From 5984aa84dbd52de2eb74be52231a380bf6972292 Mon Sep 17 00:00:00 2001
From: k0kubun <k0kubun@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Tue, 23 Oct 2018 00:09:10 +0000
Subject: mjit.c: prevent from accessing expired job

Given that `copy_cache_from_main_thread()` breaks the loop when `stop_worker_p`
is TRUE, memory of `job` allocated by `alloca` may be invalid if `stop_worker_p`
is already TRUE.

mjit_worker.c: explain why `copy_cache_from_main_thread()` should not
stop checking `stop_worker_p`.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65312 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 mjit.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'mjit.c')

diff --git a/mjit.c b/mjit.c
index 215057ae30..888f0461aa 100644
--- a/mjit.c
+++ b/mjit.c
@@ -24,7 +24,15 @@
 static void
 mjit_copy_job_handler(void *data)
 {
-    struct mjit_copy_job *job = (struct mjit_copy_job *)data;
+    struct mjit_copy_job *job;
+    if (stop_worker_p) {
+        /* `copy_cache_from_main_thread()` stops to wait for this job. Then job
+           data which is allocated by `alloca()` could be expired and we might
+           not be able to access that. */
+        return;
+    }
+
+    job = (struct mjit_copy_job *)data;
     if (job->cc_entries) {
         memcpy(job->cc_entries, job->body->cc_entries, sizeof(struct rb_call_cache) * (job->body->ci_size + job->body->ci_kw_size));
     }
-- 
cgit v1.2.3