WeakRef requires rescuing RefError to avoid race condition

[daveola]

There's an race condition in the implied usage of WeakRef.

The API only has weakref_alive?, and then delegated access to the referenced object. But the delegated access to the object cannot be protected by weakref_alive? since GC may occur between the check and the usage.

This means we basically always have to check for RefError, which basically makes weakref_alive? useless if we want to actually potentially use the object.

WeakMap usage is discouraged, leaving us with needing to add this functionality to WeakRef, which may break if WeakRef implementation changes (i.e., there is no good solution for this).

This is discussed at length here:

https://stackoverflow.com/questions/69185508/ruby-weakref-has-implicit-race-condition

I would recommend an addition to the API that will safely return a (non-weak) object if it's alive, or else nil, and obviously it's up to the user to realize that this will stop GC from happening on that object while they hold it.

[casperisfine]

It's not documented but that method already exist as weakref.__getobj__. I agree that it should have a public alias though.

The problem is that since WeakRef delegates everything, any alias has a small chance to break existing code.

[daveola]

While I agree that there is the undoc'd feature getobj, there are two problems:

1. Using undoc'd code not in the API is likely to be broken in the future when something changes.
2. I'm still pretty sure the race condition exists. There's the check on the existence of delegate_sd_obj, then the return of that object. In between those steps there could be a GC, and you'd be in trouble.

I actually mention the usage of getobj still having this problem in my original post to stackoverflow and my solution actually uses getobj, but getobj is not sufficient on it's own.