* [ruby-core:113153] [Ruby master Bug#19584] Crash in rb_gc_register_address
@ 2023-04-06 14:30 peterzhu2118 (Peter Zhu) via ruby-core
2023-04-07 2:00 ` [ruby-core:113155] " nobu (Nobuyoshi Nakada) via ruby-core
` (5 more replies)
0 siblings, 6 replies; 7+ messages in thread
From: peterzhu2118 (Peter Zhu) via ruby-core @ 2023-04-06 14:30 UTC (permalink / raw)
To: ruby-core; +Cc: peterzhu2118 (Peter Zhu)
Issue #19584 has been reported by peterzhu2118 (Peter Zhu).
----------------------------------------
Bug #19584: Crash in rb_gc_register_address
https://bugs.ruby-lang.org/issues/19584
* Author: peterzhu2118 (Peter Zhu)
* Status: Open
* Priority: Normal
* Backport: 3.0: REQUIRED, 3.1: REQUIRED, 3.2: REQUIRED
----------------------------------------
GitHub PR: https://github.com/ruby/ruby/pull/7670
Some C extensions pass a pointer to a global variable to rb_gc_register_address. However, if a GC is triggered inside of rb_gc_register_address, then the object could get swept since it does not exist on the stack.
--
https://bugs.ruby-lang.org/
______________________________________________
ruby-core mailing list -- ruby-core@ml.ruby-lang.org
To unsubscribe send an email to ruby-core-leave@ml.ruby-lang.org
ruby-core info -- https://ml.ruby-lang.org/mailman3/postorius/lists/ruby-core.ml.ruby-lang.org/
^ permalink raw reply [flat|nested] 7+ messages in thread
* [ruby-core:113155] [Ruby master Bug#19584] Crash in rb_gc_register_address
2023-04-06 14:30 [ruby-core:113153] [Ruby master Bug#19584] Crash in rb_gc_register_address peterzhu2118 (Peter Zhu) via ruby-core
@ 2023-04-07 2:00 ` nobu (Nobuyoshi Nakada) via ruby-core
2023-04-07 2:12 ` [ruby-core:113156] " peterzhu2118 (Peter Zhu) via ruby-core
` (4 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: nobu (Nobuyoshi Nakada) via ruby-core @ 2023-04-07 2:00 UTC (permalink / raw)
To: ruby-core; +Cc: nobu (Nobuyoshi Nakada)
Issue #19584 has been updated by nobu (Nobuyoshi Nakada).
Status changed from Closed to Open
It sounds a bug of such extension library.
`rb_gc_register_address` must be called **before** assigning any GC-able object to that variable.
----------------------------------------
Bug #19584: Crash in rb_gc_register_address
https://bugs.ruby-lang.org/issues/19584#change-102691
* Author: peterzhu2118 (Peter Zhu)
* Status: Open
* Priority: Normal
* Backport: 3.0: REQUIRED, 3.1: REQUIRED, 3.2: REQUIRED
----------------------------------------
GitHub PR: https://github.com/ruby/ruby/pull/7670
Some C extensions pass a pointer to a global variable to rb_gc_register_address. However, if a GC is triggered inside of rb_gc_register_address, then the object could get swept since it does not exist on the stack.
--
https://bugs.ruby-lang.org/
______________________________________________
ruby-core mailing list -- ruby-core@ml.ruby-lang.org
To unsubscribe send an email to ruby-core-leave@ml.ruby-lang.org
ruby-core info -- https://ml.ruby-lang.org/mailman3/postorius/lists/ruby-core.ml.ruby-lang.org/
^ permalink raw reply [flat|nested] 7+ messages in thread
* [ruby-core:113156] [Ruby master Bug#19584] Crash in rb_gc_register_address
2023-04-06 14:30 [ruby-core:113153] [Ruby master Bug#19584] Crash in rb_gc_register_address peterzhu2118 (Peter Zhu) via ruby-core
2023-04-07 2:00 ` [ruby-core:113155] " nobu (Nobuyoshi Nakada) via ruby-core
@ 2023-04-07 2:12 ` peterzhu2118 (Peter Zhu) via ruby-core
2023-04-07 2:22 ` [ruby-core:113157] " nobu (Nobuyoshi Nakada) via ruby-core
` (3 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: peterzhu2118 (Peter Zhu) via ruby-core @ 2023-04-07 2:12 UTC (permalink / raw)
To: ruby-core; +Cc: peterzhu2118 (Peter Zhu)
Issue #19584 has been updated by peterzhu2118 (Peter Zhu).
Well, unfortunately it looks like that requirement is not being followed by gems and even in parts of the Ruby codebase.
Ruby:
- https://github.com/ruby/ruby/blob/fb822076d79339427648cb9eacf76528f827427e/string.c#L12064
- https://github.com/ruby/ruby/blob/fb822076d79339427648cb9eacf76528f827427e/ruby.c#L645
Gems:
- https://github.com/google/mysql-protobuf/blob/467cda676afaa49e762c5c9164a43f6ad31a1fbf/protobuf/ruby/ext/google/protobuf_c/defs.c#L130
- https://github.com/ged/ruby-pg/blob/a99322a7111064aec6e430abb8787fa10fce37dd/ext/pg_type_map_all_strings.c#L129
- https://github.com/rgeo/rgeo/blob/3358e982d277965cfa039fa06a73dd5e2ddcdbdc/ext/geos_c_impl/factory.c#L629
----------------------------------------
Bug #19584: Crash in rb_gc_register_address
https://bugs.ruby-lang.org/issues/19584#change-102693
* Author: peterzhu2118 (Peter Zhu)
* Status: Open
* Priority: Normal
* Backport: 3.0: UNKNOWN, 3.1: UNKNOWN, 3.2: UNKNOWN
----------------------------------------
GitHub PR: https://github.com/ruby/ruby/pull/7670
Some C extensions pass a pointer to a global variable to rb_gc_register_address. However, if a GC is triggered inside of rb_gc_register_address, then the object could get swept since it does not exist on the stack.
--
https://bugs.ruby-lang.org/
______________________________________________
ruby-core mailing list -- ruby-core@ml.ruby-lang.org
To unsubscribe send an email to ruby-core-leave@ml.ruby-lang.org
ruby-core info -- https://ml.ruby-lang.org/mailman3/postorius/lists/ruby-core.ml.ruby-lang.org/
^ permalink raw reply [flat|nested] 7+ messages in thread
* [ruby-core:113157] [Ruby master Bug#19584] Crash in rb_gc_register_address
2023-04-06 14:30 [ruby-core:113153] [Ruby master Bug#19584] Crash in rb_gc_register_address peterzhu2118 (Peter Zhu) via ruby-core
2023-04-07 2:00 ` [ruby-core:113155] " nobu (Nobuyoshi Nakada) via ruby-core
2023-04-07 2:12 ` [ruby-core:113156] " peterzhu2118 (Peter Zhu) via ruby-core
@ 2023-04-07 2:22 ` nobu (Nobuyoshi Nakada) via ruby-core
2023-04-09 12:13 ` [ruby-core:113167] " Eregon (Benoit Daloze) via ruby-core
` (2 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: nobu (Nobuyoshi Nakada) via ruby-core @ 2023-04-07 2:22 UTC (permalink / raw)
To: ruby-core; +Cc: nobu (Nobuyoshi Nakada)
Issue #19584 has been updated by nobu (Nobuyoshi Nakada).
Thanks.
Since `Qnil` is never GC-ed, `rb_fs` and rgeo cases are OK.
Other 3 cases are, even it would be very rare, can cause a crash.
----------------------------------------
Bug #19584: Crash in rb_gc_register_address
https://bugs.ruby-lang.org/issues/19584#change-102694
* Author: peterzhu2118 (Peter Zhu)
* Status: Open
* Priority: Normal
* Backport: 3.0: UNKNOWN, 3.1: UNKNOWN, 3.2: UNKNOWN
----------------------------------------
GitHub PR: https://github.com/ruby/ruby/pull/7670
Some C extensions pass a pointer to a global variable to rb_gc_register_address. However, if a GC is triggered inside of rb_gc_register_address, then the object could get swept since it does not exist on the stack.
--
https://bugs.ruby-lang.org/
______________________________________________
ruby-core mailing list -- ruby-core@ml.ruby-lang.org
To unsubscribe send an email to ruby-core-leave@ml.ruby-lang.org
ruby-core info -- https://ml.ruby-lang.org/mailman3/postorius/lists/ruby-core.ml.ruby-lang.org/
^ permalink raw reply [flat|nested] 7+ messages in thread
* [ruby-core:113167] [Ruby master Bug#19584] Crash in rb_gc_register_address
2023-04-06 14:30 [ruby-core:113153] [Ruby master Bug#19584] Crash in rb_gc_register_address peterzhu2118 (Peter Zhu) via ruby-core
` (2 preceding siblings ...)
2023-04-07 2:22 ` [ruby-core:113157] " nobu (Nobuyoshi Nakada) via ruby-core
@ 2023-04-09 12:13 ` Eregon (Benoit Daloze) via ruby-core
2023-04-09 12:41 ` [ruby-core:113169] " peterzhu2118 (Peter Zhu) via ruby-core
2025-03-13 5:27 ` [ruby-core:121318] " hsbt (Hiroshi SHIBATA) via ruby-core
5 siblings, 0 replies; 7+ messages in thread
From: Eregon (Benoit Daloze) via ruby-core @ 2023-04-09 12:13 UTC (permalink / raw)
To: ruby-core; +Cc: Eregon (Benoit Daloze)
Issue #19584 has been updated by Eregon (Benoit Daloze).
FYI this function is quite difficult to implement on TruffleRuby/other Rubies with the semantics of being called before the assignment.
If it's done during `Init_myextension`, we can simulate it, but if it's not we have to read the value immediately for TruffleRuby: https://github.com/oracle/truffleruby/issues/2721
There is no way to hook into the GC to make it read such variables during GC (on JVM at least).
This requirement seems documented but one need to read it very carefully to notice it:
https://github.com/ruby/ruby/blob/671cfc20000db024f2aeaf602b1a77895c819abc/include/ruby/internal/gc.h#L401-L412
----------------------------------------
Bug #19584: Crash in rb_gc_register_address
https://bugs.ruby-lang.org/issues/19584#change-102703
* Author: peterzhu2118 (Peter Zhu)
* Status: Closed
* Priority: Normal
* Backport: 3.0: REQUIRED, 3.1: REQUIRED, 3.2: REQUIRED
----------------------------------------
GitHub PR: https://github.com/ruby/ruby/pull/7670
Some C extensions pass a pointer to a global variable to rb_gc_register_address. However, if a GC is triggered inside of rb_gc_register_address, then the object could get swept since it does not exist on the stack.
--
https://bugs.ruby-lang.org/
______________________________________________
ruby-core mailing list -- ruby-core@ml.ruby-lang.org
To unsubscribe send an email to ruby-core-leave@ml.ruby-lang.org
ruby-core info -- https://ml.ruby-lang.org/mailman3/postorius/lists/ruby-core.ml.ruby-lang.org/
^ permalink raw reply [flat|nested] 7+ messages in thread
* [ruby-core:113169] [Ruby master Bug#19584] Crash in rb_gc_register_address
2023-04-06 14:30 [ruby-core:113153] [Ruby master Bug#19584] Crash in rb_gc_register_address peterzhu2118 (Peter Zhu) via ruby-core
` (3 preceding siblings ...)
2023-04-09 12:13 ` [ruby-core:113167] " Eregon (Benoit Daloze) via ruby-core
@ 2023-04-09 12:41 ` peterzhu2118 (Peter Zhu) via ruby-core
2025-03-13 5:27 ` [ruby-core:121318] " hsbt (Hiroshi SHIBATA) via ruby-core
5 siblings, 0 replies; 7+ messages in thread
From: peterzhu2118 (Peter Zhu) via ruby-core @ 2023-04-09 12:41 UTC (permalink / raw)
To: ruby-core; +Cc: peterzhu2118 (Peter Zhu)
Issue #19584 has been updated by peterzhu2118 (Peter Zhu).
> This requirement seems documented but one need to read it very carefully to notice it
The documentation was changed a few days ago in [4adcfc8cd7a17593a6590025da2b03eebf4fd63c](https://github.com/ruby/ruby/commit/4adcfc8cd7a17593a6590025da2b03eebf4fd63c). The old documentation did not mention this requirement at all.
> Inform the garbage collector that `valptr` points to a live Ruby object that
> should not be moved. Note that extensions should use this API on global
> constants instead of assuming constants defined in Ruby are always alive.
> Ruby code can remove global constants.
----------------------------------------
Bug #19584: Crash in rb_gc_register_address
https://bugs.ruby-lang.org/issues/19584#change-102705
* Author: peterzhu2118 (Peter Zhu)
* Status: Closed
* Priority: Normal
* Backport: 3.0: REQUIRED, 3.1: REQUIRED, 3.2: REQUIRED
----------------------------------------
GitHub PR: https://github.com/ruby/ruby/pull/7670
Some C extensions pass a pointer to a global variable to rb_gc_register_address. However, if a GC is triggered inside of rb_gc_register_address, then the object could get swept since it does not exist on the stack.
--
https://bugs.ruby-lang.org/
______________________________________________
ruby-core mailing list -- ruby-core@ml.ruby-lang.org
To unsubscribe send an email to ruby-core-leave@ml.ruby-lang.org
ruby-core info -- https://ml.ruby-lang.org/mailman3/postorius/lists/ruby-core.ml.ruby-lang.org/
^ permalink raw reply [flat|nested] 7+ messages in thread
* [ruby-core:121318] [Ruby master Bug#19584] Crash in rb_gc_register_address
2023-04-06 14:30 [ruby-core:113153] [Ruby master Bug#19584] Crash in rb_gc_register_address peterzhu2118 (Peter Zhu) via ruby-core
` (4 preceding siblings ...)
2023-04-09 12:41 ` [ruby-core:113169] " peterzhu2118 (Peter Zhu) via ruby-core
@ 2025-03-13 5:27 ` hsbt (Hiroshi SHIBATA) via ruby-core
5 siblings, 0 replies; 7+ messages in thread
From: hsbt (Hiroshi SHIBATA) via ruby-core @ 2025-03-13 5:27 UTC (permalink / raw)
To: ruby-core; +Cc: hsbt (Hiroshi SHIBATA)
Issue #19584 has been updated by hsbt (Hiroshi SHIBATA).
Backport changed from 3.0: REQUIRED, 3.1: REQUIRED, 3.2: REQUIRED to 3.0: REQUIRED, 3.1: REQUIRED, 3.2: DONE
ruby_3_2 commit:8c3ebe6a00b1176c37bc7894a4373774255f6290 merged revision(s) commit:bccec7fb468ad977be75e7e4c2644b4ea845ab0c, commit:5f8ebcada099351acbc22db264e7cd3773c2bdc4, commit:e13575bb7938e9e5b6a79bfca1b3793123f479da, commit:4adcfc8cd7a17593a6590025da2b03eebf4fd63c.
----------------------------------------
Bug #19584: Crash in rb_gc_register_address
https://bugs.ruby-lang.org/issues/19584#change-112283
* Author: peterzhu2118 (Peter Zhu)
* Status: Closed
* Backport: 3.0: REQUIRED, 3.1: REQUIRED, 3.2: DONE
----------------------------------------
GitHub PR: https://github.com/ruby/ruby/pull/7670
Some C extensions pass a pointer to a global variable to rb_gc_register_address. However, if a GC is triggered inside of rb_gc_register_address, then the object could get swept since it does not exist on the stack.
--
https://bugs.ruby-lang.org/
______________________________________________
ruby-core mailing list -- ruby-core@ml.ruby-lang.org
To unsubscribe send an email to ruby-core-leave@ml.ruby-lang.org
ruby-core info -- https://ml.ruby-lang.org/mailman3/lists/ruby-core.ml.ruby-lang.org/
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2025-03-13 5:29 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-04-06 14:30 [ruby-core:113153] [Ruby master Bug#19584] Crash in rb_gc_register_address peterzhu2118 (Peter Zhu) via ruby-core
2023-04-07 2:00 ` [ruby-core:113155] " nobu (Nobuyoshi Nakada) via ruby-core
2023-04-07 2:12 ` [ruby-core:113156] " peterzhu2118 (Peter Zhu) via ruby-core
2023-04-07 2:22 ` [ruby-core:113157] " nobu (Nobuyoshi Nakada) via ruby-core
2023-04-09 12:13 ` [ruby-core:113167] " Eregon (Benoit Daloze) via ruby-core
2023-04-09 12:41 ` [ruby-core:113169] " peterzhu2118 (Peter Zhu) via ruby-core
2025-03-13 5:27 ` [ruby-core:121318] " hsbt (Hiroshi SHIBATA) via ruby-core
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).