Actions
Bug #12507
closed
random SEGV in kernel.system when called with long parametre list
Status:
Closed
Assignee:
-
Target version:
-
ruby -v:
ruby 2.2.5p319 (2016-04-26 revision 54774) [x86_64-linux]
Description
Hello.
kernel.system randomly SEGV when called with long parametre list. list length
that causes SEGV (or other error) varies from system to system, and to a lesser
extent, from one run to another.
Here is how to reproduce:
#! /usr/bin/env ruby
# encoding: utf-8
# vim: se ts=2 sw=2 et:
[#[4, 4],[4,2],
[35, 17], [14, 4], [30, 3], [17, 10], [4, 2], [10, 5], [14, 3]
].each do |li|
len, incr = li
cmd=[ '/bin/true' ]
arg='a' * len + ' '
puts "======== #{arg}(#{len}) #{incr}"
3000.times do |i|
print "\r#{i} #{cmd.length} "
break unless system *cmd
cmd += (arg * incr).split ' '
end
puts ''
end
The fatal iteration varies between runs of the code. On
slow machines, (my raspberry pi 3), this code fails
for [4, 4], while my i7 laptop prefers to SEGV for [14,4].
Is this a timing issue ?
Affected ruby seem to be only 2.2 series. I could not reproduce
the behavior on 2.1 or 2.3 ruby. all rubies are installed with rvm.
Here is the list of affected systems I have access to:
- OSX El Capitan
- ruby 2.2.1p85 (2015-02-26 revision 49769) [x86_64-darwin14]
- ruby 2.2.5p319 (2016-04-26 revision 54774) [x86_64-darwin15]
- Ubuntu Gnu/Linux 14.04.4
- ruby 2.2.0p0 (2014-12-25 revision 49005) [x86_64-linux]
- ruby 2.2.3p173 (2015-08-18 revision 51636) [x86_64-linux]
- ruby 2.2.4p230 (2015-12-16 revision 53155) [x86_64-linux]
- ruby 2.2.5p319 (2016-04-26 revision 54774) [x86_64-linux]
- Raspian 8.0
- ruby 2.2.0p0 (2014-12-25 revision 49005) [armv6l-linux-eabihf] .Was compiled under Raspbian 7
- ruby 2.2.4p230 (2015-12-16 revision 53155) [armv6l-linux-eabihf]
- ruby 2.2.5p319 (2016-04-26 revision 54774) [armv7l-linux-eabihf]
Output could be this
moi@meduseld:~$ /tmp/a
======== aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa (35) 17
2999 50984
======== aaaaaaaaaaaaaa (14) 4
139 557 /tmp/a:14: [BUG] Segmentation fault at 0x00616161616191
ruby 2.2.5p319 (2016-04-26 revision 54774) [x86_64-linux]
-- Control frame information -----------------------------------------------
c:0007 p:---- s:0580 e:000579 CFUNC :system
c:0006 p:0033 s:0020 e:000019 BLOCK /tmp/a:14 [FINISH]
c:0005 p:---- s:0017 e:000016 CFUNC :times
c:0004 p:0064 s:0014 e:000013 BLOCK /tmp/a:12 [FINISH]
c:0003 p:---- s:0007 e:000006 CFUNC :each
c:0002 p:0020 s:0004 E:002360 EVAL /tmp/a:7 [FINISH]
c:0001 p:0000 s:0002 E:002660 TOP [FINISH]
-- Ruby level backtrace information ----------------------------------------
/tmp/a:7:in `<main>'
/tmp/a:7:in `each'
/tmp/a:12:in `block in <main>'
/tmp/a:12:in `times'
/tmp/a:14:in `block (2 levels) in <main>'
/tmp/a:14:in `system'
-- Machine register context ------------------------------------------------
RIP: 0x00007fc40509c354 RBP: 0x0000000000000000 RSP: 0x00007ffe460a44d0
RAX: 0x0000000000a72eb0 RBX: 0x00000000009ff5d0 RCX: 0x0000000000000085
RDX: 0x0000616161616161 RDI: 0x0000000001288b50 RSI: 0x0000000000000c41
R8: 0x0000000000000000 R9: 0x000000000000003f R10: 0x00007fc404c37a70
R11: 0x0000000000000000 R12: 0x0000000000000c41 R13: 0x00007fc4050e7356
R14: 0x0000000001288b50 R15: 0x0000000001288b28 EFL: 0x0000000000010246
-- C level backtrace information -------------------------------------------
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(rb_vm_bugreport+0x51f) [0x7fc4050a6f7f] vm_dump.c:693
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(rb_bug_context+0xcb) [0x7fc404f3a17b] error.c:425
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(sigsegv+0x3e) [0x7fc40501ba5e] signal.c:879
/lib/x86_64-linux-gnu/libc.so.6 [0x7fc404b2dcb0]
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(rb_check_funcall+0x144) [0x7fc40509c354] vm_method.c:652
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(rb_convert_type+0x5d) [0x7fc404fa7ffd] object.c:2619
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(rb_string_value+0x32) [0x7fc405032c72] string.c:1685
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(rb_string_value_cstr+0x13) [0x7fc405036743] string.c:1738
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(rb_exec_fillarg+0x560) [0x7fc404fd1b50] process.c:2212
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(rb_execarg_init+0x1d7) [0x7fc404fd1db7] process.c:2268
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(rb_execarg_new+0x55) [0x7fc404fd1f35] process.c:2246
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(rb_f_system+0x3d) [0x7fc404fd3cdd] process.c:3935
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(vm_call_cfunc+0x11e) [0x7fc40508ef5e] vm_insnhelper.c:1380
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(vm_exec_core+0x2613) [0x7fc405096f83] insns.def:1070
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(vm_exec+0x82) [0x7fc40509a592] vm.c:1440
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(rb_yield+0x497) [0x7fc4050a1717] vm.c:818
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(int_dotimes+0x3e) [0x7fc404f9a4de] numeric.c:3868
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(vm_call_cfunc+0x11e) [0x7fc40508ef5e] vm_insnhelper.c:1380
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(vm_exec_core+0x12f8) [0x7fc405095c68] insns.def:1040
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(vm_exec+0x82) [0x7fc40509a592] vm.c:1440
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(rb_yield+0x497) [0x7fc4050a1717] vm.c:818
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(rb_ary_each+0x52) [0x7fc404eeba42] array.c:1814
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(vm_call_cfunc+0x11e) [0x7fc40508ef5e] vm_insnhelper.c:1380
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(vm_call_method+0x11e) [0x7fc4050a53be] vm_insnhelper.c:1689
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(vm_exec_core+0x12f8) [0x7fc405095c68] insns.def:1040
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(vm_exec+0x82) [0x7fc40509a592] vm.c:1440
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(rb_iseq_eval_main+0x1f3) [0x7fc40509bbe3] vm.c:1685
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(ruby_exec_internal+0xc4) [0x7fc404f3f8f4] eval.c:254
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(ruby_exec_node+0x1d) [0x7fc404f41add] eval.c:319
/home/moi/.rvm/rubies/ruby-2.2.5/bin/../lib/libruby.so.2.2(ruby_run_node+0x1c) [0x7fc404f4434c] eval.c:311
/home/moi/.rvm/rubies/ruby-2.2.5/bin/ruby(main+0x4b) [0x40087b] main.c:36
-- Other runtime information -----------------------------------------------
* Loaded script: /tmp/a
* Loaded features:
0 enumerator.so
1 rational.so
2 complex.so
3 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/2.2.0/x86_64-linux/enc/encdb.so
4 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/2.2.0/x86_64-linux/enc/trans/transdb.so
5 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/2.2.0/unicode_normalize.rb
6 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/2.2.0/x86_64-linux/rbconfig.rb
7 thread.rb
8 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/2.2.0/x86_64-linux/thread.so
9 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/site_ruby/2.2.0/rubygems/compatibility.rb
10 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/site_ruby/2.2.0/rubygems/defaults.rb
11 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/site_ruby/2.2.0/rubygems/deprecate.rb
12 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/site_ruby/2.2.0/rubygems/errors.rb
13 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/site_ruby/2.2.0/rubygems/version.rb
14 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/site_ruby/2.2.0/rubygems/requirement.rb
15 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/site_ruby/2.2.0/rubygems/platform.rb
16 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/site_ruby/2.2.0/rubygems/basic_specification.rb
17 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/site_ruby/2.2.0/rubygems/stub_specification.rb
18 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/site_ruby/2.2.0/rubygems/util/stringio.rb
19 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/site_ruby/2.2.0/rubygems/specification.rb
20 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/site_ruby/2.2.0/rubygems/exceptions.rb
21 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/site_ruby/2.2.0/rubygems/core_ext/kernel_gem.rb
22 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/2.2.0/monitor.rb
23 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/site_ruby/2.2.0/rubygems/core_ext/kernel_require.rb
24 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/site_ruby/2.2.0/rubygems.rb
* Process memory map:
00400000-00401000 r-xp 00000000 fc:02 555460565 /home/moi/.rvm/rubies/ruby-2.2.5/bin/ruby
00600000-00601000 r--p 00000000 fc:02 555460565 /home/moi/.rvm/rubies/ruby-2.2.5/bin/ruby
00601000-00602000 rw-p 00001000 fc:02 555460565 /home/moi/.rvm/rubies/ruby-2.2.5/bin/ruby
009fe000-06e67000 rw-p 00000000 00:00 0 [heap]
7fc4027f1000-7fc4029b3000 r--s 00000000 fc:02 806357505 /lib/x86_64-linux-gnu/libc-2.19.so
7fc4029b3000-7fc4036a6000 r--s 00000000 fc:02 807891100 /home/moi/.rvm/rubies/ruby-2.2.5/lib/libruby.so.2.2.0
7fc4036a6000-7fc4036bc000 r-xp 00000000 fc:02 805308844 /lib/x86_64-linux-gnu/libgcc_s.so.1
7fc4036bc000-7fc4038bb000 ---p 00016000 fc:02 805308844 /lib/x86_64-linux-gnu/libgcc_s.so.1
7fc4038bb000-7fc4038bc000 rw-p 00015000 fc:02 805308844 /lib/x86_64-linux-gnu/libgcc_s.so.1
7fc4038bc000-7fc4038bf000 r-xp 00000000 fc:02 269819652 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/2.2.0/x86_64-linux/thread.so
7fc4038bf000-7fc403abf000 ---p 00003000 fc:02 269819652 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/2.2.0/x86_64-linux/thread.so
7fc403abf000-7fc403ac0000 r--p 00003000 fc:02 269819652 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/2.2.0/x86_64-linux/thread.so
7fc403ac0000-7fc403ac1000 rw-p 00004000 fc:02 269819652 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/2.2.0/x86_64-linux/thread.so
7fc403ac1000-7fc403ac3000 r-xp 00000000 fc:02 806167023 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/2.2.0/x86_64-linux/enc/trans/transdb.so
7fc403ac3000-7fc403cc3000 ---p 00002000 fc:02 806167023 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/2.2.0/x86_64-linux/enc/trans/transdb.so
7fc403cc3000-7fc403cc4000 r--p 00002000 fc:02 806167023 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/2.2.0/x86_64-linux/enc/trans/transdb.so
7fc403cc4000-7fc403cc5000 rw-p 00003000 fc:02 806167023 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/2.2.0/x86_64-linux/enc/trans/transdb.so
7fc403cc5000-7fc403cc7000 r-xp 00000000 fc:02 538538881 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/2.2.0/x86_64-linux/enc/encdb.so
7fc403cc7000-7fc403ec6000 ---p 00002000 fc:02 538538881 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/2.2.0/x86_64-linux/enc/encdb.so
7fc403ec6000-7fc403ec7000 r--p 00001000 fc:02 538538881 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/2.2.0/x86_64-linux/enc/encdb.so
7fc403ec7000-7fc403ec8000 rw-p 00002000 fc:02 538538881 /home/moi/.rvm/rubies/ruby-2.2.5/lib/ruby/2.2.0/x86_64-linux/enc/encdb.so
7fc403ec8000-7fc404196000 r--p 00000000 fc:02 537242510 /usr/lib/locale/locale-archive
7fc404196000-7fc40429b000 r-xp 00000000 fc:02 806357486 /lib/x86_64-linux-gnu/libm-2.19.so
7fc40429b000-7fc40449a000 ---p 00105000 fc:02 806357486 /lib/x86_64-linux-gnu/libm-2.19.so
7fc40449a000-7fc40449b000 r--p 00104000 fc:02 806357486 /lib/x86_64-linux-gnu/libm-2.19.so
7fc40449b000-7fc40449c000 rw-p 00105000 fc:02 806357486 /lib/x86_64-linux-gnu/libm-2.19.so
7fc40449c000-7fc4044a5000 r-xp 00000000 fc:02 806357489 /lib/x86_64-linux-gnu/libcrypt-2.19.so
7fc4044a5000-7fc4046a5000 ---p 00009000 fc:02 806357489 /lib/x86_64-linux-gnu/libcrypt-2.19.so
7fc4046a5000-7fc4046a6000 r--p 00009000 fc:02 806357489 /lib/x86_64-linux-gnu/libcrypt-2.19.so
7fc4046a6000-7fc4046a7000 rw-p 0000a000 fc:02 806357489 /lib/x86_64-linux-gnu/libcrypt-2.19.so
7fc4046a7000-7fc4046d5000 rw-p 00000000 00:00 0
7fc4046d5000-7fc4046d8000 r-xp 00000000 fc:02 806357488 /lib/x86_64-linux-gnu/libdl-2.19.so
7fc4046d8000-7fc4048d7000 ---p 00003000 fc:02 806357488 /lib/x86_64-linux-gnu/libdl-2.19.so
7fc4048d7000-7fc4048d8000 r--p 00002000 fc:02 806357488 /lib/x86_64-linux-gnu/libdl-2.19.so
7fc4048d8000-7fc4048d9000 rw-p 00003000 fc:02 806357488 /lib/x86_64-linux-gnu/libdl-2.19.so
7fc4048d9000-7fc4048f2000 r-xp 00000000 fc:02 806357495 /lib/x86_64-linux-gnu/libpthread-2.19.so
7fc4048f2000-7fc404af1000 ---p 00019000 fc:02 806357495 /lib/x86_64-linux-gnu/libpthread-2.19.so
7fc404af1000-7fc404af2000 r--p 00018000 fc:02 806357495 /lib/x86_64-linux-gnu/libpthread-2.19.so
7fc404af2000-7fc404af3000 rw-p 00019000 fc:02 806357495 /lib/x86_64-linux-gnu/libpthread-2.19.so
7fc404af3000-7fc404af7000 rw-p 00000000 00:00 0
7fc404af7000-7fc404cb1000 r-xp 00000000 fc:02 806357505 /lib/x86_64-linux-gnu/libc-2.19.so
7fc404cb1000-7fc404eb1000 ---p 001ba000 fc:02 806357505 /lib/x86_64-linux-gnu/libc-2.19.so
7fc404eb1000-7fc404eb5000 r--p 001ba000 fc:02 806357505 /lib/x86_64-linux-gnu/libc-2.19.so
7fc404eb5000-7fc404eb7000 rw-p 001be000 fc:02 806357505 /lib/x86_64-linux-gnu/libc-2.19.so
7fc404eb7000-7fc404ebc000 rw-p 00000000 00:00 0
7fc404ebc000-7fc405180000 r-xp 00000000 fc:02 807891100 /home/moi/.rvm/rubies/ruby-2.2.5/lib/libruby.so.2.2.0
7fc405180000-7fc405380000 ---p 002c4000 fc:02 807891100 /home/moi/.rvm/rubies/ruby-2.2.5/lib/libruby.so.2.2.0
7fc405380000-7fc405385000 r--p 002c4000 fc:02 807891100 /home/moi/.rvm/rubies/ruby-2.2.5/lib/libruby.so.2.2.0
7fc405385000-7fc405388000 rw-p 002c9000 fc:02 807891100 /home/moi/.rvm/rubies/ruby-2.2.5/lib/libruby.so.2.2.0
7fc405388000-7fc40539a000 rw-p 00000000 00:00 0
7fc40539a000-7fc4053bd000 r-xp 00000000 fc:02 806357496 /lib/x86_64-linux-gnu/ld-2.19.so
7fc40548d000-7fc405594000 rw-p 00000000 00:00 0
7fc405594000-7fc4055b6000 r--s 00000000 fc:02 555460565 /home/moi/.rvm/rubies/ruby-2.2.5/bin/ruby
7fc4055b6000-7fc4055b7000 ---p 00000000 00:00 0
7fc4055b7000-7fc4055bc000 rw-p 00000000 00:00 0 [stack:15986]
7fc4055bc000-7fc4055bd000 r--p 00022000 fc:02 806357496 /lib/x86_64-linux-gnu/ld-2.19.so
7fc4055bd000-7fc4055be000 rw-p 00023000 fc:02 806357496 /lib/x86_64-linux-gnu/ld-2.19.so
7fc4055be000-7fc4055bf000 rw-p 00000000 00:00 0
7ffe458a9000-7ffe460a8000 rw-p 00000000 00:00 0
7ffe46181000-7ffe46183000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
[NOTE]
You may have encountered a bug in the Ruby interpreter or extension libraries.
Bug reports are welcome.
For details: http://www.ruby-lang.org/bugreport.html
Abandon (core dumped)
or that
moi@meduseld:~$ /tmp/a
======== aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa (35) 17
2999 50984
======== aaaaaaaaaaaaaa (14) 4
134 537 /tmp/a:14:in `system': string contains null byte (ArgumentError)
from /tmp/a:14:in `block (2 levels) in <main>'
from /tmp/a:12:in `times'
from /tmp/a:12:in `block in <main>'
from /tmp/a:7:in `each'
from /tmp/a:7:in `<main>'
Updated by 
Updated by 
Updated by
Actions
Like0
Like0Like0Like0Like0Like0Like0