Bug #2330

Non systematic segmentation fault with autoload rubyspec

Added by Marc-Andre Lafortune over 2 years ago. Updated 9 months ago.

[ruby-core:26523]
Status:Closed Start date:11/04/2009
Priority:High Due date:
Assignee:Marc-Andre Lafortune % Done:

0%
Category:core
Target version:1.9.2
ruby -v:ruby 1.9.2dev (2009-11-04 trunk 25641) [x86_64-darwin10.0.0]

Description

Starting from r25601, the following rubyspec will crash about half of the time (just repeat a couple of times):

$ mspec -t rubydev core/kernel/autoload_spec.rb
ruby 1.9.2dev (2009-11-04 trunk 25641) [x86_64-darwin10.0.0]
.........../Users/work/mspec/lib/mspec/mocks/proxy.rb:8: [BUG] Segmentation fault
ruby 1.9.2dev (2009-11-04 trunk 25641) [x86_64-darwin10.0.0]

-- control frame ----------
c:0036 p:0024 s:0121 b:0121 l:000120 d:000120 METHOD /Users/work/mspec/lib/mspec/mocks/proxy.rb:8
c:0035 p:---- s:0115 b:0115 l:000114 d:000114 FINISH
c:0034 p:---- s:0113 b:0113 l:000112 d:000112 CFUNC  :autoload
c:0033 p:0057 s:0108 b:0108 l:000208 d:000107 BLOCK  /Users/work/ruby/dev/spec/rubyspec/core/kernel/autoload_spec.rb:105
c:0032 p:---- s:0105 b:0105 l:000104 d:000104 FINISH
c:0031 p:---- s:0103 b:0103 l:000102 d:000102 CFUNC  :instance_eval
c:0030 p:0017 s:0100 b:0100 l:000099 d:000099 METHOD /Users/work/mspec/lib/mspec/runner/mspec.rb:67
c:0029 p:0021 s:0094 b:0094 l:000081 d:000093 BLOCK  /Users/work/mspec/lib/mspec/runner/context.rb:135
c:0028 p:---- s:0091 b:0091 l:000090 d:000090 FINISH
c:0027 p:---- s:0089 b:0089 l:000084 d:000088 IFUNC  :instance_variable_get
c:0026 p:---- s:0087 b:0087 l:000086 d:000086 CFUNC  :each
c:0025 p:---- s:0085 b:0085 l:000084 d:000084 CFUNC  :all?
c:0024 p:0053 s:0082 b:0082 l:000081 d:000081 METHOD /Users/work/mspec/lib/mspec/runner/context.rb:135
c:0023 p:0101 s:0076 b:0076 l:000065 d:000075 BLOCK  /Users/work/mspec/lib/mspec/runner/context.rb:163
c:0022 p:---- s:0071 b:0071 l:000070 d:000070 FINISH
c:0021 p:---- s:0069 b:0069 l:000068 d:000068 CFUNC  :each
c:0020 p:0127 s:0066 b:0066 l:000065 d:000065 METHOD /Users/work/mspec/lib/mspec/runner/context.rb:155
c:0019 p:0109 s:0063 b:0063 l:000062 d:000062 METHOD /Users/work/mspec/lib/mspec/runner/mspec.rb:36
c:0018 p:0029 s:0056 b:0056 l:000055 d:000055 METHOD /Users/work/mspec/lib/mspec/runner/object.rb:11
c:0017 p:0167 s:0049 b:0049 l:000208 d:000208 TOP    /Users/work/ruby/dev/spec/rubyspec/core/kernel/autoload_spec.rb:69
c:0016 p:---- s:0047 b:0047 l:000046 d:000046 FINISH
<hangs>

mspec version: 1.5.12
rubyspec: current

Related issues

related to ruby-trunk - Bug #2522: Segmentation Fault is occurred on r26158 by running rubyspec Closed 12/23/2009
related to ruby-trunk - Bug #2529: Segmentation Fault is occasionally occurred in rake with ... Closed 12/25/2009
related to ruby-trunk - Bug #2786: Segfault when loading gem Closed 02/24/2010

History

#1
Updated by Nobuyoshi Nakada over 2 years ago

Hi,

At Wed, 4 Nov 2009 14:36:14 +0900,
Marc-Andre Lafortune wrote in [ruby-core:26523]:
> Starting from r25601, the following rubyspec will crash about half of the time (just repeat a couple of times):
> 
> $ mspec -t rubydev core/kernel/autoload_spec.rb
> ruby 1.9.2dev (2009-11-04 trunk 25641) [x86_64-darwin10.0.0]
> .........../Users/work/mspec/lib/mspec/mocks/proxy.rb:8: [BUG] Segmentation fault
> ruby 1.9.2dev (2009-11-04 trunk 25641) [x86_64-darwin10.0.0]

Worked fine 20 times.

$ make MSPECOPT=core/kernel/autoload_spec.rb test-rubyspec 
./miniruby -I../src/lib -I../ext/common  ../src/tool/runruby.rb --extout=../ext  -- ../src/spec/mspec/bin/mspec run -B ../src/spec/default.mspec core/kernel/autoload_spec.rb
ruby 1.9.2dev (2009-11-02 trunk 25629) [x86_64-darwin9.8.0]
..............

Finished in 0.038309 seconds

1 file, 14 examples, 16 expectations, 0 failures, 0 errors

-- 
Nobu Nakada

#2
Updated by Marc-Andre Lafortune over 2 years ago

  • Priority changed from Urgent to High
Can't reproduce on PowerBook with Leopard, nor on a MacBook Pro with Leopard.

On my Mac Pro with Snow Leopard, though, it's pretty systematic. I rebuilt the nightly download from scratch and got the same crash  Maybe a strange 64 bit issue?

I'll try tomorrow on a different machine with Snow Leopard.

#3
Updated by Marc-Andre Lafortune over 2 years ago

Reproduced on a MacBook Pro (thus a different processor) running Snow Leopard, same error.

Is there a compile option I can use to compile ruby in 32 bit instead of 64?

#4
Updated by Yui NARUSE about 2 years ago

  • Status changed from Open to Assigned
  • Assignee changed from Yukihiro Matsumoto to Marc-Andre Lafortune
  • Priority changed from High to Low

#5
Updated by Marc-Andre Lafortune about 2 years ago

  • Assignee changed from Marc-Andre Lafortune to Yui NARUSE
  • Priority changed from Low to High
I'm quite flattered to have been assigned this issue, but I'm afraid my skills are being overestimated.

Here's the minimal test case to reproduce:
$ cat load_test.rb
load 'test.rb'

$ cat test.rb
def Kernel.load
end
call_method_that_doesnt_exist 


$ rubydev load_test.rb
test.rb:3: [BUG] Segmentation fault
ruby 1.9.2dev (2009-12-27 trunk 26184) [x86_64-darwin10.2.0]

-- control frame ----------
c:0006 p:0024 s:0014 b:0014 l:000013 d:000013 TOP    test.rb:3
c:0005 p:---- s:0012 b:0012 l:000011 d:000011 FINISH
^Z
[4]+  Stopped                 rubydev temp.rb
$ kill -9 %
[4]+  Killed                  rubydev temp.rb


Crash happens on line 751 of vm.c (vm_backtrace_each) because cfp->me->def is 0:
if ((*iter)(arg, file, line_no, rb_id2str(cfp->me->def->original_id))) break;

As stated previously, this bug is present since r25601.

Note: I've taken the liberty to reset the priority of this issue to High, but maybe I'm mistaken in thinking that any reproducible crashing bug should be at least at that priority?

#6
Updated by Nobuyoshi Nakada about 2 years ago

Hi,

At Sun, 27 Dec 2009 17:00:43 +0900,
Marc-Andre Lafortune wrote in [ruby-core:27335]:
> $ rubydev load_test.rb
> test.rb:3: [BUG] Segmentation fault
> ruby 1.9.2dev (2009-12-27 trunk 26184) [x86_64-darwin10.2.0]

It doesn't reproduce on darwin9.8.0.  Maybe gcc version
dependent?

Does the binary compiled on darwin10 segfault on darwin9, or
vice versa?

-- 
Nobu Nakada

#7
Updated by Marc-Andre Lafortune about 2 years ago

  • Assignee changed from Yui NARUSE to Marc-Andre Lafortune

#8
Updated by Nobuyoshi Nakada about 2 years ago

Hi,

At Sat, 30 Jan 2010 06:58:25 +0900,
Marc-Andre Lafortune wrote in [ruby-core:27959]:
> 1) The minimal test case
> I wonder why I didn't copy-paste my actual original code. In any case,
> the bug happens if the instance method #load is redefined in any way
> (and not the module method, as in my posted example). Thus the file
> 'load.rb' should read:
> 
> module Kernel
>   def load
>   end
> end
> generate_any_exception

It seems like same as [ruby-dev:40234].

I think it should use called_id instead of original_id to
traverse the backtrace, but currently called_id is not set
always properly.  I loose a patch to fix it now.


Index: vm.c
===================================================================
--- vm.c	(revision 26470)
+++ vm.c	(working copy)
@@ -734,5 +734,5 @@ vm_backtrace_each(rb_thread_t *th, int l
 	else if (RUBYVM_CFUNC_FRAME_P(cfp)) {
 	    if (NIL_P(file)) file = rb_str_new_cstr("ruby");
-	    if ((*iter)(arg, file, line_no, rb_id2str(cfp->me->def->original_id))) break;
+	    if ((*iter)(arg, file, line_no, rb_id2str(cfp->me->called_id))) break;
 	}
 	cfp = RUBY_VM_NEXT_CONTROL_FRAME(cfp);


-- 
Nobu Nakada

#9
Updated by Marc-Andre Lafortune almost 2 years ago

  • Status changed from Assigned to Closed
Crash resolved by r26718

Also available in: Atom PDF