diff options
author | Peter Zhu <peter@peterzhu.ca> | 2022-03-16 15:46:40 -0400 |
---|---|---|
committer | Peter Zhu <peter@peterzhu.ca> | 2022-03-18 09:19:11 -0400 |
commit | 97426e15d721119738a548ecfa7232b1d027cd34 (patch) | |
tree | 09ad04bbc4e35049534f53d3fdd08bb588e107a5 /class.c | |
parent | 634e0a97eb82ab259c7f7a35d0486baebe77df0f (diff) |
[Bug #18627] Fix crash when including module
During lazy sweeping, the iclass could be a dead object that has not yet
been swept. However, the chain of superclasses of the iclass could
already have been swept (and become a new object), which would cause a
crash when trying to read the object.
Notes
Notes:
Merged: https://github.com/ruby/ruby/pull/5671
Diffstat (limited to 'class.c')
-rw-r--r-- | class.c | 48 |
1 files changed, 30 insertions, 18 deletions
@@ -1117,17 +1117,24 @@ rb_include_module(VALUE klass, VALUE module) int do_include = 1; while (iclass) { VALUE check_class = iclass->klass; - while (check_class) { - if (RB_TYPE_P(check_class, T_ICLASS) && - (METACLASS_OF(check_class) == module)) { - do_include = 0; + /* During lazy sweeping, iclass->klass could be a dead object that + * has not yet been swept. */ + if (!rb_objspace_garbage_object_p(check_class)) { + while (check_class) { + RUBY_ASSERT(!rb_objspace_garbage_object_p(check_class)); + + if (RB_TYPE_P(check_class, T_ICLASS) && + (METACLASS_OF(check_class) == module)) { + do_include = 0; + } + check_class = RCLASS_SUPER(check_class); } - check_class = RCLASS_SUPER(check_class); - } - if (do_include) { - include_modules_at(iclass->klass, RCLASS_ORIGIN(iclass->klass), module, TRUE); + if (do_include) { + include_modules_at(iclass->klass, RCLASS_ORIGIN(iclass->klass), module, TRUE); + } } + iclass = iclass->next; } } @@ -1363,17 +1370,22 @@ rb_prepend_module(VALUE klass, VALUE module) struct rb_id_table *klass_m_tbl = RCLASS_M_TBL(klass); struct rb_id_table *klass_origin_m_tbl = RCLASS_M_TBL(klass_origin); while (iclass) { - if (klass_had_no_origin && klass_origin_m_tbl == RCLASS_M_TBL(iclass->klass)) { - // backfill an origin iclass to handle refinements and future prepends - rb_id_table_foreach(RCLASS_M_TBL(iclass->klass), clear_module_cache_i, (void *)iclass->klass); - RCLASS_M_TBL(iclass->klass) = klass_m_tbl; - VALUE origin = rb_include_class_new(klass_origin, RCLASS_SUPER(iclass->klass)); - RCLASS_SET_SUPER(iclass->klass, origin); - RCLASS_SET_INCLUDER(origin, RCLASS_INCLUDER(iclass->klass)); - RCLASS_SET_ORIGIN(iclass->klass, origin); - RICLASS_SET_ORIGIN_SHARED_MTBL(origin); + /* During lazy sweeping, iclass->klass could be a dead object that + * has not yet been swept. */ + if (!rb_objspace_garbage_object_p(iclass->klass)) { + if (klass_had_no_origin && klass_origin_m_tbl == RCLASS_M_TBL(iclass->klass)) { + // backfill an origin iclass to handle refinements and future prepends + rb_id_table_foreach(RCLASS_M_TBL(iclass->klass), clear_module_cache_i, (void *)iclass->klass); + RCLASS_M_TBL(iclass->klass) = klass_m_tbl; + VALUE origin = rb_include_class_new(klass_origin, RCLASS_SUPER(iclass->klass)); + RCLASS_SET_SUPER(iclass->klass, origin); + RCLASS_SET_INCLUDER(origin, RCLASS_INCLUDER(iclass->klass)); + RCLASS_SET_ORIGIN(iclass->klass, origin); + RICLASS_SET_ORIGIN_SHARED_MTBL(origin); + } + include_modules_at(iclass->klass, iclass->klass, module, FALSE); } - include_modules_at(iclass->klass, iclass->klass, module, FALSE); + iclass = iclass->next; } } |