GNU bug report logs - #41357
28.0.50; GC may miss to mark calle safe register content

Previous Next

Package: emacs;

Reported by: Andrea Corallo <akrl <at> sdf.org>

Date: Sun, 17 May 2020 12:43:02 UTC

Severity: normal

Found in version 28.0.50

Done: Paul Eggert <eggert <at> cs.ucla.edu>

Bug is archived. No further changes may be made.

Full log

Message #74 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Paul Eggert <eggert <at> cs.ucla.edu>
To: Eli Zaretskii <eliz <at> gnu.org>
Cc: bug-gnu-emacs <at> gnu.org, akrl <at> sdf.org
Subject: Re: 28.0.50; GC may miss to mark calle safe register content
Date: Sun, 17 May 2020 14:21:49 -0700

On 5/17/20 12:26 PM, Eli Zaretskii wrote:
> And where's GC in this picture?  If it's called directly from 'f', can
> you show me such code in Emacs?  Then we could disassembly it and see
> what we've got.
> 
> Usually the code that calls GC is much deeper, and thus the chance of
> that temporary to stay in a register is very small, to say the least.

The probability is not that small, unfortunately. Compilers often have a habit
of running through the same set of callee-save registers in the same order.
Let's say you're on the x86 and your compiler consumes the four callee-save
registers in the order ebx, esi, edi, ebp. Then if we call f which calls g which
calls h which calls the GC, it's likely that f will save just ebx, then g will
save just ebx, esi, edi, then h will save just ebx and esi. Hence if the caller
has assigned a local variable to ebp, the GC won't see the variable's contents.

We should give Andrea a big round of applause for catching this bug.
This bug report was last modified 5 years and 75 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.