mirror of
https://github.com/ruby/ruby.git
synced 2022-11-09 12:17:21 -05:00
* proc.c (struct METHOD), gc.c (gc_marks), vm_method.c
(rb_gc_mark_unlinked_live_method_entries): fix SEGV bug. rb_method_entry_t was free'd even when the method is still on the stack if it is BMETHOD (i.e., Method#call). This is because rb_method_entry_t is embedded in struct METHOD. This commit separates them and marks the live method entries. See [ruby-core:38449] in detail. fix [Bug #5047] [ruby-core:38171] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32669 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
parent
f23ad92a95
commit
9a27239558
5 changed files with 58 additions and 28 deletions
10
ChangeLog
10
ChangeLog
|
@ -1,3 +1,13 @@
|
|||
Mon Jul 25 22:36:11 2011 Yusuke Endoh <mame@tsg.ne.jp>
|
||||
|
||||
* proc.c (struct METHOD), gc.c (gc_marks), vm_method.c
|
||||
(rb_gc_mark_unlinked_live_method_entries): fix SEGV bug.
|
||||
rb_method_entry_t was free'd even when the method is still on the
|
||||
stack if it is BMETHOD (i.e., Method#call). This is because
|
||||
rb_method_entry_t is embedded in struct METHOD. This commit
|
||||
separates them and marks the live method entries.
|
||||
See [ruby-core:38449] in detail. fix [Bug #5047] [ruby-core:38171]
|
||||
|
||||
Mon Jul 25 22:14:37 2011 Hiroshi Nakamura <nahi@ruby-lang.org>
|
||||
|
||||
* lib/xmlrpc/client.rb: Fix possible HTTP header formatting failure by
|
||||
|
|
2
gc.c
2
gc.c
|
@ -2461,6 +2461,8 @@ gc_marks(rb_objspace_t *objspace)
|
|||
|
||||
rb_gc_mark_parser();
|
||||
|
||||
rb_gc_mark_unlinked_live_method_entries(th->vm);
|
||||
|
||||
/* gc_mark objects whose marking are not completed*/
|
||||
while (!MARK_STACK_EMPTY) {
|
||||
if (mark_stack_overflow) {
|
||||
|
|
56
proc.c
56
proc.c
|
@ -18,7 +18,7 @@ struct METHOD {
|
|||
VALUE recv;
|
||||
VALUE rclass;
|
||||
ID id;
|
||||
rb_method_entry_t me;
|
||||
rb_method_entry_t *me;
|
||||
};
|
||||
|
||||
VALUE rb_cUnboundMethod;
|
||||
|
@ -861,18 +861,14 @@ bm_mark(void *ptr)
|
|||
struct METHOD *data = ptr;
|
||||
rb_gc_mark(data->rclass);
|
||||
rb_gc_mark(data->recv);
|
||||
rb_mark_method_entry(&data->me);
|
||||
if (data->me) rb_mark_method_entry(data->me);
|
||||
}
|
||||
|
||||
static void
|
||||
bm_free(void *ptr)
|
||||
{
|
||||
struct METHOD *data = ptr;
|
||||
rb_method_definition_t *def = data->me.def;
|
||||
if (def->alias_count == 0)
|
||||
xfree(def);
|
||||
else if (def->alias_count > 0)
|
||||
def->alias_count--;
|
||||
rb_unlink_method_entry(data->me);
|
||||
xfree(ptr);
|
||||
}
|
||||
|
||||
|
@ -978,8 +974,9 @@ mnew(VALUE klass, VALUE obj, ID id, VALUE mclass, int scope)
|
|||
data->recv = obj;
|
||||
data->rclass = rclass;
|
||||
data->id = rid;
|
||||
data->me = *me;
|
||||
if (def) def->alias_count++;
|
||||
data->me = ALLOC(rb_method_entry_t);
|
||||
*data->me = *me;
|
||||
data->me->def->alias_count++;
|
||||
|
||||
OBJ_INFECT(method, klass);
|
||||
|
||||
|
@ -1033,7 +1030,7 @@ method_eq(VALUE method, VALUE other)
|
|||
m1 = (struct METHOD *)DATA_PTR(method);
|
||||
m2 = (struct METHOD *)DATA_PTR(other);
|
||||
|
||||
if (!rb_method_entry_eq(&m1->me, &m2->me) ||
|
||||
if (!rb_method_entry_eq(m1->me, m2->me) ||
|
||||
m1->rclass != m2->rclass ||
|
||||
m1->recv != m2->recv) {
|
||||
return Qfalse;
|
||||
|
@ -1058,7 +1055,7 @@ method_hash(VALUE method)
|
|||
TypedData_Get_Struct(method, struct METHOD, &method_data_type, m);
|
||||
hash = rb_hash_start((st_index_t)m->rclass);
|
||||
hash = rb_hash_uint(hash, (st_index_t)m->recv);
|
||||
hash = rb_hash_uint(hash, (st_index_t)m->me.def);
|
||||
hash = rb_hash_uint(hash, (st_index_t)m->me->def);
|
||||
hash = rb_hash_end(hash);
|
||||
|
||||
return INT2FIX(hash);
|
||||
|
@ -1084,8 +1081,9 @@ method_unbind(VALUE obj)
|
|||
&method_data_type, data);
|
||||
data->recv = Qundef;
|
||||
data->id = orig->id;
|
||||
data->me = orig->me;
|
||||
if (orig->me.def) orig->me.def->alias_count++;
|
||||
data->me = ALLOC(rb_method_entry_t);
|
||||
*data->me = *orig->me;
|
||||
if (orig->me->def) orig->me->def->alias_count++;
|
||||
data->rclass = orig->rclass;
|
||||
OBJ_INFECT(method, obj);
|
||||
|
||||
|
@ -1137,7 +1135,7 @@ method_owner(VALUE obj)
|
|||
struct METHOD *data;
|
||||
|
||||
TypedData_Get_Struct(obj, struct METHOD, &method_data_type, data);
|
||||
return data->me.klass;
|
||||
return data->me->klass;
|
||||
}
|
||||
|
||||
static void
|
||||
|
@ -1351,7 +1349,7 @@ rb_mod_define_method(int argc, VALUE *argv, VALUE mod)
|
|||
rb_class2name(rclass));
|
||||
}
|
||||
}
|
||||
rb_method_entry_set(mod, id, &method->me, noex);
|
||||
rb_method_entry_set(mod, id, method->me, noex);
|
||||
}
|
||||
else if (rb_obj_is_proc(body)) {
|
||||
rb_proc_t *proc;
|
||||
|
@ -1422,7 +1420,9 @@ method_clone(VALUE self)
|
|||
clone = TypedData_Make_Struct(CLASS_OF(self), struct METHOD, &method_data_type, data);
|
||||
CLONESETUP(clone, self);
|
||||
*data = *orig;
|
||||
if (data->me.def) data->me.def->alias_count++;
|
||||
data->me = ALLOC(rb_method_entry_t);
|
||||
*data->me = *orig->me;
|
||||
if (data->me->def) data->me->def->alias_count++;
|
||||
|
||||
return clone;
|
||||
}
|
||||
|
@ -1463,7 +1463,7 @@ rb_method_call(int argc, VALUE *argv, VALUE method)
|
|||
rb_thread_t *th = GET_THREAD();
|
||||
|
||||
PASS_PASSED_BLOCK_TH(th);
|
||||
result = rb_vm_call(th, data->recv, data->id, argc, argv, &data->me);
|
||||
result = rb_vm_call(th, data->recv, data->id, argc, argv, data->me);
|
||||
}
|
||||
POP_TAG();
|
||||
if (safe >= 0)
|
||||
|
@ -1584,7 +1584,9 @@ umethod_bind(VALUE method, VALUE recv)
|
|||
|
||||
method = TypedData_Make_Struct(rb_cMethod, struct METHOD, &method_data_type, bound);
|
||||
*bound = *data;
|
||||
if (bound->me.def) bound->me.def->alias_count++;
|
||||
bound->me = ALLOC(rb_method_entry_t);
|
||||
*bound->me = *data->me;
|
||||
if (bound->me->def) bound->me->def->alias_count++;
|
||||
bound->recv = recv;
|
||||
bound->rclass = CLASS_OF(recv);
|
||||
|
||||
|
@ -1681,7 +1683,7 @@ method_arity(VALUE method)
|
|||
struct METHOD *data;
|
||||
|
||||
TypedData_Get_Struct(method, struct METHOD, &method_data_type, data);
|
||||
return rb_method_entry_arity(&data->me);
|
||||
return rb_method_entry_arity(data->me);
|
||||
}
|
||||
|
||||
int
|
||||
|
@ -1703,7 +1705,7 @@ method_get_def(VALUE method)
|
|||
struct METHOD *data;
|
||||
|
||||
TypedData_Get_Struct(method, struct METHOD, &method_data_type, data);
|
||||
return data->me.def;
|
||||
return data->me->def;
|
||||
}
|
||||
|
||||
static rb_iseq_t *
|
||||
|
@ -1786,11 +1788,11 @@ method_inspect(VALUE method)
|
|||
rb_str_buf_cat2(str, s);
|
||||
rb_str_buf_cat2(str, ": ");
|
||||
|
||||
if (FL_TEST(data->me.klass, FL_SINGLETON)) {
|
||||
VALUE v = rb_ivar_get(data->me.klass, attached);
|
||||
if (FL_TEST(data->me->klass, FL_SINGLETON)) {
|
||||
VALUE v = rb_ivar_get(data->me->klass, attached);
|
||||
|
||||
if (data->recv == Qundef) {
|
||||
rb_str_buf_append(str, rb_inspect(data->me.klass));
|
||||
rb_str_buf_append(str, rb_inspect(data->me->klass));
|
||||
}
|
||||
else if (data->recv == v) {
|
||||
rb_str_buf_append(str, rb_inspect(v));
|
||||
|
@ -1806,15 +1808,15 @@ method_inspect(VALUE method)
|
|||
}
|
||||
else {
|
||||
rb_str_buf_cat2(str, rb_class2name(data->rclass));
|
||||
if (data->rclass != data->me.klass) {
|
||||
if (data->rclass != data->me->klass) {
|
||||
rb_str_buf_cat2(str, "(");
|
||||
rb_str_buf_cat2(str, rb_class2name(data->me.klass));
|
||||
rb_str_buf_cat2(str, rb_class2name(data->me->klass));
|
||||
rb_str_buf_cat2(str, ")");
|
||||
}
|
||||
}
|
||||
rb_str_buf_cat2(str, sharp);
|
||||
rb_str_append(str, rb_id2str(data->me.def->original_id));
|
||||
if (data->me.def->type == VM_METHOD_TYPE_NOTIMPLEMENTED) {
|
||||
rb_str_append(str, rb_id2str(data->me->def->original_id));
|
||||
if (data->me->def->type == VM_METHOD_TYPE_NOTIMPLEMENTED) {
|
||||
rb_str_buf_cat2(str, " (not-implemented)");
|
||||
}
|
||||
rb_str_buf_cat2(str, ">");
|
||||
|
|
|
@ -647,6 +647,8 @@ void rb_vm_inc_const_missing_count(void);
|
|||
void rb_vm_gvl_destroy(rb_vm_t *vm);
|
||||
VALUE rb_vm_call(rb_thread_t *th, VALUE recv, VALUE id, int argc,
|
||||
const VALUE *argv, const rb_method_entry_t *me);
|
||||
void rb_unlink_method_entry(rb_method_entry_t *me);
|
||||
void rb_gc_mark_unlinked_live_method_entries(void *pvm);
|
||||
|
||||
void rb_thread_start_timer_thread(void);
|
||||
void rb_thread_stop_timer_thread(int);
|
||||
|
|
16
vm_method.c
16
vm_method.c
|
@ -86,7 +86,7 @@ rb_add_method_cfunc(VALUE klass, ID mid, VALUE (*func)(ANYARGS), int argc, rb_me
|
|||
}
|
||||
}
|
||||
|
||||
static void
|
||||
void
|
||||
rb_unlink_method_entry(rb_method_entry_t *me)
|
||||
{
|
||||
struct unlinked_method_entry_list_entry *ume = ALLOC(struct unlinked_method_entry_list_entry);
|
||||
|
@ -95,6 +95,20 @@ rb_unlink_method_entry(rb_method_entry_t *me)
|
|||
GET_VM()->unlinked_method_entry_list = ume;
|
||||
}
|
||||
|
||||
void
|
||||
rb_gc_mark_unlinked_live_method_entries(void *pvm)
|
||||
{
|
||||
rb_vm_t *vm = pvm;
|
||||
struct unlinked_method_entry_list_entry *ume = vm->unlinked_method_entry_list, *prev_ume = 0, *curr_ume;
|
||||
|
||||
while (ume) {
|
||||
if (ume->me->mark) {
|
||||
rb_mark_method_entry(ume->me);
|
||||
}
|
||||
ume = ume->next;
|
||||
}
|
||||
}
|
||||
|
||||
void
|
||||
rb_sweep_method_entry(void *pvm)
|
||||
{
|
||||
|
|
Loading…
Reference in a new issue