[ruby-core:119091] [Ruby master Bug#20718] Objects created with Data_Make_Struct and the default free function are not freed

[ruby-core:119091] [Ruby master Bug#20718] Objects created with Data_Make_Struct and the default free function are not freed

[jcalvert (Jonathan Calvert) via ruby-core]

Issue #20718 has been reported by jcalvert (Jonathan Calvert).

----------------------------------------
Bug #20718: Objects created with Data_Make_Struct and the default free function are not freed
https://bugs.ruby-lang.org/issues/20718

* Author: jcalvert (Jonathan Calvert)
* Status: Open
* ruby -v: ruby 3.3.5 (2024-09-03 revision ef084cc8f4) [x86_64-linux]
* Backport: 3.1: UNKNOWN, 3.2: UNKNOWN, 3.3: UNKNOWN
----------------------------------------
I discovered a memory leak when using the FFI gem prior to version 1.16 and Ruby 3.3 and up.

During debugging I found that this earlier version of FFI uses Data_Make_Struct (https://github.com/ffi/ffi/blob/v1.15.5/ext/ffi_c/Pointer.c#L57) instead of TypedData_Make_Struct and it uses -1 as the free function, which is RUBY_DEFAULT_FREE

When the object goes to get garbage collected, it enters into rb_data_free and it is passed to the RTYPEDDATA_EMBEDDED_P macro even though it is not of RTypedData. Because of that, the conditional is evaluated to false and xfree is never called. This was discovered by using jemalloc leak detection.

I have attached a somewhat minimal replication of the issue. The fix would appear to check the type of the obj before casting it. 

---Files--------------------------------
pointer_bug.rb (418 Bytes)
Gemfile.txt (104 Bytes)


-- 
https://bugs.ruby-lang.org/
 ______________________________________________
 ruby-core mailing list -- ruby-core@ml.ruby-lang.org
 To unsubscribe send an email to ruby-core-leave@ml.ruby-lang.org
 ruby-core info -- https://ml.ruby-lang.org/mailman3/lists/ruby-core.ml.ruby-lang.org/

[ruby-core:119093] [Ruby master Bug#20718] Objects created with Data_Make_Struct and the default free function are not freed

[jcalvert (Jonathan Calvert) via ruby-core]

Issue #20718 has been updated by jcalvert (Jonathan Calvert).


I have added a pull request that should patch the issue. https://github.com/ruby/ruby/pull/11563

----------------------------------------
Bug #20718: Objects created with Data_Make_Struct and the default free function are not freed
https://bugs.ruby-lang.org/issues/20718#change-109680

* Author: jcalvert (Jonathan Calvert)
* Status: Open
* ruby -v: ruby 3.3.5 (2024-09-03 revision ef084cc8f4) [x86_64-linux]
* Backport: 3.1: UNKNOWN, 3.2: UNKNOWN, 3.3: UNKNOWN
----------------------------------------
I discovered a memory leak when using the FFI gem prior to version 1.16 and Ruby 3.3 and up.

During debugging I found that this earlier version of FFI uses Data_Make_Struct (https://github.com/ffi/ffi/blob/v1.15.5/ext/ffi_c/Pointer.c#L57) instead of TypedData_Make_Struct and it uses -1 as the free function, which is RUBY_DEFAULT_FREE

When the object goes to get garbage collected, it enters into rb_data_free and it is passed to the RTYPEDDATA_EMBEDDED_P macro even though it is not of RTypedData. Because of that, the conditional is evaluated to false and xfree is never called. This was discovered by using jemalloc leak detection.

I have attached a somewhat minimal replication of the issue. The fix would appear to check the type of the obj before casting it. 

---Files--------------------------------
pointer_bug.rb (418 Bytes)
Gemfile.txt (104 Bytes)


-- 
https://bugs.ruby-lang.org/
 ______________________________________________
 ruby-core mailing list -- ruby-core@ml.ruby-lang.org
 To unsubscribe send an email to ruby-core-leave@ml.ruby-lang.org
 ruby-core info -- https://ml.ruby-lang.org/mailman3/lists/ruby-core.ml.ruby-lang.org/

[ruby-core:119098] [Ruby master Bug#20718] Objects created with Data_Make_Struct and the default free function are not freed

[byroot (Jean Boussier) via ruby-core]

Issue #20718 has been updated by byroot (Jean Boussier).

Backport changed from 3.1: UNKNOWN, 3.2: UNKNOWN, 3.3: UNKNOWN to 3.1: DONTNEED, 3.2: DONTNEED, 3.3: REQUIRED

I think this issue was introduced in 3.3? Let me know if not and I'll update the backport target.

Also for 3.3 the branch maintainer appreciate backport PRs so don't hesitate to open it yourself and tag k0kubun if you wish.

----------------------------------------
Bug #20718: Objects created with Data_Make_Struct and the default free function are not freed
https://bugs.ruby-lang.org/issues/20718#change-109686

* Author: jcalvert (Jonathan Calvert)
* Status: Closed
* ruby -v: ruby 3.3.5 (2024-09-03 revision ef084cc8f4) [x86_64-linux]
* Backport: 3.1: DONTNEED, 3.2: DONTNEED, 3.3: REQUIRED
----------------------------------------
I discovered a memory leak when using the FFI gem prior to version 1.16 and Ruby 3.3 and up.

During debugging I found that this earlier version of FFI uses Data_Make_Struct (https://github.com/ffi/ffi/blob/v1.15.5/ext/ffi_c/Pointer.c#L57) instead of TypedData_Make_Struct and it uses -1 as the free function, which is RUBY_DEFAULT_FREE

When the object goes to get garbage collected, it enters into rb_data_free and it is passed to the RTYPEDDATA_EMBEDDED_P macro even though it is not of RTypedData. Because of that, the conditional is evaluated to false and xfree is never called. This was discovered by using jemalloc leak detection.

I have attached a somewhat minimal replication of the issue. The fix would appear to check the type of the obj before casting it. 

---Files--------------------------------
pointer_bug.rb (418 Bytes)
Gemfile.txt (104 Bytes)


-- 
https://bugs.ruby-lang.org/
 ______________________________________________
 ruby-core mailing list -- ruby-core@ml.ruby-lang.org
 To unsubscribe send an email to ruby-core-leave@ml.ruby-lang.org
 ruby-core info -- https://ml.ruby-lang.org/mailman3/lists/ruby-core.ml.ruby-lang.org/

[ruby-core:119702] [Ruby master Bug#20718] Objects created with Data_Make_Struct and the default free function are not freed

[k0kubun (Takashi Kokubun) via ruby-core]

Issue #20718 has been updated by k0kubun (Takashi Kokubun).

Backport changed from 3.1: DONTNEED, 3.2: DONTNEED, 3.3: REQUIRED to 3.1: DONTNEED, 3.2: DONTNEED, 3.3: DONE

ruby_3_3 commit:55ddfd58dd6e67e88cf9a3e55bf99550affe8b3f.

----------------------------------------
Bug #20718: Objects created with Data_Make_Struct and the default free function are not freed
https://bugs.ruby-lang.org/issues/20718#change-110365

* Author: jcalvert (Jonathan Calvert)
* Status: Closed
* ruby -v: ruby 3.3.5 (2024-09-03 revision ef084cc8f4) [x86_64-linux]
* Backport: 3.1: DONTNEED, 3.2: DONTNEED, 3.3: DONE
----------------------------------------
I discovered a memory leak when using the FFI gem prior to version 1.16 and Ruby 3.3 and up.

During debugging I found that this earlier version of FFI uses Data_Make_Struct (https://github.com/ffi/ffi/blob/v1.15.5/ext/ffi_c/Pointer.c#L57) instead of TypedData_Make_Struct and it uses -1 as the free function, which is RUBY_DEFAULT_FREE

When the object goes to get garbage collected, it enters into rb_data_free and it is passed to the RTYPEDDATA_EMBEDDED_P macro even though it is not of RTypedData. Because of that, the conditional is evaluated to false and xfree is never called. This was discovered by using jemalloc leak detection.

I have attached a somewhat minimal replication of the issue. The fix would appear to check the type of the obj before casting it. 

---Files--------------------------------
pointer_bug.rb (418 Bytes)
Gemfile.txt (104 Bytes)


-- 
https://bugs.ruby-lang.org/
 ______________________________________________
 ruby-core mailing list -- ruby-core@ml.ruby-lang.org
 To unsubscribe send an email to ruby-core-leave@ml.ruby-lang.org
 ruby-core info -- https://ml.ruby-lang.org/mailman3/lists/ruby-core.ml.ruby-lang.org/