| Age | Commit message (Collapse) | Author |
|---|
|
|
|
When an exception is raised, it can leak memory in `head`. There are two
places that can leak memory:
1. `Check_Type(tuple, T_ARRAY)` can leak memory if `tuple` is not an
array.
2. `StringValue(name)` and `StringValue(value)` if they are not strings
and the call to `to_str` does not return a string.
This commit fixes these memory leaks by wrapping the code around a
rb_ensure so that the memory is freed in all cases.
The following code demonstrates the memory leak:
emitter = Psych::Emitter.new(StringIO.new)
nil_to_string_tags = [[nil, "tag:TALOS"]] + ([1] * 1000)
expected_array_tags = [1] * 1000
10.times do
1_000.times do
# Raises `no implicit conversion of nil into String`
emitter.start_document([], nil_to_string_tags, 0)
rescue TypeError
end
1_000.times do
# Raises `wrong argument type Integer (expected Array)`
emitter.start_document([], expected_array_tags, 0)
rescue TypeError
end
puts `ps -o rss= -p #{$$}`
end
Before:
47248
79728
111968
144224
176480
208896
241104
273280
305472
337664
After:
14832
15088
15344
15344
15360
15632
15632
15632
15648
15648
https://github.com/ruby/psych/commit/053af73818
|
|
https://github.com/ruby/psych/commit/74a6b4d226
|
|
https://github.com/ruby/psych/commit/e7d64c9848
|
|
https://github.com/ruby/io-console/commit/651797ff8a
|
|
These files were to build libffi from the bundled source, but are no
longer used since we stopped bundling the libffi sources in commit
e4f5296f065110fa83eb450d3a861253e76e534f.
The gemspec file is unchanged because fiddle gem itself still supports
ruby 2.5.
Notes:
Merged: https://github.com/ruby/ruby/pull/11285
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/11284
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/11254
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/11254
|
|
[Feature #20646]Improve Socket.tcp
This is a proposed improvement to `Socket.tcp`, which has implemented Happy Eyeballs version 2 (RFC8305) in PR9374.
1. Background
I implemented Happy Eyeballs version 2 (HEv2) for Socket.tcp in PR9374, but several issues have been identified:
- `IO.select` waits for name resolution or connection establishment in v46w, but it does not consider the case where both events occur simultaneously when it returns a value.
- In this case, Socket.tcp can only capture one event and needs to execute an unnecessary loop to capture the other one, calling `IO.select` one extra time.
- `IO.select` waits for both IPv6/IPv4 name resolution (in start), but when it returns a value, it doesn't consider the case where name resolution for both address families is complete.
- In this case, `Socket.tcp` can only obtain the addresses of one address family and needs to execute an unnecessary loop obtain the other addresses, calling `IO.select` one extra time.
- The consideration for `connect_timeout` was insufficient. After initiating one or more connections, it raises a 'user specified timeout' after the `connect_timeout` period even if there were addresses that have been resolved and have not yet tried to connect.
- It does not retry with another address in case of a connection failure.
- It executes unnecessary state transitions even when an IP address is passed as the `host` argument.
- The regex for IP addresses did not correctly specify the start and end.
2. Proposal & Outcome
To overcome the aforementioned issues, this PR introduces the following changes:
- Previously, each loop iteration represented a single state transition. This has been changed to execute all processes that meet the execution conditions within a single loop iteration.
- This prevents unnecessary repeated loops and calling `IO.select`
- Introduced logic to determine the timeout value set for `IO.select`. During the Resolution Delay and Connection Attempt Delay, the user-specified timeout is ignored. Otherwise, the timeout value is set to the larger of `resolv_timeout` and `connect_timeout`.
- This ensures that the `connect_timeout` is only detected after attempting to connect to all resolved addresses.
- Retry with another address in case of a connection failure.
- This prevents unnecessary repeated loops upon connection failure.
- Call `tcp_without_fast_fallback` when an IP address is passed as the host argument.
- This prevents unnecessary state transitions when an IP address is passed.
- Fixed regex for IP addresses.
Additionally, the code has been reduced by over 100 lines, and redundancy has been minimized, which is expected to improve readability.
3. Performance
No significant performance changes were observed in the happy case before and after the improvement.
However, improvements in state transition deficiencies are expected to enhance performance in edge cases.
```ruby
require 'socket'
require 'benchmark'
Benchmark.bmbm do |x|
x.report('fast_fallback: true') do
30.times { Socket.tcp("www.ruby-lang.org", 80) }
end
x.report('fast_fallback: false') do # Ruby3.3時点と同じ
30.times { Socket.tcp("www.ruby-lang.org", 80, fast_fallback: false) }
end
end
```
Before:
```
~/s/build ❯❯❯ ../install/bin/ruby ../ruby/test.rb
user system total real
fast_fallback: true 0.021315 0.040723 0.062038 ( 0.504866)
fast_fallback: false 0.007553 0.026248 0.033801 ( 0.533211)
```
After:
```
~/s/build ❯❯❯ ../install/bin/ruby ../ruby/test.rb
user system total real
fast_fallback: true 0.023081 0.040525 0.063606 ( 0.406219)
fast_fallback: false 0.007302 0.025515 0.032817 ( 0.418680)
```
|
|
(https://github.com/ruby/openssl/pull/770)
Instead of an ivar, so other ossl functions that take a store will use the correct time when verifying
https://github.com/ruby/openssl/commit/21aadc66ae
|
|
The function is not used anywhere outside of ossl_asn1.c.
https://github.com/ruby/openssl/commit/5392b79941
|
|
OpenSSL::ASN1 is being rewritten in Ruby. To make it easier, let's
remove dependency to the instance variables and the internal-use
function ossl_asn1_get_asn1type() outside OpenSSL::ASN1.
This also fixes the insufficient validation of the passed value with
its tagging.
https://github.com/ruby/openssl/commit/35a157462e
|
|
Fallback to the last token element in that case, for the backward
compatibilities.
Notes:
Merged: https://github.com/ruby/ruby/pull/11235
|
|
Ref: https://bugs.ruby-lang.org/issues/20641
Even without the reference bug, `require 'date'` isn't cheap.
```ruby
require "benchmark/ips"
require "yaml"
require "date"
100.times do |i|
$LOAD_PATH.unshift("/tmp/does/not/exist/#{i}")
end
payload = 100.times.map { Date.today }.to_yaml
Benchmark.ips do |x|
x.report("100 dates") { YAML.unsafe_load(payload) }
end
```
Before:
```
$ ruby /tmp/bench-yaml.rb
ruby 3.2.2 (2023-03-30 revision e51014f9c0) [arm64-darwin22]
Warming up --------------------------------------
100 dates 416.000 i/100ms
Calculating -------------------------------------
100 dates 4.309k (± 1.2%) i/s - 21.632k in 5.021003s
```
After:
```
$ ruby -Ilib /tmp/bench-yaml.rb
ruby 3.2.2 (2023-03-30 revision e51014f9c0) [arm64-darwin22]
Warming up --------------------------------------
100 dates 601.000 i/100ms
Calculating -------------------------------------
100 dates 5.993k (± 1.8%) i/s - 30.050k in 5.016079s
```
|
|
* ext/win32ole/win32ole.c (ole_variant2val): reduce repeated code
between byref and byval.
https://github.com/ruby/win32ole/commit/e753c6abdd
|
|
This confused me for a few minutes -- the testcase for
https://bugs.ruby-lang.org/issues/14834 was mistyped in the file name,
as well as once in the source.
E.g. in some cases it was
`one-four-three-eight-four` instead of
`one-four-eight-three-four`.
|
|
This commit splits gc.c into two files:
- gc.c now only contains code not specific to Ruby GC. This includes
code to mark objects (which the GC implementation may choose not to
use) and wrappers for internal APIs that the implementation may need
to use (e.g. locking the VM).
- gc_impl.c now contains the implementation of Ruby's GC. This includes
marking, sweeping, compaction, and statistics. Most importantly,
gc_impl.c only uses public APIs in Ruby and a limited set of functions
exposed in gc.c. This allows us to build gc_impl.c independently of
Ruby and plug Ruby's GC into itself.
|
|
Companion to getbyte but raise EOFError
Similar to https://github.com/ruby/openssl/pull/438
https://github.com/ruby/openssl/commit/c40f70711a
|
|
While working on a separate issue we found that in some cases
`ary_heap_realloc` was being called on frozen arrays. To fix this, this
change does the following:
1) Updates `rb_ary_freeze` to assert the type is an array, return if
already frozen, and shrink the capacity if it is not embedded, shared
or a shared root.
2) Replaces `rb_obj_freeze` with `rb_ary_freeze` when the object is
always an array.
3) In `ary_heap_realloc`, ensure the new capa is set with
`ARY_SET_CAPA`. Previously the change in capa was not set.
4) Adds an assertion to `ary_heap_realloc` that the array is not frozen.
Some of this work was originally done in
https://github.com/ruby/ruby/pull/2640, referencing this issue
https://bugs.ruby-lang.org/issues/16291. There didn't appear to be any
objections to this PR, it appears to have simply lost traction.
The original PR made changes to arrays and strings at the same time,
this PR only does arrays. Also it was old enough that rather than revive
that branch I've made a new one. I added Lourens as co-author in addtion
to Aaron who helped me with this patch.
The original PR made this change for performance reasons, and while
that's still true for this PR, the goal of this PR is to avoid
calling `ary_heap_realloc` on frozen arrays. The capacity should be
shrunk _before_ the array is frozen, not after.
Co-authored-by: Aaron Patterson <tenderlove@ruby-lang.org>
Co-Authored-By: methodmissing <lourens@methodmissing.com>
|
|
to have as much of the lib in ruby as possible
https://github.com/ruby/openssl/commit/8305051728
|
|
https://github.com/ruby/date/commit/ef5a0dac5b
|
|
https://github.com/ruby/io-console/commit/4b2e876dd7
|
|
https://github.com/ruby/io-console/commit/f8ec8a0617
|
|
https://github.com/ruby/io-console/commit/3798aae42d
|
|
https://github.com/ruby/date/commit/cfbd6a6b13
|
|
https://github.com/ruby/date/commit/5974ac9c7e
|
|
https://github.com/ruby/date/commit/5d67437b1f
|
|
|
|
On alpine freeaddrinfo does not accept NULL pointer
|
|
When the registerred unblock function is called, it should retry
the cancelled blocking function if possible after checkints.
For example, `SIGCHLD` can cancel this method, but it should not
raise any exception if there is no trap handlers.
The following is repro-code:
```ruby
require 'socket'
PN = 10_000
1000000.times{
p _1
PN.times{
fork{
sleep rand(0.3)
}
}
i = 0
while i<PN
cpid = Process.wait -1, Process::WNOHANG
if cpid
# p [i, cpid]
i += 1
end
begin
TCPServer.new(nil, 0).close
rescue
p $!
exit!
end
end
}
```
|
|
(https://github.com/ruby/fiddle/pull/140)
Some of these commands just don't work (for example `sws` is not a Vim
setting). I think we should just remove these.
https://github.com/ruby/fiddle/commit/c3dbf7ba9a
|
|
https://github.com/ruby/date/commit/8e5efd4f59
|
|
|
|
WASI does not support concept to provide termios, so it is not possible
to build io/console extension on WASI at the moment.
However, `io/console` is used by many gems, and removing the dependency
from them *conditionally* is impossible. So, this commit adds a
check to skip building `io/console` extension on WASI just to pass `gem
install` for the platform.
https://github.com/ruby/io-console/commit/ba9bf00184
|
|
|
|
https://github.com/ruby/stringio/commit/9ad5551160
|
|
(https://github.com/ruby/openssl/pull/761)
In order to sign certificates with Ed25519 keys, NULL must be passed
as md to X509_sign. This NULL is then passed
(via ASN1_item_sign_ex) as type to EVP_DigestSignInit. The
documentation[1] of EVP_DigestSignInit states that type must be NULL
for various key types, including Ed25519.
[1]: https://www.openssl.org/docs/manmaster/man3/EVP_DigestSignInit.html
https://github.com/ruby/openssl/commit/b0fc100091
|
|
`RUBY_FUNC_EXPORTED` is working on Windows since 906a86e4de71061dca05.
And as .def files are not processed by the preprocessor, it is less
flexible than `RUBY_FUNC_EXPORTED`, (e.g., select symbols by
conditions such as ruby version).
|
|
|
|
|
|
Update the references to the file "LICENCE" with "COPYING".
The file LICENCE doesn't exist in ruby/ruby nor ruby/openssl. This has
been always the case since OpenSSL for Ruby 2 was merged to the ruby
tree as a standard library in 2003.
In OpenSSL for Ruby 2's CVS repository[1], the LICENCE file contained
an old version of the Ruby License, identical to the COPYING file that
was in Ruby's tree at that time (r4128[2]).
[1] http://cvs.savannah.gnu.org/viewvc/rubypki/ossl2/LICENCE?revision=1.1.1.1&view=markup
[2] https://github.com/ruby/ruby/blob/231247c010acba191b78ed2d1310c935e63ad919/COPYING
https://github.com/ruby/openssl/commit/5bccf07d04
|
|
This is for consistency with ruby/ruby.
https://github.com/ruby/openssl/commit/00ad542791
|
|
ruby/openssl is licensed under the terms of either the Ruby License or
the 2-Clause BSD License.
The git repository and built .gem files always contained the license
text for both license, but the metadata in the gemspec only specified
the Ruby License. Let's include both.
https://github.com/ruby/openssl/commit/c71714d738
|
|
Ref https://github.com/ruby/openssl/issues/519
This makes verifying embedded certificate transparency signatures
significantly easier, as otherwise the alternative was manipulating the
ASN1 sequence, as in
https://github.com/segiddins/sigstore-cosign-verify/pull/2/commits/656d992fa816613fd9936f53ce30972c2f2f4957
https://github.com/ruby/openssl/commit/99128bea5d
|
|
|
|
https://github.com/ruby/digest/commit/c5c1debd43
|
|
https://github.com/ruby/digest/commit/9a22f921c9
|
|
|
|
maciter
This test was accidentally passing the value 2048 into the keytype
parameter of PKCS12_create, not the mac_iter parameter (because it had
one too many `nil`s in the call). This value is invalid, and will make
OpenSSL perform an out-of-bounds read which is caught when compiling
with ASAN.
This commit fixes the tests, and also adds some validation to
PKCS12.create to make sure any keytype passed is actually valid. Since
there only two valid keytype constants, and the whole feature is an
export-grade crypto era thing only ever supported by old MSIE, it seems
far more likely that code in the whild is using keytype similarly by
mistake rather than as intended. So this validation might catch that.
https://github.com/ruby/openssl/commit/47028686d2
|
