Bug #4492

Updated by Nobuyoshi Nakada about 2 years ago

=begin
On a Mac, this snippet crashes Ruby:

def


(({def
f(*x); end

begin

f(*(0..120000))

rescue

nil

end
f(*(0..120000))

f(*(0..120000))}))


Here is the result when run with ruby:

segfaulter.rb:7:


(({segfaulter.rb:7:
[BUG] Segmentation fault

ruby 1.9.2p136 (2010-12-25 revision 30365) [x86_64-darwin10.6.0]



-- control frame ----------

c:0003 p:0048 s:120009 b:0006 l:0014e8 d:000c08 EVAL segfaulter.rb:7

c:0002 p:---- s:0004 b:0004 l:000003 d:000003 FINISH

c:0001 p:0000 s:0002 b:0002 l:0014e8 d:0014e8 TOP

---------------------------

-- Ruby level backtrace information ----------------------------------------

segfaulter.rb:7:in `<main>'



-- C level backtrace information -------------------------------------------



[NOTE]

You may have encountered a bug in the Ruby interpreter or extension libraries.

Bug reports are welcome.

For details: http://www.ruby-lang.org/bugreport.html



Abort trap trap}))

Here is the result in irb:

ruby-1.9.2-p136


(({ruby-1.9.2-p136
:001 > def f(*x); end

=> nil

ruby-1.9.2-p136 :002 > begin

ruby-1.9.2-p136 :003 > f(*(0..120000))

ruby-1.9.2-p136 :004?> rescue

ruby-1.9.2-p136 :005?> nil

ruby-1.9.2-p136 :006?> end

=> nil

ruby-1.9.2-p136 :007 > f(*(0..120000))

(irb):7: [BUG] Bus Error

ruby 1.9.2p136 (2010-12-25 revision 30365) [x86_64-darwin10.6.0]



-- control frame ----------

c:0023 p:0013 s:120084 b:0082 l:001af8 d:000081 EVAL (irb):7

c:0022 p:---- s:0080 b:0080 l:000079 d:000079 FINISH

c:0021 p:---- s:0078 b:0078 l:000077 d:000077 CFUNC :eval

c:0020 p:0028 s:0071 b:0071 l:000070 d:000070 METHOD /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/workspace.rb:80

c:0019 p:0033 s:0064 b:0063 l:000062 d:000062 METHOD /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/context.rb:254

c:0018 p:0031 s:0058 b:0058 l:0007a8 d:000057 BLOCK /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:159

c:0017 p:0042 s:0050 b:0050 l:000049 d:000049 METHOD /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:273

c:0016 p:0011 s:0045 b:0045 l:0007a8 d:000044 BLOCK /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:156

c:0015 p:0144 s:0041 b:0041 l:000024 d:000040 BLOCK /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/ruby-lex.rb:243

c:0014 p:---- s:0038 b:0038 l:000037 d:000037 FINISH

c:0013 p:---- s:0036 b:0036 l:000035 d:000035 CFUNC :loop

c:0012 p:0009 s:0033 b:0033 l:000024 d:000032 BLOCK /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/ruby-lex.rb:229

c:0011 p:---- s:0031 b:0031 l:000030 d:000030 FINISH

c:0010 p:---- s:0029 b:0029 l:000028 d:000028 CFUNC :catch

c:0009 p:0023 s:0025 b:0025 l:000024 d:000024 METHOD /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/ruby-lex.rb:228

c:0008 p:0046 s:0022 b:0022 l:0007a8 d:0007a8 METHOD /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:155

c:0007 p:0011 s:0019 b:0019 l:000bd8 d:000018 BLOCK /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:70

c:0006 p:---- s:0017 b:0017 l:000016 d:000016 FINISH

c:0005 p:---- s:0015 b:0015 l:000014 d:000014 CFUNC :catch

c:0004 p:0183 s:0011 b:0011 l:000bd8 d:000bd8 METHOD /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:69

c:0003 p:0142 s:0006 b:0006 l:0014e8 d:001078 EVAL /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/bin/irb:16

c:0002 p:---- s:0004 b:0004 l:000003 d:000003 FINISH

c:0001 p:0000 s:0002 b:0002 l:0014e8 d:0014e8 TOP

---------------------------

-- Ruby level backtrace information ----------------------------------------

/Users/pierre/.rvm/rubies/ruby-1.9.2-p136/bin/irb:16:in `<main>'

/Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:69:in `start'

/Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:69:in `catch'

/Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:70:in `block in start'

/Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:155:in `eval_input'

/Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/ruby-lex.rb:228:in `each_top_level_statement'

/Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/ruby-lex.rb:228:in `catch'

/Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/ruby-lex.rb:229:in `block in each_top_level_statement'

/Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/ruby-lex.rb:229:in `loop'

/Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/ruby-lex.rb:243:in `block (2 levels) in each_top_level_statement'

/Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:156:in `block in eval_input'

/Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:273:in `signal_status'

/Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:159:in `block (2 levels) in eval_input'

/Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/context.rb:254:in `evaluate'

/Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/workspace.rb:80:in `evaluate'

/Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/workspace.rb:80:in `eval'

(irb):7:in `irb_binding'



-- C level backtrace information -------------------------------------------

0 libruby.1.9.1.dylib 0x0000000100180792 rb_vm_bugreport + 210

1 libruby.1.9.1.dylib 0x000000010003a614 report_bug + 372

2 libruby.1.9.1.dylib 0x000000010003a7d8 rb_bug + 200

3 libruby.1.9.1.dylib 0x00000001000fff42 sigbus + 18

4 libSystem.B.dylib 0x00007fff84c7767a _sigtramp + 26

5 ??? 0x00007fff5fbf7990 0x0 + 140734799772048

6 libruby.1.9.1.dylib 0x00000001001619b4 rb_thread_mark + 100

7 libruby.1.9.1.dylib 0x0000000100054924 gc_mark_children + 4036

8 libruby.1.9.1.dylib 0x0000000100054d77 gc_mark_children + 5143

9 libruby.1.9.1.dylib 0x0000000100055d81 mark_keyvalue + 465

10 libruby.1.9.1.dylib 0x0000000100108a50 st_foreach + 192

11 libruby.1.9.1.dylib 0x0000000100054831 gc_mark_children + 3793

12 libruby.1.9.1.dylib 0x00000001000555a9 mark_entry + 217

13 libruby.1.9.1.dylib 0x0000000100108a50 st_foreach + 192

14 libruby.1.9.1.dylib 0x0000000100054b5c gc_mark_children + 4604

15 libruby.1.9.1.dylib 0x000000010005430e gc_mark_children + 2478

16 libruby.1.9.1.dylib 0x000000010015cf65 iseq_mark + 293

17 libruby.1.9.1.dylib 0x0000000100054924 gc_mark_children + 4036

18 libruby.1.9.1.dylib 0x0000000100058188 mark_method_entry_i + 424

19 libruby.1.9.1.dylib 0x0000000100108a50 st_foreach + 192

20 libruby.1.9.1.dylib 0x0000000100054b34 gc_mark_children + 4564

21 libruby.1.9.1.dylib 0x000000010005430e gc_mark_children + 2478

22 libruby.1.9.1.dylib 0x000000010015cf65 iseq_mark + 293

23 libruby.1.9.1.dylib 0x0000000100054924 gc_mark_children + 4036

24 libruby.1.9.1.dylib 0x0000000100054c95 gc_mark_children + 4917

25 libruby.1.9.1.dylib 0x000000010015cfa5 iseq_mark + 357

26 libruby.1.9.1.dylib 0x0000000100054924 gc_mark_children + 4036

27 libruby.1.9.1.dylib 0x0000000100054c95 gc_mark_children + 4917

28 libruby.1.9.1.dylib 0x000000010015cfa5 iseq_mark + 357

29 libruby.1.9.1.dylib 0x0000000100054924 gc_mark_children + 4036

30 libruby.1.9.1.dylib 0x0000000100058188 mark_method_entry_i + 424

31 libruby.1.9.1.dylib 0x0000000100108a50 st_foreach + 192

32 libruby.1.9.1.dylib 0x0000000100054b34 gc_mark_children + 4564

33 libruby.1.9.1.dylib 0x0000000100053ddf gc_mark_children + 1151

34 libruby.1.9.1.dylib 0x00000001000555a9 mark_entry + 217

35 libruby.1.9.1.dylib 0x0000000100108a50 st_foreach + 192

36 libruby.1.9.1.dylib 0x0000000100054b5c gc_mark_children + 4604

37 libruby.1.9.1.dylib 0x000000010005430e gc_mark_children + 2478

38 libruby.1.9.1.dylib 0x000000010015cf65 iseq_mark + 293

39 libruby.1.9.1.dylib 0x0000000100054924 gc_mark_children + 4036

40 libruby.1.9.1.dylib 0x0000000100058188 mark_method_entry_i + 424

41 libruby.1.9.1.dylib 0x0000000100108a50 st_foreach + 192

42 libruby.1.9.1.dylib 0x0000000100054b34 gc_mark_children + 4564

43 libruby.1.9.1.dylib 0x00000001000555a9 mark_entry + 217

44 libruby.1.9.1.dylib 0x0000000100108a50 st_foreach + 192

45 libruby.1.9.1.dylib 0x0000000100054b5c gc_mark_children + 4604

46 libruby.1.9.1.dylib 0x00000001000555a9 mark_entry + 217

47 libruby.1.9.1.dylib 0x00000001001089df st_foreach + 79

48 libruby.1.9.1.dylib 0x0000000100054b5c gc_mark_children + 4604

49 libruby.1.9.1.dylib 0x0000000100053ddf gc_mark_children + 1151

50 libruby.1.9.1.dylib 0x0000000100053ddf gc_mark_children + 1151

51 libruby.1.9.1.dylib 0x000000010015cf95 iseq_mark + 341

52 libruby.1.9.1.dylib 0x0000000100054924 gc_mark_children + 4036

53 libruby.1.9.1.dylib 0x0000000100058188 mark_method_entry_i + 424

54 libruby.1.9.1.dylib 0x0000000100108a50 st_foreach + 192

55 libruby.1.9.1.dylib 0x0000000100054b34 gc_mark_children + 4564

56 libruby.1.9.1.dylib 0x00000001000555a9 mark_entry + 217

57 libruby.1.9.1.dylib 0x00000001001089df st_foreach + 79

58 libruby.1.9.1.dylib 0x0000000100054b5c gc_mark_children + 4604

59 libruby.1.9.1.dylib 0x00000001000555a9 mark_entry + 217

60 libruby.1.9.1.dylib 0x00000001001089df st_foreach + 79

61 libruby.1.9.1.dylib 0x0000000100054b5c gc_mark_children + 4604

62 libruby.1.9.1.dylib 0x0000000100053ddf gc_mark_children + 1151

63 libruby.1.9.1.dylib 0x0000000100053ddf gc_mark_children + 1151

64 libruby.1.9.1.dylib 0x0000000100053ddf gc_mark_children + 1151

65 libruby.1.9.1.dylib 0x0000000100053ddf gc_mark_children + 1151

66 libruby.1.9.1.dylib 0x0000000100058188 mark_method_entry_i + 424

67 libruby.1.9.1.dylib 0x00000001001089df st_foreach + 79

68 libruby.1.9.1.dylib 0x0000000100054b34 gc_mark_children + 4564

69 libruby.1.9.1.dylib 0x00000001000555a9 mark_entry + 217

70 libruby.1.9.1.dylib 0x00000001001089df st_foreach + 79

71 libruby.1.9.1.dylib 0x0000000100054b5c gc_mark_children + 4604

72 libruby.1.9.1.dylib 0x00000001000555a9 mark_entry + 217

73 libruby.1.9.1.dylib 0x00000001001089df st_foreach + 79

74 libruby.1.9.1.dylib 0x0000000100054b5c gc_mark_children + 4604

75 libruby.1.9.1.dylib 0x0000000100053ddf gc_mark_children + 1151

76 libruby.1.9.1.dylib 0x0000000100053ddf gc_mark_children + 1151

77 libruby.1.9.1.dylib 0x0000000100053ddf gc_mark_children + 1151

78 libruby.1.9.1.dylib 0x0000000100053ddf gc_mark_children + 1151

79 libruby.1.9.1.dylib 0x0000000100053ddf gc_mark_children + 1151

80 libruby.1.9.1.dylib 0x00000001000572bc garbage_collect + 4396

81 libruby.1.9.1.dylib 0x0000000100057906 vm_xmalloc + 150

82 libruby.1.9.1.dylib 0x000000010000bd4d ary_new + 221

83 libruby.1.9.1.dylib 0x000000010000c989 rb_ary_new4 + 41

84 libruby.1.9.1.dylib 0x0000000100178551 vm_callee_setup_arg_complex + 225

85 libruby.1.9.1.dylib 0x000000010017c469 vm_call_method + 2921

86 libruby.1.9.1.dylib 0x0000000100167e54 vm_exec_core + 8260

87 libruby.1.9.1.dylib 0x000000010016faf3 vm_exec + 1507

88 libruby.1.9.1.dylib 0x0000000100170340 eval_string_with_cref + 880

89 libruby.1.9.1.dylib 0x0000000100170a62 rb_f_eval + 242

90 libruby.1.9.1.dylib 0x000000010017bca3 vm_call_method + 931

91 libruby.1.9.1.dylib 0x0000000100167e54 vm_exec_core + 8260

92 libruby.1.9.1.dylib 0x000000010016faf3 vm_exec + 1507

93 libruby.1.9.1.dylib 0x000000010017e031 loop_i + 561

94 libruby.1.9.1.dylib 0x000000010003f787 rb_rescue2 + 519

95 libruby.1.9.1.dylib 0x0000000100162d56 rb_f_loop + 54

96 libruby.1.9.1.dylib 0x000000010017bca3 vm_call_method + 931

97 libruby.1.9.1.dylib 0x0000000100167e54 vm_exec_core + 8260

98 libruby.1.9.1.dylib 0x000000010016faf3 vm_exec + 1507

99 libruby.1.9.1.dylib 0x000000010017dcb4 catch_i + 596

100 libruby.1.9.1.dylib 0x0000000100161f45 rb_catch_obj + 325

101 libruby.1.9.1.dylib 0x0000000100162c10 rb_f_catch + 48

102 libruby.1.9.1.dylib 0x000000010017bca3 vm_call_method + 931

103 libruby.1.9.1.dylib 0x0000000100167e54 vm_exec_core + 8260

104 libruby.1.9.1.dylib 0x000000010016faf3 vm_exec + 1507

105 libruby.1.9.1.dylib 0x000000010017dcb4 catch_i + 596

106 libruby.1.9.1.dylib 0x0000000100161f45 rb_catch_obj + 325

107 libruby.1.9.1.dylib 0x0000000100162c10 rb_f_catch + 48

108 libruby.1.9.1.dylib 0x000000010017bca3 vm_call_method + 931

109 libruby.1.9.1.dylib 0x0000000100167e54 vm_exec_core + 8260

110 libruby.1.9.1.dylib 0x000000010016faf3 vm_exec + 1507

111 libruby.1.9.1.dylib 0x000000010016fdfb rb_iseq_eval_main + 507

112 libruby.1.9.1.dylib 0x000000010003f9f2 ruby_exec_internal + 178

113 libruby.1.9.1.dylib 0x000000010004237c ruby_run_node + 60

114 ruby 0x0000000100000ecf main + 79

115 ruby 0x0000000100000e74 start + 52

116 ??? 0x0000000000000002 0x0 + 2



[NOTE]

You may have encountered a bug in the Ruby interpreter or extension libraries.

Bug reports are welcome.

For details: http://www.ruby-lang.org/bugreport.html



Abort trap trap}))

I cannot reproduce this on a EC2 instance running Linux, where 'ruby -v' gives:

ruby


(({ruby
1.9.2p136 (2010-12-25 revision 30365) [x86_64-linux]
=end
[x86_64-linux]}))

Back