Bug #21441: SEGV during thread cleanup if profiler calls thread_profiles_frames at wrong time - Ruby - Ruby Issue Tracking System

Actions

Copy link

Bug #21441

closed

SEGV during thread cleanup if profiler calls thread_profiles_frames at wrong time

Added by luke-gru (Luke Gruber) 13 days ago. Updated 2 days ago.

Status:

Closed

Assignee:

Target version:

ruby -v:

3.5.0

Backport:

3.2: UNKNOWN, 3.3: DONE, 3.4: REQUIRED

[ruby-core:122548]

Description

During thread cleanup, if a ruby sampling profiler calls thread_profile_frames at just the wrong time, the ec's stack is cleared but the CFP still exists on the EC, so thread_profile_frames assumes it can walk the stack and crashes.

In rb_ec_clear_vm_stack, it should set cfp to NULL before clearing the stack. If during rc_ec_clear_vm_stack the process gets a signal and this thread handles it and calls thread_profile_frames, the early return check of if (!cfp) fails, it continues and crashes in this function.

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Like0

Like0Like0Like0Like0Like0

Project

General

Profile

Ruby

Tags

Custom queries

Bug #21441

SEGV during thread cleanup if profiler calls thread_profiles_frames at wrong time

Updated by luke-gru (Luke Gruber) 13 days ago

Updated by Anonymous 13 days ago

Updated by ufuk (Ufuk Kayserilioglu) 12 days ago

Updated by nagachika (Tomoyuki Chikanaga) 2 days ago

Updated by nagachika (Tomoyuki Chikanaga) 2 days ago