Project

General

Profile

Actions

Bug #17599

closed

[BUG] try to mark T_NONE object when object allocation tracing is enabled

Added by byroot (Jean Boussier) 2 months ago. Updated about 1 month ago.

Status:
Closed
Priority:
Normal
Target version:
-
[ruby-core:102334]

Description

GC.stress = true
require "objspace"
ObjectSpace.trace_object_allocations_start
10.times { Object.new }

It doesn't happen on every runs on OSX, but happens consistently in Docker:

$ docker run -it ruby:3.0 ruby -e 'GC.stress = true; require "objspace"; ObjectSpace.trace_object_allocations_start; Object.new'
-e:1: [BUG] Segmentation fault at 0x0000000000000000
ruby 3.0.0p0 (2020-12-25 revision 95aff21468) [x86_64-linux]

-- Control frame information -----------------------------------------------
c:0003 p:---- s:0010 e:000009 CFUNC  :new
c:0002 p:0043 s:0006 e:000005 EVAL   -e:1 [FINISH]
c:0001 p:0000 s:0003 E:001130 (none) [FINISH]

-- Ruby level backtrace information ----------------------------------------
-e:1:in `<main>'
-e:1:in `new'

-- Machine register context ------------------------------------------------
 RIP: 0x00007fd3a5419f5c RBP: 0x00005572109fa6a0 RSP: 0x00007ffd10dde8f0
 RAX: 0x0000000000000000 RBX: 0x0000557210cd40a0 RCX: 0xaed7ec696d281e61
 RDX: 0x0000000000000004 RDI: 0x00005572109fa6a0 RSI: 0xcccccccccccccccd
  R8: 0x0000000000002021  R9: 0x0000000000000000 R10: 0x0000557210d44a70
 R11: 0x00007fd3a5422cf0 R12: 0x0000000000000001 R13: 0x0000000000000003
 R14: 0x0000557210d6fed0 R15: 0x0000557210ab6800 EFL: 0x0000000000010202

-- C level backtrace information -------------------------------------------
/usr/local/lib/libruby.so.3.0(rb_print_backtrace+0x11) [0x7fd3a55cb5ff] vm_dump.c:758
/usr/local/lib/libruby.so.3.0(rb_vm_bugreport) vm_dump.c:998
/usr/local/lib/libruby.so.3.0(rb_bug_for_fatal_signal+0x15e) [0x7fd3a53f79be] error.c:786
/usr/local/lib/libruby.so.3.0(sigsegv+0x4b) [0x7fd3a55331eb] signal.c:960
/lib/x86_64-linux-gnu/libpthread.so.0(__restore_rt+0x0) [0x7fd3a50fd730]
/usr/local/lib/libruby.so.3.0(RVALUE_MARKED+0x38) [0x7fd3a5419f5c] gc.c:1377
/usr/local/lib/libruby.so.3.0(gc_mark_set) gc.c:5978
/usr/local/lib/libruby.so.3.0(gc_mark_ptr) gc.c:6092
/usr/local/lib/libruby.so.3.0(gc_mark_children+0x4c0) [0x7fd3a541af90] gc.c:6361
/usr/local/lib/libruby.so.3.0(gc_mark_stacked_objects+0x3d) [0x7fd3a541ee10] gc.c:6454
/usr/local/lib/libruby.so.3.0(gc_mark_stacked_objects_incremental) gc.c:6488
/usr/local/lib/libruby.so.3.0(gc_marks_rest) gc.c:7431
/usr/local/lib/libruby.so.3.0(gc_rest+0xb0) [0x7fd3a541f450] gc.c:8330
/usr/local/lib/libruby.so.3.0(gc_rest+0xc) [0x7fd3a541d28c] gc.c:8202
/usr/local/lib/libruby.so.3.0(garbage_collect) gc.c:8191
/usr/local/lib/libruby.so.3.0(garbage_collect_with_gvl+0x7a) [0x7fd3a541d35a] gc.c:8502
/usr/local/lib/libruby.so.3.0(objspace_xmalloc0+0x1d) [0x7fd3a5422dbf] gc.c:10421
/usr/local/lib/libruby.so.3.0(ruby_xmalloc0) gc.c:10817
/usr/local/lib/libruby.so.3.0(ruby_xmalloc_body) gc.c:10826
/usr/local/lib/libruby.so.3.0(ruby_xmalloc) gc.c:12765
/usr/local/lib/ruby/3.0.0/x86_64-linux/objspace.so(newobj_i+0x39e) [0x7fd3a16df47e] object_tracing.c:46
/usr/local/lib/libruby.so.3.0(tp_call_trace+0x2e) [0x7fd3a55cd3fe] vm_trace.c:1115
/usr/local/lib/libruby.so.3.0(exec_hooks_body+0x86) [0x7fd3a55cd516] vm_trace.c:304
/usr/local/lib/libruby.so.3.0(exec_hooks_postcheck+0x0) [0x7fd3a55cf714] vm_trace.c:333
/usr/local/lib/libruby.so.3.0(exec_hooks_unprotected) vm_trace.c:334
/usr/local/lib/libruby.so.3.0(rb_exec_event_hooks) vm_trace.c:378
/usr/local/lib/libruby.so.3.0(rb_exec_event_hook_orig+0x4c) [0x7fd3a540fe00] vm_core.h:1970
/usr/local/lib/libruby.so.3.0(gc_event_hook_body) gc.c:2067
/usr/local/lib/libruby.so.3.0(newobj_slowpath+0x14c) [0x7fd3a5420cb0] gc.c:2253
/usr/local/lib/libruby.so.3.0(newobj_slowpath_wb_protected) gc.c:2268
/usr/local/lib/libruby.so.3.0(newobj_of0+0xa) [0x7fd3a5420e1a] gc.c:2307
/usr/local/lib/libruby.so.3.0(newobj_of) gc.c:2327
/usr/local/lib/libruby.so.3.0(rb_class_allocate_instance) gc.c:2481
/usr/local/lib/libruby.so.3.0(class_call_alloc_func+0x5) [0x7fd3a54a4fce] object.c:2064
/usr/local/lib/libruby.so.3.0(rb_class_alloc) object.c:2036
/usr/local/lib/libruby.so.3.0(rb_class_new_instance_pass_kw) object.c:2109
/usr/local/lib/libruby.so.3.0(vm_call_cfunc_with_frame+0x11b) [0x7fd3a55a972b] vm_insnhelper.c:2898
/usr/local/lib/libruby.so.3.0(vm_sendish+0xb3) [0x7fd3a55ad3d3] vm_insnhelper.c:4499
/usr/local/lib/libruby.so.3.0(vm_exec_core+0xce) [0x7fd3a55b536e] insns.def:789
/usr/local/lib/libruby.so.3.0(rb_vm_exec+0x176) [0x7fd3a55bab26] vm.c:2163
/usr/local/lib/libruby.so.3.0(rb_ec_exec_node+0xd9) [0x7fd3a53fc719] eval.c:317
/usr/local/lib/libruby.so.3.0(ruby_run_node+0x55) [0x7fd3a5402395] eval.c:375
/usr/local/bin/ruby(main+0x5b) [0x55720fddf10b] ./main.c:50

-- Other runtime information -----------------------------------------------

* Loaded script: -e

* Loaded features:

    0 enumerator.so
    1 thread.rb
    2 rational.so
    3 complex.so
    4 ruby2_keywords.rb
    5 /usr/local/lib/ruby/3.0.0/x86_64-linux/enc/encdb.so
    6 /usr/local/lib/ruby/3.0.0/x86_64-linux/enc/trans/transdb.so
    7 /usr/local/lib/ruby/3.0.0/x86_64-linux/rbconfig.rb
    8 /usr/local/lib/ruby/3.0.0/rubygems/compatibility.rb
    9 /usr/local/lib/ruby/3.0.0/rubygems/defaults.rb
   10 /usr/local/lib/ruby/3.0.0/rubygems/deprecate.rb
   11 /usr/local/lib/ruby/3.0.0/rubygems/errors.rb
   12 /usr/local/lib/ruby/3.0.0/rubygems/exceptions.rb
   13 /usr/local/lib/ruby/3.0.0/rubygems/basic_specification.rb
   14 /usr/local/lib/ruby/3.0.0/rubygems/stub_specification.rb
   15 /usr/local/lib/ruby/3.0.0/rubygems/text.rb
   16 /usr/local/lib/ruby/3.0.0/rubygems/user_interaction.rb
   17 /usr/local/lib/ruby/3.0.0/rubygems/specification_policy.rb
   18 /usr/local/lib/ruby/3.0.0/rubygems/util/list.rb
   19 /usr/local/lib/ruby/3.0.0/rubygems/platform.rb
   20 /usr/local/lib/ruby/3.0.0/rubygems/version.rb
   21 /usr/local/lib/ruby/3.0.0/rubygems/requirement.rb
   22 /usr/local/lib/ruby/3.0.0/rubygems/specification.rb
   23 /usr/local/lib/ruby/3.0.0/rubygems/util.rb
   24 /usr/local/lib/ruby/3.0.0/rubygems/dependency.rb
   25 /usr/local/lib/ruby/3.0.0/rubygems/core_ext/kernel_gem.rb
   26 /usr/local/lib/ruby/3.0.0/x86_64-linux/monitor.so
   27 /usr/local/lib/ruby/3.0.0/monitor.rb
   28 /usr/local/lib/ruby/3.0.0/rubygems/core_ext/kernel_require.rb
   29 /usr/local/lib/ruby/3.0.0/rubygems/core_ext/kernel_warn.rb
   30 /usr/local/lib/ruby/3.0.0/rubygems.rb
   31 /usr/local/lib/ruby/3.0.0/rubygems/path_support.rb
   32 /usr/local/lib/ruby/3.0.0/did_you_mean/version.rb
   33 /usr/local/lib/ruby/3.0.0/did_you_mean/core_ext/name_error.rb
   34 /usr/local/lib/ruby/3.0.0/did_you_mean/levenshtein.rb
   35 /usr/local/lib/ruby/3.0.0/did_you_mean/jaro_winkler.rb
   36 /usr/local/lib/ruby/3.0.0/did_you_mean/spell_checker.rb
   37 /usr/local/lib/ruby/3.0.0/did_you_mean/spell_checkers/name_error_checkers/class_name_checker.rb
   38 /usr/local/lib/ruby/3.0.0/did_you_mean/spell_checkers/name_error_checkers/variable_name_checker.rb
   39 /usr/local/lib/ruby/3.0.0/did_you_mean/spell_checkers/name_error_checkers.rb
   40 /usr/local/lib/ruby/3.0.0/did_you_mean/spell_checkers/method_name_checker.rb
   41 /usr/local/lib/ruby/3.0.0/did_you_mean/spell_checkers/key_error_checker.rb
   42 /usr/local/lib/ruby/3.0.0/did_you_mean/spell_checkers/null_checker.rb
   43 /usr/local/lib/ruby/3.0.0/did_you_mean/tree_spell_checker.rb
   44 /usr/local/lib/ruby/3.0.0/did_you_mean/spell_checkers/require_path_checker.rb
   45 /usr/local/lib/ruby/3.0.0/did_you_mean/formatters/plain_formatter.rb
   46 /usr/local/lib/ruby/3.0.0/did_you_mean.rb
   47 /usr/local/lib/ruby/3.0.0/x86_64-linux/objspace.so
   48 /usr/local/lib/ruby/3.0.0/objspace.rb

* Process memory map:

55720fdde000-55720fddf000 r--p 00000000 fe:01 5776554                    /usr/local/bin/ruby
55720fddf000-55720fde0000 r-xp 00001000 fe:01 5776554                    /usr/local/bin/ruby
55720fde0000-55720fde1000 r--p 00002000 fe:01 5776554                    /usr/local/bin/ruby
55720fde1000-55720fde2000 r--p 00002000 fe:01 5776554                    /usr/local/bin/ruby
55720fde2000-55720fde3000 rw-p 00003000 fe:01 5776554                    /usr/local/bin/ruby
5572109f9000-557210e11000 rw-p 00000000 00:00 0                          [heap]
7fd39f96f000-7fd39fb2d000 r--s 00000000 fe:01 5393403                    /lib/x86_64-linux-gnu/libc-2.28.so
7fd39fb2d000-7fd39fb6c000 r--s 00000000 fe:01 5777946                    /usr/local/lib/ruby/3.0.0/x86_64-linux/objspace.so
7fd39fb6c000-7fd39fb90000 r--s 00000000 fe:01 5393462                    /lib/x86_64-linux-gnu/libpthread-2.28.so
7fd39fb90000-7fd3a0ad7000 rw-p 00000000 00:00 0 
7fd3a0ad7000-7fd3a1682000 r--s 00000000 fe:01 5776756                    /usr/local/lib/libruby.so.3.0.0
7fd3a1682000-7fd3a16b8000 r--s 00000000 fe:01 5776554                    /usr/local/bin/ruby
7fd3a16b8000-7fd3a16bb000 r--p 00000000 fe:01 5393421                    /lib/x86_64-linux-gnu/libgcc_s.so.1
7fd3a16bb000-7fd3a16cc000 r-xp 00003000 fe:01 5393421                    /lib/x86_64-linux-gnu/libgcc_s.so.1
7fd3a16cc000-7fd3a16cf000 r--p 00014000 fe:01 5393421                    /lib/x86_64-linux-gnu/libgcc_s.so.1
7fd3a16cf000-7fd3a16d0000 ---p 00017000 fe:01 5393421                    /lib/x86_64-linux-gnu/libgcc_s.so.1
7fd3a16d0000-7fd3a16d1000 r--p 00017000 fe:01 5393421                    /lib/x86_64-linux-gnu/libgcc_s.so.1
7fd3a16d1000-7fd3a16d2000 rw-p 00018000 fe:01 5393421                    /lib/x86_64-linux-gnu/libgcc_s.so.1
7fd3a16db000-7fd3a16de000 r--p 00000000 fe:01 5777946                    /usr/local/lib/ruby/3.0.0/x86_64-linux/objspace.so
7fd3a16de000-7fd3a16e5000 r-xp 00003000 fe:01 5777946                    /usr/local/lib/ruby/3.0.0/x86_64-linux/objspace.so
7fd3a16e5000-7fd3a16e7000 r--p 0000a000 fe:01 5777946                    /usr/local/lib/ruby/3.0.0/x86_64-linux/objspace.so
7fd3a16e7000-7fd3a16e8000 ---p 0000c000 fe:01 5777946                    /usr/local/lib/ruby/3.0.0/x86_64-linux/objspace.so
7fd3a16e8000-7fd3a16e9000 r--p 0000c000 fe:01 5777946                    /usr/local/lib/ruby/3.0.0/x86_64-linux/objspace.so
7fd3a16e9000-7fd3a16ea000 rw-p 0000d000 fe:01 5777946                    /usr/local/lib/ruby/3.0.0/x86_64-linux/objspace.so
7fd3a16ea000-7fd3a16eb000 r--p 00000000 fe:01 5777944                    /usr/local/lib/ruby/3.0.0/x86_64-linux/monitor.so
7fd3a16eb000-7fd3a16ec000 r-xp 00001000 fe:01 5777944                    /usr/local/lib/ruby/3.0.0/x86_64-linux/monitor.so
7fd3a16ec000-7fd3a16ed000 r--p 00002000 fe:01 5777944                    /usr/local/lib/ruby/3.0.0/x86_64-linux/monitor.so
7fd3a16ed000-7fd3a16ee000 r--p 00002000 fe:01 5777944                    /usr/local/lib/ruby/3.0.0/x86_64-linux/monitor.so
7fd3a16ee000-7fd3a16ef000 rw-p 00003000 fe:01 5777944                    /usr/local/lib/ruby/3.0.0/x86_64-linux/monitor.so
7fd3a16ef000-7fd3a16f0000 r--p 00000000 fe:01 5777917                    /usr/local/lib/ruby/3.0.0/x86_64-linux/enc/trans/transdb.so
7fd3a16f0000-7fd3a16f2000 r-xp 00001000 fe:01 5777917                    /usr/local/lib/ruby/3.0.0/x86_64-linux/enc/trans/transdb.so
7fd3a16f2000-7fd3a16f3000 r--p 00003000 fe:01 5777917                    /usr/local/lib/ruby/3.0.0/x86_64-linux/enc/trans/transdb.so
7fd3a16f3000-7fd3a16f4000 r--p 00003000 fe:01 5777917                    /usr/local/lib/ruby/3.0.0/x86_64-linux/enc/trans/transdb.so
7fd3a16f4000-7fd3a16f5000 rw-p 00004000 fe:01 5777917                    /usr/local/lib/ruby/3.0.0/x86_64-linux/enc/trans/transdb.so
7fd3a16f5000-7fd3a16f6000 r--p 00000000 fe:01 5777873                    /usr/local/lib/ruby/3.0.0/x86_64-linux/enc/encdb.so
7fd3a16f6000-7fd3a16f7000 r-xp 00001000 fe:01 5777873                    /usr/local/lib/ruby/3.0.0/x86_64-linux/enc/encdb.so
7fd3a16f7000-7fd3a16f8000 r--p 00002000 fe:01 5777873                    /usr/local/lib/ruby/3.0.0/x86_64-linux/enc/encdb.so
7fd3a16f8000-7fd3a16f9000 r--p 00002000 fe:01 5777873                    /usr/local/lib/ruby/3.0.0/x86_64-linux/enc/encdb.so
7fd3a16f9000-7fd3a16fa000 rw-p 00003000 fe:01 5777873                    /usr/local/lib/ruby/3.0.0/x86_64-linux/enc/encdb.so
7fd3a16fa000-7fd3a16fb000 ---p 00000000 00:00 0 
7fd3a16fb000-7fd3a179c000 rw-p 00000000 00:00 0 
7fd3a179c000-7fd3a179d000 ---p 00000000 00:00 0 
7fd3a179d000-7fd3a183e000 rw-p 00000000 00:00 0 
7fd3a183e000-7fd3a183f000 ---p 00000000 00:00 0 
7fd3a183f000-7fd3a18e0000 rw-p 00000000 00:00 0 
7fd3a18e0000-7fd3a18e1000 ---p 00000000 00:00 0 
7fd3a18e1000-7fd3a1982000 rw-p 00000000 00:00 0 
7fd3a1982000-7fd3a1983000 ---p 00000000 00:00 0 
7fd3a1983000-7fd3a1a24000 rw-p 00000000 00:00 0 
7fd3a1a24000-7fd3a1a25000 ---p 00000000 00:00 0 
7fd3a1a25000-7fd3a1ac6000 rw-p 00000000 00:00 0 
7fd3a1ac6000-7fd3a1ac7000 ---p 00000000 00:00 0 
7fd3a1ac7000-7fd3a1b68000 rw-p 00000000 00:00 0 
7fd3a1b68000-7fd3a1b69000 ---p 00000000 00:00 0 
7fd3a1b69000-7fd3a1c0a000 rw-p 00000000 00:00 0 
7fd3a1c0a000-7fd3a1c0b000 ---p 00000000 00:00 0 
7fd3a1c0b000-7fd3a1cac000 rw-p 00000000 00:00 0 
7fd3a1cac000-7fd3a1cad000 ---p 00000000 00:00 0 
7fd3a1cad000-7fd3a1d4e000 rw-p 00000000 00:00 0 
7fd3a1d4e000-7fd3a1d4f000 ---p 00000000 00:00 0 
7fd3a1d4f000-7fd3a1df0000 rw-p 00000000 00:00 0 
7fd3a1df0000-7fd3a1df1000 ---p 00000000 00:00 0 
7fd3a1df1000-7fd3a1e92000 rw-p 00000000 00:00 0 
7fd3a1e92000-7fd3a1e93000 ---p 00000000 00:00 0 
7fd3a1e93000-7fd3a1f34000 rw-p 00000000 00:00 0 
7fd3a1f34000-7fd3a1f35000 ---p 00000000 00:00 0 
7fd3a1f35000-7fd3a1fd6000 rw-p 00000000 00:00 0 
7fd3a1fd6000-7fd3a1fd7000 ---p 00000000 00:00 0 
7fd3a1fd7000-7fd3a2078000 rw-p 00000000 00:00 0 
7fd3a2078000-7fd3a2079000 ---p 00000000 00:00 0 
7fd3a2079000-7fd3a211a000 rw-p 00000000 00:00 0 
7fd3a211a000-7fd3a211b000 ---p 00000000 00:00 0 
7fd3a211b000-7fd3a21bc000 rw-p 00000000 00:00 0 
7fd3a21bc000-7fd3a21bd000 ---p 00000000 00:00 0 
7fd3a21bd000-7fd3a225e000 rw-p 00000000 00:00 0 
7fd3a225e000-7fd3a225f000 ---p 00000000 00:00 0 
7fd3a225f000-7fd3a2300000 rw-p 00000000 00:00 0 
7fd3a2300000-7fd3a2301000 ---p 00000000 00:00 0 
7fd3a2301000-7fd3a23a2000 rw-p 00000000 00:00 0 
7fd3a23a2000-7fd3a23a3000 ---p 00000000 00:00 0 
7fd3a23a3000-7fd3a2444000 rw-p 00000000 00:00 0 
7fd3a2444000-7fd3a2445000 ---p 00000000 00:00 0 
7fd3a2445000-7fd3a24e6000 rw-p 00000000 00:00 0 
7fd3a24e6000-7fd3a24e7000 ---p 00000000 00:00 0 
7fd3a24e7000-7fd3a2588000 rw-p 00000000 00:00 0 
7fd3a2588000-7fd3a2589000 ---p 00000000 00:00 0 
7fd3a2589000-7fd3a262a000 rw-p 00000000 00:00 0 
7fd3a262a000-7fd3a262b000 ---p 00000000 00:00 0 
7fd3a262b000-7fd3a26cc000 rw-p 00000000 00:00 0 
7fd3a26cc000-7fd3a26cd000 ---p 00000000 00:00 0 
7fd3a26cd000-7fd3a276e000 rw-p 00000000 00:00 0 
7fd3a276e000-7fd3a276f000 ---p 00000000 00:00 0 
7fd3a276f000-7fd3a2810000 rw-p 00000000 00:00 0 
7fd3a2810000-7fd3a2811000 ---p 00000000 00:00 0 
7fd3a2811000-7fd3a28b2000 rw-p 00000000 00:00 0 
7fd3a28b2000-7fd3a28b3000 ---p 00000000 00:00 0 
7fd3a28b3000-7fd3a2954000 rw-p 00000000 00:00 0 
7fd3a2954000-7fd3a2955000 ---p 00000000 00:00 0 
7fd3a2955000-7fd3a29f6000 rw-p 00000000 00:00 0 
7fd3a29f6000-7fd3a29f7000 ---p 00000000 00:00 0 
7fd3a29f7000-7fd3a2a98000 rw-p 00000000 00:00 0 
7fd3a2a98000-7fd3a2a99000 ---p 00000000 00:00 0 
7fd3a2a99000-7fd3a4ca5000 rw-p 00000000 00:00 0 
7fd3a4ca5000-7fd3a4cd7000 r--p 00000000 fe:01 5393875                    /usr/lib/locale/C.UTF-8/LC_CTYPE
7fd3a4cd7000-7fd3a4cd9000 rw-p 00000000 00:00 0 
7fd3a4cd9000-7fd3a4cfb000 r--p 00000000 fe:01 5393403                    /lib/x86_64-linux-gnu/libc-2.28.so
7fd3a4cfb000-7fd3a4e43000 r-xp 00022000 fe:01 5393403                    /lib/x86_64-linux-gnu/libc-2.28.so
7fd3a4e43000-7fd3a4e8f000 r--p 0016a000 fe:01 5393403                    /lib/x86_64-linux-gnu/libc-2.28.so
7fd3a4e8f000-7fd3a4e90000 ---p 001b6000 fe:01 5393403                    /lib/x86_64-linux-gnu/libc-2.28.so
7fd3a4e90000-7fd3a4e94000 r--p 001b6000 fe:01 5393403                    /lib/x86_64-linux-gnu/libc-2.28.so
7fd3a4e94000-7fd3a4e96000 rw-p 001ba000 fe:01 5393403                    /lib/x86_64-linux-gnu/libc-2.28.so
7fd3a4e96000-7fd3a4e9a000 rw-p 00000000 00:00 0 
7fd3a4e9a000-7fd3a4ea7000 r--p 00000000 fe:01 5393428                    /lib/x86_64-linux-gnu/libm-2.28.so
7fd3a4ea7000-7fd3a4f46000 r-xp 0000d000 fe:01 5393428                    /lib/x86_64-linux-gnu/libm-2.28.so
7fd3a4f46000-7fd3a501b000 r--p 000ac000 fe:01 5393428                    /lib/x86_64-linux-gnu/libm-2.28.so
7fd3a501b000-7fd3a501c000 r--p 00180000 fe:01 5393428                    /lib/x86_64-linux-gnu/libm-2.28.so
7fd3a501c000-7fd3a501d000 rw-p 00181000 fe:01 5393428                    /lib/x86_64-linux-gnu/libm-2.28.so
7fd3a501d000-7fd3a501e000 r--p 00000000 fe:01 5393411                    /lib/x86_64-linux-gnu/libcrypt-2.28.so
7fd3a501e000-7fd3a5024000 r-xp 00001000 fe:01 5393411                    /lib/x86_64-linux-gnu/libcrypt-2.28.so
7fd3a5024000-7fd3a5026000 r--p 00007000 fe:01 5393411                    /lib/x86_64-linux-gnu/libcrypt-2.28.so
7fd3a5026000-7fd3a5027000 ---p 00009000 fe:01 5393411                    /lib/x86_64-linux-gnu/libcrypt-2.28.so
7fd3a5027000-7fd3a5028000 r--p 00009000 fe:01 5393411                    /lib/x86_64-linux-gnu/libcrypt-2.28.so
7fd3a5028000-7fd3a5029000 rw-p 0000a000 fe:01 5393411                    /lib/x86_64-linux-gnu/libcrypt-2.28.so
7fd3a5029000-7fd3a5059000 rw-p 00000000 00:00 0 
7fd3a5059000-7fd3a505a000 r--p 00000000 fe:01 5393413                    /lib/x86_64-linux-gnu/libdl-2.28.so
7fd3a505a000-7fd3a505b000 r-xp 00001000 fe:01 5393413                    /lib/x86_64-linux-gnu/libdl-2.28.so
7fd3a505b000-7fd3a505c000 r--p 00002000 fe:01 5393413                    /lib/x86_64-linux-gnu/libdl-2.28.so
7fd3a505c000-7fd3a505d000 r--p 00002000 fe:01 5393413                    /lib/x86_64-linux-gnu/libdl-2.28.so
7fd3a505d000-7fd3a505e000 rw-p 00003000 fe:01 5393413                    /lib/x86_64-linux-gnu/libdl-2.28.so
7fd3a505e000-7fd3a5069000 r--p 00000000 fe:01 5394180                    /usr/lib/x86_64-linux-gnu/libgmp.so.10.3.2
7fd3a5069000-7fd3a50c7000 r-xp 0000b000 fe:01 5394180                    /usr/lib/x86_64-linux-gnu/libgmp.so.10.3.2
7fd3a50c7000-7fd3a50de000 r--p 00069000 fe:01 5394180                    /usr/lib/x86_64-linux-gnu/libgmp.so.10.3.2
7fd3a50de000-7fd3a50df000 ---p 00080000 fe:01 5394180                    /usr/lib/x86_64-linux-gnu/libgmp.so.10.3.2
7fd3a50df000-7fd3a50e0000 r--p 00080000 fe:01 5394180                    /usr/lib/x86_64-linux-gnu/libgmp.so.10.3.2
7fd3a50e0000-7fd3a50e1000 rw-p 00081000 fe:01 5394180                    /usr/lib/x86_64-linux-gnu/libgmp.so.10.3.2
7fd3a50e1000-7fd3a50e3000 r--p 00000000 fe:01 5393466                    /lib/x86_64-linux-gnu/librt-2.28.so
7fd3a50e3000-7fd3a50e7000 r-xp 00002000 fe:01 5393466                    /lib/x86_64-linux-gnu/librt-2.28.so
7fd3a50e7000-7fd3a50e9000 r--p 00006000 fe:01 5393466                    /lib/x86_64-linux-gnu/librt-2.28.so
7fd3a50e9000-7fd3a50ea000 r--p 00007000 fe:01 5393466                    /lib/x86_64-linux-gnu/librt-2.28.so
7fd3a50ea000-7fd3a50eb000 rw-p 00008000 fe:01 5393466                    /lib/x86_64-linux-gnu/librt-2.28.so
7fd3a50eb000-7fd3a50f1000 r--p 00000000 fe:01 5393462                    /lib/x86_64-linux-gnu/libpthread-2.28.so
7fd3a50f1000-7fd3a5100000 r-xp 00006000 fe:01 5393462                    /lib/x86_64-linux-gnu/libpthread-2.28.so
7fd3a5100000-7fd3a5106000 r--p 00015000 fe:01 5393462                    /lib/x86_64-linux-gnu/libpthread-2.28.so
7fd3a5106000-7fd3a5107000 r--p 0001a000 fe:01 5393462                    /lib/x86_64-linux-gnu/libpthread-2.28.so
7fd3a5107000-7fd3a5108000 rw-p 0001b000 fe:01 5393462                    /lib/x86_64-linux-gnu/libpthread-2.28.so
7fd3a5108000-7fd3a510c000 rw-p 00000000 00:00 0 
7fd3a510c000-7fd3a5128000 r-xp 00000000 fe:01 5393487                    /lib/x86_64-linux-gnu/libz.so.1.2.11
7fd3a5128000-7fd3a5328000 ---p 0001c000 fe:01 5393487                    /lib/x86_64-linux-gnu/libz.so.1.2.11
7fd3a5328000-7fd3a5329000 r--p 0001c000 fe:01 5393487                    /lib/x86_64-linux-gnu/libz.so.1.2.11
7fd3a5329000-7fd3a532a000 rw-p 0001d000 fe:01 5393487                    /lib/x86_64-linux-gnu/libz.so.1.2.11
7fd3a532c000-7fd3a5333000 r--s 00000000 fe:01 5394155                    /usr/lib/x86_64-linux-gnu/gconv/gconv-modules.cache
7fd3a5333000-7fd3a5363000 r--p 00000000 fe:01 5776756                    /usr/local/lib/libruby.so.3.0.0
7fd3a5363000-7fd3a55d9000 r-xp 00030000 fe:01 5776756                    /usr/local/lib/libruby.so.3.0.0
7fd3a55d9000-7fd3a56dc000 r--p 002a6000 fe:01 5776756                    /usr/local/lib/libruby.so.3.0.0
7fd3a56dc000-7fd3a56dd000 ---p 003a9000 fe:01 5776756                    /usr/local/lib/libruby.so.3.0.0
7fd3a56dd000-7fd3a56e4000 r--p 003a9000 fe:01 5776756                    /usr/local/lib/libruby.so.3.0.0
7fd3a56e4000-7fd3a56e7000 rw-p 003b0000 fe:01 5776756                    /usr/local/lib/libruby.so.3.0.0
7fd3a56e7000-7fd3a56fa000 rw-p 00000000 00:00 0 
7fd3a56fa000-7fd3a56fb000 r--p 00000000 fe:01 5393389                    /lib/x86_64-linux-gnu/ld-2.28.so
7fd3a56fb000-7fd3a5719000 r-xp 00001000 fe:01 5393389                    /lib/x86_64-linux-gnu/ld-2.28.so
7fd3a5719000-7fd3a5721000 r--p 0001f000 fe:01 5393389                    /lib/x86_64-linux-gnu/ld-2.28.so
7fd3a5721000-7fd3a5722000 r--p 00026000 fe:01 5393389                    /lib/x86_64-linux-gnu/ld-2.28.so
7fd3a5722000-7fd3a5723000 rw-p 00027000 fe:01 5393389                    /lib/x86_64-linux-gnu/ld-2.28.so
7fd3a5723000-7fd3a5724000 rw-p 00000000 00:00 0 
7ffd105e1000-7ffd10de0000 rw-p 00000000 00:00 0                          [stack]
7ffd10de9000-7ffd10dec000 r--p 00000000 00:00 0                          [vvar]
7ffd10dec000-7ffd10ded000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]

When it happens on a debug build there is this extra error message:

<OBJ_INFO:gc_mark_ptr@gc.c:6119> 0x00007fe21804b4f0 [2XXXX] T_NONE
/tmp/test.rb:1: [BUG] try to mark T_NONE object
ruby 3.1.0dev (2021-01-31T09:48:28Z master 22b8ddfd10) [x86_64-darwin19]

Updated by xtkoba (Tee KOBAYASHI) 2 months ago

The 10.times version of code always crashes in my environment:

ruby 3.1.0dev (2021-02-02 master 5803ac1c73) [x86_64-linux]

I noticed that the crash disappears when RGENGC_CHECK_MODE is set to 1, and now I have tracked down a minimal change to suppress the crash:

--- a/gc.c
+++ b/gc.c
@@ -2094,9 +2094,9 @@
     rb_ractor_setup_belonging(obj);
 #endif

-#if RGENGC_CHECK_MODE
     p->as.values.v1 = p->as.values.v2 = p->as.values.v3 = 0;

+#if RGENGC_CHECK_MODE
     RB_VM_LOCK_ENTER_NO_BARRIER();
     {
         check_rvalue_consistency(obj);

This might not be a solution, but it surely has some side effect at least.

Updated by ko1 (Koichi Sasada) 2 months ago

  • Assignee set to ko1 (Koichi Sasada)
  • Status changed from Open to Assigned

Thank you!

Updated by wanabe (_ wanabe) 2 months ago

Shouldn't the call to gc_event_hook() come after newobj_fill()?
Like this:

diff --git a/gc.c b/gc.c
index 30badf975f..dc90e6177f 100644
--- a/gc.c
+++ b/gc.c
@@ -2254,7 +2254,6 @@ newobj_slowpath(VALUE klass, VALUE flags, rb_objspace_t *objspace, rb_ractor_t *
         }
         GC_ASSERT(obj != 0);
         newobj_init(klass, flags, wb_protected, objspace, obj);
-        gc_event_hook(objspace, RUBY_INTERNAL_EVENT_NEWOBJ, obj);
     }
     RB_VM_LOCK_LEAVE_CR_LEV(cr, &lev);

@@ -2279,7 +2278,17 @@ newobj_slowpath_wb_unprotected(VALUE klass, VALUE flags, rb_objspace_t *objspace
 }

 static inline VALUE
-newobj_of0(VALUE klass, VALUE flags, int wb_protected, rb_ractor_t *cr)
+newobj_fill(VALUE obj, VALUE v1, VALUE v2, VALUE v3)
+{
+    RVALUE *p = (RVALUE *)obj;
+    p->as.values.v1 = v1;
+    p->as.values.v2 = v2;
+    p->as.values.v3 = v3;
+    return obj;
+}
+
+static inline VALUE
+newobj_of_cr(rb_ractor_t *cr, VALUE klass, VALUE flags, VALUE v1, VALUE v2, VALUE v3, int wb_protected)
 {
     VALUE obj;
     rb_objspace_t *objspace = &rb_objspace;
@@ -2303,6 +2312,7 @@ newobj_of0(VALUE klass, VALUE flags, int wb_protected, rb_ractor_t *cr)
          (obj = ractor_cached_freeobj(objspace, cr)) != Qfalse)) {

         newobj_init(klass, flags, wb_protected, objspace, obj);
+        newobj_fill(obj, v1, v2, v3);
     }
     else {
         RB_DEBUG_COUNTER_INC(obj_newobj_slowpath);
@@ -2310,33 +2320,17 @@ newobj_of0(VALUE klass, VALUE flags, int wb_protected, rb_ractor_t *cr)
         obj = wb_protected ?
           newobj_slowpath_wb_protected(klass, flags, objspace, cr) :
           newobj_slowpath_wb_unprotected(klass, flags, objspace, cr);
+        newobj_fill(obj, v1, v2, v3);
+        gc_event_hook(objspace, RUBY_INTERNAL_EVENT_NEWOBJ, obj);
     }

     return obj;
 }

-static inline VALUE
-newobj_fill(VALUE obj, VALUE v1, VALUE v2, VALUE v3)
-{
-    RVALUE *p = (RVALUE *)obj;
-    p->as.values.v1 = v1;
-    p->as.values.v2 = v2;
-    p->as.values.v3 = v3;
-    return obj;
-}
-
 static inline VALUE
 newobj_of(VALUE klass, VALUE flags, VALUE v1, VALUE v2, VALUE v3, int wb_protected)
 {
-    VALUE obj = newobj_of0(klass, flags, wb_protected, GET_RACTOR());
-    return newobj_fill(obj, v1, v2, v3);
-}
-
-static inline VALUE
-newobj_of_cr(rb_ractor_t *cr, VALUE klass, VALUE flags, VALUE v1, VALUE v2, VALUE v3, int wb_protected)
-{
-    VALUE obj = newobj_of0(klass, flags, wb_protected, cr);
-    return newobj_fill(obj, v1, v2, v3);
+    return newobj_of_cr(GET_RACTOR(), klass, flags, v1, v2, v3, wb_protected);
 }

 VALUE

Updated by byroot (Jean Boussier) 2 months ago

wanabe (_ wanabe) I just tested your patch and it seems to work. Thank you!

Actions #5

Updated by ko1 (Koichi Sasada) about 2 months ago

  • Status changed from Assigned to Closed

Applied in changeset git|969b824a0c7605e0e570631d967ad0de0c37d0bf.


sync GC rest if needed

marking requires a barrier (stop all Ractors) and gc_enter() does it.
However, it doesn't check rest event which can start marking.
[Bug #17599]

Actions #6

Updated by ko1 (Koichi Sasada) about 2 months ago

  • Backport changed from 2.5: UNKNOWN, 2.6: UNKNOWN, 2.7: UNKNOWN, 3.0: UNKNOWN to 2.5: UNKNOWN, 2.6: UNKNOWN, 2.7: UNKNOWN, 3.0: REQUIRED
Actions #7

Updated by byroot (Jean Boussier) about 2 months ago

ko1 (Koichi Sasada) I'm not sure your patch is quite enough, after it is applied I still see the crash in real world scenario, however with wanabe (_ wanabe) 's patch it is indeed fixed.

Maybe there was two distinct bugs? I'll see if I can reduce another reproduction script.

Actions #8

Updated by byroot (Jean Boussier) about 2 months ago

Actually turns out the same repro script still crash

# frozen_string_literal: true
GC.stress = true
require 'objspace'
ObjectSpace.trace_object_allocations_start
10.times { Object.new }
$ ruby -v
ruby 3.1.0dev (2021-02-18T17:46:48Z shopify 969b824a0c) [x86_64-linux]
$ ruby lib/crash.rb 
<OBJ_INFO:gc_mark_ptr@gc.c:6110> 0x00007f10b63324c0 [0XXXX] T_NONE
lib/crash.rb:5: [BUG] try to mark T_NONE object
ruby 3.1.0dev (2021-02-18T17:46:48Z shopify 969b824a0c) [x86_64-linux]

-- Control frame information -----------------------------------------------
c:0002 p:0038 s:0007 e:000005 EVAL   lib/crash.rb:5 [FINISH]
c:0001 p:0000 s:0003 E:001700 (none) [FINISH]

-- Ruby level backtrace information ----------------------------------------
lib/crash.rb:5:in `<main>'

-- C level backtrace information -------------------------------------------
/usr/local/lib/libruby.so.3.1(rb_print_backtrace+0x11) [0x7f10bbc380bb] vm_dump.c:758
/usr/local/lib/libruby.so.3.1(rb_vm_bugreport) vm_dump.c:1042
/usr/local/lib/libruby.so.3.1(bug_report_end+0x0) [0x7f10bba41207] error.c:778
/usr/local/lib/libruby.so.3.1(rb_bug_without_die) error.c:778
/usr/local/lib/libruby.so.3.1(die+0x0) [0x7f10bb9a6d31] error.c:786
/usr/local/lib/libruby.so.3.1(rb_bug) error.c:788
/usr/local/lib/libruby.so.3.1(gc_mark_ptr+0xd8) [0x7f10bba671a8] gc.c:6111
/usr/local/lib/libruby.so.3.1(gc_mark+0x15) [0x7f10bba68701] gc.c:6144
/usr/local/lib/libruby.so.3.1(gc_mark_children) gc.c:6411
/usr/local/lib/libruby.so.3.1(gc_mark_stacked_objects+0x3d) [0x7f10bba69ce8] gc.c:6464
/usr/local/lib/libruby.so.3.1(gc_mark_stacked_objects_incremental) gc.c:6498
/usr/local/lib/libruby.so.3.1(gc_marks_rest) gc.c:7446
/usr/local/lib/libruby.so.3.1(gc_rest+0x158) [0x7f10bba6ae58] gc.c:8357
/usr/local/lib/libruby.so.3.1(gc_rest+0x8) [0x7f10bba6f3b5] gc.c:8532
/usr/local/lib/libruby.so.3.1(garbage_collect) gc.c:8218
/usr/local/lib/libruby.so.3.1(garbage_collect_with_gvl) gc.c:8532
/usr/local/lib/libruby.so.3.1(objspace_malloc_gc_stress) gc.c:10455
/usr/local/lib/libruby.so.3.1(objspace_malloc_gc_stress) gc.c:10446
/usr/local/lib/libruby.so.3.1(objspace_xmalloc0) gc.c:10630
/usr/local/lib/libruby.so.3.1(ruby_xmalloc0) gc.c:10851
/usr/local/lib/libruby.so.3.1(ruby_xmalloc_body) gc.c:10860
/usr/local/lib/libruby.so.3.1(ruby_xmalloc) gc.c:12802
/usr/local/lib/ruby/3.1.0/x86_64-linux/objspace.so(make_unique_str+0x89) [0x7f10bb2f70d9] object_tracing.c:46
/usr/local/lib/ruby/3.1.0/x86_64-linux/objspace.so(newobj_i+0x9b) [0x7f10bb2f795b] object_tracing.c:84
/usr/local/lib/libruby.so.3.1(tp_call_trace+0x32) [0x7f10bbc397c2] vm_trace.c:1115
/usr/local/lib/libruby.so.3.1(exec_hooks_body+0x86) [0x7f10bbc398e6] vm_trace.c:304
/usr/local/lib/libruby.so.3.1(exec_hooks_postcheck+0x0) [0x7f10bbc3ba93] vm_trace.c:333
/usr/local/lib/libruby.so.3.1(exec_hooks_unprotected) vm_trace.c:334
/usr/local/lib/libruby.so.3.1(rb_exec_event_hooks) vm_trace.c:378
/usr/local/lib/libruby.so.3.1(rb_exec_event_hook_orig+0x40) [0x7f10bba59fb6] vm_core.h:1985
/usr/local/lib/libruby.so.3.1(gc_event_hook_body) gc.c:2069
/usr/local/lib/libruby.so.3.1(newobj_slowpath+0x1a8) [0x7f10bba6db50] gc.c:2257
/usr/local/lib/libruby.so.3.1(newobj_slowpath_wb_protected) gc.c:2272
/usr/local/lib/libruby.so.3.1(newobj_of0+0xe) [0x7f10bba6dede] gc.c:2311
/usr/local/lib/libruby.so.3.1(newobj_of) gc.c:2331
/usr/local/lib/libruby.so.3.1(rb_imemo_new) gc.c:2417
/usr/local/lib/libruby.so.3.1(vm_search_cc+0x60) [0x7f10bbc13530] vm_callinfo.h:300
/usr/local/lib/libruby.so.3.1(rb_vm_search_method_slowpath) vm_insnhelper.c:1734
/usr/local/lib/libruby.so.3.1(vm_search_method_slowpath0+0x5) [0x7f10bbc1377a] vm_insnhelper.c:1756
/usr/local/lib/libruby.so.3.1(vm_search_method_fastpath) vm_insnhelper.c:1822
/usr/local/lib/libruby.so.3.1(vm_sendish) vm_insnhelper.c:4524
/usr/local/lib/libruby.so.3.1(vm_exec_core+0x1f9) [0x7f10bbc1cdc9] insns.def:770
/usr/local/lib/libruby.so.3.1(rb_vm_exec+0x1a4) [0x7f10bbc22924] vm.c:2162
/usr/local/lib/libruby.so.3.1(rb_ec_exec_node+0xed) [0x7f10bba45f0d] eval.c:317
/usr/local/lib/libruby.so.3.1(ruby_run_node+0x5a) [0x7f10bba4beaa] eval.c:375
/usr/local/bin/ruby(main+0x73) [0x556210db31d3] ./main.c:47

Updated by byroot (Jean Boussier) about 2 months ago

Ok, so @tenderlove identified https://github.com/ruby/ruby/commit/100e464bee46ae71ef048ed85a9bdd012935a3f7 as the second commit that need to be backported to fix this issue.

Updated by naruse (Yui NARUSE) about 1 month ago

  • Backport changed from 2.5: UNKNOWN, 2.6: UNKNOWN, 2.7: UNKNOWN, 3.0: REQUIRED to 2.5: UNKNOWN, 2.6: UNKNOWN, 2.7: UNKNOWN, 3.0: DONE

ruby_3_0 b49264ab7aa92f64a806857d7e81b3f1cbba5585 merged revision(s) 969b824a0c7605e0e570631d967ad0de0c37d0bf,100e464bee46ae71ef048ed85a9bdd012935a3f7.

Actions

Also available in: Atom PDF