GNU bug report logs - #41357
28.0.50; GC may miss to mark calle safe register content

Previous Next

Package: emacs;

Reported by: Andrea Corallo <akrl <at> sdf.org>

Date: Sun, 17 May 2020 12:43:02 UTC

Severity: normal

Found in version 28.0.50

Done: Paul Eggert <eggert <at> cs.ucla.edu>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Andrea Corallo <akrl <at> sdf.org>
To: Eli Zaretskii <eliz <at> gnu.org>
Cc: 41357 <at> debbugs.gnu.org, eggert <at> cs.ucla.edu
Subject: bug#41357: 28.0.50; GC may miss to mark calle safe register content
Date: Sun, 17 May 2020 17:45:28 +0000

Eli Zaretskii <eliz <at> gnu.org> writes:

>> From: Andrea Corallo <akrl <at> sdf.org>
>> Cc: bug-gnu-emacs <at> gnu.org, eggert <at> cs.ucla.edu
>> Date: Sun, 17 May 2020 17:13:26 +0000
>> 
>> If a C function caller of 'flush_stack_call_func' allocates a
>> Lisp_Object in a temp variable and the compiler decide to keep this in a
>> callee saved reg while 'flush_stack_call_func' is called this will be
>> garbage collected unexpectedly.
>
> Can you show me an example of this (as skeleton C code)?
>
> Thanks.

Sure, something like

=====

Lisp_Object
foo (void)
{
  /* 'res' goes in a callee saved reg  */
  Lisp_Object res = build_string ("bar");
  [...]
  /* LTO inline the following as "flush_stack_call_func (mark_threads_callback, NULL);" */
  mark_threads ();
  [...]
  gc_sweep ();

  /* The string pointed by 'res' was garbage collected.  */
  return res;
}

=====

I'm not sure this is the only possible scenarion tho.

  Andrea

-- 
akrl <at> sdf.org
This bug report was last modified 5 years and 75 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.