Bug #11566
closedSegfault when enumerating from a bad constructor.
Description
Enumerator.new(&:foo).to_a
This should raise a NoMethodError
as it does for older Rubies, but the recent modifications to the internals of Symbol#to_proc
seem to have elided the CFP information necessary to realize the NME
.
I've attached a core dump which ultimately blames the VM_EP_LEP_P()
macro for dereferencing a null pointer.
#define VM_EP_LEP_P(ep) VM_ENVVAL_BLOCK_PTR_P((ep)[0])
Aside from observing that the block must not have an "environment" where it expected to find one, I am regrettably unable to provide any further information as to the nature or mitigation of this issue.
Files
Updated by yui-knk (Kaneko Yuichiro) over 9 years ago
I found out that this regression is caused by 51995
(https://github.com/ruby/ruby/commit/c90550c251f0c598458d52dd2cbd5445e8d26c65)
(And same type segfault happen on rails travis-ci, so I also test segf_try.rb
.)
# segf_try.rb
def arity_check(&block)
block.arity == 0
end
p arity_check(&:reverse)
# segf_try2.rb
p Enumerator.new(&:foo).to_a
$ ruby -v
ruby 2.3.0dev (2015-10-01 trunk 51994) [x86_64-darwin14]
$ ruby segf_try.rb
false
$ ruby segf_try2.rb
segf_try2.rb:1:in `each': undefined method `foo' for #<Enumerator::Yielder:0x007fcd2b0041c8> (NoMethodError)
from segf_try2.rb:1:in `each'
from segf_try2.rb:1:in `to_a'
from segf_try2.rb:1:in `<main>'
$ ruby -v
ruby 2.3.0dev (2015-10-01 trunk 51995) [x86_64-darwin14]
$ ruby segf_try.rb
segf_try.rb:2: [BUG] Segmentation fault at 0x00000000000018
ruby 2.3.0dev (2015-10-01 trunk 51995) [x86_64-darwin14]
-- Crash Report log information --------------------------------------------
See Crash Report log file under the one of following:
* ~/Library/Logs/CrashReporter
* /Library/Logs/CrashReporter
* ~/Library/Logs/DiagnosticReports
* /Library/Logs/DiagnosticReports
for more details.
Don't forget to include the above Crash Report log file in bug reports.
-- Control frame information -----------------------------------------------
c:0003 p:0009 s:0010 e:000008 METHOD segf_try.rb:2
c:0002 p:0024 s:0005 E:001180 EVAL segf_try.rb:5 [FINISH]
c:0001 p:0000 s:0002 E:001600 (none) [FINISH]
-- Ruby level backtrace information ----------------------------------------
segf_try.rb:5:in `<main>'
segf_try.rb:2:in `arity_check'
-- Machine register context ------------------------------------------------
rax: 0x0000000000000000 rbx: 0x0000000000004cb1 rcx: 0x00007ffa8a0eb200
rdx: 0x00000000000004b1 rdi: 0x0000000000000000 rsi: 0x0000000000000084
rbp: 0x00007fff5660d3a0 rsp: 0x00007fff5660d360 r8: 0x00000001099b5038
r9: 0x0000000000000001 r10: 0x0000000109ab4f80 r11: 0x00007ffa89d187f8
r12: 0x0000000000004cb1 r13: 0x0000000000000000 r14: 0x00007ffa89d13a40
r15: 0x0000000000004cb1 rip: 0x000000010977fb40 rfl: 0x0000000000010206
-- C level backtrace information -------------------------------------------
0 libruby.2.3.0.dylib 0x00000001097976d4 rb_vm_bugreport + 388
1 libruby.2.3.0.dylib 0x000000010963cb19 rb_bug_context + 473
2 libruby.2.3.0.dylib 0x0000000109710253 sigsegv + 83
3 libsystem_platform.dylib 0x00007fff868a5f1a _sigtramp + 26
4 libruby.2.3.0.dylib 0x000000010977fb40 method_entry_get + 224
5 ??? 0x00007fff5660d3b0 0x0 + 140734642574256
-- Other runtime information -----------------------------------------------
* Loaded script: segf_try.rb
* Loaded features:
0 enumerator.so
1 thread.rb
2 rational.so
3 complex.so
4 /usr/local/lib/ruby/2.3.0/x86_64-darwin14/enc/encdb.bundle
5 /usr/local/lib/ruby/2.3.0/x86_64-darwin14/enc/trans/transdb.bundle
6 /usr/local/lib/ruby/2.3.0/unicode_normalize.rb
7 /usr/local/lib/ruby/2.3.0/x86_64-darwin14/rbconfig.rb
8 /usr/local/lib/ruby/2.3.0/rubygems/compatibility.rb
9 /usr/local/lib/ruby/2.3.0/rubygems/defaults.rb
10 /usr/local/lib/ruby/2.3.0/rubygems/deprecate.rb
11 /usr/local/lib/ruby/2.3.0/rubygems/errors.rb
12 /usr/local/lib/ruby/2.3.0/rubygems/version.rb
13 /usr/local/lib/ruby/2.3.0/rubygems/requirement.rb
14 /usr/local/lib/ruby/2.3.0/rubygems/platform.rb
15 /usr/local/lib/ruby/2.3.0/rubygems/basic_specification.rb
16 /usr/local/lib/ruby/2.3.0/rubygems/stub_specification.rb
17 /usr/local/lib/ruby/2.3.0/rubygems/util/list.rb
18 /usr/local/lib/ruby/2.3.0/x86_64-darwin14/stringio.bundle
19 /usr/local/lib/ruby/2.3.0/rubygems/specification.rb
20 /usr/local/lib/ruby/2.3.0/rubygems/exceptions.rb
21 /usr/local/lib/ruby/2.3.0/rubygems/core_ext/kernel_gem.rb
22 /usr/local/lib/ruby/2.3.0/monitor.rb
23 /usr/local/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb
24 /usr/local/lib/ruby/2.3.0/rubygems.rb
25 /usr/local/lib/ruby/2.3.0/rubygems/path_support.rb
[NOTE]
You may have encountered a bug in the Ruby interpreter or extension libraries.
Bug reports are welcome.
For details: http://www.ruby-lang.org/bugreport.html
Abort trap: 6
$ ruby segf_try2.rb
segf_try2.rb:1: [BUG] Segmentation fault at 0x00000000000000
ruby 2.3.0dev (2015-10-01 trunk 51995) [x86_64-darwin14]
-- Crash Report log information --------------------------------------------
See Crash Report log file under the one of following:
* ~/Library/Logs/CrashReporter
* /Library/Logs/CrashReporter
* ~/Library/Logs/DiagnosticReports
* /Library/Logs/DiagnosticReports
for more details.
Don't forget to include the above Crash Report log file in bug reports.
-- Control frame information -----------------------------------------------
c:0006 p:---- s:0014 e:000013 IFUNC
c:0005 p:---- s:0012 E:0012b0 CFUNC :each
c:0004 p:---- s:0010 e:000009 CFUNC :each
c:0003 p:---- s:0008 E:001240 CFUNC :to_a
c:0002 p:0019 s:0005 E:001130 EVAL segf_try2.rb:1 [FINISH]
c:0001 p:0000 s:0002 E:001940 (none) [FINISH]
-- Ruby level backtrace information ----------------------------------------
segf_try2.rb:1:in `<main>'
segf_try2.rb:1:in `to_a'
segf_try2.rb:1:in `each'
segf_try2.rb:1:in `each'
-- Machine register context ------------------------------------------------
rax: 0x0000000000000000 rbx: 0x00007fec59c08030 rcx: 0x0000000000000002
rdx: 0x00007fff52287a10 rdi: 0x000000010de37e80 rsi: 0x0000000000000003
rbp: 0x00007fff52287990 rsp: 0x00007fff52287990 r8: 0x0000000000000000
r9: 0x00007fec59c083d0 r10: 0x00007fec59d00000 r11: 0x000000000000000d
r12: 0x00007fec5a8cc118 r13: 0x000000010dbb0090 r14: 0x00007fff52287a10
r15: 0x0000000000000003 rip: 0x000000010daf6b54 rfl: 0x0000000000010246
-- C level backtrace information -------------------------------------------
0 libruby.2.3.0.dylib 0x000000010db1a6d4 rb_vm_bugreport + 388
1 libruby.2.3.0.dylib 0x000000010d9bfb19 rb_bug_context + 473
2 libruby.2.3.0.dylib 0x000000010da93253 sigsegv + 83
3 libsystem_platform.dylib 0x00007fff868a5f1a _sigtramp + 26
4 libruby.2.3.0.dylib 0x000000010daf6b54 rb_vm_control_frame_block_ptr + 20
5 ??? 0x00007fff522879c0 0x0 + 140734571772352
-- Other runtime information -----------------------------------------------
* Loaded script: segf_try2.rb
* Loaded features:
0 enumerator.so
1 thread.rb
2 rational.so
3 complex.so
4 /usr/local/lib/ruby/2.3.0/x86_64-darwin14/enc/encdb.bundle
5 /usr/local/lib/ruby/2.3.0/x86_64-darwin14/enc/trans/transdb.bundle
6 /usr/local/lib/ruby/2.3.0/unicode_normalize.rb
7 /usr/local/lib/ruby/2.3.0/x86_64-darwin14/rbconfig.rb
8 /usr/local/lib/ruby/2.3.0/rubygems/compatibility.rb
9 /usr/local/lib/ruby/2.3.0/rubygems/defaults.rb
10 /usr/local/lib/ruby/2.3.0/rubygems/deprecate.rb
11 /usr/local/lib/ruby/2.3.0/rubygems/errors.rb
12 /usr/local/lib/ruby/2.3.0/rubygems/version.rb
13 /usr/local/lib/ruby/2.3.0/rubygems/requirement.rb
14 /usr/local/lib/ruby/2.3.0/rubygems/platform.rb
15 /usr/local/lib/ruby/2.3.0/rubygems/basic_specification.rb
16 /usr/local/lib/ruby/2.3.0/rubygems/stub_specification.rb
17 /usr/local/lib/ruby/2.3.0/rubygems/util/list.rb
18 /usr/local/lib/ruby/2.3.0/x86_64-darwin14/stringio.bundle
19 /usr/local/lib/ruby/2.3.0/rubygems/specification.rb
20 /usr/local/lib/ruby/2.3.0/rubygems/exceptions.rb
21 /usr/local/lib/ruby/2.3.0/rubygems/core_ext/kernel_gem.rb
22 /usr/local/lib/ruby/2.3.0/monitor.rb
23 /usr/local/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb
24 /usr/local/lib/ruby/2.3.0/rubygems.rb
25 /usr/local/lib/ruby/2.3.0/rubygems/path_support.rb
[NOTE]
You may have encountered a bug in the Ruby interpreter or extension libraries.
Bug reports are welcome.
For details: http://www.ruby-lang.org/bugreport.html
Abort trap: 6
Updated by nobu (Nobuyoshi Nakada) over 9 years ago
- Status changed from Open to Closed
Applied in changeset r52036.
proc.c: set ep properly
- proc.c (proc_new): link ep to calling block.
[ruby-core:70980] [Bug #11566]
Updated by nobu (Nobuyoshi Nakada) over 9 years ago
- Backport changed from 2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: UNKNOWN to 2.0.0: DONTNEED, 2.1: DONTNEED, 2.2: DONTNEED