Project

General

Profile

Bug #9011

rb_fstring unsafe to use in general case

Added by Eric Wong almost 3 years ago. Updated almost 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
ruby -v:
trunk
[ruby-core:57794]

Description

I don't think the current "frozen"f in pure Ruby code is unsafe
(I haven't reproduced a crash)

But I do not think rb_fstring is generally safe for other C code, including extension authors

Consider the following case:

    fstr1 = rb_fstring(str)
    fstr1 goes out of scope
    GC mark runs ...
    fstr1 is eligible for lazy sweep
    fstr2 = rb_fstring(str)
    fstr2 is identical to fstr1
    fstr1 is swept (rb_str_free)
    fstr2 use attempted -> crash

I extracted this bug report from Feature #8998, where I showed a patch
which exposes this bug during "make check"

History

#1 [ruby-core:57795] Updated by Koichi Sasada almost 3 years ago

Nobu's patch r43210 may solve this problem. Could you verify it?

BTW, I don't like this fix. I'll try fix by another way.

#2 [ruby-core:57800] Updated by Eric Wong almost 3 years ago

"ko1 (Koichi Sasada)" redmine@ruby-lang.org wrote:

Nobu's patch r43210 may solve this problem. Could you verify it?

Thanks, I did not think to update my repo :x
Anyways, r43210 works fine.

BTW, I don't like this fix. I'll try fix by another way.

I'm not sure why you don't like it, but I'll be glad to test your fix.

#3 [ruby-core:57946] Updated by Nobuyoshi Nakada almost 3 years ago

  • Status changed from Open to Closed

Also available in: Atom PDF