[GR-15444] Fix #get_pointer_value to ensure it keeps the argument alive during the native call

eregon · eregon · commit b9d0ca08865e · 2019-06-13T16:03:47.000+02:00
* Otherwise, an autorelease pointer could be freed
  after getting the address but before or during the native call.
diff --git a/lib/truffle/truffle/ffi_backend/function.rb b/lib/truffle/truffle/ffi_backend/function.rb
@@ -178,15 +178,16 @@ def free
       end
     end
 
+    # Returns a Truffle::FFI::Pointer, to correctly keep the argument alive during the native call
     private def get_pointer_value(value)
       if Truffle::FFI::Pointer === value
-        value.address
+        value
       elsif nil.equal?(value)
-        0
+        Truffle::FFI::Pointer::NULL
       elsif String === value
-        Truffle::CExt.string_pointer_to_native(value)
+        Truffle::CExt.string_to_pointer(value)
       elsif value.respond_to?(:to_ptr)
-        value.to_ptr.address
+        Truffle::Type.coerce_to value, Truffle::FFI::Pointer, :to_ptr
       else
         raise ArgumentError, "#{value.inspect} (#{value.class}) is not a pointer"
       end
diff --git a/src/main/java/org/truffleruby/cext/CExtNodes.java b/src/main/java/org/truffleruby/cext/CExtNodes.java
@@ -90,6 +90,7 @@
 import org.truffleruby.language.dispatch.DoesRespondDispatchHeadNode;
 import org.truffleruby.language.methods.DeclarationContext;
 import org.truffleruby.language.methods.InternalMethod;
+import org.truffleruby.language.objects.AllocateObjectNode;
 import org.truffleruby.language.objects.InitializeClassNode;
 import org.truffleruby.language.objects.InitializeClassNodeGen;
 import org.truffleruby.language.objects.IsFrozenNode;
@@ -1002,6 +1003,20 @@ public long toNative(DynamicObject string,
 
     }
 
+    @CoreMethod(names = "string_to_pointer", onSingleton = true, required = 1)
+    public abstract static class StringToPointerNode extends CoreMethodArrayArgumentsNode {
+
+        @Specialization(guards = "isRubyString(string)")
+        public DynamicObject toNative(DynamicObject string,
+                                      @Cached("create()") StringToNativeNode stringToNativeNode,
+                                      @Cached("create()") AllocateObjectNode allocateObjectNode) {
+            final NativeRope nativeRope = stringToNativeNode.executeToNative(string);
+
+            return allocateObjectNode.allocate(coreLibrary().getTruffleFFIPointerClass(), nativeRope.getNativePointer());
+        }
+
+    }
+
     @CoreMethod(names = "string_pointer_is_native?", onSingleton = true, required = 1)
     public abstract static class StringPointerIsNativeNode extends CoreMethodArrayArgumentsNode {
 
