-frame))) (make-frame-on-display ":1.0") (delete-frame f))' 4. See assertion failure at xterm.c:8006 while checking the value returned from XUnregisterIMInstantiateCallback. Running under Valgrind (see http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17975#17) shows a use-after-free error. Proposal fix is attached.
I ran into something that looks like the same problem with another application using XUnregisterIMInstantiateCallback, see: https://core.tcl.tk/tk/tktview/e42eef33ee88e54d48b7279d1392b7b260acf91e The valgrind output there shows a use-after-free error, quite identical to what is shown by the author of the present ticket, that is http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17975#17 A patch is alreavailable in this ticket, is there anything preventing it from being applied?
Main problem is a lack of maintainers for the XIM code - I don't know if anyone left still knows how it works.
-- GitLab Migration Automatic Message -- This bug has been migrated to freedesktop.org's GitLab instance and has been closed from further activity. You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.freedesktop.org/xorg/lib/libx11/issues/36.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.