Bug #9657

Segfault in bigdecimal/util.rb Float#to_d

Added by Dieter Komendera almost 3 years ago. Updated over 2 years ago.

Target version:
ruby -v:
ruby 2.1.1p76 (2014-02-24 revision 45161) [x86_64-linux]


We're seeing some segfaults with ActiveRecord (rails 4-1-0 branch) when running on travis ci.

Haven't been able to reproduce yet, but we're seeing about a dozen build failures until now but still wanted to share it.
Maybe someone with more clue about that stuff has some idea what's going on and can point in some direction.

/home/travis/build/<project>/vendor/bundle/ruby/2.1.0/extensions/x86_64-linux/2.1.0/bigdecimal-1.2.5/bigdecimal/util.rb:39: [BUG] Segmentation fault at 0x000000acde0834
ruby 2.1.1p76 (2014-02-24 revision 45161) [x86_64-linux]
-- Control frame information -----------------------------------------------
c:0139 p:---- s:0636 e:000635 CFUNC  :BigDecimal
c:0138 p:0028 s:0631 e:000630 METHOD /home/travis/build/<project>/vendor/bundle/ruby/2.1.0/extensions/x86_64-linux/2.1.0/bigdecimal-1.2.5/bigdecimal/u
c:0137 p:0049 s:0627 e:000626 METHOD /home/travis/build<project>/vendor/bundle/ruby/2.1.0/bundler/gems/rails-00b7a21e592a/activerecord/lib/active_rec
c:0136 p:0035 s:0623 e:000622 METHOD /home/travis/build/<project>vendor/bundle/ruby/2.1.0/bundler/gems/rails-00b7a21e592a/activerecord/lib/active_rec
c:0135 p:0049 s:0619 e:000618 METHOD /home/travis/build/<project>/vendor/bundle/ruby/2.1.0/bundler/gems/rails-00b7a21e592a/activerecord/lib/active_rec
c:0134 p:0105 s:0615 e:000611 BLOCK  /home/travis/build/<project>/vendor/bundle/ruby/2.1.0/bundler/gems/rails-00b7a21e592a/activerecord/lib/active_rec [FINISH]

segfault_bigdecimal_ruby211.txt View (241 KB) Jérémy Lecour, 03/20/2014 03:26 PM

ruby_2014-03-20-161742_Polaris.crash (132 KB) Jérémy Lecour, 03/20/2014 03:26 PM

backtrace.txt View (40.5 KB) Eric Vautour, 04/03/2014 12:50 PM

Associated revisions

Revision 45815
Added by Tomoyuki Chikanaga over 2 years ago

merge revision(s) r45015: [Backport #9657]

* ext/bigdecimal/bigdecimal.c (BigDecimal_initialize): Insert GC guard.

* ext/bigdecimal/bigdecimal.c (BigDecimal_global_new): ditto.


#1 [ruby-core:61613] Updated by Jérémy Lecour almost 3 years ago

I've had the same issue.

I've attached the crash report and the segfault output

#2 [ruby-core:61617] Updated by Nobuyoshi Nakada almost 3 years ago

  • Description updated (diff)

Seems r45015.

#3 [ruby-core:61702] Updated by Brent Theisen almost 3 years ago

Same thing...

2.1.0/lib/ruby/2.1.0/bigdecimal/util.rb:18: [BUG] Segmentation fault at 0x00000030d99000
ruby 2.1.0p0 (2013-12-25 revision 44422) [x86_64-linux]

-- Control frame information -----------------------------------------------
c:0130 p:---- s:0568 e:000567 CFUNC  :BigDecimal
c:0129 p:0008 s:0564 e:000563 METHOD /var/lib/jenkins/.rvm/rubies/ruby-2.1.0/lib/ruby/2.1.0/bigdecimal/util.rb:18
c:0128 p:0041 s:0561 e:000560 METHOD /var/lib/jenkins/.rvm/gems/ruby-2.1.0/gems/activerecord-3.2.17/lib/active_record/connection_adapters/column.rb:190
c:0127 p:0027 s:0557 e:000556 METHOD /var/lib/jenkins/.rvm/gems/ruby-2.1.0/gems/activerecord-3.2.17/lib/active_record/attribute_methods/read.rb:84
c:0126 p:0076 s:0550 e:000549 METHOD /var/lib/jenkins/.rvm/gems/ruby-2.1.0/gems/activerecord-3.2.17/lib/active_record/attribute_methods/read.rb:46
c:0125 p:0017 s:0544 e:000543 METHOD /var/lib/jenkins/.rvm/gems/ruby-2.1.0/gems/activerecord-3.2.17/lib/active_record/attribute_methods/read.rb:127
c:0124 p:0014 s:0540 e:000536 BLOCK  /var/lib/jenkins/.rvm/gems/ruby-2.1.0/gems/activerecord-3.2.17/lib/active_record/attribute_methods.rb:185 [FINISH]
c:0123 p:---- s:0534 e:000533 CFUNC  :each
c:0122 p:0015 s:0531 e:000530 METHOD /var/lib/jenkins/.rvm/gems/ruby-2.1.0/gems/activerecord-3.2.17/lib/active_record/attribute_methods.rb:185
c:0121 p:0034 s:0527 e:000526 METHOD /var/lib/jenkins/.rvm/gems/ruby-2.1.0/gems/activerecord-3.2.17/lib/active_record/timestamp.rb:75
c:0120 p:0007 s:0524 e:000523 METHOD /var/lib/jenkins/.rvm/gems/ruby-2.1.0/gems/activerecord-3.2.17/lib/active_record/timestamp.rb:62
c:0119 p:0010 s:0519 e:000518 BLOCK  /var/lib/jenkins/.rvm/gems/ruby-2.1.0/gems/activerecord-3.2.17/lib/active_record/callbacks.rb:272
c:0118 p:0028 s:0517 e:000516 METHOD /var/lib/jenkins/.rvm/gems/ruby-2.1.0/gems/activesupport-3.2.17/lib/active_support/callbacks.rb:403
c:0117 p:0090 s:0512 e:000511 METHOD /var/lib/jenkins/.rvm/gems/ruby-2.1.0/gems/activesupport-3.2.17/lib/active_support/callbacks.rb:405
c:0116 p:0019 s:0503 e:000502 METHOD /var/lib/jenkins/.rvm/gems/ruby-2.1.0/gems/activesupport-3.2.17/lib/active_support/callbacks.rb:385
c:0115 p:0020 s:0498 e:000497 METHOD /var/lib/jenkins/.rvm/gems/ruby-2.1.0/gems/activesupport-3.2.17/lib/active_support/callbacks.rb:81
c:0114 p:0009 s:0492 E:001630 METHOD /var/lib/jenkins/.rvm/gems/ruby-2.1.0/gems/activerecord-3.2.17/lib/active_record/callbacks.rb:272
c:0113 p:0035 s:0488 e:000487 METHOD /var/lib/jenkins/.rvm/gems/ruby-2.1.0/gems/activerecord-3.2.17/lib/active_record/persistence.rb:348
c:0112 p:0008 s:0484 e:000483 BLOCK  /var/lib/jenkins/.rvm/gems/ruby-2.1.0/gems/activerecord-3.2.17/lib/active_record/callbacks.rb:264
c:0111 p:0901 s:0482 e:000481 BLOCK  /var/lib/jenkins/.rvm/gems/ruby-2.1.0/gems/activesupport-3.2.17/lib/active_support/callbacks.rb:624
c:0110 p:0007 s:0479 e:000478 BLOCK  /var/lib/jenkins/.rvm/gems/ruby-2.1.0/gems/activesupport-3.2.17/lib/active_support/callbacks.rb:215

#4 [ruby-core:61781] Updated by Brendan Doyle almost 3 years ago

Same thing as Dieter - intermittent fault at util.rb:39, haven't been able manually reproduce yet but it's happening regularly in production ( every few days )

/usr/local/rvm/rubies/ruby-2.1.1/lib/ruby/2.1.0/bigdecimal/util.rb:39: [BUG] Segmentation fault at 0x0000000ffe1000
ruby 2.1.1p76 (2014-02-24 revision 45161) [x86_64-linux]

-- Control frame information -----------------------------------------------
c:0057 p:---- s:0273 e:000272 CFUNC :BigDecimal
c:0056 p:0026 s:0268 e:000267 METHOD /usr/local/rvm/rubies/ruby-2.1.1/lib/ruby/2.1.0/bigdecimal/util.rb:39
c:0055 p:0041 s:0264 e:000263 METHOD /home/azoogle/projects/arcturus/shared/bundle/ruby/2.1.0/gems/activerecord-3.2.16/lib/active_record/connection_adapters/column.
c:0054 p:0171 s:0260 e:000259 METHOD /home/azoogle/projects/arcturus/shared/bundle/ruby/2.1.0/gems/activerecord-3.2.16/lib/active_record/connection_adapters/column.
c:0053 p:0064 s:0255 e:000253 BLOCK /home/azoogle/projects/arcturus/shared/bundle/ruby/2.1.0/gems/activerecord-import-0.2.9/lib/activerecord-import/import.rb:303 [FINISH]
c:0052 p:---- s:0249 e:000248 IFUNC
c:0051 p:---- s:0247 e:000246 IFUNC
c:0050 p:---- s:0245 e:000244 CFUNC :each
c:0049 p:---- s:0243 e:000242 CFUNC :each_with_index
c:0048 p:---- s:0241 e:000240 CFUNC :each
c:0047 p:---- s:0239 e:000238 CFUNC :map
c:0046 p:0010 s:0236 e:000235 BLOCK /home/azoogle/projects/arcturus/shared/bundle/ruby/2.1.0/gems/activerecord-import-0.2.9/lib/activerecord-import/import.rb:298 [FINISH]
c:0045 p:---- s:0232 e:000231 CFUNC :map
c:0044 p:0008 s:0229 e:000228 METHOD /home/azoogle/projects/arcturus/shared/bundle/ruby/2.1.0/gems/activerecord-import-0.2.9/lib/activerecord-import/import.rb:297
c:0043 p:0078 s:0224 e:000223 METHOD /home/azoogle/projects/arcturus/shared/bundle/ruby/2.1.0/gems/activerecord-import-0.2.9/lib/activerecord-import/import.rb:273
c:0042 p:0057 s:0212 e:000211 METHOD /home/azoogle/projects/arcturus/shared/bundle/ruby/2.1.0/gems/activerecord-import-0.2.9/lib/activerecord-import/import.rb:258
c:0041 p:0365 s:0203 e:000202 METHOD /home/azoogle/projects/arcturus/shared/bundle/ruby/2.1.0/gems/activerecord-import-0.2.9/lib/activerecord-import/import.rb:213

#5 [ruby-core:61799] Updated by _ wanabe almost 3 years ago

  • Backport changed from 2.0.0: UNKNOWN, 2.1: UNKNOWN to 2.0.0: REQUIRED, 2.1: REQUIRED

As nobu said, I guess that backporting r45015 helps to solve the issue.

#6 [ruby-core:61835] Updated by Eric Vautour almost 3 years ago

Same thing, but noticed *** glibc detected *** ruby: corrupted double-linked list: 0x00007f9c23f51fc0 *** in backtrace (See attached)

#7 [ruby-core:61862] Updated by Tieg Zaharia almost 3 years ago

Same thing happening here a few times a day while calling to_d. Same line: bigdecimal/util.rb:18. Rails 3.2.17 and 2.1.1p76.

#8 [ruby-core:61929] Updated by Tieg Zaharia almost 3 years ago

It seems like the fix might not make it out until 2.2.

If anyone runs into this while on 2.1, I was able to stop the segfaults by using BigDecimal coercion instead of to_d (BigDecimal_coerce has the GC guard). If you're using the money gem like above, you might even be able to monkeypatch Integer#to_d:

class Integer < Numeric
  ONE = BigDecimal(1)
  def to_d
    ONE * self

Note: the monkeypatch wouldn't be reliable if you're converting Floats tho: a_float.to_d == (ONE * a_float) isn't always true.

#9 [ruby-core:62001] Updated by Dieter Komendera almost 3 years ago

Tieg Zaharia wrote:

It seems like the fix might not make it out until 2.2.

I think as bigdecimal is released as its own gem, the fix could be released sooner than ruby 2.2?

#10 [ruby-core:62013] Updated by Tieg Zaharia almost 3 years ago

Ah, thanks Dieter, didn't think about that!

#11 [ruby-core:62061] Updated by Henrik Nyh almost 3 years ago

Patch file and a command to apply it, if you want to build Ruby 2.1.1 but with this patched:

#12 [ruby-core:62178] Updated by _ wanabe over 2 years ago

  • Status changed from Open to Closed

I close the ticket for backporting r45015.

I've confirmed that this issue is solved on trunk, by following code.

require 'bigdecimal'
GC.stress = true
(200..400).each do |i|
  p ** i) * ** i)

Above can cause SEGV without r45015, but can't with it.
(GC.stress = true affects xrealloc() because of r45653 and r45656. Thanks to Sasada-san and Nakada-san.)

#13 [ruby-core:62355] Updated by Tomoyuki Chikanaga over 2 years ago

  • Backport changed from 2.0.0: REQUIRED, 2.1: REQUIRED to 2.0.0: REQUIRED, 2.1: DONE

Thank you for notice this, wanabe san.

r45015 was backported into ruby_2_1 at r45815.

#14 [ruby-core:62364] Updated by Tieg Zaharia over 2 years ago

Thanks chikanagasan and wanabesan!

#15 [ruby-core:62451] Updated by Usaku NAKAMURA over 2 years ago

  • Backport changed from 2.0.0: REQUIRED, 2.1: DONE to 2.0.0: DONE, 2.1: DONE

backported into ruby_2_0_0 at r45869.
I couldn't reproduce SEGV with wanabe's script, but I believe the fix is right, or at least has no bad side effect :)

Also available in: Atom PDF