Do not inspect NameError target object unless verbose
At least once every few months, we get an error report of JRuby raising a memory error where MRI does not due to
Message object holding a reference to an object that's too large to inspect. I propose that this inspection of the target object should only be done in verbose mode.
NameError is raised when a variable-like method call fails to find a defined method. The resulting exception is created with a hidden
NameError::Message that holds the object in which the method could not be found.
When name error needs to render its message, such as when it bubbles out or when
#message is called, it does
to_str on the
NameError::Message, which ends up inspecting the target object. If this object's inspect output is large (or infinite) it can end up consuming a large amount of memory.
- If the amount of memory required to render a
NameErrorexceeds available memory, a very confusing and misleading memory error can be raised instead.
- If the target object is considered sensitive data, it will end up bubbling out through potentially untrustworthy code. It is an encapsulation flaw, basically.
NameErrorthat gets held in memory will also prevent GC of the object it references.
NameErrorshould not capture the target object.
NameErrorshould build a message based on the target object at creation time, and only include information useful to indicate the type of object.
- (Optional) If verbose mode is set,
NameErrorcan just do what it does now.