Project

General

Profile

Actions

Bug #15282

closed

Segfault (null pointer dereference) in variable.c iv_index_tbl_make

Added by bannable (Joe Truba) over 5 years ago. Updated over 5 years ago.

Status:
Closed
Assignee:
-
Target version:
-
ruby -v:
ruby 2.6.0dev (2018-10-31 trunk 65474) [x86_64-linux]
[ruby-core:89712]

Description

Reproducer and crash:

jtruba@dev118:~/rubies/ruby-trunk$ ./ruby -e 'END{n}; END{return}'
-e: unexpected return
-e:1: [BUG] Segmentation fault at 0x0000000000000018
ruby 2.6.0dev (2018-10-31 trunk 65474) [x86_64-linux]

-- Control frame information -----------------------------------------------
c:0002 p:0005 s:0006 e:000005 BLOCK  -e:1 [FINISH]
c:0001 p:0000 s:0003 E:001f70 (none) [FINISH]

-- Ruby level backtrace information ----------------------------------------
-e:1:in `block in <main>'

-- Machine register context ------------------------------------------------
 RIP: 0x0000558a0d22b27f RBP: 0xfffffffffffffffc RSP: 0x00007ffcc4d3b930
 RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x2f8f3584713a1d00
 RDX: 0x0000558a0d703ed0 RDI: 0x00007f7c5a588c90 RSI: 0x000000000000148e
  R8: 0x0000000000000000  R9: 0x0000000000000002 R10: 0x00007f7c5a588bf8
 R11: 0x00007f7c5a3fa778 R12: 0x0000558a0d6f2350 R13: 0x00007f7c5a588c88
 R14: 0x0000000000000008 R15: 0x0000000000001ec1 EFL: 0x0000000000010246

-- C level backtrace information -------------------------------------------
/home/jtruba/rubies/ruby-trunk/ruby(rb_print_backtrace+0x14) [0x558a0d3fba70] vm_dump.c:715
/home/jtruba/rubies/ruby-trunk/ruby(rb_vm_bugreport) vm_dump.c:985
/home/jtruba/rubies/ruby-trunk/ruby(bug_report_end+0x0) [0x558a0d3d6a50] error.c:610
/home/jtruba/rubies/ruby-trunk/ruby(rb_bug_context) error.c:610
/home/jtruba/rubies/ruby-trunk/ruby(sigsegv+0x6f) [0x558a0d14ec8f] signal.c:998
/lib/x86_64-linux-gnu/libpthread.so.0(__restore_rt+0x0) [0x7f7c5bfe2890] ../nptl/sysdeps/pthread/funlockfile.c:29
/home/jtruba/rubies/ruby-trunk/ruby(iv_index_tbl_make+0xb) [0x558a0d22b27f] variable.c:1297
/home/jtruba/rubies/ruby-trunk/ruby(generic_ivar_set) variable.c:1327
/home/jtruba/rubies/ruby-trunk/ruby(rb_ivar_set) variable.c:1460
/home/jtruba/rubies/ruby-trunk/ruby(exc_setup_cause+0x7f) [0x558a0cf0f0ab] eval.c:484
/home/jtruba/rubies/ruby-trunk/ruby(setup_exception) eval.c:535
/home/jtruba/rubies/ruby-trunk/ruby(rb_longjmp+0x67) [0x558a0cf09027] eval.c:615
/home/jtruba/rubies/ruby-trunk/ruby(rb_exc_raise+0x15d) [0x558a0cf064fd] eval.c:635
/home/jtruba/rubies/ruby-trunk/ruby(raise_method_missing+0x4c3) [0x558a0d2899a3] ./vm_eval.c:698
/home/jtruba/rubies/ruby-trunk/ruby(rb_method_missing+0x4c) [0x558a0d268cbc] ./vm_eval.c:636
/home/jtruba/rubies/ruby-trunk/ruby(call_cfunc_m1+0x48) [0x558a0d28d2b8] ./vm_insnhelper.c:1740
/home/jtruba/rubies/ruby-trunk/ruby(vm_call_cfunc_with_frame+0x36199d) [0x558a0d27cebf] ./vm_insnhelper.c:1905
/home/jtruba/rubies/ruby-trunk/ruby(vm_call_cfunc) ./vm_insnhelper.c:1921
/home/jtruba/rubies/ruby-trunk/ruby(vm_call_method_each_type+0x2fa) [0x558a0d27992a] ./vm_insnhelper.c:2243
./ruby(0x558a0d279560) [0x558a0d279560]
/home/jtruba/rubies/ruby-trunk/ruby(vm_call_method_missing+0x285) [0x558a0d27b905] ./vm_insnhelper.c:2113
./ruby(0x558a0d27946c) [0x558a0d27946c]
/home/jtruba/rubies/ruby-trunk/ruby(vm_call_general+0x3c) [0x558a0d23ca7c] ./vm_insnhelper.c:2412
/home/jtruba/rubies/ruby-trunk/ruby(vm_exec_core+0x7bcb) [0x558a0d24531b] insns.def:766
./ruby(rb_vm_exec+0x1894) [0x558a0d271874]
/home/jtruba/rubies/ruby-trunk/ruby(invoke_block+0x3619b1) [0x558a0d2913d2] vm.c:1007
/home/jtruba/rubies/ruby-trunk/ruby(invoke_iseq_block_from_c) vm.c:1059
/home/jtruba/rubies/ruby-trunk/ruby(invoke_block_from_c_proc+0x361975) [0x558a0d26c519] vm.c:1152
/home/jtruba/rubies/ruby-trunk/ruby(rb_vm_invoke_bmethod) vm.c:1177
/home/jtruba/rubies/ruby-trunk/ruby(rb_vm_invoke_proc) vm.c:1188
/home/jtruba/rubies/ruby-trunk/ruby(rb_proc_call+0x1d5) [0x558a0d082a85] proc.c:881
/home/jtruba/rubies/ruby-trunk/ruby(rb_call_end_proc+0x4d) [0x558a0cf068bd] ./eval_jump.c:13
/home/jtruba/rubies/ruby-trunk/ruby(exec_end_procs_chain+0x6f) [0x558a0cf06d8c] ./eval_jump.c:105
/home/jtruba/rubies/ruby-trunk/ruby(rb_exec_end_proc) ./eval_jump.c:121
/home/jtruba/rubies/ruby-trunk/ruby(ruby_finalize_0+0x142) [0x558a0cf07f4f] eval.c:137
/home/jtruba/rubies/ruby-trunk/ruby(ruby_cleanup) eval.c:194
/home/jtruba/rubies/ruby-trunk/ruby(ruby_run_node+0xaf) [0x558a0cf0877f] eval.c:317
/home/jtruba/rubies/ruby-trunk/ruby(main+0x98) [0x558a0cf03068] ./main.c:42

-- Other runtime information -----------------------------------------------
* Loaded script: -e                                                                                                                                                                                                                                                                                                                                                                                                                [0/10135]

* Loaded features:

    0 enumerator.so
    1 thread.rb
    2 rational.so
    3 complex.so
    4 /home/jtruba/.rubies/ruby-trunk/lib/ruby/2.6.0/x86_64-linux/enc/encdb.so
    5 /home/jtruba/.rubies/ruby-trunk/lib/ruby/2.6.0/x86_64-linux/enc/trans/transdb.so

* Process memory map:

558a0ceda000-558a0d4ed000 r-xp 00000000 103:00 78000787                  /home/jtruba/rubies/ruby-trunk/ruby
558a0d6ec000-558a0d6f3000 rw-p 00612000 103:00 78000787                  /home/jtruba/rubies/ruby-trunk/ruby
558a0d6f3000-558a0d714000 rw-p 00000000 00:00 0
7f7c56dc5000-7f7c56f6e000 r--s 00000000 103:03 786457                    /lib/x86_64-linux-gnu/libc-2.19.so
7f7c56f6e000-7f7c57012000 r--s 00000000 103:03 660408                    /usr/lib/debug/lib/x86_64-linux-gnu/libpthread-2.19.so
7f7c57012000-7f7c57fe7000 r--s 00000000 103:00 78000787                  /home/jtruba/rubies/ruby-trunk/ruby
7f7c57fe7000-7f7c57ffd000 r-xp 00000000 103:03 786893                    /lib/x86_64-linux-gnu/libgcc_s.so.1
7f7c57ffd000-7f7c581fc000 ---p 00016000 103:03 786893                    /lib/x86_64-linux-gnu/libgcc_s.so.1
7f7c581fc000-7f7c581fd000 rw-p 00015000 103:03 786893                    /lib/x86_64-linux-gnu/libgcc_s.so.1
7f7c581fd000-7f7c581ff000 r-xp 00000000 103:00 80759003                  /home/jtruba/.rubies/ruby-trunk/lib/ruby/2.6.0/x86_64-linux/enc/trans/transdb.so
7f7c581ff000-7f7c583ff000 ---p 00002000 103:00 80759003                  /home/jtruba/.rubies/ruby-trunk/lib/ruby/2.6.0/x86_64-linux/enc/trans/transdb.so
7f7c583ff000-7f7c58400000 rw-p 00002000 103:00 80759003                  /home/jtruba/.rubies/ruby-trunk/lib/ruby/2.6.0/x86_64-linux/enc/trans/transdb.so
7f7c58400000-7f7c5a400000 rw-p 00000000 00:00 0
7f7c5a400000-7f7c5ac00000 rw-p 00000000 00:00 0
7f7c5ac27000-7f7c5ac29000 r-xp 00000000 103:00 80759038                  /home/jtruba/.rubies/ruby-trunk/lib/ruby/2.6.0/x86_64-linux/enc/encdb.so
7f7c5ac29000-7f7c5ae28000 ---p 00002000 103:00 80759038                  /home/jtruba/.rubies/ruby-trunk/lib/ruby/2.6.0/x86_64-linux/enc/encdb.so
7f7c5ae28000-7f7c5ae29000 rw-p 00001000 103:00 80759038                  /home/jtruba/.rubies/ruby-trunk/lib/ruby/2.6.0/x86_64-linux/enc/encdb.so
7f7c5ae29000-7f7c5afca000 r-xp 00000000 103:03 786457                    /lib/x86_64-linux-gnu/libc-2.19.so
7f7c5afca000-7f7c5b1ca000 ---p 001a1000 103:03 786457                    /lib/x86_64-linux-gnu/libc-2.19.so
7f7c5b1ca000-7f7c5b1ce000 r--p 001a1000 103:03 786457                    /lib/x86_64-linux-gnu/libc-2.19.so
7f7c5b1ce000-7f7c5b1d0000 rw-p 001a5000 103:03 786457                    /lib/x86_64-linux-gnu/libc-2.19.so
7f7c5b1d0000-7f7c5b1d4000 rw-p 00000000 00:00 0
7f7c5b1d4000-7f7c5b2d4000 r-xp 00000000 103:03 786463                    /lib/x86_64-linux-gnu/libm-2.19.so
7f7c5b2d4000-7f7c5b4d3000 ---p 00100000 103:03 786463                    /lib/x86_64-linux-gnu/libm-2.19.so
7f7c5b4d3000-7f7c5b4d4000 r--p 000ff000 103:03 786463                    /lib/x86_64-linux-gnu/libm-2.19.so
7f7c5b4d4000-7f7c5b4d5000 rw-p 00100000 103:03 786463                    /lib/x86_64-linux-gnu/libm-2.19.so
7f7c5b4d5000-7f7c5b4dd000 r-xp 00000000 103:03 786461                    /lib/x86_64-linux-gnu/libcrypt-2.19.so
7f7c5b4dd000-7f7c5b6dc000 ---p 00008000 103:03 786461                    /lib/x86_64-linux-gnu/libcrypt-2.19.so
7f7c5b6dc000-7f7c5b6dd000 r--p 00007000 103:03 786461                    /lib/x86_64-linux-gnu/libcrypt-2.19.so
7f7c5b6dd000-7f7c5b6de000 rw-p 00008000 103:03 786461                    /lib/x86_64-linux-gnu/libcrypt-2.19.so
7f7c5b6de000-7f7c5b70c000 rw-p 00000000 00:00 0
7f7c5b70c000-7f7c5b70f000 r-xp 00000000 103:03 786462                    /lib/x86_64-linux-gnu/libdl-2.19.so
7f7c5b70f000-7f7c5b90e000 ---p 00003000 103:03 786462                    /lib/x86_64-linux-gnu/libdl-2.19.so
7f7c5b90e000-7f7c5b90f000 r--p 00002000 103:03 786462                    /lib/x86_64-linux-gnu/libdl-2.19.so
7f7c5b90f000-7f7c5b910000 rw-p 00003000 103:03 786462                    /lib/x86_64-linux-gnu/libdl-2.19.so
7f7c5b910000-7f7c5b991000 r-xp 00000000 103:03 266462                    /usr/lib/x86_64-linux-gnu/libgmp.so.10.2.0
7f7c5b991000-7f7c5bb91000 ---p 00081000 103:03 266462                    /usr/lib/x86_64-linux-gnu/libgmp.so.10.2.0
7f7c5bb91000-7f7c5bb92000 r--p 00081000 103:03 266462                    /usr/lib/x86_64-linux-gnu/libgmp.so.10.2.0
7f7c5bb92000-7f7c5bb93000 rw-p 00082000 103:03 266462                    /usr/lib/x86_64-linux-gnu/libgmp.so.10.2.0
7f7c5bb93000-7f7c5bbc7000 r-xp 00000000 103:03 279726                    /usr/lib/x86_64-linux-gnu/libjemalloc.so.1
7f7c5bbc7000-7f7c5bdc7000 ---p 00034000 103:03 279726                    /usr/lib/x86_64-linux-gnu/libjemalloc.so.1
7f7c5bdc7000-7f7c5bdc9000 r--p 00034000 103:03 279726                    /usr/lib/x86_64-linux-gnu/libjemalloc.so.1
7f7c5bdc9000-7f7c5bdca000 rw-p 00036000 103:03 279726                    /usr/lib/x86_64-linux-gnu/libjemalloc.so.1
7f7c5bdca000-7f7c5bdcb000 rw-p 00000000 00:00 0
7f7c5bdcb000-7f7c5bdd2000 r-xp 00000000 103:03 786474                    /lib/x86_64-linux-gnu/librt-2.19.so
7f7c5bdd2000-7f7c5bfd1000 ---p 00007000 103:03 786474                    /lib/x86_64-linux-gnu/librt-2.19.so
7f7c5bfd1000-7f7c5bfd2000 r--p 00006000 103:03 786474                    /lib/x86_64-linux-gnu/librt-2.19.so
7f7c5bfd2000-7f7c5bfd3000 rw-p 00007000 103:03 786474                    /lib/x86_64-linux-gnu/librt-2.19.so
7f7c5bfd3000-7f7c5bfeb000 r-xp 00000000 103:03 786451                    /lib/x86_64-linux-gnu/libpthread-2.19.so
7f7c5bfeb000-7f7c5c1ea000 ---p 00018000 103:03 786451                    /lib/x86_64-linux-gnu/libpthread-2.19.so
7f7c5c1ea000-7f7c5c1eb000 r--p 00017000 103:03 786451                    /lib/x86_64-linux-gnu/libpthread-2.19.so
7f7c5c1eb000-7f7c5c1ec000 rw-p 00018000 103:03 786451                    /lib/x86_64-linux-gnu/libpthread-2.19.so
7f7c5c1ec000-7f7c5c1f0000 rw-p 00000000 00:00 0
7f7c5c1f0000-7f7c5c211000 r-xp 00000000 103:03 786452                    /lib/x86_64-linux-gnu/ld-2.19.so
7f7c5c24c000-7f7c5c26e000 r--s 00000000 103:03 786451                    /lib/x86_64-linux-gnu/libpthread-2.19.so
7f7c5c26e000-7f7c5c3f7000 r--p 00000000 103:03 283083                    /usr/lib/locale/locale-archive
7f7c5c3f7000-7f7c5c3fd000 rw-p 00000000 00:00 0
7f7c5c40d000-7f7c5c40e000 rw-p 00000000 00:00 0
7f7c5c40e000-7f7c5c410000 rw-p 00000000 00:00 0
7f7c5c410000-7f7c5c411000 r--p 00020000 103:03 786452                    /lib/x86_64-linux-gnu/ld-2.19.so
7f7c5c411000-7f7c5c412000 rw-p 00021000 103:03 786452                    /lib/x86_64-linux-gnu/ld-2.19.so
7f7c5c412000-7f7c5c413000 rw-p 00000000 00:00 0
7ffcc453f000-7ffcc4d3e000 rw-p 00000000 00:00 0                          [stack]
7ffcc4db1000-7ffcc4db3000 r--p 00000000 00:00 0                          [vvar]
7ffcc4db3000-7ffcc4db5000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]


[NOTE]
You may have encountered a bug in the Ruby interpreter or extension libraries.
Bug reports are welcome.
For details: https://www.ruby-lang.org/bugreport.html

Aborted

I've confirmed this crashes in 2.4.4, 2.5.1 and ruby 2.6.0dev (2018-10-31 trunk 65474) [x86_64-linux]


Related issues 1 (0 open1 closed)

Related to Ruby master - Bug #15766: Crash in 2.4, 2.5 involving at_exitClosedActions
Actions #1

Updated by naruse (Yui NARUSE) over 5 years ago

  • Status changed from Open to Closed

Applied in changeset trunk|r65554.


Don't set throw data as cause [Bug #15282]

Actions #2

Updated by nobu (Nobuyoshi Nakada) over 5 years ago

  • Backport changed from 2.3: UNKNOWN, 2.4: UNKNOWN, 2.5: UNKNOWN to 2.3: DONTNEED, 2.4: REQUIRED, 2.5: REQUIRED

Updated by nagachika (Tomoyuki Chikanaga) over 5 years ago

  • Backport changed from 2.3: DONTNEED, 2.4: REQUIRED, 2.5: REQUIRED to 2.3: DONTNEED, 2.4: REQUIRED, 2.5: DONE

ruby_2_5 r65582 merged revision(s) 65554.

Actions #4

Updated by nagachika (Tomoyuki Chikanaga) almost 5 years ago

  • Related to Bug #15766: Crash in 2.4, 2.5 involving at_exit added
Actions

Also available in: Atom PDF

Like0
Like0Like0Like0Like0