Nobuyoshi Nakada <nobu / ruby-lang.org> wrote:
> On 2017/02/13 19:05, Nobuyoshi Nakada wrote:
> >> But in marshal.c, I think we can use klass==0 to hide the object
> >> and use rb_gc_force_recycle, instead.  AFAIK,
> >> rb_gc_force_recycle is safe if the object has klass==0 for its
> >> entire lifetime.
> >>
> >> How about the following?
> > 
> > Seems nice.
> 
> Sorry, I missed that `arg` may be dereferenced in `check_dump_arg()`
> in the case continuation is used.  Hiding wrapper objects is fine, but
> freeing `arg` and recycling `wrapper` causes a dangling pointer and
> can segfault on some environments, compilers and options, with the
> following pacth.

Ah, thanks.  I forgot this :x  I saw you already made r57634.
Since callcc is obsolete, is the following patch OK; or can Fiber
have the same problem?

(Admittedly, I never fully understood callcc :x)

diff --git a/cont.c b/cont.c
index 50fa45e96e..363e05fb91 100644
--- a/cont.c
+++ b/cont.c
@@ -149,7 +149,7 @@ struct rb_fiber_struct {
 };
 
 static const rb_data_type_t cont_data_type, fiber_data_type;
-static VALUE rb_cContinuation;
+VALUE rb_cContinuation;
 static VALUE rb_cFiber;
 static VALUE rb_eFiberError;
 
diff --git a/marshal.c b/marshal.c
index 2a10b98100..57acf8c30c 100644
--- a/marshal.c
+++ b/marshal.c
@@ -20,6 +20,8 @@
 #include "encindex.h"
 #include "id_table.h"
 
+extern VALUE rb_cContinuation;
+
 #include <math.h>
 #ifdef HAVE_FLOAT_H
 #include <float.h>
@@ -1053,8 +1055,14 @@ rb_marshal_dump_limited(VALUE obj, VALUE port, int limit)
 	rb_io_write(arg->dest, arg->str);
 	rb_str_resize(arg->str, 0);
     }
-    clear_dump_arg(arg);
-    RB_GC_GUARD(wrapper);
+    if (rb_cContinuation) {
+	clear_dump_arg(arg);
+	RB_GC_GUARD(wrapper);
+    }
+    else {
+	free_dump_arg(arg);
+	rb_gc_force_recycle(wrapper);
+    }
 
     return port;
 }
@@ -2084,8 +2092,14 @@ rb_marshal_load_with_proc(VALUE port, VALUE proc)
 
     if (!NIL_P(proc)) arg->proc = proc;
     v = r_object(arg);
-    free_load_arg(arg);
-    rb_gc_force_recycle(wrapper);
+    if (rb_cContinuation) {
+	clear_load_arg(arg);
+	RB_GC_GUARD(wrapper);
+    }
+    else {
+	free_load_arg(arg);
+	rb_gc_force_recycle(wrapper);
+    }
 
     return v;
 }

Unsubscribe: <mailto:ruby-core-request / ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>