Project

General

Profile

Bug #1064

[BUG] object allocation during garbage collection phase

Added by ankopainting (Anko Painting) almost 12 years ago. Updated over 9 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
ruby -v:
ruby 1.9.1p0 (2009-01-20 revision 21700) [i686-linux]
Backport:
[ruby-core:21619]

Description

=begin
Hi,
I'm not sure if this is a bug or not, but when i install either RC of ruby 1.9.1, and try and install hpricot, it fails in the compiling stage due to some changes to 1.9. Then I go to /usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/ext/fast_xs/fast_xs.c and change (around line 169)

tmp = array->ptr;
for (i = array->len; --i >= 0; tmp++)
s_len += escaped_len(NUM2INT(*tmp));

c = s = alloca(s_len + 1);

tmp = array->ptr;
for (i = array->len; --i >= 0; tmp++)
c += escape(c, NUM2INT(*tmp));

to

tmp = RARRAY_PTR(array);
for (i = RARRAY_LEN(array); --i >= 0; tmp++)
s_len += escaped_len(NUM2INT(*tmp));

c = s = alloca(s_len + 1);

tmp = RARRAY_PTR(array);
for (i = RARRAY_LEN(array); --i >= 0; tmp++)
c += escape(c, NUM2INT(*tmp));

to fix the differences (new union) in this structure, and goto

/usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164

and run
sudo rake191 clobber
sudo rake191

I get

(in /usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164)
gcc -I. -I/usr/local/include/ruby191-1.9.1/i686-linux -I/usr/local/include/ruby191-1.9.1/ruby/backward -I/usr/local/include/ruby191-1.9.1 -I. -D_FILE_OFFSET_BITS=64 -fPIC -O2 -g -Wall -Wno-parentheses -o hpricot_scan.o -c hpricot_scan.c
hpricot_scan.rl: In function ‘hpricot_scan’:
hpricot_scan.rl:259: warning: control reaches end of non-void function
gcc -shared -o hpricot_scan.so hpricot_scan.o hpricot_gram.o -L. -L/usr/local/lib -Wl,-R/usr/local/lib -L. -rdynamic -Wl,-export-dynamic -lc -lpthread -lrt -ldl -lcrypt -lm -lc
mkdir -p lib/i686-linux
cp ext/hpricot_scan/hpricot_scan.so lib/i686-linux
Using ragel version: 6.2, location: /usr/bin/ragel
make: Nothing to be done for `all'.
mkdir -p lib/i686-linux
cp ext/fast_xs/fast_xs.so lib/i686-linux
/usr/local/bin/ruby191 -Ilib:test:lib/i686-linux "/usr/local/lib/ruby191/1.9.1/rake/rake_test_loader.rb" "test/test_paths.rb" "test/test_alter.rb" "test/test_builder.rb" "test/test_preserved.rb" "test/test_parser.rb" "test/test_xml.rb"
Loaded suite /usr/local/lib/ruby191/1.9.1/rake/rake_test_loader
Started
....E.E...E.EE/usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/hpricot/parse.rb:68: [BUG] Segmentation fault
ruby 1.9.1p0 (2009-01-20 revision 21700) [i686-linux]

-- control frame ----------
c:0024 p:---- s:0111 b:0111 l:000110 d:000110 CFUNC :downcase
c:0023 p:0026 s:0108 b:0107 l:000067 d:000106 BLOCK /usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/hpricot/parse.rb:68
c:0022 p:---- s:0101 b:0101 l:000100 d:000100 FINISH
c:0021 p:---- s:0099 b:0099 l:000094 d:000098 IFUNC :each
c:0020 p:---- s:0097 b:0097 l:000096 d:000096 CFUNC :each
c:0019 p:---- s:0095 b:0095 l:000094 d:000094 CFUNC :inject
c:0018 p:0284 s:0091 b:0089 l:000067 d:000088 BLOCK /usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/hpricot/parse.rb:68
c:0017 p:---- s:0074 b:0074 l:000073 d:000073 FINISH
c:0016 p:---- s:0072 b:0072 l:000071 d:000071 CFUNC :scan
c:0015 p:0263 s:0068 b:0068 l:000067 d:000067 METHOD /usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/hpricot/parse.rb:52
c:0014 p:0031 s:0057 b:0056 l:000055 d:000055 METHOD /usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/hpricot/parse.rb:15
c:0013 p:0026 s:0050 b:0050 l:000049 d:000049 METHOD /usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/test/test_parser.rb:159
c:0012 p:0041 s:0045 b:0045 l:000044 d:000044 METHOD /usr/local/lib/ruby191/1.9.1/minitest/unit.rb:436
c:0011 p:0096 s:0039 b:0039 l:000019 d:000038 BLOCK /usr/local/lib/ruby191/1.9.1/minitest/unit.rb:415
c:0010 p:---- s:0033 b:0033 l:000032 d:000032 FINISH
c:0009 p:---- s:0031 b:0031 l:000030 d:000030 CFUNC :each
c:0008 p:0026 s:0028 b:0028 l:000019 d:000027 BLOCK /usr/local/lib/ruby191/1.9.1/minitest/unit.rb:409
c:0007 p:---- s:0025 b:0025 l:000024 d:000024 FINISH
c:0006 p:---- s:0023 b:0023 l:000022 d:000022 CFUNC :each
c:0005 p:0080 s:0020 b:0020 l:000019 d:000019 METHOD /usr/local/lib/ruby191/1.9.1/minitest/unit.rb:408
c:0004 p:0153 s:0015 b:0015 l:000014 d:000014 METHOD /usr/local/lib/ruby191/1.9.1/minitest/unit.rb:388
c:0003 p:0041 s:0007 b:0007 l:0002e4 d:000006 BLOCK /usr/local/lib/ruby191/1.9.1/minitest/unit.rb:329
c:0002 p:---- s:0004 b:0004 l:000003 d:000003 FINISH
c:0001 p:0000 s:0002 b:0002 l:001204 d:001204 TOP :17


/usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/hpricot/parse.rb:68: [BUG] object allocation during garbage collection phase
ruby 1.9.1p0 (2009-01-20 revision 21700) [i686-linux]

-- control frame ----------
c:0024 p:---- s:0111 b:0111 l:000110 d:000110 CFUNC :downcase
c:0023 p:0026 s:0108 b:0107 l:000067 d:000106 BLOCK /usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/hpricot/parse.rb:68
c:0022 p:---- s:0101 b:0101 l:000100 d:000100 FINISH
c:0021 p:---- s:0099 b:0099 l:000094 d:000098 IFUNC :each
c:0020 p:---- s:0097 b:0097 l:000096 d:000096 CFUNC :each
c:0019 p:---- s:0095 b:0095 l:000094 d:000094 CFUNC :inject
c:0018 p:0284 s:0091 b:0089 l:000067 d:000088 BLOCK /usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/hpricot/parse.rb:68
c:0017 p:---- s:0074 b:0074 l:000073 d:000073 FINISH
c:0016 p:---- s:0072 b:0072 l:000071 d:000071 CFUNC :scan
c:0015 p:0263 s:0068 b:0068 l:000067 d:000067 METHOD /usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/hpricot/parse.rb:52
c:0014 p:0031 s:0057 b:0056 l:000055 d:000055 METHOD /usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/hpricot/parse.rb:15
c:0013 p:0026 s:0050 b:0050 l:000049 d:000049 METHOD /usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/test/test_parser.rb:159
c:0012 p:0041 s:0045 b:0045 l:000044 d:000044 METHOD /usr/local/lib/ruby191/1.9.1/minitest/unit.rb:436
c:0011 p:0096 s:0039 b:0039 l:000019 d:000038 BLOCK /usr/local/lib/ruby191/1.9.1/minitest/unit.rb:415
c:0010 p:---- s:0033 b:0033 l:000032 d:000032 FINISH
c:0009 p:---- s:0031 b:0031 l:000030 d:000030 CFUNC :each
c:0008 p:0026 s:0028 b:0028 l:000019 d:000027 BLOCK /usr/local/lib/ruby191/1.9.1/minitest/unit.rb:409
c:0007 p:---- s:0025 b:0025 l:000024 d:000024 FINISH
c:0006 p:---- s:0023 b:0023 l:000022 d:000022 CFUNC :each
c:0005 p:0080 s:0020 b:0020 l:000019 d:000019 METHOD /usr/local/lib/ruby191/1.9.1/minitest/unit.rb:408
c:0004 p:0153 s:0015 b:0015 l:000014 d:000014 METHOD /usr/local/lib/ruby191/1.9.1/minitest/unit.rb:388
c:0003 p:0041 s:0007 b:0007 l:0002e4 d:000006 BLOCK /usr/local/lib/ruby191/1.9.1/minitest/unit.rb:329
c:0002 p:---- s:0004 b:0004 l:000003 d:000003 FINISH
c:0001 p:0000 s:0002 b:0002 l:001204 d:001204 TOP :17


-- Ruby level backtrace information-----------------------------------------
/usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/hpricot/parse.rb:68:in downcase'
/usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/hpricot/parse.rb:68:in
block (2 levels) in make'
/usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/hpricot/parse.rb:68:in each'
/usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/hpricot/parse.rb:68:in
inject'
/usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/hpricot/parse.rb:68:in block in make'
/usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/hpricot/parse.rb:52:in
scan'
/usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/hpricot/parse.rb:52:in make'
/usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/hpricot/parse.rb:15:in
parse'
/usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/test/test_parser.rb:159:in test_abs_xpath'
/usr/local/lib/ruby191/1.9.1/minitest/unit.rb:436:in
run'
/usr/local/lib/ruby191/1.9.1/minitest/unit.rb:415:in block (2 levels) in run_test_suites'
/usr/local/lib/ruby191/1.9.1/minitest/unit.rb:409:in
each'
/usr/local/lib/ruby191/1.9.1/minitest/unit.rb:409:in block in run_test_suites'
/usr/local/lib/ruby191/1.9.1/minitest/unit.rb:408:in
each'
/usr/local/lib/ruby191/1.9.1/minitest/unit.rb:408:in run_test_suites'
/usr/local/lib/ruby191/1.9.1/minitest/unit.rb:388:in
run'
/usr/local/lib/ruby191/1.9.1/minitest/unit.rb:329:in `block in autorun'

-- C level backtrace information -------------------------------------------
0x812cad8 /usr/local/bin/ruby191(rb_vm_bugreport+0x48) [0x812cad8]
0x815ae81 /usr/local/bin/ruby191 [0x815ae81]
0x815aef8 /usr/local/bin/ruby191(rb_bug+0x28) [0x815aef8]
0x80658e1 /usr/local/bin/ruby191(rb_newobj+0xc1) [0x80658e1]
0x813711c /usr/local/bin/ruby191 [0x813711c]
0x8137372 /usr/local/bin/ruby191 [0x8137372]
0x81378d2 /usr/local/bin/ruby191(rb_ary_new+0x12) [0x81378d2]
0x811c649 /usr/local/bin/ruby191(rb_make_backtrace+0x29) [0x811c649]
0x812caba /usr/local/bin/ruby191(rb_vm_bugreport+0x2a) [0x812caba]
0x815ae81 /usr/local/bin/ruby191 [0x815ae81]
0x815aef8 /usr/local/bin/ruby191(rb_bug+0x28) [0x815aef8]
0x80d88a6 /usr/local/bin/ruby191 [0x80d88a6]
0xb8056410 [0xb8056410]
0x80de8e2 /usr/local/bin/ruby191(st_free_table+0x12) [0x80de8e2]
0x8064f65 /usr/local/bin/ruby191 [0x8064f65]
0x8065859 /usr/local/bin/ruby191(rb_newobj+0x39) [0x8065859]
0x80e8801 /usr/local/bin/ruby191(rb_str_dup+0x21) [0x80e8801]
0x80ea732 /usr/local/bin/ruby191 [0x80ea732]
0x8128826 /usr/local/bin/ruby191 [0x8128826]
0x8121f2f /usr/local/bin/ruby191 [0x8121f2f]
0x8125c14 /usr/local/bin/ruby191 [0x8125c14]
0x812626c /usr/local/bin/ruby191 [0x812626c]
0x81265da /usr/local/bin/ruby191(rb_yield_values+0x7a) [0x81265da]
0x8156090 /usr/local/bin/ruby191 [0x8156090]
0x8126439 /usr/local/bin/ruby191 [0x8126439]
0x8126699 /usr/local/bin/ruby191(rb_yield+0x49) [0x8126699]
0x8067615 /usr/local/bin/ruby191 [0x8067615]
0x8067e62 /usr/local/bin/ruby191 [0x8067e62]
0x80de9a6 /usr/local/bin/ruby191(st_foreach+0xa6) [0x80de9a6]
0x8069b92 /usr/local/bin/ruby191 [0x8069b92]
0x805cae1 /usr/local/bin/ruby191(rb_ensure+0x81) [0x805cae1]
0x8068f92 /usr/local/bin/ruby191(rb_hash_foreach+0x42) [0x8068f92]
0x80693bb /usr/local/bin/ruby191 [0x80693bb]
0x811ca7e /usr/local/bin/ruby191 [0x811ca7e]
0x811f531 /usr/local/bin/ruby191 [0x811f531]
0x811a698 /usr/local/bin/ruby191(rb_iterate+0x138) [0x811a698]
0x811a74f /usr/local/bin/ruby191(rb_block_call+0x3f) [0x811a74f]
0x8156d02 /usr/local/bin/ruby191 [0x8156d02]
0x811abfd /usr/local/bin/ruby191 [0x811abfd]
0x8128826 /usr/local/bin/ruby191 [0x8128826]
0x8121f2f /usr/local/bin/ruby191 [0x8121f2f]
0x8125c14 /usr/local/bin/ruby191 [0x8125c14]
0x812626c /usr/local/bin/ruby191 [0x812626c]
0x8126699 /usr/local/bin/ruby191(rb_yield+0x49) [0x8126699]
0xb7d72230 /usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/i686-linux/hpricot_scan.so(rb_yield_tokens+0x100) [0xb7d72230]
0xb7d745b9 /usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/i686-linux/hpricot_scan.so(hpricot_scan+0x2369) [0xb7d745b9]
0x8128826 /usr/local/bin/ruby191 [0x8128826]
0x8121f2f /usr/local/bin/ruby191 [0x8121f2f]
0x8125c14 /usr/local/bin/ruby191 [0x8125c14]
0x812626c /usr/local/bin/ruby191 [0x812626c]
0x8126699 /usr/local/bin/ruby191(rb_yield+0x49) [0x8126699]
0x8136ef1 /usr/local/bin/ruby191(rb_ary_each+0x41) [0x8136ef1]
0x8128826 /usr/local/bin/ruby191 [0x8128826]
0x8121f2f /usr/local/bin/ruby191 [0x8121f2f]
0x8125c14 /usr/local/bin/ruby191 [0x8125c14]
0x812626c /usr/local/bin/ruby191 [0x812626c]
0x8126699 /usr/local/bin/ruby191(rb_yield+0x49) [0x8126699]
0x8136ef1 /usr/local/bin/ruby191(rb_ary_each+0x41) [0x8136ef1]
0x8128826 /usr/local/bin/ruby191 [0x8128826]
0x8121f2f /usr/local/bin/ruby191 [0x8121f2f]
0x8125c14 /usr/local/bin/ruby191 [0x8125c14]
0x8127fcd /usr/local/bin/ruby191(vm_invoke_proc+0x35d) [0x8127fcd]
0x805fc17 /usr/local/bin/ruby191(rb_proc_call+0x47) [0x805fc17]
0x805d78a /usr/local/bin/ruby191(rb_call_end_proc+0x1a) [0x805d78a]
0x805e62f /usr/local/bin/ruby191(rb_exec_end_proc+0x1cf) [0x805e62f]
0x805e6a7 /usr/local/bin/ruby191 [0x805e6a7]
0x805e82b /usr/local/bin/ruby191(ruby_cleanup+0x8b) [0x805e82b]
0x805ea3e /usr/local/bin/ruby191(ruby_run_node+0x4e) [0x805ea3e]
0x805bec0 /usr/local/bin/ruby191(main+0x60) [0x805bec0]
0xb7e5f685 /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5) [0xb7e5f685]
0x805bdc1 /usr/local/bin/ruby191 [0x805bdc1]

[NOTE]
You may encounter a bug of Ruby interpreter. Bug reports are welcome.
For details: http://www.ruby-lang.org/bugreport.html

Aborted
rake aborted!
Command failed with status (134): [/usr/local/bin/ruby191 -Ilib:test:lib/i686...]

(See full trace by running task with --trace)

hopefully this is a real bug - I have limited c debugging skills and ruby internals knowledge.
=end

#1

Updated by yugui (Yuki Sonoda) over 11 years ago

  • Target version set to 1.9.1

=begin

=end

#2

Updated by yugui (Yuki Sonoda) over 11 years ago

  • Target version changed from 1.9.1 to 1.9.2
  • ruby -v set to -

=begin

=end

#3

Updated by authorNari (Narihiro Nakamura) over 11 years ago

=begin
Hi.

It did not reappear in my environment.

--- start ---
/usr/local/lib/ruby-1.9.1_rc2/gems/1.9.1/gems/hpricot-0.6.164% ruby-1.9.1_rc2 -v

ruby 1.9.1p0 (2009-01-20 revision 21700) [i686-linux]

/usr/local/lib/ruby-1.9.1_rc2/gems/1.9.1/gems/hpricot-0.6.164% sudo rake-1.9.1_rc2
(in /usr/local/lib/ruby-1.9.1_rc2/gems/1.9.1/gems/hpricot-0.6.164)
fatal: Not a git repository
checking for main() in -lc... yes
creating Makefile
gcc -shared -o hpricot_scan.so hpricot_scan.o hpricot_gram.o -L. -L/usr/local/lib -Wl,-R/usr/local/lib -L. -rdynamic -Wl,-export-dynamic -lc -lpthread -lrt -ldl -lcrypt -lm -lc
mkdir -p lib/i686-linux
cp ext/hpricot_scan/hpricot_scan.so lib/i686-linux
Using ragel version: 6.2, location: /usr/local/bin/ragel
checking for stdio.h... yes
creating Makefile
gcc -shared -o fast_xs.so fast_xs.o -L. -L/usr/local/lib -Wl,-R/usr/local/lib -L. -rdynamic -Wl,-export-dynamic -lpthread -lrt -ldl -lcrypt -lm -lc
mkdir -p lib/i686-linux
cp ext/fast_xs/fast_xs.so lib/i686-linux
/usr/local/bin/ruby-1.9.1_rc2 -Ilib:test:lib/i686-linux "/usr/local/lib/ruby-1.9.1_rc2/1.9.1/rake/rake_test_loader.rb" "test/test_alter.rb" "test/test_parser.rb" "test/test_xml.rb" "test/test_preserved.rb" "test/test_builder.rb" "test/test_paths.rb"
Loaded suite /usr/local/lib/ruby-1.9.1_rc2/1.9.1/rake/rake_test_loader
Started
....E.E...E.EE*** glibc detected *** /usr/local/bin/ruby-1.9.1_rc2: munmap_chunk(): invalid pointer: 0x08458a38 ***
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(cfree+0x1bb)[0xb7e2a61b]
/usr/local/bin/ruby-1.9.1_rc2(st_clear+0x3c)[0x80d973c]
/usr/local/bin/ruby-1.9.1_rc2(st_free_table+0x12)[0x80d9782]
/usr/local/bin/ruby-1.9.1_rc2[0x8064b7a]
/usr/local/bin/ruby-1.9.1_rc2(rb_newobj+0x39)[0x8064f99]
/usr/local/bin/ruby-1.9.1_rc2[0x80e011d]
/usr/local/lib/ruby-1.9.1_rc2/gems/1.9.1/gems/hpricot-0.6.164/lib/i686-linux/hpricot_scan.so(hpricot_scan+0x78fc)[0xb7ba6aac]
/usr/local/bin/ruby-1.9.1_rc2[0x8113976]
/usr/local/bin/ruby-1.9.1_rc2[0x8115a3f]
/usr/local/bin/ruby-1.9.1_rc2[0x811a23a]
/usr/local/bin/ruby-1.9.1_rc2[0x811a864]
/usr/local/bin/ruby-1.9.1_rc2(rb_yield+0x47)[0x811b167]
/usr/local/bin/ruby-1.9.1_rc2(rb_ary_each+0x41)[0x812a851]
/usr/local/bin/ruby-1.9.1_rc2[0x8113976]
/usr/local/bin/ruby-1.9.1_rc2[0x8115a3f]
/usr/local/bin/ruby-1.9.1_rc2[0x811a23a]
/usr/local/bin/ruby-1.9.1_rc2[0x811a864]
/usr/local/bin/ruby-1.9.1_rc2(rb_yield+0x47)[0x811b167]
/usr/local/bin/ruby-1.9.1_rc2(rb_ary_each+0x41)[0x812a851]
/usr/local/bin/ruby-1.9.1_rc2[0x8113976]
/usr/local/bin/ruby-1.9.1_rc2[0x8115a3f]
/usr/local/bin/ruby-1.9.1_rc2[0x811a23a]
/usr/local/bin/ruby-1.9.1_rc2[0x811a864]
/usr/local/bin/ruby-1.9.1_rc2(vm_invoke_proc+0x81)[0x811ac21]
/usr/local/bin/ruby-1.9.1_rc2(rb_proc_call+0x47)[0x805f867]
/usr/local/bin/ruby-1.9.1_rc2(rb_call_end_proc+0x1a)[0x805dd3a]
/usr/local/bin/ruby-1.9.1_rc2(rb_exec_end_proc+0x12f)[0x805dadf]
/usr/local/bin/ruby-1.9.1_rc2[0x805dbd7]
/usr/local/bin/ruby-1.9.1_rc2(ruby_cleanup+0x8c)[0x805e50c]
/usr/local/bin/ruby-1.9.1_rc2(ruby_run_node+0x4a)[0x805e6ea]
/usr/local/bin/ruby-1.9.1_rc2(main+0x60)[0x805be10]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe0)[0xb7dd1450]
/usr/local/bin/ruby-1.9.1_rc2[0x805bd41]
======= Memory map: ========
08048000-08197000 r-xp 00000000 08:01 3899659 /usr/local/bin/ruby-1.9.1_rc2
08197000-0819a000 rw-p 0014f000 08:01 3899659 /usr/local/bin/ruby-1.9.1_rc2
0819a000-08643000 rw-p 0819a000 00:00 0 [heap]
b7a7c000-b7b0c000 rw-p b7b0e000 00:00 0
b7b9e000-b7baf000 r-xp 00000000 08:01 3993424 /usr/local/lib/ruby-1.9.1_rc2/gems/1.9.1/gems/hpricot-0.6.164/lib/i686-linux/hpricot_scan.so
b7baf000-b7bb0000 rw-p 00011000 08:01 3993424 /usr/local/lib/ruby-1.9.1_rc2/gems/1.9.1/gems/hpricot-0.6.164/lib/i686-linux/hpricot_scan.so
b7bb0000-b7bb2000 r-xp 00000000 08:01 3976509 /usr/local/lib/ruby-1.9.1_rc2/1.9.1/i686-linux/enc/encdb.so
b7bb2000-b7bb3000 rw-p 00001000 08:01 3976509 /usr/local/lib/ruby-1.9.1_rc2/1.9.1/i686-linux/enc/encdb.so
b7bb3000-b7bb4000 ---p b7bb3000 00:00 0
b7bb4000-b7c38000 rw-p b7bb4000 00:00 0
b7c38000-b7c3f000 r--s 00000000 08:01 3835065 /usr/lib/gconv/gconv-modules.cache
b7c3f000-b7cc0000 r--p 00000000 08:01 3851102 /usr/lib/locale/ja_JP.utf8/LC_CTYPE
b7cc0000-b7db9000 r--p 00000000 08:01 3833945 /usr/lib/locale/locale-archive
b7db9000-b7dbb000 rw-p b7db9000 00:00 0
b7dbb000-b7f04000 r-xp 00000000 08:01 3710981 /lib/tls/i686/cmov/libc-2.7.so
b7f04000-b7f05000 r--p 00149000 08:01 3710981 /lib/tls/i686/cmov/libc-2.7.so
b7f05000-b7f07000 rw-p 0014a000 08:01 3710981 /lib/tls/i686/cmov/libc-2.7.so
b7f07000-b7f0a000 rw-p b7f07000 00:00 0
b7f0a000-b7f2d000 r-xp 00000000 08:01 3710985 /lib/tls/i686/cmov/libm-2.7.so
b7f2d000-b7f2f000 rw-p 00023000 08:01 3710985 /lib/tls/i686/cmov/libm-2.7.so
b7f2f000-b7f38000 r-xp 00000000 08:01 3710983 /lib/tls/i686/cmov/libcrypt-2.7.so
b7f38000-b7f3a000 rw-p 00008000 08:01 3710983 /lib/tls/i686/cmov/libcrypt-2.7.so
b7f3a000-b7f61000 rw-p b7f3a000 00:00 0
b7f61000-b7f63000 r-xp 00000000 08:01 3710984 /lib/tls/i686/cmov/libdl-2.7.so
b7f63000-b7f65000 rw-p 00001000 08:01 3710984 /lib/tls/i686/cmov/libdl-2.7.so
b7f65000-b7f66000 rw-p b7f65000 00:00 0
b7f66000-b7f6d000 r-xp 00000000 08:01 3710997 /lib/tls/i686/cmov/librt-2.7.so
b7f6d000-b7f6f000 rw-p 00006000 08:01 3710997 /lib/tls/i686/cmov/librt-2.7.so
b7f6f000-b7f83000 r-xp 00000000 08:01 3710995 /lib/tls/i686/cmov/libpthread-2.7.so
b7f83000-b7f85000 rw-p 00013000 08:01 3710995 /lib/tls/i686/cmov/libpthread-2.7.so
b7f85000-b7f87000 rw-p b7f85000 00:00 0
b7f8b000-b7f95000 r-xp 00000000 08:01 1314305 /lib/libgcc_s.so.1
b7f95000-b7f96000 rw-p 0000a000 08:01 1314305 /lib/libgcc_s.so.1
b7f96000-b7f97000 r-xp 00000000 08:01 3993425 /usr/local/lib/ruby-1.9.1_rc2/gems/1.9.1/gems/hpricot-0.6.164/lib/i686-linux/fast_xs.so
b7f97000-b7f98000 rw-p 00000000 08:01 3993425 /usr/local/lib/ruby-1.9.1_rc2/gems/1.9.1/gems/hpricot-0.6.164/lib/i686-linux/fast_xs.so
b7f98000-b7f9a000 r-xp 00000000 08:01 3976525 /usr/local/lib/ruby-1.9.1_rc2/1.9.1/i686-linux/enc/trans/transdb.so
b7f9a000-b7f9b000 rw-p 00001000 08:01 3976525 /usr/local/lib/ruby-1.9.1_rc2/1.9.1/i686-linux/enc/trans/transdb.so
b7f9b000-b7f9d000 rw-p b7f9b000 00:00 0
b7f9d000-b7f9e000 r-xp b7f9d000 00:00 0 [vdso]
b7f9e000-b7fb8000 r-xp 00000000 08:01 3525119 /lib/ld-2.7.so
b7fb8000-b7fba000 rw-p 00019000 08:01 3525119 /lib/ld-2.7.so
bf9fb000-bfa10000 rw-p bffeb000 00:00 0 [stack]
Aborted
rake aborted!
Command failed with status (134): [/usr/local/bin/ruby-1.9.1_rc2 -Ilib:test:l...]

(See full trace by running task with --trace)

--- end ---

I read stack trace.
I think there are two causes in this bug.

  1. hpricot bug

I think this piece of bug trace is hpricot library bug.

/usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/hpricot/parse.rb:68: [BUG] Segmentation fault

I don't know this bug. sorry :(

  1. ruby interpreter bug

I think this piece of bug trace is ruby interpreter bug.

/usr/local/lib/ruby191/gems/1.9.1/gems/hpricot-0.6.164/lib/hpricot/parse.rb:68: [BUG] object allocation during garbage collection phase

When called rb_bug() in garbage_collection(), this bug trace seems to occur.
The attached patch will fix the problem.

Thanks.

Index: gc.c
===================================================================
--- gc.c (revision 21875)
+++ gc.c (working copy)
@@ -1026,7 +1026,7 @@
rb_objspace_t *objspace = &rb_objspace;
#endif

  • if (during_gc) {
  • if (!dont_gc && during_gc) {
    dont_gc = 1;
    during_gc = 0;
    rb_bug("object allocation during garbage collection phase");

    Index: vm_dump.c

    --- vm_dump.c (revision 21875)
    +++ vm_dump.c (working copy)
    @@ -570,6 +570,7 @@
    {
    VALUE bt;

  • rb_gc_disable();
    if (GET_THREAD()->vm) {
    int i;
    SDR();
    @@ -610,4 +611,5 @@
    }
    }
    #endif

  • rb_gc_enable();
    }

=end

#4

Updated by wanabe (_ wanabe) over 11 years ago

=begin
in hpricot_scan:

buf = ALLOC_N(char, buffer_size);
...
char *p = buf + have, *pe;
int len, space = buffer_size - have;
...
str = rb_str_substr( port, nread, space );
...
memcpy( p, RSTRING_PTR(str), RSTRING_LEN(str) );

It causes buffer-overflow if "port" includes multibyte characters.
=end

#5

Updated by nobu (Nobuyoshi Nakada) over 11 years ago

  • Status changed from Open to Closed
  • % Done changed from 0 to 100

=begin
Applied in changeset r21934.
=end

Also available in: Atom PDF