Re: GC and stack marking

[Eli Zaretskii <eliz@gnu.org>]

> Date: Tue, 20 May 2014 12:12:45 -0700
> From: Daniel Colascione <dancol@dancol.org>
> CC: fabrice.popineau@gmail.com, emacs-devel@gnu.org
> 
> >> But it shouldn't cause any trouble (other than extra memory use).
> > 
> > It does, due to all kinds of subtleties.  The result is that the
> > large_vectors linked list gets dumped with a pointer to a non-existent
> > memory, and the dumped Emacs then crashes on the first GC when it
> > tries to traverse that linked list.
> 
> Can you elaborate on how that happens? This behavior sounds like a plain
> GC bug.

It's not a bug in GC.  The memory management scheme that Fabrice wrote
does not dump the heap (because doing that is problematic on Windows,
and requires addition of a separate section to the executable, which
then precludes its stripping, and has also other complexities).
Instead, temacs uses a private fixed-address heap that is located in a
static array, and whose memory is allocated by a replacement malloc
function.  So any address that points to memory allocated not in that
array, but in the real heap provided by malloc from libc, cannot be
safely dumped, because in the dumped Emacs it will point to some
random location.

Now, the large_vectors list is a linked list chained via the next
pointer.  If one of these next pointers points to a memory on the
heap, following it in the dumped Emacs will surely crash.  There's no
way GC can work around that, when it traverses that linked list.