patch 8.1.1485: double free when garbage_collect() is used in autocommand
Problem: Double free when garbage_collect() is used in autocommand.
Solution: Have garbage collection also set the copyID in funccal_stack.
diff --git a/src/userfunc.c b/src/userfunc.c
index 7abde07..3a0219a 100644
--- a/src/userfunc.c
+++ b/src/userfunc.c
@@ -4030,11 +4030,18 @@
int
set_ref_in_call_stack(int copyID)
{
- int abort = FALSE;
- funccall_T *fc;
+ int abort = FALSE;
+ funccall_T *fc;
+ funccal_entry_T *entry;
for (fc = current_funccal; fc != NULL; fc = fc->caller)
abort = abort || set_ref_in_funccal(fc, copyID);
+
+ // Also go through the funccal_stack.
+ for (entry = funccal_stack; entry != NULL; entry = entry->next)
+ for (fc = entry->top_funccal; fc != NULL; fc = fc->caller)
+ abort = abort || set_ref_in_funccal(fc, copyID);
+
return abort;
}