ruby-core

Issue #13412 has been updated by wanabe (_ wanabe).

File cfp_before_setjmp.patch added
File ensure_stack.patch added
File get_tagged_next_cfp.patch added

There are some choices for this "cfp consistency error".
All patches are just for description and incomplete.


1. Mark as WONTFIX
I think this is most reasonable because the issue is edge case.

2. Ensure enough stack before rb_vm_push_frame() or control SIGSEGV point
ensure_stack.patch attached.
Using large machine stack frame can check that there is enough stack frame.

3. Rollback cfp when SEGV point is between rb_vm_push_frame() and TH_EXEC_TAG()
cfp_before_setjmp.patch attached.
setjmp() rolls back machine stack at previous TH_EXEC_TAG() point.
So also th->cfp should be rolled back at that time.

4. Rollback cfp at the moment of TH_EXEC_TAG()
get_tagged_next_cfp.patch attached.
This is like previous 3. pattern, but more precise and more wasteful.

5.Others

----------------------------------------
Bug #13412: Infinite recursion with define_method may cause silent SEGV or cfp consistency error
https://bugs.ruby-lang.org/issues/13412#change-64255

* Author: wanabe (_ wanabe)
* Status: Open
* Priority: Normal
* Assignee: 
* Target version: 
* ruby -v: ruby 2.5.0dev (2017-04-09 trunk 58286) [x86_64-linux]
* Backport: 2.2: UNKNOWN, 2.3: UNKNOWN, 2.4: UNKNOWN
----------------------------------------
The script causes silent (no output [BUG]) SEGV or "cfp consistency error" on my environment.

```ruby
define_method(:foo) { foo }

loop do
  1.times do
    1.times do
      begin
        foo
      rescue Exception
        nil
      end
    end
  end
end
```

I think this is related to #11430 (maybe same).

---Files--------------------------------
stderr.log (6.96 KB)
bug.rb (123 Bytes)
bug.sh (775 Bytes)
bug13412.r58331.patch (689 Bytes)
bug13412.r58367.patch (711 Bytes)
bug_stat.sh (296 Bytes)
bug.sh (786 Bytes)
bug_stat.sh (468 Bytes)
bug13412.r58367.patch (1 KB)
cfp_before_setjmp.patch (2.09 KB)
ensure_stack.patch (850 Bytes)
get_tagged_next_cfp.patch (3.33 KB)


-- 
https://bugs.ruby-lang.org/

Unsubscribe: <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>