On Linux, `siginfo_t` uses a union for each `si_code`, and the field
corresponding to `si_pid` does not belong to the `_sigfault` field for
SIGSEGV. It actually overlaps the `si_addr` field, which is usually
non-zero on stack overflow.
https://github.com/ruby/ruby/pull/10201#issuecomment-2034723244
Previously, when another process sends a fatal signals such as SIGBUS
to Ruby, we could mis-interpret it as a stack overflow Ruby itself
generated. When the si_pid field is set on the signal, we shouldn't
check the si_addr field to check for stack overflow.
> Signals sent with kill(2) and sigqueue(3) fill in si_pid and si_uid.
Co-authored-by: Alan Wu <alanwu@ruby-lang.org>
Previously the code assigns `handler` function pointer, which accepts
one argument, to `sigact.sa_sigaction`, which accepts three argument.
This mismatch is not allowed in Wasm.
I don't see the reason to use `sa_sigaction` here, so this change
assigns to `sa_handler`, which accepts one argument, in Wasm.
On Linux, while the signal handler runs, that signal is masked, so in
the rb_bug_for_fatal_signal() code path we didn't get the default signal
action as intended. See signal(7). It worked fine on macOS, though.
Before:
$ ./miniruby -e 'Process.kill :SIGSEGV, Process.pid'
<snip>
Aborted (core dumped)
After:
$ ./miniruby -e 'Process.kill :SIGSEGV, Process.pid'
<snip>
Segmentation fault (core dumped)
Follow-up for 1ac0afab4d "rb_bug_for_fatal_signal: exit with the right
signal".
Let signal.c include "internal/error.h" explicitly to ensure that the
identifier rb_sys_fail_str in signal.c refers to the macro defined in
"internal/error.h" instead of the actual function.
That macro reads errno before evaluating its argument. Without this
change, the rb_signo2signm(sig) expression in the "trap" function in
signal.c will overwrite the errno before the actual rb_sys_fail_str
function reads the errno.
* Revert "Remove special handling of `SIGCHLD`. (#7482)"
This reverts commit 44a0711eab.
* Revert "Remove prototypes for functions that are no longer used. (#7497)"
This reverts commit 4dce12bead.
* Revert "Remove SIGCHLD `waidpid`. (#7476)"
This reverts commit 1658e7d966.
* Fix change to rjit variable name.
The altstack memory of a thread may be free'ed even after the VM is
destructed. After that, GC is no longer available, so calling xfree
may lead to a segfault.
This changeset uses the bare free function to free the altstack memory
instead of xfree. [Bug #18126]
iff means if and only if, but readers without that knowledge might
assume this to be a spelling mistake. To me, this seems like
exclusionary language that is unnecessary. Simply using "if and only if"
instead should suffice.
This commit introduces Ractor mechanism to run Ruby program in
parallel. See doc/ractor.md for more details about Ractor.
See ticket [Feature #17100] to see the implementation details
and discussions.
[Feature #17100]
This commit does not complete the implementation. You can find
many bugs on using Ractor. Also the specification will be changed
so that this feature is experimental. You will see a warning when
you make the first Ractor with `Ractor.new`.
I hope this feature can help programmers from thread-safety issues.
Not every compilers understand that rb_raise does not return. When a
function does not end with a return statement, such compilers can issue
warnings. We would better tell them about reachabilities.
A new (not-initialized-yet) pthread attempts to allocate sigaltstack by
using xmalloc. It may cause GC, but because the thread is not
initialized yet, ruby_native_thread_p() returns false, which leads to
"[FATAL] failed to allocate memory" and exit.
In fact, we can observe the error message in the log of OpenBSD CI:
https://rubyci.org/logs/rubyci.s3.amazonaws.com/openbsd-current/ruby-master/log/20200306T083005Z.log.html.gz
This changeset allocates sigaltstack before pthread is created.
Saves comitters' daily life by avoid #include-ing everything from
internal.h to make each file do so instead. This would significantly
speed up incremental builds.
We take the following inclusion order in this changeset:
1. "ruby/config.h", where _GNU_SOURCE is defined (must be the very
first thing among everything).
2. RUBY_EXTCONF_H if any.
3. Standard C headers, sorted alphabetically.
4. Other system headers, maybe guarded by #ifdef
5. Everything else, sorted alphabetically.
Exceptions are those win32-related headers, which tend not be self-
containing (headers have inclusion order dependencies).
rb_eval_cmd takes a safe level, and now that $SAFE is deprecated,
it should be deprecated as well.
Replace with rb_eval_cmd_kw, which takes a keyword flag. Switch
the two callers to this function.
This removes the related tests, and puts the related specs behind
version guards. This affects all code in lib, including some
libraries that may want to support older versions of Ruby.
This removes the security features added by $SAFE = 1, and warns for access
or modification of $SAFE from Ruby-level, as well as warning when calling
all public C functions related to $SAFE.
This modifies some internal functions that took a safe level argument
to no longer take the argument.
rb_require_safe now warns, rb_require_string has been added as a
version that takes a VALUE and does not warn.
One public C function that still takes a safe level argument and that
this doesn't warn for is rb_eval_cmd. We may want to consider
adding an alternative method that does not take a safe level argument,
and warn for rb_eval_cmd.
On Android, a signal handler that is not SIG_DFL is set by default for
SIGSEGV. Ruby's install_sighandler inserts Ruby's handler only when the
signal has no handler, so it does not insert Ruby's SEGV report handler,
which caused some test failures.
This changeset forces to install Ruby's handler for some fatal signals
(sigbus, sigsegv, and sigill). They keep the original handlers, and
call them when the interpreter receives the signals.
Just refactoring.
The name "rb_bug_context" is completely unclear for me.
(Can you see that "context" means "machine register context"?)
The context is available only when a fatal signal (sigbus, sigsegv, or
sigill) is received; in fact, the function is used only for fatal
signals. So, I think the name should be changed.
The three functions for fatal signals, sigbus, sigsegv, and sigill, are
a family. The definition of ruby_abort had interrupted them for no
reason. This change just moves the definition after the family.
We can check the function pointer passed to rb_define_module_function
like how we do so in rb_define_method. The difference is that this
changeset reveales lots of atiry mismatches.
Nobuyoshi Nakada
Peter Zhu
Yusuke Endoh
Yuta Saito
Alan Wu
Takashi Kokubun
Samuel Williams
Kunshan Wang
S-H-GAMELINKS
Benoit Daloze
Gannon McGibbon
Koichi Sasada
卜部昌平
Jeremy Evans