From c6a6645495d849735132162187bd8a69c009b7c6 Mon Sep 17 00:00:00 2001
From: John Hawthorn <john@hawthorn.email>
Date: Tue, 10 Jun 2025 11:15:47 -0700
Subject: [PATCH] Fix early write barrier rb_marshal_define_compat

This write barrier occurred before the entry was added to the table, so
if GC occurred when inserting into the table, the write could be missed.
---
 marshal.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/marshal.c b/marshal.c
index 55b3bf156a..7db4bfc6d9 100644
--- a/marshal.c
+++ b/marshal.c
@@ -145,12 +145,14 @@ rb_marshal_define_compat(VALUE newclass, VALUE oldclass, VALUE (*dumper)(VALUE),
 
     compat_allocator_table();
     compat = ALLOC(marshal_compat_t);
-    RB_OBJ_WRITE(compat_allocator_tbl_wrapper, &compat->newclass, newclass);
-    RB_OBJ_WRITE(compat_allocator_tbl_wrapper, &compat->oldclass, oldclass);
+    compat->newclass = newclass;
+    compat->oldclass = oldclass;
     compat->dumper = dumper;
     compat->loader = loader;
 
     st_insert(compat_allocator_table(), (st_data_t)allocator, (st_data_t)compat);
+    RB_OBJ_WRITTEN(compat_allocator_tbl_wrapper, Qundef, newclass);
+    RB_OBJ_WRITTEN(compat_allocator_tbl_wrapper, Qundef, oldclass);
 }
 
 struct dump_arg {