From: shugo@...
Date: 2016-07-10T00:49:55+00:00
Subject: [ruby-core:76330] [Ruby trunk Bug#12576][Assigned] SEGV when interrupting tail recursion

Issue #12576 has been updated by Shugo Maeda.

Status changed from Open to Assigned
Assignee set to Koichi Sasada

SEGV occurs as follows:

1. eval pushes a control frame.
2. foo is called repeatedly without a new control frame.
3. Interrupted by a signal, and the exception handler of eval pops the control frame pushed by Step 1. OVER POP!
4. The main exception handler pops the bottom control frame.
5. vm_push_frame() is called by error_print(), and it causes SEGV.

The following patch seems to fix the problem, but I'm not sure.
Could you check it, ko1?

```diff
diff --git a/compile.c b/compile.c
index 33e0ba3..c2a710a 100644
--- a/compile.c
+++ b/compile.c
@@ -2415,6 +2415,8 @@ static inline int
 tailcallable_p(rb_iseq_t *iseq)
 {
     switch (iseq->body->type) {
+      case ISEQ_TYPE_EVAL:
+	/* eval can't tail call because cfp will be over popped */
       case ISEQ_TYPE_RESCUE:
       case ISEQ_TYPE_ENSURE:
 	/* rescue block can't tail call because of errinfo */
```


----------------------------------------
Bug #12576: SEGV when interrupting tail recursion
https://bugs.ruby-lang.org/issues/12576#change-59565

* Author: Shugo Maeda
* Status: Assigned
* Priority: Normal
* Assignee: Koichi Sasada
* ruby -v: 
* Backport: 2.1: UNKNOWN, 2.2: UNKNOWN, 2.3: UNKNOWN
----------------------------------------
The following program causes SEGV when interrupted by SIGINT.

```ruby
RubyVM::InstructionSequence.compile_option = {
  :tailcall_optimization => true,
  :trace_instruction => false
}

eval <<EOF
def foo
  foo
end
foo
EOF
```

The debug information is as follows:

```
Segmentation fault at 0x00000000000000
ruby 2.4.0dev (2016-07-08 trunk 55614) [x86_64-linux]

-- Control frame information -----------------------------------------------
c:0001 p:---- s:0002 E:000270 CFUNC 


-- Machine register context ------------------------------------------------
 RIP: 0x00007fe677d6824e RBP: 0x00007ffe125377a0 RSP: 0x00007ffe12537760
 RAX: 0x0000000000000000 RBX: 0x00007ffe12537d30 RCX: 0x00007fe679adf5e0
 RDX: 0x00007fe679834930 RDI: 0x00007fe6797d7600 RSI: 0x0000000000000000
  R8: 0x0000000000000003  R9: 0x00007fe679834930 R10: 0x0000000000000028
 R11: 0x0000000000000000 R12: 0x00007fe677c1bf60 R13: 0x00007ffe12538070
 R14: 0x0000000000000000 R15: 0x0000000000000000 EFL: 0x0000000000010246

-- C level backtrace information -------------------------------------------
/home/shugo/src/ruby/ruby(rb_print_backtrace+0x19) [0x7fe677d8bc75] vm_dump.c:688
/home/shugo/src/ruby/ruby(rb_vm_bugreport+0xb8) [0x7fe677d8c0fc] vm_dump.c:997
/home/shugo/src/ruby/ruby(rb_bug_context+0x117) [0x7fe677dfab9e] error.c:408
/home/shugo/src/ruby/ruby(sigsegv+0x5b) [0x7fe677d07a49] signal.c:896
/lib/x86_64-linux-gnu/libpthread.so.0 [0x7fe6777c6330]
/home/shugo/src/ruby/ruby(vm_push_frame+0xef) [0x7fe677d6824e] vm_insnhelper.c:191
/home/shugo/src/ruby/ruby(vm_call0_cfunc_with_frame+0x147) [0x7fe677d7c4a3] vm_eval.c:124
/home/shugo/src/ruby/ruby(vm_call0_cfunc+0x3b) [0x7fe677d7c5ad] vm_eval.c:148
/home/shugo/src/ruby/ruby(vm_call0_body+0x19c) [0x7fe677d7c74b] vm_eval.c:186
/home/shugo/src/ruby/ruby(vm_call0+0x8e) [0x7fe677d7c35a] vm_eval.c:61
/home/shugo/src/ruby/ruby(rb_call0+0xb1) [0x7fe677d7cd41] vm_eval.c:344
/home/shugo/src/ruby/ruby(rb_call+0x52) [0x7fe677d7d87e] vm_eval.c:630
/home/shugo/src/ruby/ruby(rb_funcall+0x19b) [0x7fe677d7e0d3] vm_eval.c:843
/home/shugo/src/ruby/ruby(get_backtrace+0x5e) [0x7fe677c1c97f] eval_error.c:57
/home/shugo/src/ruby/ruby(rb_threadptr_error_print+0x116) [0x7fe677c1cbd4] eval_error.c:108
/home/shugo/src/ruby/ruby(error_print+0x26) [0x7fe677c1cabc] eval_error.c:89
/home/shugo/src/ruby/ruby(error_handle+0x1a0) [0x7fe677c1d643] eval_error.c:314
/home/shugo/src/ruby/ruby(ruby_cleanup+0x29c) [0x7fe677c1e136] eval.c:196
/home/shugo/src/ruby/ruby(ruby_run_node+0x45) [0x7fe677c1e51e] eval.c:300
/home/shugo/src/ruby/ruby(main+0x5d) [0x7fe677c1c0d2] main.c:36

-- Other runtime information -----------------------------------------------

* Loaded script: t/tailcall.rb

* Loaded features:

    0 enumerator.so
    1 thread.rb
    2 rational.so
    3 complex.so
    4 /home/shugo/local/lib/ruby/2.4.0/x86_64-linux/enc/encdb.so
    5 /home/shugo/local/lib/ruby/2.4.0/x86_64-linux/enc/trans/transdb.so
    6 /home/shugo/local/lib/ruby/2.4.0/unicode_normalize.rb
    7 /home/shugo/local/lib/ruby/2.4.0/x86_64-linux/rbconfig.rb
    8 /home/shugo/local/lib/ruby/2.4.0/rubygems/compatibility.rb
    9 /home/shugo/local/lib/ruby/2.4.0/rubygems/defaults.rb
   10 /home/shugo/local/lib/ruby/2.4.0/rubygems/deprecate.rb
   11 /home/shugo/local/lib/ruby/2.4.0/rubygems/errors.rb
   12 /home/shugo/local/lib/ruby/2.4.0/rubygems/version.rb
   13 /home/shugo/local/lib/ruby/2.4.0/rubygems/requirement.rb
   14 /home/shugo/local/lib/ruby/2.4.0/rubygems/platform.rb
   15 /home/shugo/local/lib/ruby/2.4.0/rubygems/basic_specification.rb
   16 /home/shugo/local/lib/ruby/2.4.0/rubygems/stub_specification.rb
   17 /home/shugo/local/lib/ruby/2.4.0/rubygems/util/list.rb
   18 /home/shugo/local/lib/ruby/2.4.0/x86_64-linux/stringio.so
   19 /home/shugo/local/lib/ruby/2.4.0/rubygems/specification.rb
   20 /home/shugo/local/lib/ruby/2.4.0/rubygems/exceptions.rb
   21 /home/shugo/local/lib/ruby/2.4.0/rubygems/dependency.rb
   22 /home/shugo/local/lib/ruby/2.4.0/rubygems/core_ext/kernel_gem.rb
   23 /home/shugo/local/lib/ruby/2.4.0/monitor.rb
   24 /home/shugo/local/lib/ruby/2.4.0/rubygems/core_ext/kernel_require.rb
   25 /home/shugo/local/lib/ruby/2.4.0/rubygems.rb
   26 /home/shugo/local/lib/ruby/2.4.0/rubygems/path_support.rb
   27 /home/shugo/local/lib/ruby/gems/2.4.0/gems/did_you_mean-1.0.0/lib/did_you_mean/version.rb
   28 /home/shugo/local/lib/ruby/gems/2.4.0/gems/did_you_mean-1.0.0/lib/did_you_mean/core_ext/name_error.rb
   29 /home/shugo/local/lib/ruby/gems/2.4.0/gems/did_you_mean-1.0.0/lib/did_you_mean/levenshtein.rb
   30 /home/shugo/local/lib/ruby/gems/2.4.0/gems/did_you_mean-1.0.0/lib/did_you_mean/jaro_winkler.rb
   31 /home/shugo/local/lib/ruby/gems/2.4.0/gems/did_you_mean-1.0.0/lib/did_you_mean/spell_checkable.rb
   32 /home/shugo/local/lib/ruby/2.4.0/delegate.rb
   33 /home/shugo/local/lib/ruby/gems/2.4.0/gems/did_you_mean-1.0.0/lib/did_you_mean/spell_checkers/name_error_checkers/class_name_checker.rb
   34 /home/shugo/local/lib/ruby/gems/2.4.0/gems/did_you_mean-1.0.0/lib/did_you_mean/spell_checkers/name_error_checkers/variable_name_checker.rb
   35 /home/shugo/local/lib/ruby/gems/2.4.0/gems/did_you_mean-1.0.0/lib/did_you_mean/spell_checkers/name_error_checkers.rb
   36 /home/shugo/local/lib/ruby/gems/2.4.0/gems/did_you_mean-1.0.0/lib/did_you_mean/spell_checkers/method_name_checker.rb
   37 /home/shugo/local/lib/ruby/gems/2.4.0/gems/did_you_mean-1.0.0/lib/did_you_mean/spell_checkers/null_checker.rb
   38 /home/shugo/local/lib/ruby/gems/2.4.0/gems/did_you_mean-1.0.0/lib/did_you_mean/formatter.rb
   39 /home/shugo/local/lib/ruby/gems/2.4.0/gems/did_you_mean-1.0.0/lib/did_you_mean.rb

* Process memory map:

7fe675470000-7fe675a44000 r--s 00000000 fc:00 3298143                    /home/shugo/src/ruby/ruby
7fe675a44000-7fe675a5a000 r-xp 00000000 fc:00 131252                     /lib/x86_64-linux-gnu/libgcc_s.so.1
7fe675a5a000-7fe675c59000 ---p 00016000 fc:00 131252                     /lib/x86_64-linux-gnu/libgcc_s.so.1
7fe675c59000-7fe675c5a000 rw-p 00015000 fc:00 131252                     /lib/x86_64-linux-gnu/libgcc_s.so.1
7fe675c5a000-7fe675c62000 r-xp 00000000 fc:00 4326330                    /home/shugo/local/lib/ruby/2.4.0/x86_64-linux/stringio.so
7fe675c62000-7fe675e61000 ---p 00008000 fc:00 4326330                    /home/shugo/local/lib/ruby/2.4.0/x86_64-linux/stringio.so
7fe675e61000-7fe675e62000 r--p 00007000 fc:00 4326330                    /home/shugo/local/lib/ruby/2.4.0/x86_64-linux/stringio.so
7fe675e62000-7fe675e63000 rw-p 00008000 fc:00 4326330                    /home/shugo/local/lib/ruby/2.4.0/x86_64-linux/stringio.so
7fe675e63000-7fe675e66000 r-xp 00000000 fc:00 4326261                    /home/shugo/local/lib/ruby/2.4.0/x86_64-linux/enc/trans/transdb.so
7fe675e66000-7fe676065000 ---p 00003000 fc:00 4326261                    /home/shugo/local/lib/ruby/2.4.0/x86_64-linux/enc/trans/transdb.so
7fe676065000-7fe676066000 r--p 00002000 fc:00 4326261                    /home/shugo/local/lib/ruby/2.4.0/x86_64-linux/enc/trans/transdb.so
7fe676066000-7fe676067000 rw-p 00003000 fc:00 4326261                    /home/shugo/local/lib/ruby/2.4.0/x86_64-linux/enc/trans/transdb.so
7fe676067000-7fe676069000 r-xp 00000000 fc:00 4326283                    /home/shugo/local/lib/ruby/2.4.0/x86_64-linux/enc/encdb.so
7fe676069000-7fe676268000 ---p 00002000 fc:00 4326283                    /home/shugo/local/lib/ruby/2.4.0/x86_64-linux/enc/encdb.so
7fe676268000-7fe676269000 r--p 00001000 fc:00 4326283                    /home/shugo/local/lib/ruby/2.4.0/x86_64-linux/enc/encdb.so
7fe676269000-7fe67626a000 rw-p 00002000 fc:00 4326283                    /home/shugo/local/lib/ruby/2.4.0/x86_64-linux/enc/encdb.so
7fe67626a000-7fe676a3a000 r--p 00000000 fc:00 6560725                    /usr/lib/locale/locale-archive
7fe676a3a000-7fe676bf4000 r-xp 00000000 fc:00 131283                     /lib/x86_64-linux-gnu/libc-2.19.so
7fe676bf4000-7fe676df4000 ---p 001ba000 fc:00 131283                     /lib/x86_64-linux-gnu/libc-2.19.so
7fe676df4000-7fe676df8000 r--p 001ba000 fc:00 131283                     /lib/x86_64-linux-gnu/libc-2.19.so
7fe676df8000-7fe676dfa000 rw-p 001be000 fc:00 131283                     /lib/x86_64-linux-gnu/libc-2.19.so
7fe676dfa000-7fe676dff000 rw-p 00000000 00:00 0 
7fe676dff000-7fe676f04000 r-xp 00000000 fc:00 131268                     /lib/x86_64-linux-gnu/libm-2.19.so
7fe676f04000-7fe677103000 ---p 00105000 fc:00 131268                     /lib/x86_64-linux-gnu/libm-2.19.so
7fe677103000-7fe677104000 r--p 00104000 fc:00 131268                     /lib/x86_64-linux-gnu/libm-2.19.so
7fe677104000-7fe677105000 rw-p 00105000 fc:00 131268                     /lib/x86_64-linux-gnu/libm-2.19.so
7fe677105000-7fe67710e000 r-xp 00000000 fc:00 131271                     /lib/x86_64-linux-gnu/libcrypt-2.19.so
7fe67710e000-7fe67730e000 ---p 00009000 fc:00 131271                     /lib/x86_64-linux-gnu/libcrypt-2.19.so
7fe67730e000-7fe67730f000 r--p 00009000 fc:00 131271                     /lib/x86_64-linux-gnu/libcrypt-2.19.so
7fe67730f000-7fe677310000 rw-p 0000a000 fc:00 131271                     /lib/x86_64-linux-gnu/libcrypt-2.19.so
7fe677310000-7fe67733e000 rw-p 00000000 00:00 0 
7fe67733e000-7fe677341000 r-xp 00000000 fc:00 131270                     /lib/x86_64-linux-gnu/libdl-2.19.so
7fe677341000-7fe677540000 ---p 00003000 fc:00 131270                     /lib/x86_64-linux-gnu/libdl-2.19.so
7fe677540000-7fe677541000 r--p 00002000 fc:00 131270                     /lib/x86_64-linux-gnu/libdl-2.19.so
7fe677541000-7fe677542000 rw-p 00003000 fc:00 131270                     /lib/x86_64-linux-gnu/libdl-2.19.so
7fe677542000-7fe6775ae000 r-xp 00000000 fc:00 6562301                    /usr/lib/x86_64-linux-gnu/libgmp.so.10.1.3
7fe6775ae000-7fe6777ad000 ---p 0006c000 fc:00 6562301                    /usr/lib/x86_64-linux-gnu/libgmp.so.10.1.3
7fe6777ad000-7fe6777ae000 r--p 0006b000 fc:00 6562301                    /usr/lib/x86_64-linux-gnu/libgmp.so.10.1.3
7fe6777ae000-7fe6777b6000 rw-p 0006c000 fc:00 6562301                    /usr/lib/x86_64-linux-gnu/libgmp.so.10.1.3
7fe6777b6000-7fe6777cf000 r-xp 00000000 fc:00 131275                     /lib/x86_64-linux-gnu/libpthread-2.19.so
7fe6777cf000-7fe6779ce000 ---p 00019000 fc:00 131275                     /lib/x86_64-linux-gnu/libpthread-2.19.so
7fe6779ce000-7fe6779cf000 r--p 00018000 fc:00 131275                     /lib/x86_64-linux-gnu/libpthread-2.19.so
7fe6779cf000-7fe6779d0000 rw-p 00019000 fc:00 131275                     /lib/x86_64-linux-gnu/libpthread-2.19.so
7fe6779d0000-7fe6779d4000 rw-p 00000000 00:00 0 
7fe6779d4000-7fe6779f7000 r-xp 00000000 fc:00 131276                     /lib/x86_64-linux-gnu/ld-2.19.so
7fe677a34000-7fe677bf6000 r--s 00000000 fc:00 131283                     /lib/x86_64-linux-gnu/libc-2.19.so
7fe677bf6000-7fe677bf7000 r--p 00022000 fc:00 131276                     /lib/x86_64-linux-gnu/ld-2.19.so
7fe677bf7000-7fe677bf8000 rw-p 00023000 fc:00 131276                     /lib/x86_64-linux-gnu/ld-2.19.so
7fe677bf8000-7fe677bf9000 rw-p 00000000 00:00 0 
7fe677bf9000-7fe677edc000 r-xp 00000000 fc:00 3298143                    /home/shugo/src/ruby/ruby
7fe677ee7000-7fe677f8e000 r--s 00000000 fc:00 6562986                    /usr/lib/debug/lib/x86_64-linux-gnu/libpthread-2.19.so
7fe677f8e000-7fe677fb1000 r--s 00000000 fc:00 131275                     /lib/x86_64-linux-gnu/libpthread-2.19.so
7fe677fb1000-7fe6780b7000 rw-p 00000000 00:00 0 
7fe6780d3000-7fe6780d5000 rw-p 00000000 00:00 0 
7fe6780d5000-7fe6780d6000 ---p 00000000 00:00 0 
7fe6780d6000-7fe6780db000 rw-p 00000000 00:00 0                          [stack:32742]
7fe6780db000-7fe6780e0000 r--p 002e2000 fc:00 3298143                    /home/shugo/src/ruby/ruby
7fe6780e0000-7fe6780e2000 rw-p 002e7000 fc:00 3298143                    /home/shugo/src/ruby/ruby
7fe6780e2000-7fe6780f5000 rw-p 00000000 00:00 0 
7fe6797d6000-7fe679bca000 rw-p 00000000 00:00 0                          [heap]
7ffe11d3c000-7ffe1253b000 rw-p 00000000 00:00 0 
7ffe12572000-7ffe12574000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]


[NOTE]
You may have encountered a bug in the Ruby interpreter or extension libraries.
Bug reports are welcome.
For details: http://www.ruby-lang.org/bugreport.html
```




-- 
https://bugs.ruby-lang.org/

Unsubscribe: <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>