Issue #7402 has been updated by naruse (Yui NARUSE).

Status changed from Assigned to Closed

r38335 fixed testing issue: it generates garbage core file.
----------------------------------------
Backport #7402: Avoid calling methods on user objects from segfault handler
https://bugs.ruby-lang.org/issues/7402#change-34653

Author: charliesome (Charlie Somerville)
Status: Closed
Priority: Normal
Assignee: usa (Usaku NAKAMURA)
Category: 
Target version: 


When the segfault handler is listing loaded features, it iterates through $LOADED_FEATURES and calls StringValueCStr() on each item. This in turn calls #to_str on the object.

If a #to_str method is defined on a non-T_STRING, it is possible to have code run during the segfault handler. If an exception is raised or a tag is thrown, it is possible to escape the segfault handler and recover from a segmentation fault.

I've attached a patch that checks if an item in $LOADED_FEATURES is a T_STRING, and calls rb_any_to_s() if not. This will avoid calling any methods which could potentially call back into Ruby-land.


-- 
http://bugs.ruby-lang.org/