Bug #8756

SEGFAULT caused by `p Struct.new(:q?).instance_methods`

Added by Trent Ogren over 1 year ago. Updated about 1 year ago.

[ruby-core:<unknown>]
Status:Closed
Priority:Normal
Assignee:Masaki Matsushita
ruby -v:ruby 2.0.0p247 (2013-06-27 revision 41674) [x86_64-darwin12.4.0] Backport:1.9.3: DONTNEED, 2.0.0: DONE

Description

Printing the instance methods for a Struct with a member name ending in a question mark causes a seg fault. I've confirmed this using the 2.0.0p247 on OS X and linux.

Here's the minimal test case for reproducing from a shell:

$ ruby -e 'p Struct.new(:q?).instance_methods'
-e:1: [BUG] Segmentation fault
ruby 2.0.0p247 (2013-06-27 revision 41674) [x86_64-darwin12.4.0]

-- Crash Report log information --------------------------------------------
See Crash Report log file under the one of following:
* ~/Library/Logs/CrashReporter
* /Library/Logs/CrashReporter
* ~/Library/Logs/DiagnosticReports
* /Library/Logs/DiagnosticReports
the more detail of.

-- Control frame information -----------------------------------------------
c:0005 p:---- s:0012 e:000011 CFUNC :inspect
c:0004 p:---- s:0010 e:000009 CFUNC :inspect
c:0003 p:---- s:0008 e:000007 CFUNC :p
c:0002 p:0018 s:0004 E:0014b8 EVAL -e:1 [FINISH]
c:0001 p:0000 s:0002 E:000768 TOP [FINISH]

-e:1:in <main>'
-e:1:in
p'
-e:1:in inspect'
-e:1:in
inspect'

-- C level backtrace information -------------------------------------------

-- Other runtime information -----------------------------------------------

  • Loaded script: -e

  • Loaded features:

    0 enumerator.so
    1 ~/.rbenv/versions/2.0.0-p247/lib/ruby/2.0.0/x86_64-darwin12.4.0/enc/encdb.bundle
    2 ~/.rbenv/versions/2.0.0-p247/lib/ruby/2.0.0/x86_64-darwin12.4.0/enc/trans/transdb.bundle
    3 ~/.rbenv/versions/2.0.0-p247/lib/ruby/2.0.0/x86_64-darwin12.4.0/rbconfig.rb
    4 ~/.rbenv/versions/2.0.0-p247/lib/ruby/2.0.0/rubygems/compatibility.rb
    5 ~/.rbenv/versions/2.0.0-p247/lib/ruby/2.0.0/rubygems/defaults.rb
    6 ~/.rbenv/versions/2.0.0-p247/lib/ruby/2.0.0/rubygems/deprecate.rb
    7 ~/.rbenv/versions/2.0.0-p247/lib/ruby/2.0.0/rubygems/errors.rb
    8 ~/.rbenv/versions/2.0.0-p247/lib/ruby/2.0.0/rubygems/version.rb
    9 ~/.rbenv/versions/2.0.0-p247/lib/ruby/2.0.0/rubygems/requirement.rb
    10 ~/.rbenv/versions/2.0.0-p247/lib/ruby/2.0.0/rubygems/platform.rb
    11 ~/.rbenv/versions/2.0.0-p247/lib/ruby/2.0.0/rubygems/specification.rb
    12 ~/.rbenv/versions/2.0.0-p247/lib/ruby/2.0.0/rubygems/exceptions.rb
    13 ~/.rbenv/versions/2.0.0-p247/lib/ruby/2.0.0/rubygems/core_ext/kernel_gem.rb
    14 ~/.rbenv/versions/2.0.0-p247/lib/ruby/2.0.0/rubygems/core_ext/kernel_require.rb
    15 ~/.rbenv/versions/2.0.0-p247/lib/ruby/2.0.0/rubygems.rb

[NOTE]
You may have encountered a bug in the Ruby interpreter or extension libraries.
Bug reports are welcome.
For details: http://www.ruby-lang.org/bugreport.html

Abort trap: 6


Related issues

Related to Ruby trunk - Bug #7575: Struct のメンバーをアクセサで参照できない事がある Closed 12/16/2012
Duplicated by Backport200 - Backport #9248: Struct methods, segmentation fault Closed 12/14/2013

Associated revisions

Revision 42490
Added by Nobuyoshi Nakada over 1 year ago

parse.y: non-local/const attrset

  • parse.y (rb_id_attrset): allow other than ID_ATTRSET.
  • parse.y (intern_str): ditto. try stem ID for ID_INSTANCE, ID_GLOBAL, ID_CLASS, ID_JUNK too. [Bug #8756]

Revision 42490
Added by Nobuyoshi Nakada over 1 year ago

parse.y: non-local/const attrset

  • parse.y (rb_id_attrset): allow other than ID_ATTRSET.
  • parse.y (intern_str): ditto. try stem ID for ID_INSTANCE, ID_GLOBAL, ID_CLASS, ID_JUNK too. [Bug #8756]

Revision 42509
Added by Nobuyoshi Nakada over 1 year ago

parse.y: non-local/const attrset

  • parse.y (rb_enc_symname_type): allow ID_ATTRSET for ID_INSTANCE, ID_GLOBAL, ID_CLASS, ID_JUNK too. [Bug #8756]

Revision 42509
Added by Nobuyoshi Nakada over 1 year ago

parse.y: non-local/const attrset

  • parse.y (rb_enc_symname_type): allow ID_ATTRSET for ID_INSTANCE, ID_GLOBAL, ID_CLASS, ID_JUNK too. [Bug #8756]

Revision 44926
Added by Nobuyoshi Nakada about 1 year ago

parse.y: attrset from junk ID

  • parse.y (IDSET_ATTRSET_FOR_INTERN): fix off-by-one bug.
  • parse.y (rb_enc_symname_type): junk ID succeeded by '=' is also attrset ID. [Bug #8756]

Revision 44926
Added by Nobuyoshi Nakada about 1 year ago

parse.y: attrset from junk ID

  • parse.y (IDSET_ATTRSET_FOR_INTERN): fix off-by-one bug.
  • parse.y (rb_enc_symname_type): junk ID succeeded by '=' is also attrset ID. [Bug #8756]

History

#1 Updated by Heesob Park over 1 year ago

Such a name like :q? or :q! should not be allowed as an attribute of a Struct.

Here is a patch:

diff --git a/struct.c b/struct.c.new
index 60f4ebe..a777ded 100644
--- a/struct.c
+++ b/struct.c.new
@@ -211,6 +211,9 @@ setup_struct(VALUE nstr, VALUE members)
len = RARRAY_LEN(members);
for (i=0; i< len; i++) {
ID id = SYM2ID(ptr_members[i]);
+ if(rb_is_junk_id(id)) {
+ rb_name_error(id, "invalid attribute name `%s'", rb_id2name(id));
+ }
if (i < N_REF_FUNC) {
rb_define_method_id(nstr, id, ref_func[i], 0);
}

#2 Updated by Masaki Matsushita over 1 year ago

  • Category set to core
  • Status changed from Open to Assigned
  • Assignee set to Masaki Matsushita

#3 Updated by Nobuyoshi Nakada over 1 year ago

  • Status changed from Assigned to Closed
  • % Done changed from 0 to 100

This issue was solved with changeset r42490.
Trent, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.


parse.y: non-local/const attrset

  • parse.y (rb_id_attrset): allow other than ID_ATTRSET.
  • parse.y (intern_str): ditto. try stem ID for ID_INSTANCE, ID_GLOBAL, ID_CLASS, ID_JUNK too. [Bug #8756]

#4 Updated by Nobuyoshi Nakada about 1 year ago

  • Backport changed from 1.9.3: UNKNOWN, 2.0.0: UNKNOWN to 1.9.3: DONTNEED, 2.0.0: DONTNEED

r42479, r43083, r43085 seem also needed.

#5 Updated by Nobuyoshi Nakada about 1 year ago

  • Backport changed from 1.9.3: DONTNEED, 2.0.0: DONTNEED to 1.9.3: DONTNEED, 2.0.0: REQUIRED

#6 Updated by Tomoyuki Chikanaga about 1 year ago

  • Backport changed from 1.9.3: DONTNEED, 2.0.0: REQUIRED to 1.9.3: DONTNEED, 2.0.0: DONE

r42479, r42490, r42509, r43083, r43084 and r43085 were backported to ruby_2_0_0 branch at r44911.

#8 Updated by Tomoyuki Chikanaga about 1 year ago

Additionally r44926 was backported ruby_2_0_0 at r44975.

Also available in: Atom PDF