Bug #14421
closed
super_method segfaults when called on a re-bound Method
Description
The line of code below causes a segfault on 2.5.0.
This appears to possibly be related to #[[11419]], but is not the same.
The segfault is not limited to the String class used in the example; it can be reproduced with any class with at least one instance_method. More generally, it can be reproduced any time super_method is called on a Method which was formed by (validly) calling bind on an UnboundMethod.
$ ruby -e 'String.instance_method(:length).bind(String.new).super_method'
-e:1: [BUG] Segmentation fault at 0x0000000000000018
ruby 2.5.0p0 (2017-12-25 revision 61468) [x86_64-darwin17]
-- Crash Report log information --------------------------------------------
See Crash Report log file under the one of following:
* ~/Library/Logs/DiagnosticReports
* /Library/Logs/DiagnosticReports
for more details.
Don't forget to include the above Crash Report log file in bug reports.
-- Control frame information -----------------------------------------------
c:0003 p:---- s:0010 e:000009 CFUNC :super_method
c:0002 p:0028 s:0006 e:000005 EVAL -e:1 [FINISH]
c:0001 p:0000 s:0003 E:001570 (none) [FINISH]
-- Ruby level backtrace information ----------------------------------------
-e:1:in `<main>'
-e:1:in `super_method'
-- Machine register context ------------------------------------------------
rax: 0x0000000000000000 rbx: 0x00007fc51f43e1e0 rcx: 0x0000000108308730
rdx: 0x0000000000000000 rdi: 0x00007fc52106fd18 rsi: 0x0000000108308730
rbp: 0x00007ffee7b78f80 rsp: 0x00007ffee7b78f40 r8: 0x00007fc51f4623b8
r9: 0x0000000108543fa0 r10: 0x00007fc51f5070e8 r11: 0x0000000000000016
r12: 0x0000000000000000 r13: 0x00007fc51f541860 r14: 0x0000000000000000
r15: 0x00007fc52106fd18 rip: 0x000000010819a2eb rfl: 0x0000000000010246
-- C level backtrace information -------------------------------------------
0 libruby.2.5.dylib 0x0000000108274d17 rb_vm_bugreport + 135
1 libruby.2.5.dylib 0x00000001080f9988 rb_bug_context + 472
2 libruby.2.5.dylib 0x00000001081e9161 sigsegv + 81
3 libsystem_platform.dylib 0x00007fff7e2c0f5a _sigtramp + 26
4 libruby.2.5.dylib 0x000000010819a2eb method_super_method + 43
5 libruby.2.5.dylib 0x00000001082681fb vm_call_cfunc + 283
6 libruby.2.5.dylib 0x0000000108251954 vm_exec_core + 12196
7 libruby.2.5.dylib 0x0000000108262ace vm_exec + 142
8 libruby.2.5.dylib 0x0000000108103501 ruby_exec_internal + 177
9 libruby.2.5.dylib 0x00000001081033f8 ruby_run_node + 56
10 ruby 0x0000000108086f2f main + 79
-- Other runtime information -----------------------------------------------
* Loaded script: -e
* Loaded features:
0 enumerator.so
1 thread.rb
2 rational.so
3 complex.so
4 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/x86_64-darwin17/enc/encdb.bundle
5 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/x86_64-darwin17/enc/trans/transdb.bundle
6 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/x86_64-darwin17/rbconfig.rb
7 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/rubygems/compatibility.rb
8 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/rubygems/defaults.rb
9 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/rubygems/deprecate.rb
10 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/rubygems/errors.rb
11 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/rubygems/version.rb
12 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/rubygems/requirement.rb
13 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/rubygems/platform.rb
14 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/rubygems/basic_specification.rb
15 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/rubygems/stub_specification.rb
16 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/rubygems/util/list.rb
17 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/x86_64-darwin17/stringio.bundle
18 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/rubygems/specification.rb
19 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/rubygems/exceptions.rb
20 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/rubygems/dependency.rb
21 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/rubygems/core_ext/kernel_gem.rb
22 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/monitor.rb
23 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/rubygems/core_ext/kernel_require.rb
24 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/rubygems.rb
25 /Users/rusterholz/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/rubygems/path_support.rb
Expected Results: Given that String.new.method(:length).super_method correctly returns nil, I would expect String.instance_method(:length).bind(String.new).super_method to also return nil.
Files
Updated by rusterholz (Andy Rusterholz) almost 7 years ago
- Description updated (diff)
Updated by rusterholz (Andy Rusterholz) almost 7 years ago
- Description updated (diff)
Updated by rusterholz (Andy Rusterholz) almost 7 years ago
- Description updated (diff)
Updated by rusterholz (Andy Rusterholz) almost 7 years ago
Note: the above failing code correctly returns nil on a coworker's machine running ruby 2.4.2p198 (2017-09-14 revision 59899) [x86_64-darwin17].
Updated by normalperson (Eric Wong) almost 7 years ago
andy@rusterholz.org wrote:
Note: the above failing code correctly returns nil on a coworker's machine
runningruby 2.4.2p198 (2017-09-14 revision 59899) [x86_64-darwin17].
Thanks for simple test case, I guess the following patch is correct:
(sorry, I don't use "bind" or "super_method" at all, so maybe
there's other problems but "make exam" passes for me)
--- a/proc.c
+++ b/proc.c
@@ -2725,6 +2725,7 @@ method_super_method(VALUE method)
TypedData_Get_Struct(method, struct METHOD, &method_data_type, data);
iclass = data->iclass;
+ if (!iclass) return Qnil;
super_class = RCLASS_SUPER(RCLASS_ORIGIN(iclass));
mid = data->me->called_id;
if (!super_class) return Qnil;
Full patch + test:
https://80x24.org/spew/20180130004626.17796-1-e@80x24.org/raw
Updated by Anonymous almost 7 years ago
- Status changed from Open to Closed
Applied in changeset trunk|r62115.
proc: fix super_method segfault after bind
- proc.c: handle undefined iclass
[ruby-core:85231] [Bug #14421]
From: Eric Wong e@80x24.org
Updated by nagachika (Tomoyuki Chikanaga) almost 7 years ago
- Backport changed from 2.3: UNKNOWN, 2.4: UNKNOWN, 2.5: UNKNOWN to 2.3: UNKNOWN, 2.4: UNKNOWN, 2.5: REQUIRED
Updated by nagachika (Tomoyuki Chikanaga) almost 7 years ago
- Related to Bug #13973: super_method fails on some UnboundMethods added
Updated by nagachika (Tomoyuki Chikanaga) almost 7 years ago
- Backport changed from 2.3: UNKNOWN, 2.4: UNKNOWN, 2.5: REQUIRED to 2.3: REQUIRED, 2.4: REQUIRED, 2.5: REQUIRED
I have confirmed the segfaults was reproducible with trunk/2.5.0, but wasn't with 2.4.3.
But this fault was introduced at r60127 (#13973), and I think r60127 should be backported.
r62115 should be backported with r60127.
I will fill REQUIRED for 2.3/2.4 in Backport field for this reason.
Updated by naruse (Yui NARUSE) over 6 years ago
- Backport changed from 2.3: REQUIRED, 2.4: REQUIRED, 2.5: REQUIRED to 2.3: REQUIRED, 2.4: REQUIRED, 2.5: DONE
ruby_2_5 r62507 merged revision(s) 62115.
Updated by nagachika (Tomoyuki Chikanaga) over 6 years ago
- Backport changed from 2.3: REQUIRED, 2.4: REQUIRED, 2.5: DONE to 2.3: REQUIRED, 2.4: DONE, 2.5: DONE
ruby_2_4 r62866 merged revision(s) 62115.