Ensure that vm_stack is cleared in `thread_cleanup_func_before_exec`.

If `vm_stack` is left dangling in a forked process, the gc attempts to scan
it, but it is invalid and will cause a segfault. Therefore, we clear it
before forking.

In order to simplify this, `rb_ec_clear_vm_stack` was introduced.

1 files changed, 25 insertions, 9 deletions

diff --git a/vm.c b/vm.c
index 258c1b5942..7ad6bdd264 100644
--- a/vm.c
+++ b/vm.c
@@ -2685,20 +2685,36 @@ thread_alloc(VALUE klass)
     return obj;
 }
 
+inline void
+rb_ec_set_vm_stack(rb_execution_context_t *ec, VALUE *stack, size_t size)
+{
+    ec->vm_stack = stack;
+    ec->vm_stack_size = size;
+}
+
 void
 rb_ec_initialize_vm_stack(rb_execution_context_t *ec, VALUE *stack, size_t size)
 {
-  rb_ec_set_vm_stack(ec, stack, size);
+    rb_ec_set_vm_stack(ec, stack, size);
+
+    ec->cfp = (void *)(ec->vm_stack + ec->vm_stack_size);
 
-  ec->cfp = (void *)(ec->vm_stack + ec->vm_stack_size);
+    rb_vm_push_frame(ec,
+        NULL /* dummy iseq */,
+        VM_FRAME_MAGIC_DUMMY | VM_ENV_FLAG_LOCAL | VM_FRAME_FLAG_FINISH | VM_FRAME_FLAG_CFRAME /* dummy frame */,
+        Qnil /* dummy self */, VM_BLOCK_HANDLER_NONE /* dummy block ptr */,
+        0 /* dummy cref/me */,
+        0 /* dummy pc */, ec->vm_stack, 0, 0
+    );
+}
+
+void
+rb_ec_clear_vm_stack(rb_execution_context_t *ec)
+{
+    rb_ec_set_vm_stack(ec, NULL, 0);
 
-  rb_vm_push_frame(ec,
-      NULL /* dummy iseq */,
-      VM_FRAME_MAGIC_DUMMY | VM_ENV_FLAG_LOCAL | VM_FRAME_FLAG_FINISH | VM_FRAME_FLAG_CFRAME /* dummy frame */,
-      Qnil /* dummy self */, VM_BLOCK_HANDLER_NONE /* dummy block ptr */,
-      0 /* dummy cref/me */,
-      0 /* dummy pc */, ec->vm_stack, 0, 0
-  );
+    // Avoid dangling pointers:
+    // ec->cfp = NULL;
 }
 
 static void