diff options
| -rw-r--r-- | ChangeLog | 13 | ||||
| -rw-r--r-- | string.c | 15 |
2 files changed, 23 insertions, 5 deletions
@@ -1,3 +1,16 @@ +Fri Aug 22 20:07:43 2014 Koichi Sasada <ko1@atdot.net> + + * string.c (rb_fstring, fstr_update_callback): simply delete garbage + key first. + + Garbage keys can be swept by lazy sweeping invoked by creating new + fstring. So that simply do: + (1) delete garbage key and return `fstr_update_callback' immediately + (2) try again `fstr_update_callback()' to create a new fstr. + + This bug can be cause memory corruption, reported by + http://u64.rubyci.org/~chkbuild/ruby-trunk/log/20140821T220302Z.fail.html.gz + Fri Aug 22 19:30:39 2014 SHIBATA Hiroshi <shibata.hiroshi@gmail.com> * test/ruby/test_complex.rb: removed commented-out code. @@ -194,8 +194,8 @@ fstr_update_callback(st_data_t *key, st_data_t *value, st_data_t arg, int existi * at next time */ if (rb_objspace_garbage_object_p(str)) { - str = *fstr; - goto create_new_fstr; + *fstr = Qundef; + return ST_DELETE; } *fstr = str; @@ -203,7 +203,6 @@ fstr_update_callback(st_data_t *key, st_data_t *value, st_data_t arg, int existi } else { if (STR_SHARED_P(str)) { /* str should not be shared */ - create_new_fstr: str = rb_enc_str_new(RSTRING_PTR(str), RSTRING_LEN(str), STR_ENC_GET(str)); OBJ_FREEZE(str); } @@ -220,6 +219,8 @@ fstr_update_callback(st_data_t *key, st_data_t *value, st_data_t arg, int existi VALUE rb_fstring(VALUE str) { + VALUE ret; + Check_Type(str, T_STRING); if (!frozen_strings) @@ -228,8 +229,12 @@ rb_fstring(VALUE str) if (FL_TEST(str, RSTRING_FSTR)) return str; - st_update(frozen_strings, (st_data_t)str, fstr_update_callback, (st_data_t)&str); - return str; + do { + ret = str; + st_update(frozen_strings, (st_data_t)str, fstr_update_callback, (st_data_t)&ret); + } while (ret != Qundef); + + return ret; } static VALUE |