From de48d95c6d0336f4b91bd18adf0a5c4a4ec0a538 Mon Sep 17 00:00:00 2001
From: "Yukihiro \"Matz\" Matsumoto" <matz@ruby-lang.org>
Date: Thu, 25 May 2017 19:55:53 +0900
Subject: Avoid marking possibly freed stack; #3550 #3612

---
 src/gc.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/gc.c b/src/gc.c
index 7337c659a..a3eee65e7 100644
--- a/src/gc.c
+++ b/src/gc.c
@@ -648,8 +648,11 @@ gc_mark_children(mrb_state *mrb, mrb_gc *gc, struct RBasic *obj)
       struct REnv *e = (struct REnv*)obj;
       mrb_int i, len;
 
-      if (MRB_ENV_STACK_SHARED_P(e) && e->cxt.c->fib) {
-        mrb_gc_mark(mrb, (struct RBasic*)e->cxt.c->fib);
+      if (MRB_ENV_STACK_SHARED_P(e)) {
+        if (e->cxt.c->fib) {
+          mrb_gc_mark(mrb, (struct RBasic*)e->cxt.c->fib);
+        }
+        break;
       }
       len = MRB_ENV_STACK_LEN(e);
       for (i=0; i<len; i++) {
-- 
cgit v1.2.3