ruby-changes:53281
From: k0kubun <ko1@a...>
Date: Fri, 2 Nov 2018 20:40:49 +0900 (JST)
Subject: [ruby-changes:53281] k0kubun:r65496 (trunk): mjit_worker.c: do no access pointer after free
k0kubun 2018-11-02 20:40:43 +0900 (Fri, 02 Nov 2018) New Revision: 65496 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=65496 Log: mjit_worker.c: do no access pointer after free When we return there, `unit` is already freed. This is detected by coverity scan. Modified files: trunk/mjit_worker.c Index: mjit_worker.c =================================================================== --- mjit_worker.c (revision 65495) +++ mjit_worker.c (revision 65496) @@ -1045,12 +1045,13 @@ convert_unit_to_func(struct rb_mjit_unit https://github.com/ruby/ruby/blob/trunk/mjit_worker.c#L1045 if (!mjit_opts.save_temps) remove_file(c_file); free_unit(unit); + in_jit = FALSE; /* just being explicit for return */ } else { in_jit = TRUE; } CRITICAL_SECTION_FINISH(3, "before mjit_compile to wait GC finish"); - if (unit->iseq == NULL) { + if (!in_jit) { return (mjit_func_t)NOT_COMPILED_JIT_ISEQ_FUNC; } -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/