From: "byroot (Jean Boussier)" <noreply@...>
Date: 2022-01-14T15:17:59+00:00
Subject: [ruby-core:107130] [Ruby master Bug#18492] `rb_rescue2` inside `rb_protect` segfaults on Windows

Issue #18492 has been reported by byroot (Jean Boussier).

----------------------------------------
Bug #18492: `rb_rescue2` inside `rb_protect` segfaults on Windows
https://bugs.ruby-lang.org/issues/18492

* Author: byroot (Jean Boussier)
* Status: Open
* Priority: Normal
* ruby -v: ruby 2.6.9p207 (2021-11-24 revision 67954) [x64-mingw32], ruby 2.7.5p203 (2021-11-24 revision f69aeb8314) [x64-mingw32], ruby 3.0.3p157 (2021-11-24 revision 3fb7d2cadc) [x64-mingw32], ruby 3.1.0p0 (2021-12-25 revision fb4df44d16) [x64-mingw-ucrt]
* Backport: 2.6: UNKNOWN, 2.7: UNKNOWN, 3.0: UNKNOWN, 3.1: UNKNOWN
----------------------------------------
I ran into and interpreter segfault that @peterzhu2118 helped me reduce to s simple test case:

```c
#include <ruby.h>

static VALUE
rescue_return_false(VALUE arg, VALUE e)
{
  return Qfalse;
}

static VALUE
try_callback(VALUE arg)
{
  rb_raise(rb_eStandardError, "Repro");
}

static VALUE
prot_callback(VALUE arg)
{
  return rb_rescue2(
    try_callback, arg,
    rescue_return_false, Qnil,
    rb_eRuntimeError, 0);
}

VALUE repro_call(VALUE self)
{
  int state;
  rb_protect(prot_callback, Qnil, &state);
  if (state) {
    rb_jump_tag(state);
  } else {
    return Qtrue;
  }
}

void
Init_repro()
{
    VALUE m_Repro = rb_define_module_under(rb_cObject, "Repro");
    rb_define_singleton_method(m_Repro, "call", repro_call, 0);
}
```

```ruby
require "test_helper"

class ReproTest < Minitest::Test
  def test_raises
    assert_raises do
      Repro.call
    end
  end
end
```

### Expected behavior

I expect `Repro.call` to reraise the `StandardError`.

### Actual behavior

It works as expected on Ubuntu and MacOS, but segfaults on Windows:

```
D:/a/rbprotect-repro/rbprotect-repro/test/repro_test.rb:8: [BUG] Segmentation fault
ruby 3.1.0p0 (2021-12-25 revision fb4df44d16) [x64-mingw-ucrt]

-- Control frame information -----------------------------------------------
c:0026 p:---- s:0138 e:000137 CFUNC  :call
c:0025 p:0011 s:0134 e:000133 BLOCK  D:/a/rbprotect-repro/rbprotect-repro/test/repro_test.rb:8
c:0024 p:0064 s:0131 e:000130 METHOD C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest/assertions.rb:402
c:0023 p:0004 s:0124 e:000123 METHOD D:/a/rbprotect-repro/rbprotect-repro/test/repro_test.rb:7
c:0022 p:0018 s:0120 e:000119 BLOCK  C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest/test.rb:98
c:0021 p:0002 s:0117 e:000116 METHOD C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest/test.rb:195
c:0020 p:0004 s:0112 e:000111 BLOCK  C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest/test.rb:95
c:0019 p:0015 s:0109 e:000108 METHOD C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:281
c:0018 p:0004 s:0104 e:000103 BLOCK  C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest/test.rb:94
c:0017 p:0029 s:0101 e:000100 METHOD C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:376
c:0016 p:0044 s:0093 E:000a98 METHOD C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest/test.rb:221
c:0015 p:0004 s:0086 E:0022c0 METHOD C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest/test.rb:93
c:0014 p:0008 s:0082 e:000081 METHOD C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:1042
c:0013 p:0026 s:0075 e:000073 METHOD C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:350
c:0012 p:0009 s:0067 e:000066 BLOCK  C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:337 [FINISH]
c:0011 p:---- s:0063 e:000062 CFUNC  :each
c:0010 p:0005 s:0059 e:000058 BLOCK  C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:336
c:0009 p:0029 s:0056 e:000055 METHOD C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:376
c:0008 p:0029 s:0048 E:000a58 METHOD C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:363
c:0007 p:0117 s:0041 E:0025e8 METHOD C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:335
c:0006 p:0008 s:0032 e:000031 BLOCK  C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:169 [FINISH]
c:0005 p:---- s:0028 e:000027 CFUNC  :map
c:0004 p:0035 s:0024 e:000023 METHOD C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:169
c:0003 p:0142 s:0015 e:000014 METHOD C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:146
c:0002 p:0073 s:0008 E:0015a0 BLOCK  C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:73 [FINISH]
c:0001 p:0000 s:0003 E:0009a0 (none) [FINISH]

-- Ruby level backtrace information ----------------------------------------
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:73:in `block in autorun'
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:146:in `run'
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:169:in `__run'
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:169:in `map'
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:169:in `block in __run'
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:335:in `run'
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:363:in `with_info_handler'
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:376:in `on_signal'
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:336:in `block in run'
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:336:in `each'
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:337:in `block (2 levels) in run'
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:350:in `run_one_method'
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:1042:in `run_one_method'
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest/test.rb:93:in `run'
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest/test.rb:221:in `with_info_handler'
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:376:in `on_signal'
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest/test.rb:94:in `block in run'
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest.rb:281:in `time_it'
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest/test.rb:95:in `block (2 levels) in run'
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest/test.rb:195:in `capture_exceptions'
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest/test.rb:98:in `block (3 levels) in run'
D:/a/rbprotect-repro/rbprotect-repro/test/repro_test.rb:7:in `test_raises'
C:/hostedtoolcache/windows/Ruby/3.1.0/x64/lib/ruby/gems/3.1.0/gems/minitest-5.15.0/lib/minitest/assertions.rb:402:in `assert_raises'
D:/a/rbprotect-repro/rbprotect-repro/test/repro_test.rb:8:in `block in test_raises'
D:/a/rbprotect-repro/rbprotect-repro/test/repro_test.rb:8:in `call'

-- C level backtrace information -------------------------------------------
C:\Windows\SYSTEM32\ntdll.dll(NtWaitForSingleObject+0x14) [0x00007ffa0905fa74]
C:\Windows\System32\KERNELBASE.dll(WaitForSingleObjectEx+0x93) [0x00007ffa059485c3]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_vm_bugreport+0x2b3) [0x00007ff9d488b633]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_bug_for_fatal_signal+0x88) [0x00007ff9d4683d88]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_fiber_scheduler_address_resolve+0x2be) [0x00007ff9d47dc02e]
 [0x00007ff6c4731f32]
C:\Windows\System32\ucrtbase.dll(_C_specific_handler+0xa0) [0x00007ffa05c1e210]
C:\Windows\SYSTEM32\ntdll.dll(_chkstk+0x11f) [0x00007ffa09064a2f]
C:\Windows\SYSTEM32\ntdll.dll(RtlWalkFrameChain+0x14bf) [0x00007ffa08fc4cef]
C:\Windows\SYSTEM32\ntdll.dll(KiUserExceptionDispatcher+0x2e) [0x00007ffa0906379e]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_obj_is_kind_of+0x77) [0x00007ff9d473f697]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_vrescue2+0x32b) [0x00007ff9d468eb0b]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_rescue2+0x2a) [0x00007ff9d468ebaa]
 [0x00007ff9d3fd1447]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_protect+0x155) [0x00007ff9d468ed45]
 [0x00007ff9d3fd13dc]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_error_arity+0x26e) [0x00007ff9d486280e]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_vm_call_with_refinements+0x45d) [0x00007ff9d487e1ad]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_vm_exec+0x142) [0x00007ff9d486f052]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_yield+0x1e8) [0x00007ff9d4874be8]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_ary_each+0x3d) [0x00007ff9d45e62cd]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_error_arity+0x26e) [0x00007ff9d486280e]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_vm_search_method_slowpath+0x692) [0x00007ff9d4866e72]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_vm_call_with_refinements+0x4bf) [0x00007ff9d487e20f]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_vm_exec+0x142) [0x00007ff9d486f052]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_yield+0x1e8) [0x00007ff9d4874be8]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_ary_sort_bang+0xda2) [0x00007ff9d45ee402]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_error_arity+0x26e) [0x00007ff9d486280e]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_vm_search_method_slowpath+0x692) [0x00007ff9d4866e72]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_vm_call_with_refinements+0x4bf) [0x00007ff9d487e20f]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_vm_exec+0x142) [0x00007ff9d486f052]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_vm_invoke_proc+0x78) [0x00007ff9d4876178]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_proc_call+0x94) [0x00007ff9d477b484]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_ec_error_print+0xaf8) [0x00007ff9d468cbd8]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_ec_error_print+0xdcb) [0x00007ff9d468ceab]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(rb_ec_error_print+0x10a2) [0x00007ff9d468d182]
C:\hostedtoolcache\windows\Ruby\3.1.0\x64\bin\x64-ucrt-ruby310.dll(ruby_run_node+0xaf) [0x00007ff9d468ddbf]
 [0x00007ff6c4732ab9]
 [0x00007ff6c47313b1]
 [0x00007ff6c47314e6]
C:\Windows\System32\KERNEL32.DLL(BaseThreadInitThunk+0x14) [0x00007ffa08b57974]

```

### Full repro

The full repro source code can be found at https://github.com/casperisfine/rbprotect-repro

The CI is configured to run on Windows, Ubuntu and MacOS, from Ruby 2.5 to ruby-head



-- 
https://bugs.ruby-lang.org/

Unsubscribe: <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>