Fix potential race condition in vm_compute.

If the second allocation causes a collection of the minor heap, the first allocation will be freed, thus causing a memory corruption. Note: it only happens when computing the native projection of an opaque value while the minor heap is almost full.
author: Guillaume Melquiond <guillaume.melquiond@inria.fr> 2016-05-31 15:35:46 +0200
committer: Guillaume Melquiond <guillaume.melquiond@inria.fr> 2016-05-31 15:35:46 +0200
commit: 4c66c7f9c370d2088dfa064e77f45b869c672e98 (patch)
tree: 503692aef11ca15788fbb755cfcb87404f0e17f4 /kernel/byterun
parent: 27dffdea5b46f6282c1584db0555213e744352fa (diff)
1 files changed, 6 insertions, 4 deletions
diff --git a/kernel/byterun/coq_interp.c b/kernel/byterun/coq_interp.c
index dc571699e..d634b726b 100644
--- a/kernel/byterun/coq_interp.c
+++ b/kernel/byterun/coq_interp.c
@@ -911,10 +911,12 @@ value coq_interprete
 	  Alloc_small(block, 2, ATOM_PROJ_TAG);
 	  Field(block, 0) = Field(coq_global_data, *pc);
 	  Field(block, 1) = accu;
-	  /* Create accumulator */
-	  Alloc_small(accu, 2, Accu_tag);
-	  Code_val(accu) = accumulate;
-	  Field(accu, 1) = block;
+          accu = block;
+          /* Create accumulator */
+          Alloc_small(block, 2, Accu_tag);
+          Code_val(block) = accumulate;
+          Field(block, 1) = accu;
+          accu = block;
 	} else {
 	    accu = Field(accu, *pc++);
 	}
author	Guillaume Melquiond <guillaume.melquiond@inria.fr>	2016-05-31 15:35:46 +0200
committer	Guillaume Melquiond <guillaume.melquiond@inria.fr>	2016-05-31 15:35:46 +0200
commit	4c66c7f9c370d2088dfa064e77f45b869c672e98 (patch)
tree	503692aef11ca15788fbb755cfcb87404f0e17f4 /kernel/byterun
parent	27dffdea5b46f6282c1584db0555213e744352fa (diff)