segmentation fault in rb_Array

[Luke Kanies]

I got a segmentation fault when I accidentally made an infinite
recursion. I found it in a much longer codebase, but I was able to
replicate it using the following exact code:

class Type
def name
return "yay"
end

# oops
def path
return [self.path,self.name].flatten
end
end

t = Type.new
t.path

If you'd like to try to replicate it, you can check revision 370 out
from http://reductivelabs.com/svn/puppet, and run

cd puppet/library/trunk/test
./test

This is on Debian/unstable, running 1.8.2 (2005-04-11) [i386-linux] on a
dual Athlon MP with 1 GB of RAM.

Feel free to ask for any more info you need.

Here's what gdb said about the core:

culain(0) $ gdb ruby core
GNU gdb 6.3-debian
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-linux"...(no debugging symbols found)
Using host libthread_db library "/lib/tls/libthread_db.so.1".

(no debugging symbols found)
Core was generated by `ruby ./test'.
Program terminated with signal 11, Segmentation fault.

warning: current_sos: Can't read pathname for load map: Input/output error

Reading symbols from /usr/lib/libruby1.8.so.1.8...(no debugging symbols found)...done.
Loaded symbols for /usr/lib/libruby1.8.so.1.8
Reading symbols from /lib/tls/libpthread.so.0...(no debugging symbols found)...done.
Loaded symbols for /lib/tls/libpthread.so.0
Reading symbols from /lib/tls/libdl.so.2...
(no debugging symbols found)...done.
Loaded symbols for /lib/tls/libdl.so.2
Reading symbols from /lib/tls/libcrypt.so.1...(no debugging symbols found)...done.
Loaded symbols for /lib/tls/libcrypt.so.1
Reading symbols from /lib/tls/libm.so.6...
(no debugging symbols found)...done.
Loaded symbols for /lib/tls/libm.so.6
Reading symbols from /lib/tls/libc.so.6...(no debugging symbols found)...done.
Loaded symbols for /lib/tls/libc.so.6
Reading symbols from /lib/ld-linux.so.2...
(no debugging symbols found)...done.
Loaded symbols for /lib/ld-linux.so.2
Reading symbols from /usr/lib/ruby/1.8/i386-linux/syslog.so...(no debugging symbols found)...done.
Loaded symbols for /usr/lib/ruby/1.8/i386-linux/syslog.so
Reading symbols from /usr/lib/ruby/1.8/i386-linux/digest/md5.so...
(no debugging symbols found)...done.
Loaded symbols for /usr/lib/ruby/1.8/i386-linux/digest/md5.so
Reading symbols from /usr/lib/ruby/1.8/i386-linux/digest.so...(no debugging symbols found)...done.
Loaded symbols for /usr/lib/ruby/1.8/i386-linux/digest.so
Reading symbols from /usr/lib/ruby/1.8/i386-linux/etc.so...
(no debugging symbols found)...done.
Loaded symbols for /usr/lib/ruby/1.8/i386-linux/etc.so
Reading symbols from /usr/lib/ruby/1.8/i386-linux/socket.so...(no debugging symbols found)...done.
Loaded symbols for /usr/lib/ruby/1.8/i386-linux/socket.so
Reading symbols from /usr/lib/ruby/1.8/i386-linux/openssl.so...
(no debugging symbols found)...done.
Loaded symbols for /usr/lib/ruby/1.8/i386-linux/openssl.so
Reading symbols from /usr/lib/i686/cmov/libssl.so.0.9.7...(no debugging symbols found)...done.
Loaded symbols for /usr/lib/i686/cmov/libssl.so.0.9.7
Reading symbols from /usr/lib/i686/cmov/libcrypto.so.0.9.7...
(no debugging symbols found)...done.
Loaded symbols for /usr/lib/i686/cmov/libcrypto.so.0.9.7
Reading symbols from /usr/lib/ruby/1.8/i386-linux/fcntl.so...(no debugging symbols found)...done.
Loaded symbols for /usr/lib/ruby/1.8/i386-linux/fcntl.so
Reading symbols from /usr/lib/ruby/1.8/i386-linux/iconv.so...
(no debugging symbols found)...done.
Loaded symbols for /usr/lib/ruby/1.8/i386-linux/iconv.so
Reading symbols from /usr/lib/ruby/1.8/i386-linux/stringio.so...(no debugging symbols found)...done.
Loaded symbols for /usr/lib/ruby/1.8/i386-linux/stringio.so
Reading symbols from /usr/lib/ruby/1.8/i386-linux/zlib.so...
(no debugging symbols found)...done.
Loaded symbols for /usr/lib/ruby/1.8/i386-linux/zlib.so
Reading symbols from /usr/lib/libz.so.1...(no debugging symbols found)...done.
Loaded symbols for /usr/lib/libz.so.1
Reading symbols from /lib/tls/libnss_files.so.2...
(no debugging symbols found)...done.
Loaded symbols for /lib/tls/libnss_files.so.2
Reading symbols from /usr/lib/ruby/1.8/i386-linux/strscan.so...(no debugging symbols found)...done.
Loaded symbols for /usr/lib/ruby/1.8/i386-linux/strscan.so
Reading symbols from /usr/lib/ruby/1.8/i386-linux/digest/sha1.so...
(no debugging symbols found)...done.
Loaded symbols for /usr/lib/ruby/1.8/i386-linux/digest/sha1.so
#0 0x4004cc46 in rb_Array ()
from /usr/lib/libruby1.8.so.1.8
(gdb)

 

[Yukihiro Matsumoto]

Hi,

In message "Re: segmentation fault in rb_Array"

|I got a segmentation fault when I accidentally made an infinite
|recursion. I found it in a much longer codebase, but I was able to
|replicate it using the following exact code:

Current Ruby implementation checks stack depth periodically, but if
stack grows faster than expected by the periodic check, it crashes.
It will be resolved with the new engine (YARV), hopefully this
(fiscal) year.

matz.

 

[Luke Kanies]

Current Ruby implementation checks stack depth periodically, but if
stack grows faster than expected by the periodic check, it crashes.
It will be resolved with the new engine (YARV), hopefully this
(fiscal) year.

Hi matz,

Ok; I figured this wasn't a terribly big problem, since it was obviously
programmer error, but I also figured it couldn't hurt to pass it along.

And yes, I eagerly await YARV, although mostly for speed reasons.