From 1753fa891b9a1e02c8c4e2e490c40d2b465c1e64 Mon Sep 17 00:00:00 2001
From: mame <mame@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Wed, 25 Oct 2017 13:19:45 +0000
Subject: Make imemo_alloc writebarrier-unprotected

imemo_alloc provides a memory buffer whose contents are marked by GC.
C code can access imemo_alloc buffer freely, so imemo_alloc must be
considered writebarrier-unprotected.  But T_IMEMO is writebarrier-
protected by default, which caused a GC bug.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60427 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 gc.c    | 1 +
 parse.y | 3 +++
 2 files changed, 4 insertions(+)

diff --git a/gc.c b/gc.c
index 086b6ad96e..6e32997b8e 100644
--- a/gc.c
+++ b/gc.c
@@ -8118,6 +8118,7 @@ rb_alloc_tmp_buffer_with_count(volatile VALUE *store, size_t size, size_t cnt)
     void *ptr;
 
     s = rb_imemo_new(imemo_alloc, 0, 0, 0, 0);
+    rb_gc_writebarrier_unprotect(s);
     ptr = ruby_xmalloc0(size);
     a = (rb_imemo_alloc_t*)s;
     a->ptr = (VALUE*)ptr;
diff --git a/parse.y b/parse.y
index 60898e6422..7a5b680da0 100644
--- a/parse.y
+++ b/parse.y
@@ -11538,6 +11538,7 @@ rb_parser_malloc(struct parser_params *parser, size_t size)
     size_t cnt = HEAPCNT(1, size);
     rb_imemo_alloc_t *n = NEWHEAP();
     void *ptr = xmalloc(size);
+    rb_gc_writebarrier_unprotect((VALUE)n);
 
     return ADD2HEAP(n, cnt, ptr);
 }
@@ -11548,6 +11549,7 @@ rb_parser_calloc(struct parser_params *parser, size_t nelem, size_t size)
     size_t cnt = HEAPCNT(nelem, size);
     rb_imemo_alloc_t *n = NEWHEAP();
     void *ptr = xcalloc(nelem, size);
+    rb_gc_writebarrier_unprotect((VALUE)n);
 
     return ADD2HEAP(n, cnt, ptr);
 }
@@ -11569,6 +11571,7 @@ rb_parser_realloc(struct parser_params *parser, void *ptr, size_t size)
     }
     n = NEWHEAP();
     ptr = xrealloc(ptr, size);
+    rb_gc_writebarrier_unprotect((VALUE)n);
     return ADD2HEAP(n, cnt, ptr);
 }
 
-- 
cgit v1.2.3