From e651e110c17656a263dd017b14c85b332163a58d Mon Sep 17 00:00:00 2001 From: Yegappan Lakshmanan Date: Mon, 4 Sep 2023 07:51:01 +0200 Subject: patch 9.0.1862: Vim9 Garbage Collection issues Problem: Vim9 Garbage Collection issues Solution: Class members are garbage collected early leading to use-after-free problems. Handle the garbage collection of classes properly. closes: #13019 Signed-off-by: Christian Brabandt Co-authored-by: Yegappan Lakshmanan --- src/eval.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'src/eval.c') diff --git a/src/eval.c b/src/eval.c index ad02c2c965..4143dd2ac6 100644 --- a/src/eval.c +++ b/src/eval.c @@ -5305,6 +5305,8 @@ garbage_collect(int testing) abort = abort || set_ref_in_popups(copyID); #endif + abort = abort || set_ref_in_classes(copyID); + if (!abort) { /* @@ -5353,6 +5355,9 @@ free_unref_items(int copyID) // Go through the list of objects and free items without this copyID. did_free |= object_free_nonref(copyID); + // Go through the list of classes and free items without this copyID. + did_free |= class_free_nonref(copyID); + #ifdef FEAT_JOB_CHANNEL // Go through the list of jobs and free items without the copyID. This // must happen before doing channels, because jobs refer to channels, but @@ -5707,7 +5712,7 @@ set_ref_in_item_channel( * Mark the class "cl" with "copyID". * Also see set_ref_in_item(). */ - static int + int set_ref_in_item_class( class_T *cl, int copyID, @@ -5716,8 +5721,7 @@ set_ref_in_item_class( { int abort = FALSE; - if (cl == NULL || cl->class_copyID == copyID - || (cl->class_flags & CLASS_INTERFACE) != 0) + if (cl == NULL || cl->class_copyID == copyID) return FALSE; cl->class_copyID = copyID; -- cgit v1.2.3