Project

General

Profile

Actions
Copy link

Bug #19773

closed

Intermittent SIGSEGV during marking of Ripper parser

Bug #19773: Intermittent SIGSEGV during marking of Ripper parser

Added by eightbitraptor (Matt V-H) over 2 years ago. Updated over 2 years ago.

Status:
Closed
Assignee:
-
Target version:
-
ruby -v:
Backport:
3.0: UNKNOWN, 3.1: UNKNOWN, 3.2: UNKNOWN
[ruby-core:114224]

Description

Github PR 8089

Intermittent SIGSEGV during marking of the Ripper parser. A failing build can be seen on ci.rvm.jp (build 4643684).

Inside ripper_s_allocate first we use TypedData_Make_Struct to create a new T_DATA object in the Ruby heap. This allocates an empty struct (struct ripper). Further down the function we allocate another struct (struct parser_params during rb_ruby_ripper_parser_allcoate) and assign it to a pointer from the first struct, which is attached to the T_DATA object.

rb_ruby_ripper_parser_allocate can trigger GC, as it uses ruby_xcalloc. But if GC is triggered at this point then the parser_params have not been allocated yet, and so the struct ripper contains a NULL reference.

This causes a SEGV when we try and mark the T_DATA wrapper around the struct ripper.

This can be replicated locally using the following test script

require "ripper"
GC.stress = true
Ripper.new

Updated by eightbitraptor (Matt V-H) over 2 years ago Actions
Copy link
 #1

  • Description updated (diff)

Updated by eightbitraptor (Matt V-H) over 2 years ago Actions
Copy link
 #2 [ruby-core:114227]

It looks like 3 of us have independently fixed this issue (in #8084, #8085, and #8089).

Nobu's fix in 8085 has already been merged so I'm closing this ticket.

Updated by eightbitraptor (Matt V-H) over 2 years ago Actions
Copy link
 #3

  • Status changed from Open to Closed
Actions
Copy link

Also available in: PDF Atom