Bug #13084
closedString cast to Rational on 2.4.0p0 results in SegFault with Mathn required
Description
See the below example, while mathn
is required recasting a string into a Rational causes a SegFault. Remove mathn and the code will not crash.
require 'mathn'
# Both result in Segfault
Rational("5/5")
"5/5".to_r
segfault_test.rb:5: [BUG] Segmentation fault at 0x0000000000001b
ruby 2.4.0p0 (2016-12-24 revision 57164) [x86_64-darwin16]
-- Crash Report log information --------------------------------------------
See Crash Report log file under the one of following:
* ~/Library/Logs/CrashReporter
* /Library/Logs/CrashReporter
* ~/Library/Logs/DiagnosticReports
* /Library/Logs/DiagnosticReports
for more details.
Don't forget to include the above Crash Report log file in bug reports.
-- Control frame information -----------------------------------------------
c:0003 p:---- s:0010 e:000009 CFUNC :to_r
c:0002 p:0016 s:0006 e:000005 EVAL segfault_test.rb:5 [FINISH]
c:0001 p:0000 s:0003 E:0022d0 (none) [FINISH]
-- Ruby level backtrace information ----------------------------------------
segfault_test.rb:5:in <main>' segfault_test.rb:5:in
to_r'
-- Machine register context ------------------------------------------------
rax: 0x0000000000000000 rbx: 0x000000000000000b rcx: 0xaf82f5dc522c0078
rdx: 0x00007fff5106bcc1 rdi: 0x000000000000000b rsi: 0x000000000000000b
rbp: 0x00007fff5106bd10 rsp: 0x00007fff5106bcf0 r8: 0x00007fff5106bc4c
r9: 0x000000000000000a r10: 0x0000000000000005 r11: 0x000000000000000a
r12: 0x0000000000004000 r13: 0x000000000000003f r14: 0x000000000000000b
r15: 0x00007fff5106bd98 rip: 0x000000010ec9f90a rfl: 0x0000000000010246
-- C level backtrace information -------------------------------------------
0 ruby 0x000000010ed5efe4 rb_vm_bugreport + 388
1 ruby 0x000000010ebf93da rb_bug_context + 490
2 ruby 0x000000010ecdaf48 sigsegv + 72
3 libsystem_platform.dylib 0x00007fffba3b2bba _sigtramp + 26
4 ruby 0x000000010ec9f90a nurat_div + 266
5 ruby 0x000000010ec9eb71 parse_rat + 593
6 ruby 0x000000010eca1a91 string_to_r + 145
7 ruby 0x000000010ed5246e vm_call_cfunc + 302
8 ruby 0x000000010ed3c78c vm_exec_core + 11932
9 ruby 0x000000010ed4cfc4 vm_exec + 116
10 ruby 0x000000010ec02028 ruby_exec_internal + 136
11 ruby 0x000000010ec01f46 ruby_run_node + 54
12 ruby 0x000000010eb935cf main + 79
-- Other runtime information -----------------------------------------------
-
Loaded script: segfault_test.rb
-
Loaded features:
0 enumerator.so
1 thread.rb
2 rational.so
3 complex.so
4 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/x86_64-darwin16/enc/encdb.bundle
5 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/x86_64-darwin16/enc/trans/transdb.bundle
6 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/unicode_normalize.rb
7 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/x86_64-darwin16/rbconfig.rb
8 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/rubygems/compatibility.rb
9 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/rubygems/defaults.rb
10 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/rubygems/deprecate.rb
11 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/rubygems/errors.rb
12 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/rubygems/version.rb
13 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/rubygems/requirement.rb
14 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/rubygems/platform.rb
15 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/rubygems/basic_specification.rb
16 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/rubygems/stub_specification.rb
17 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/rubygems/util/list.rb
18 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/x86_64-darwin16/stringio.bundle
19 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/rubygems/specification.rb
20 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/rubygems/exceptions.rb
21 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/rubygems/dependency.rb
22 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/rubygems/core_ext/kernel_gem.rb
23 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/monitor.rb
24 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/rubygems/core_ext/kernel_require.rb
25 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/rubygems.rb
26 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/rubygems/path_support.rb
27 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/gems/2.4.0/gems/did_you_mean-1.1.0/lib/did_you_mean/version.rb
28 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/gems/2.4.0/gems/did_you_mean-1.1.0/lib/did_you_mean/core_ext/name_error.rb
29 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/gems/2.4.0/gems/did_you_mean-1.1.0/lib/did_you_mean/levenshtein.rb
30 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/gems/2.4.0/gems/did_you_mean-1.1.0/lib/did_you_mean/jaro_winkler.rb
31 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/gems/2.4.0/gems/did_you_mean-1.1.0/lib/did_you_mean/spell_checker.rb
32 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/delegate.rb
33 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/gems/2.4.0/gems/did_you_mean-1.1.0/lib/did_you_mean/spell_checkers/name_error_checkers/class_name_checker.rb
34 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/gems/2.4.0/gems/did_you_mean-1.1.0/lib/did_you_mean/spell_checkers/name_error_checkers/variable_name_checker.rb
35 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/gems/2.4.0/gems/did_you_mean-1.1.0/lib/did_you_mean/spell_checkers/name_error_checkers.rb
36 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/gems/2.4.0/gems/did_you_mean-1.1.0/lib/did_you_mean/spell_checkers/method_name_checker.rb
37 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/gems/2.4.0/gems/did_you_mean-1.1.0/lib/did_you_mean/spell_checkers/null_checker.rb
38 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/gems/2.4.0/gems/did_you_mean-1.1.0/lib/did_you_mean/formatter.rb
39 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/gems/2.4.0/gems/did_you_mean-1.1.0/lib/did_you_mean.rb
40 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/cmath.rb
41 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/e2mmap.rb
42 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/matrix.rb
43 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/singleton.rb
44 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/forwardable/impl.rb
45 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/forwardable.rb
46 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/prime.rb
47 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/x86_64-darwin16/mathn/rational.bundle
48 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/x86_64-darwin16/mathn/complex.bundle
49 /Users/rposborne/.rbenv/versions/2.4.0/lib/ruby/2.4.0/mathn.rb
[NOTE]
You may have encountered a bug in the Ruby interpreter or extension libraries.
Bug reports are welcome.
For details: http://www.ruby-lang.org/bugreport.html
[1] 1319 abort ruby segfault_test.rb
Updated by burningpony (Russell Osborne) over 7 years ago
Can be replicated on Linux via Docker
Below Segfaults
docker run -it ruby:slim ruby -e 'require "mathn"; p Rational("5/5");'
Below Returns Expected Result
docker run -it ruby:slim ruby -e 'p Rational("5/5");'
Updated by burningpony (Russell Osborne) over 7 years ago
- Subject changed from String Cast to Rational on 2.4.0p0 results in SegFault with Mathn Required to String cast to Rational on 2.4.0p0 results in SegFault with Mathn required
Updated by nobu (Nobuyoshi Nakada) over 7 years ago
- Status changed from Open to Closed
Applied in changeset r57232.
rational.c: fix for mathn
- rational.c (read_num, read_rat_nos): dispatch by the type of numerator, for
mathn. [ruby-core:78893] [Bug #13084]
Updated by naruse (Yui NARUSE) about 7 years ago
- Backport changed from 2.2: UNKNOWN, 2.3: UNKNOWN, 2.4: UNKNOWN to 2.2: UNKNOWN, 2.3: UNKNOWN, 2.4: DONE
ruby_2_4 r57843 merged revision(s) 57232.