Project

General

Profile

Bug #12030

Crash calling Hash#dig when hash contains ActiveRecord objects

Added by sbleon (Leon Miller-Out) about 3 years ago. Updated about 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
ruby -v:
ruby 2.3.0p0 (2015-12-25 revision 53290) [x86_64-darwin15]
[ruby-core:73556]

Description

This code results in a stack consistency error:

begin
  require 'bundler/inline'
rescue LoadError => e
  $stderr.puts 'Bundler version 1.10 or later is required. Please update your Bundler'
  raise e
end

gemfile(true) do
  ruby '2.3.0'
  source 'https://rubygems.org'
  gem 'activerecord', '4.2.5'
end

require 'active_record'

{ foo: ActiveRecord::Base }.dig(:foo, :bar)

Output

crash.rb:5: [BUG] Stack consistency error (sp: 3, bp: 4)
ruby 2.3.0p0 (2015-12-25 revision 53290) [x86_64-darwin13]

[snip]

-- Control frame information -----------------------------------------------
c:0002 p:0050 s:0003 E:001a80 EVAL   crash.rb:5 [FINISH]
c:0001 p:0000 s:0002 E:000cd0 (none) [FINISH]

-- Ruby level backtrace information ----------------------------------------
crash.rb:5:in `<main>'

-- C level backtrace information -------------------------------------------
0   ruby                                0x000000010a3aa1e4 rb_vm_bugreport + 388
1   ruby                                0x000000010a248aa5 rb_bug + 485
2   ruby                                0x000000010a38abc3 vm_exec_core + 13315
3   ruby                                0x000000010a39b1f9 vm_exec + 121
4   ruby                                0x000000010a251ef4 ruby_exec_internal + 148
5   ruby                                0x000000010a251e1e ruby_run_node + 78
6   ruby                                0x000000010a20820f main + 79

Expected output

crash.rb:5:in `dig': #<Class:ActiveRecord::Base> does not have #dig method (TypeError)

Notes

In addition to crashing when trying to dig into ActiveRecord::Base, it will crash trying to dig into a child class of ActiveRecord::Base, or into an instance of a child class of ActiveRecord::Base. Putting AR objects into hashes is probably a common practice in Rails apps, and users will dig too far into those hashes by accident (as I did!)

More realistic production code could look more like:

class User < ActiveRecord::Base; end
{ foo: User.first }.dig(:foo, :bar)

This bug has also been reproduced on: ruby 2.3.0p0 (2015-12-25 revision 53290) [x86_64-linux-gnu]

Associated revisions

Revision 6ee8ec70
Added by nobu (Nobuyoshi Nakada) about 3 years ago

vm_eval.c: fix hook call

  • vm_eval.c (rb_check_funcall_with_hook): also should call the given hook before returning Qundef when overridden respond_to? method returned false. [ruby-core:73556] [Bug #12030]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53695 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 53695
Added by nobu (Nobuyoshi Nakada) about 3 years ago

vm_eval.c: fix hook call

  • vm_eval.c (rb_check_funcall_with_hook): also should call the given hook before returning Qundef when overridden respond_to? method returned false. [ruby-core:73556] [Bug #12030]

Revision 53695
Added by nobu (Nobuyoshi Nakada) about 3 years ago

vm_eval.c: fix hook call

  • vm_eval.c (rb_check_funcall_with_hook): also should call the given hook before returning Qundef when overridden respond_to? method returned false. [ruby-core:73556] [Bug #12030]

Revision 53695
Added by nobu (Nobuyoshi Nakada) about 3 years ago

vm_eval.c: fix hook call

  • vm_eval.c (rb_check_funcall_with_hook): also should call the given hook before returning Qundef when overridden respond_to? method returned false. [ruby-core:73556] [Bug #12030]

Revision 53695
Added by nobu (Nobuyoshi Nakada) about 3 years ago

vm_eval.c: fix hook call

  • vm_eval.c (rb_check_funcall_with_hook): also should call the given hook before returning Qundef when overridden respond_to? method returned false. [ruby-core:73556] [Bug #12030]

Revision 4cfbf8ec
Added by naruse (Yui NARUSE) about 3 years ago

merge revision(s) 53695: [Backport #12030]

* vm_eval.c (rb_check_funcall_with_hook): also should call the
  given hook before returning Qundef when overridden respond_to?
  method returned false.  [ruby-core:73556] [Bug #12030]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_3@54402 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 54402
Added by naruse (Yui NARUSE) about 3 years ago

merge revision(s) 53695: [Backport #12030]

* vm_eval.c (rb_check_funcall_with_hook): also should call the
  given hook before returning Qundef when overridden respond_to?
  method returned false.  [ruby-core:73556] [Bug #12030]

History

Updated by akhramov (Artem Khramov) about 3 years ago

Hi, I was able to reproduce it on a bit minified example. Here it is:

class Foo
  def self.respond_to?(*args)
    super
  end
end

{ foo: Foo }.dig(:foo, :foo)
#2

Updated by nobu (Nobuyoshi Nakada) about 3 years ago

  • Status changed from Open to Closed

Applied in changeset r53695.


vm_eval.c: fix hook call

  • vm_eval.c (rb_check_funcall_with_hook): also should call the given hook before returning Qundef when overridden respond_to? method returned false. [ruby-core:73556] [Bug #12030]

Updated by nagachika (Tomoyuki Chikanaga) about 3 years ago

  • Backport changed from 2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: UNKNOWN, 2.3: UNKNOWN to 2.0.0: REQUIRED, 2.1: REQUIRED, 2.2: REQUIRED, 2.3: REQUIRED

r53695 should be backported into ruby_2_3 branch.
rb_check_funcall_with_hook() exists in ruby_2_0_0, ruby_2_1, ruby_2_2 branches and they have same potential bug, but rb_check_funcall_with_hook() is never called in these branches.
I fill REQUIRED for all stable branches even though only 2.3 branch has real issue fixed by the change.

Updated by naruse (Yui NARUSE) about 3 years ago

  • Backport changed from 2.0.0: REQUIRED, 2.1: REQUIRED, 2.2: REQUIRED, 2.3: REQUIRED to 2.0.0: REQUIRED, 2.1: REQUIRED, 2.2: REQUIRED, 2.3: DONE

ruby_2_3 r54402 merged revision(s) 53695.

Also available in: Atom PDF