[jira] [Commented] (THRIFT-2182) segfault in regression tests (GC bug in rb_thrift_memory_buffer_write)

Sun, 12 Jan 2014 14:47:24 -0800 

    [ 
https://issues.apache.org/jira/browse/THRIFT-2182?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13869176#comment-13869176
 ] 

Hudson commented on THRIFT-2182:
--------------------------------

FAILURE: Integrated in Thrift #999 (See 
[https://builds.apache.org/job/Thrift/999/])
THRIFT-2182 rb: segfault in regression tests (GC bug in 
rb_thrift_memory_buffer_write) (roger: rev 
0240572c44c64c3ab1d498d32a9a1530ab91b0da)
* lib/rb/ext/compact_protocol.c
* lib/rb/ext/struct.c
* lib/rb/ext/memory_buffer.c


> segfault in regression tests (GC bug in rb_thrift_memory_buffer_write)
> ----------------------------------------------------------------------
>
>                 Key: THRIFT-2182
>                 URL: https://issues.apache.org/jira/browse/THRIFT-2182
>             Project: Thrift
>          Issue Type: Bug
>          Components: Ruby - Library
>    Affects Versions: 0.9.1, 0.9.2
>            Reporter: Paul Brannan
>            Assignee: Roger Meier
>              Labels: easyfix, patch
>         Attachments: thrift-0.9.1-stringvalueptr.patch
>
>
> This bug causes the regression tests to segfault on my machine.  As this is a 
> GC bug, it may or may not be easily reproducible.
> The rb_thrift_memory_buffer_write function looks like this:
> {code:none}
>     VALUE rb_thrift_memory_buffer_write(VALUE self, VALUE str) {
>       VALUE buf = GET_BUF(self);
>       str = force_binary_encoding(str);
>       rb_str_buf_cat(buf, RSTRING_PTR(str), RSTRING_LEN(str));
>       return Qnil;
>     }
> {code}
> When gcc compiles this, it optimizes away the value of str (it is no longer 
> used after RSTRING_PTR(str) and RSTRING_LEN(str) are computed).  Later, 
> rb_str_buf_cat invokes the GC, and the string referenced by str is collected, 
> because there are no references to it on the stack.
> Some possible solutions:
> * Use StringValuePtr instead of RSTRING_PTR (in general RSTRING_PTR should be 
> avoided in favor of StringValuePtr or StringValueCStr); I believe this will 
> also fix #THRIFT-1047
> * Use rb_str_cat instead of rb_str_buf_cat
> * Use RB_GC_GUARD to prevent str from getting collected
> It appears a similar bug may exist with buffer_value in 
> rb_thrift_memory_buffer_read_into_buffer, and possibly in any of the other 30 
> places that RSTRING_PTR is used.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Reply via email to