From 624fbec2a9e9eca373be1cd3351b2c8533b4579d Mon Sep 17 00:00:00 2001 From: Juho Snellman Date: Tue, 7 Aug 2007 06:15:13 +0000 Subject: [PATCH] 1.0.8.18: Fix gc-safety bug in x86oid function calls * Off by one error in conservative stack scavenging, the top of the stack wasn't pinned. * In the new calling convention there is a small window during which the return address only exists on the top of the stack. If a gc was triggered during that window, the code object could move, and the return address would point to freed memory. --- src/runtime/gencgc.c | 2 +- version.lisp-expr | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/runtime/gencgc.c b/src/runtime/gencgc.c index 8f6012918..3161230b5 100644 --- a/src/runtime/gencgc.c +++ b/src/runtime/gencgc.c @@ -3991,7 +3991,7 @@ garbage_collect_generation(generation_index_t generation, int raise) #else esp = (void **)((void *)&raise); #endif - for (ptr = ((void **)th->control_stack_end)-1; ptr > esp; ptr--) { + for (ptr = ((void **)th->control_stack_end)-1; ptr >= esp; ptr--) { preserve_pointer(*ptr); } } diff --git a/version.lisp-expr b/version.lisp-expr index b88d052fa..e63ab4478 100644 --- a/version.lisp-expr +++ b/version.lisp-expr @@ -17,4 +17,4 @@ ;;; checkins which aren't released. (And occasionally for internal ;;; versions, especially for internal versions off the main CVS ;;; branch, it gets hairier, e.g. "0.pre7.14.flaky4.13".) -"1.0.8.17" +"1.0.8.18" -- 2.11.4.GIT