Closes https://bugs.launchpad.net/sbcl/+bug/911027

Fix copy-structure.  When copying from stack to heap, garbage could
end up in the heap making GC unhappy.  Thanks to James Knight.

diff --git a/NEWS b/NEWS
index fa6803a..6a2e7f2 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,8 @@
 ;;;; -*- coding: utf-8; fill-column: 78 -*-
 changes relative to sbcl-1.0.55:
+  * bug fix: fix copy-structure.  When copying from stack to heap, garbage
+    could end up in the heap making GC unhappy.
+    (Thanks to James Knight, lp#911027)
   * enhancements
     ** SBCL can now be built using Clang.
   * bug fix: compiler errors when weakening hairy integer types. (lp#913232)

diff --git a/src/code/target-defstruct.lisp b/src/code/target-defstruct.lisp
index b36c483..89ced39 100644 (file)
--- a/src/code/target-defstruct.lisp
+++ b/src/code/target-defstruct.lisp
@@ -361,9 +361,9 @@
   #!+sb-doc
   "Return a copy of STRUCTURE with the same (EQL) slot values."
   (declare (type structure-object structure))
-  (let* ((len (%instance-length structure))
-         (res (%make-instance len))
-         (layout (%instance-layout structure))
+  (let* ((layout (%instance-layout structure))
+         (res (%make-instance (%instance-length structure)))
+         (len (layout-length layout))
          (nuntagged (layout-n-untagged-slots layout)))
 
     (declare (type index len))