GNU bug report logs -
#29066
26.0.90; crash in gc involving buffer local symbols
Previous Next
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
Yes, it fixes the problem.
I also checked the following works, and seems better to me (stop having
dangling pointers, instead of being careful with them):
diff --git a/src/alloc.c b/src/alloc.c
index da0c3ad4b3..44dfa95cf5 100644
--- a/src/alloc.c
+++ b/src/alloc.c
@@ -7030,8 +7030,10 @@ sweep_symbols (void)
{
if (!sym->s.gcmarkbit)
{
- if (sym->s.redirect == SYMBOL_LOCALIZED)
+ if (sym->s.redirect == SYMBOL_LOCALIZED) {
xfree (SYMBOL_BLV (&sym->s));
+ sym->s.val.blv = NULL;
+ }
sym->s.next = symbol_free_list;
symbol_free_list = &sym->s;
symbol_free_list->function = Vdead;
On Mon, Oct 30, 2017 at 4:38 PM, Eli Zaretskii <eliz <at> gnu.org> wrote:
> > From: Valentin Gatien-Baron <vgatien-baron <at> janestreet.com>
> > Date: Mon, 30 Oct 2017 10:36:41 -0400
> > Cc: Mark Shinwell <mshinwell <at> janestreet.com>
> >
> > $ installed/bin/emacs -Q -L . -batch --eval '(progn (message "before")
> (make-local-variable (make-symbol "\
> > s")) (kill-buffer) (garbage-collect) (garbage-collect) (message
> "after"))'
> > before
> > *** Error in `installed/bin/emacs': double free or corruption (!prev):
> 0x00000000014bff10 ***
>
> Thanks.
>
> Does the below fix the problem?
>
> diff --git a/src/alloc.c b/src/alloc.c
> index d9d7485..11afdfd 100644
> --- a/src/alloc.c
> +++ b/src/alloc.c
> @@ -7024,7 +7024,9 @@ sweep_symbols (void)
> {
> if (!sym->s.gcmarkbit)
> {
> - if (sym->s.redirect == SYMBOL_LOCALIZED)
> + if (sym->s.redirect == SYMBOL_LOCALIZED
> + /* Already freed? */
> + && !EQ (sym->s.function, Vdead))
> xfree (SYMBOL_BLV (&sym->s));
> sym->s.next = symbol_free_list;
> symbol_free_list = &sym->s;
>
[Message part 2 (text/html, inline)]
This bug report was last modified 7 years and 259 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.