1. 30 Apr, 2016 1 commit
    • David Mitchell's avatar
      RT #124156: death during unwinding causes crash · 9d5b2678
      David Mitchell authored
      v5.19.3-139-g2537512 changed POPSUB and POPFORMAT so that they also
      unwind the relevant portion of the scope stack. This (sensible) change
      means that during exception handling, contexts and savestack frames are
      popped in lock-step, rather than all the contexts being popped followed by
      all the savestack contents.
      
      However, LEAVE_SCOPE() is now called by POPSUB/FORMAT, which can trigger
      destructors, tied method calls etc, which themselves may croak. The new
      unwinding will see the old sub context still on the context stack and call
      POPSUB on it again, leading to double frees etc.
      
      At this late stage in code freeze, the least invasive change is to
      use an unused bit in cx->blk_u16 to indicate that POPSUB has already
      been called on this context frame.
      
      Sometime later, this whole area of code really needs a thorough overhaul.
      The main issue is that if cxstack_ix-- is done too early, then calling
      destructors etc can overwrite the current context frame while we're still
      using using it; if cxstack_ix-- is done too late, then that stack frame
      can end up getting unwound twice.
      
      (cherry picked from commit 1956db7ee60460e5b4a25c19fda4999666c8cbd1)
      
      Bug: https://rt.perl.org/Ticket/Display.html?id=124156
      Bug-Debian: https://bugs.debian.org/822336
      Patch-Name: fixes/5.20.3/death_unwinding_crash.diff
      9d5b2678
  2. 09 May, 2014 1 commit
  3. 12 Aug, 2013 1 commit
  4. 11 May, 2013 1 commit
  5. 06 May, 2013 1 commit
  6. 12 May, 2012 1 commit
  7. 25 Apr, 2011 1 commit
  8. 29 Mar, 2010 1 commit
  9. 16 Aug, 2009 1 commit
  10. 06 May, 2008 7 commits