Yes, it fixes the problem.

I also checked the following works, and seems better to me (stop having
dangling pointers, instead of being careful with them):

diff --git a/src/alloc.c b/src/alloc.c
index da0c3ad4b3..44dfa95cf5 100644
--- a/src/alloc.c
+++ b/src/alloc.c
@@ -7030,8 +7030,10 @@ sweep_symbols (void)
         {
           if (!sym->s.gcmarkbit)
             {
-              if (sym->s.redirect == SYMBOL_LOCALIZED)
+              if (sym->s.redirect == SYMBOL_LOCALIZED) {
                 xfree (SYMBOL_BLV (&sym->s));
+                sym->s.val.blv = NULL;
+              }
               sym->s.next = symbol_free_list;
               symbol_free_list = &sym->s;
               symbol_free_list->function = Vdead;


On Mon, Oct 30, 2017 at 4:38 PM, Eli Zaretskii <eliz@gnu.org> wrote:

> > From: Valentin Gatien-Baron <vgatien-baron@janestreet.com>
> > Date: Mon, 30 Oct 2017 10:36:41 -0400
> > Cc: Mark Shinwell <mshinwell@janestreet.com>
> >
> > $ installed/bin/emacs -Q -L . -batch --eval '(progn (message "before")
> (make-local-variable (make-symbol "\
> > s")) (kill-buffer) (garbage-collect) (garbage-collect) (message
> "after"))'
> > before
> > *** Error in `installed/bin/emacs': double free or corruption (!prev):
> 0x00000000014bff10 ***
>
> Thanks.
>
> Does the below fix the problem?
>
> diff --git a/src/alloc.c b/src/alloc.c
> index d9d7485..11afdfd 100644
> --- a/src/alloc.c
> +++ b/src/alloc.c
> @@ -7024,7 +7024,9 @@ sweep_symbols (void)
>          {
>            if (!sym->s.gcmarkbit)
>              {
> -              if (sym->s.redirect == SYMBOL_LOCALIZED)
> +              if (sym->s.redirect == SYMBOL_LOCALIZED
> +                 /* Already freed?  */
> +                 && !EQ (sym->s.function, Vdead))
>                  xfree (SYMBOL_BLV (&sym->s));
>                sym->s.next = symbol_free_list;
>                symbol_free_list = &sym->s;
>