Project

General

Profile

ActionsLike0

Bug #19482

closed

Fix crash when allocating classes with newobj hook

Added by peterzhu2118 (Peter Zhu) almost 2 years ago. Updated over 1 year ago.

Status:
Closed
Assignee:
-
Target version:
-
[ruby-core:112721]

Description

GitHub PR: https://github.com/ruby/ruby/pull/7464

We need to zero out the whole slot when running the newobj hook for a newly allocated class because the slot could be filled with garbage, which would cause a crash if a GC runs inside of the newobj hook.

For example, the following script crashes:

require "objspace"

GC.stress = true

ObjectSpace.trace_object_allocations {
  100.times do
    Class.new
  end
}

Added by peterzhu2118 (Peter Zhu) almost 2 years ago

Revision e1bd4562

Fix crash when allocating classes with newobj hook

We need to zero out the whole slot when running the newobj hook for a
newly allocated class because the slot could be filled with garbage,
which would cause a crash if a GC runs inside of the newobj hook.

For example, the following script crashes:

require "objspace"

GC.stress = true

ObjectSpace.trace_object_allocations {
  100.times do
    Class.new
  end
}

[Bug #19482]

Added by nagachika (Tomoyuki Chikanaga) over 1 year ago

Revision 141402d1

merge revision(s) e1bd45624c85e8a80991bda20801f50967ac77a1: [Backport #19482]

    Fix crash when allocating classes with newobj hook

    We need to zero out the whole slot when running the newobj hook for a
    newly allocated class because the slot could be filled with garbage,
    which would cause a crash if a GC runs inside of the newobj hook.

    For example, the following script crashes:

    ```
    require "objspace"

    GC.stress = true

    ObjectSpace.trace_object_allocations {
      100.times do
        Class.new
      end
    }
    ```

    [Bug #19482]
    ---
     gc.c                           | 8 +++++++-
     test/objspace/test_objspace.rb | 7 +++++++
     2 files changed, 14 insertions(+), 1 deletion(-)
ActionsLike0

Also available in: Atom PDF