[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: Lua 5.4.0-rc5 segfault in low memory conditions
- From: Andrew Gierth <andrew@...>
- Date: Sat, 13 Jun 2020 18:42:40 +0100
>>>>> "Sergey" == Sergey Zakharchenko <email@example.com> writes:
Sergey> [-rc5 crash on memory allocation failure]
So my question is this:
The (original) test case basically does a ton of parsing in which a
whole lot of prototypes get generated and added to other prototypes,
in the context of building up one single return statement.
Where in this are those prototypes supposed to be reached from the GC?
i.e. what's the intended path by which the GC is supposed to find them?
The sequence of events I'm seeing is that there's a GC run happening
while we're still in the parser, and after the atomic stage it's finding
(and sweeping) a whole lot of prototypes that are marked white, which
surely should not be possible because all the prototypes being generated
in the parse are presumably still referenced from somewhere. (And the
crashes I get from references to freed memory confirm that they are