Backport #2557
closed
Segmentation fault in Marshal.load in Rails' ActiveSupport in 1.8.7-p248 only
Description
=begin
There is a consistent segmentation fault in a particular invocation of Marshal.load inside of ActiveSupport. This segfault happens on 1.8.7-p248 and not on 1.8.7-p174. Apologies, but I have not been able to come up with a simpler reproduction. Here's how you can reproduce it from activesupport:
$ git clone git://github.com/rails/rails.git
[...]
$ cd rails/activesupport
Create a file called @fault.rb@ (or whatever you would like) with the following contents:
fault.rb¶
require File.expand_path("../lib/active_support/multibyte/unicode_database.rb", FILE)
ActiveSupport::Multibyte::UnicodeDatabase.new.codepoints
puts "No crash"
Then execute it:
$ ruby -v
ruby 1.8.7 (2009-12-24 patchlevel 248) [i686-darwin9.8.0]
$ ruby fault.rb
/private/tmp/rails/activesupport/lib/active_support/multibyte/unicode_database.rb:37: [BUG] Segmentation fault
ruby 1.8.7 (2009-12-24 patchlevel 248) [i686-darwin9.8.0]
Abort trap
But in 1.8.7-p174:
$ ruby -v
ruby 1.8.7 (2009-06-12 patchlevel 174) [i686-darwin9.8.0]
$ ruby fault.rb
No crash
This may be related to #2175. Unfortunately, I can't read Japanese so I'm not sure. The backtrace from gdb for this crash does not match the one in #2175, but a colleague pointed out that including @GC.disable@ in @fault.rb@ prevents the crash.
=end
Updated by naruse (Yui NARUSE) over 14 years ago
- Status changed from Open to Assigned
- Assignee set to nobu (Nobuyoshi Nakada)
=begin
=end
Updated by nobu (Nobuyoshi Nakada) over 14 years ago
- Status changed from Assigned to Closed
=begin
fixed by r26251.
=end
Updated by nobu (Nobuyoshi Nakada) over 14 years ago
- Status changed from Closed to Assigned
- Assignee changed from nobu (Nobuyoshi Nakada) to shyouhei (Shyouhei Urabe)
=begin
=end
Updated by rsutphin (Rhett Sutphin) about 14 years ago
=begin
There was a deficiency in my original bug report. I failed to mention that I had only run this test on OS X 10.5.8. I have re-run it with p249 and from today's head version of 1.8.7. The code still segfaults on OS X 10.5.8, but it does not fail on Linux (specifically Ubuntu with kernel 2.6.28-18-server). Perhaps it is OS X / darwin only.
=end
Updated by rwoodruff (Rodney Woodruff) about 14 years ago
=begin
Hi,
thanks for the post. I appear to be having the exact same problem after upgrading to 1.8.7 p249. I am on OS X 10.5.8 and use MacPorts. Is there a fix for this yet?
Best,
-- Rodney
=end
Updated by gregmoreno (Greg Moreno) about 14 years ago
=begin
I am confirming that this happens in OSX 10.5.8 with 1.8.7 p249. Here's my setup (via rvm info)
system:
uname: "Darwin gokou.dev 9.8.0 Darwin Kernel Version 9.8.0: Wed Jul 15 16:55:01 PDT 2009; root:xnu-1228.15.4~1/RELEASE_I386 i386"
shell: "bash"
version: "3.2.17(1)-release"
ruby:
interpreter: "ruby"
version: "1.8.7"
date: "2010-01-10"
platform: "i686-darwin9.8.0"
patchlevel: "2010-01-10 patchlevel 249"
full_version: "ruby 1.8.7 (2010-01-10 patchlevel 249) [i686-darwin9.8.0]"
=end
Updated by gregmoreno (Greg Moreno) about 14 years ago
=begin
I don't encounter the bug in Ubuntu 9.10 with 1.8.7 p249.
system:
uname: "Linux gohan 2.6.31-20-generic #58-Ubuntu SMP Fri Mar 12 05:23:09 UTC 2010 i686 GNU/Linux"
shell: "bash"
version: "4.0.33(1)-release"
ruby:
interpreter: "ruby"
version: "1.8.7"
date: "2010-01-10"
platform: "i686-linux"
patchlevel: "2010-01-10 patchlevel 249"
full_version: "ruby 1.8.7 (2010-01-10 patchlevel 249) [i686-linux]"
=end
Updated by shyouhei (Shyouhei Urabe) about 14 years ago
- Status changed from Assigned to Closed
- % Done changed from 0 to 100
=begin
This issue was solved with changeset r27408.
Rhett, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.
=end