Only mark cc->cme_ on valid imemo_callcache

We observed T_NONE on `cc->cme_` on a --repeat-count=50 run a compaction test on CI: http://ci.rvm.jp/results/trunk-repeat50@ruby-sp2-noble-docker/5654900 During reference updating for imemo_callcache in rb_imemo_mark_and_move(), if `cc->klass` is not live, but `cc->_cme` is live and moved, we go to the vm_cc_invalidate() path which leaves `cc->_cme` not updated and stale. In the next marking run after compaction, CME would've become a T_NONE. So to quote the comment above "... cc is invalidated by `vm_cc_invalidate()` and cc->cme is not be accessed."
Merged: https://github.com/ruby/ruby/pull/12936 Merged-By: XrXr
2025-03-16 16:00:08 -04:00 · 2025-03-16 16:00:08 -04:00 · 3e04f7b69f · 2025-03-16 20:00:26 +00:00
commit 3e04f7b69f
parent 70a9e5f6eb
1 changed files with 1 additions and 1 deletions
--- a/imemo.c
+++ b/imemo.c
@ -309,7 +309,7 @@ rb_imemo_mark_and_move(VALUE obj, bool reference_updating)
            }
        }
        else {
-            if (vm_cc_super_p(cc) || vm_cc_refinement_p(cc)) {
+            if (cc->klass && (vm_cc_super_p(cc) || vm_cc_refinement_p(cc))) {
                rb_gc_mark_movable((VALUE)cc->cme_);
                rb_gc_mark_movable((VALUE)cc->klass);
            }