From f302454e5eeeba9e06ddba96c10b1c296e5f359a Mon Sep 17 00:00:00 2001
From: Kaz Kylheku <kaz@kylheku.com>
Date: Fri, 26 Oct 2018 06:58:44 -0700
Subject: vm: bugfix: corruption of global desc list.

* vm.c (vm_make_desc): We must register the newly malloced
descriptor structure into the free list before calling cobj,
because calling cobj may trigger gc, which can blow away the
object pointed to by our vtail local variable. Alternatively,
we calculate vtail after doign the cobj. Obtaining vtail and
using it cannot be separated by gc.
---
 vm.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/vm.c b/vm.c
index 4c66309d..c0beeb53 100644
--- a/vm.c
+++ b/vm.c
@@ -157,6 +157,11 @@ val vm_make_desc(val nlevels, val nregs, val bytecode,
 
     vd->self = nil;
 
+    vd->lnk.prev = vtail;
+    vd->lnk.next = vnull;
+    vnull->lnk.prev = vd;
+    vtail->lnk.next = vd;
+
     desc = cobj(coerce(mem_t *, vd), vm_desc_s, &vm_desc_ops);
 
     vd->bytecode = bytecode;
@@ -164,11 +169,6 @@ val vm_make_desc(val nlevels, val nregs, val bytecode,
     vd->symvec = symvec;
     vd->self = desc;
 
-    vd->lnk.prev = vtail;
-    vd->lnk.next = vnull;
-    vnull->lnk.prev = vd;
-    vtail->lnk.next = vd;
-
     return desc;
   }
 }
-- 
cgit v1.2.3