merge revision(s) 7bd7aee02e303de27d2cddfc5ef47e612d6782cb: [Backport #18464]

Fix interpreter crash caused by RUBY_INTERNAL_EVENT_NEWOBJ + Ractors When a Ractor is created whilst a tracepoint for RUBY_INTERNAL_EVENT_NEWOBJ is active, the interpreter crashes. This is because during the early setup of the Ractor, the stdio objects are created, which allocates Ruby objects, which fires the tracepoint. However, the tracepoint machinery tries to dereference the control frame (ec->cfp->pc), which isn't set up yet and so crashes with a null pointer dereference. Fix this by not firing GC tracepoints if cfp isn't yet set up. --- gc.c | 1 + test/objspace/test_ractor.rb | 17 +++++++++++++++++ 2 files changed, 18 insertions(+) create mode 100644 test/objspace/test_ractor.rb
author: nagachika <nagachika@ruby-lang.org> 2023-03-25 14:35:55 +0900
committer: nagachika <nagachika@ruby-lang.org> 2023-03-25 14:35:55 +0900
commit: bdbe6053853c11ffe9b8737eb4da50ed84c9dbd6 (patch)
tree: df5da186195dd52a6806466da267e6f09fa4f8ad
parent: 5c5a1135b2e688eca7dbc7ce085f37a4d9fa3fd1 (diff)
download: ruby-bdbe6053853c11ffe9b8737eb4da50ed84c9dbd6.tar.gz
3 files changed, 19 insertions, 1 deletions
diff --git a/gc.c b/gc.c
index a9d7352f2f..9471a95354 100644
--- a/gc.c
+++ b/gc.c
@@ -2218,6 +2218,7 @@ rb_objspace_set_event_hook(const rb_event_flag_t event)
 static void
 gc_event_hook_body(rb_execution_context_t *ec, rb_objspace_t *objspace, const rb_event_flag_t event, VALUE data)
 {
+    if (UNLIKELY(!ec->cfp)) return;
     const VALUE *pc = ec->cfp->pc;
     if (pc && VM_FRAME_RUBYFRAME_P(ec->cfp)) {
         /* increment PC because source line is calculated with PC-1 */
diff --git a/test/objspace/test_ractor.rb b/test/objspace/test_ractor.rb
new file mode 100644
index 0000000000..b7008ea731
--- /dev/null
+++ b/test/objspace/test_ractor.rb
@@ -0,0 +1,17 @@
+require "test/unit"
+
+class TestObjSpaceRactor < Test::Unit::TestCase
+    def test_tracing_does_not_crash
+        assert_ractor(<<~RUBY, require: 'objspace')
+            ObjectSpace.trace_object_allocations do
+                r = Ractor.new do
+                    obj = 'a' * 1024
+                    Ractor.yield obj
+                end
+
+                r.take
+                r.take
+            end
+        RUBY
+    end
+end
diff --git a/version.h b/version.h
index e02aee7560..9bcaa82d62 100644
--- a/version.h
+++ b/version.h
@@ -11,7 +11,7 @@
 # define RUBY_VERSION_MINOR RUBY_API_VERSION_MINOR
 #define RUBY_VERSION_TEENY 4
 #define RUBY_RELEASE_DATE RUBY_RELEASE_YEAR_STR"-"RUBY_RELEASE_MONTH_STR"-"RUBY_RELEASE_DAY_STR
-#define RUBY_PATCHLEVEL 216
+#define RUBY_PATCHLEVEL 217
 
 #define RUBY_RELEASE_YEAR 2023
 #define RUBY_RELEASE_MONTH 3
author	nagachika <nagachika@ruby-lang.org>	2023-03-25 14:35:55 +0900
committer	nagachika <nagachika@ruby-lang.org>	2023-03-25 14:35:55 +0900
commit	bdbe6053853c11ffe9b8737eb4da50ed84c9dbd6 (patch)
tree	df5da186195dd52a6806466da267e6f09fa4f8ad
parent	5c5a1135b2e688eca7dbc7ce085f37a4d9fa3fd1 (diff)
download	ruby-bdbe6053853c11ffe9b8737eb4da50ed84c9dbd6.tar.gz