Set array capacity/shared immediately after alloc

If auto-compaction is enabled, then we have to set the capacity/shared immediately after allocating a heap array. If compaction runs before capacity/shared is set then it could cause the array to be re-embedded, which can cause crashes.
2022-11-14 15:40:47 -05:00 · 2022-11-14 15:40:47 -05:00 · 9a6c3355c5
commit 9a6c3355c5
parent 6dd1a5f532
1 changed files with 5 additions and 5 deletions
--- a/array.c
+++ b/array.c
@ -837,11 +837,11 @@ ary_new(VALUE klass, long capa)
    }
    else {
        ary = ary_alloc_heap(klass);
+        ARY_SET_CAPA(ary, capa);
        assert(!ARY_EMBED_P(ary));

        ptr = ary_heap_alloc(ary, capa);
        ARY_SET_PTR(ary, ptr);
-        ARY_SET_CAPA(ary, capa);
        ARY_SET_HEAP_LEN(ary, 0);
    }

@ -945,11 +945,11 @@ ec_ary_new(rb_execution_context_t *ec, VALUE klass, long capa)
    }
    else {
        ary = ec_ary_alloc_heap(ec, klass);
+        ARY_SET_CAPA(ary, capa);
        assert(!ARY_EMBED_P(ary));

        ptr = ary_heap_alloc(ary, capa);
        ARY_SET_PTR(ary, ptr);
-        ARY_SET_CAPA(ary, capa);
        ARY_SET_HEAP_LEN(ary, 0);
    }

@ -1056,6 +1056,7 @@ ary_make_shared(VALUE ary)
        /* Shared roots cannot be embedded because the reference count
         * (refcnt) is stored in as.heap.aux.capa. */
        VALUE shared = ary_alloc_heap(0);
+        FL_SET_SHARED_ROOT(shared);

        if (ARY_EMBED_P(ary)) {
            /* Cannot use ary_heap_alloc because we don't want to allocate
@ -1074,7 +1075,6 @@ ary_make_shared(VALUE ary)

        ARY_SET_LEN(shared, capa);
        ary_mem_clear(shared, len, capa - len);
-        FL_SET_SHARED_ROOT(shared);
        ARY_SET_SHARED_ROOT_REFCNT(shared, 1);
        FL_SET_SHARED(ary);
        RB_DEBUG_COUNTER_INC(obj_ary_shared_create);
@ -1348,11 +1348,11 @@ ary_make_partial(VALUE ary, VALUE klass, long offset, long len)
        return result;
    }
    else {
+        VALUE shared = ary_make_shared(ary);
+
        VALUE result = ary_alloc_heap(klass);
        assert(!ARY_EMBED_P(result));

-        VALUE shared = ary_make_shared(ary);
-
        ARY_SET_PTR(result, RARRAY_CONST_PTR_TRANSIENT(ary));
        ARY_SET_LEN(result, RARRAY_LEN(ary));
        rb_ary_set_shared(result, shared);