Bug #21180: SEGV while marking `imemo_env->iseq` - Ruby - Ruby Issue Tracking System

Actions

Copy link

Bug #21180

closed

SEGV while marking `imemo_env->iseq`

Added by alanwu (Alan Wu) 18 days ago. Updated 9 days ago.

Status:

Closed

Assignee:

Target version:

ruby -v:

Backport:

3.1: DONTNEED, 3.2: DONE, 3.3: DONE, 3.4: DONE

[ruby-core:121280]

Description

This issue happens most realistically for people using a fiber scheduler (through e.g. the async gem), on Ruby 3.4.x and on Linux, but the following crashes for me for 3.2 and newer on macOS:

$ tail -n +1 test.rb ret1.rb
==> test.rb <==
require 'continuation'
module Warning
  def self.warn(message)
    GC.stress = true
    callcc
  end
end
require_relative 'ret1'

==> ret1.rb <==
return 1

Keywords for people searching: rb_imemo_mark_and_move, Note that the Fiber scheduler is enabled.

Working on a fix at https://github.com/ruby/ruby/pull/12898

Actions

Copy link

Updated by alanwu (Alan Wu) 18 days ago

Description updated (diff)

Actions

Copy link

Updated by alanwu (Alan Wu) 18 days ago

Description updated (diff)

Actions

Copy link

Updated by alanwu (Alan Wu) 16 days ago

Status changed from Open to Closed

Applied in changeset git|08b3a45bc97c835b4677bf76dbce68fd51d81897.

Push a real iseq in rb_vm_push_frame_fname()

Previously, vm_make_env_each() (used during proc
creation and for the debug inspector C API) picked up the
non-GC-allocated iseq that rb_vm_push_frame_fname() creates,
which led to a SEGV when the GC tried to mark the non GC object.

Put a real iseq imemo instead. Speed should be about the same since
the old code also did a imemo allocation and a malloc allocation.

Real iseq allows ironing out the special-casing of dummy frames in
rb_execution_context_mark() and rb_execution_context_update(). A check
is added to RubyVM::ISeq#eval, though, to stop attempts to run dummy
iseqs.

[Bug #21180]

Co-authored-by: Aaron Patterson tenderlove@ruby-lang.org

Actions

Copy link

#4 [ruby-core:121317]