GNU bug report logs - #27587
25.1; in the dynamic modules api, env->free_global_ref doesn't free anything

Previous Next

Package: emacs;

Reported by: Valentin Gatien-Baron <vgatien-baron <at> janestreet.com>

Date: Wed, 5 Jul 2017 15:07:02 UTC

Severity: normal

Found in version 25.1

Done: Philipp Stephani <p.stephani2 <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Valentin Gatien-Baron <vgatien-baron <at> janestreet.com>
To: bug-gnu-emacs <at> gnu.org
Subject: 25.1; in the dynamic modules api, env->free_global_ref doesn't free
 anything
Date: Wed, 5 Jul 2017 08:43:26 -0400

[Message part 1 (text/plain, inline)]
The following dynamic module takes unbounded memory:

/* gcc -I . -g -ggdb -fPIC foo.c -shared -o foo.so && echo running && emacs
-Q -L . -batch -l foo */
#include <emacs-module.h>

int plugin_is_GPL_compatible;

int emacs_module_init(struct emacs_runtime *ert) {
  emacs_env *env = ert->get_environment(ert);
  while (1) {
    int i;
    for (i = 0; i < 10000; i++) {
      emacs_value v = env->make_string(env, "asdads", 3);
      env->free_global_ref(env, env->make_global_ref(env, v));
    }
    env->funcall(env, env->intern(env, "garbage-collect"), 0, NULL);
  }
}


This is because env->make_global_ref/env->free_global_ref leak memory.
env->free_global_ref fails to remove values from the hash table of
refcounts. The following patch makes the program above run in constant
space.


--- src/emacs-module.c 2017-06-30 16:00:36.776301646 -0400
+++ src/emacs-module.c 2017-06-30 16:05:01.660120043 -0400
@@ -308,7 +308,7 @@
           set_hash_value_slot (h, i, value);
         }
       else
- hash_remove_from_table (h, value);
+ hash_remove_from_table (h, obj);
     }
 }

[Message part 2 (text/html, inline)]
This bug report was last modified 8 years and 9 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.