If you call a member of a structure many times, the value will change.

Question

If you call a member of a structure many times, the value will change.

kojix2 opened this issue 3 years ago · comments

Hi @kou and fiddle developers!

When I reference a member of a structure multiple times with Fiddle, I find that the value of the member of the structure changes.

The following sample has a high probability of changing values in my environment. (Not always)

require 'fiddle/import'

module A
  extend Fiddle::Importer
  S = struct [
    'int8_t* hoge',
    'int8_t* fuga']
end

s = A::S.malloc
s.hoge = [*1..10].pack('c*')
s.fuga = [*1..10].reverse.pack('c*')

a1 = s.fuga[0,10].unpack('c*')

1000.times do
  s.fuga[0,10].unpack('c*')
end

b1 = s.fuga[0,10].unpack('c*')

if a1 == b1
  puts "OK"
else
  p a1, b1
end

I have confirmed that this problem occurs in the following environment.

Ruby 2.7, 3.0 + Ubuntu + fiddle 1.0.7
Ruby 2.6 + Mac + fiddle 1.0.7

I also asked people in ruby-jp slack to try it. The problem is reproducible.

Thank you.

Chris Seaton · Answer 1 · Tue Jan 12 2021 19:38:01 GMT+0800 (China Standard Time)

The value of the struct's member is not changing - it's a pointer. What is changing is the values in the memory that the pointer is pointing to.

I modified your code to print the actual value (the pointer) from the struct to show it does not change.

require 'fiddle/import'

module A
  extend Fiddle::Importer
  S = struct [
    'int8_t* hoge',
    'int8_t* fuga']
end

s = A::S.malloc
s.hoge = [*1..10].pack('c*')
s.fuga = [*1..10].reverse.pack('c*')

a1 = s.fuga#[0,10].unpack('c*')

1000.times do
  s.fuga#[0,10].unpack('c*')
end

b1 = s.fuga#[0,10].unpack('c*')

if a1 == b1
  puts "OK"
else
  p a1, b1
end

What your code does is to read the memory pointed to by the struct members. This memory changes, but that's nothing to do with the struct, all it knows is what memory to point at - it doesn't own or manage or control that memory, so it cannot stop it changing.

So if the struct doesn't own or manage the memory its members point two, who is managing it? When you write [*1..10].pack('c*'), you create a C string, and then you store the address of the C string's memory in that struct's member. The C string still owns the memory, not the struct.

From this point, nothing points at the C string. Ruby has a garage collector, so the C string and its memory are collected by the garbage collector and deleted. Now the struct's member points at the same memory, but it's not own by the string anymore.

Then someone else gets the same memory, writes in it, and see that it's change.

That's how your memory changes.

I don't really see a bug here - you're pointing to the internals of a string, but how do you expect your string to be kept alive?

kojix2 · Answer 2 · Tue Jan 12 2021 19:57:45 GMT+0800 (China Standard Time)

Thank you for your quick response.

Based on your answer, I assigned a value to the variable to protect it from GC.

s.hoge = memo1 =  [*1..10].pack('c*')
s.fuga = memo2 = [*1..10].reverse.pack('c*')

And, certainly, the value is no longer changed.

GC ... It's difficult for me. But this issue has been resolved. Thank you!

Chris Seaton · Answer 3 · Tue Jan 12 2021 20:06:56 GMT+0800 (China Standard Time)

Note that you should not modify memo1 after this point, because that may cause the string data to be reallocated and so moved.

If you don't modify it, then your solution is fine.

If you might modify it, then you should malloc the data that s.hoge points to yourself, and copy the string data out of the Ruby string and into the data you own.