Bug #3752


ruby/dl and segmentation fault

Added by vinc-mai (Vincent Carmona) almost 12 years ago. Updated over 11 years ago.

Target version:
ruby -v:
ruby 1.9.1p378 (2010-01-10 revision 26273) [i486-linux]


I am trying to port ruby-taglib to ruby 1.9
My current efforts can be dowload at .

When I trying to access an unsupported format file (i.e. an empty file) I have an segmentation fault.
Here is a test case which work with the 1.8 serie (TagLib::BadFile is thrown).

require 'taglib'
p tag.title
rescue TagLib::BadFile
p 'TagLib::BadFile'
tag.close if tag

The segfault happens is the private method TagLib::File#tag when TagLib.taglib_file_tag is called.

The important steps are in ruby-taglib code are:
require 'dl'
require 'dl/import'
extend DL::Importer
dlload ''
extern 'void* taglib_file_tag(void*)'
@tag (Andrii Tereshchenko) ||= TagLib.taglib_file_tag(@file)

See the full code (less than 250 lignes) for more info.

I think TagLib.taglib_file_tag returns nil on error with ruby 1.8.
Can this behavior be ported to ruby 1.9 ? A crash is not very handy.

Here is the trace :

/usr/lib/ruby/1.9.1/dl/func.rb:39: [BUG] Segmentation fault
ruby 1.9.1p378 (2010-01-10 revision 26273) [i486-linux]

-- control frame ----------
c:0008 p:---- s:0031 b:0031 l:000030 d:000030 CFUNC :call
c:0007 p:0076 s:0027 b:0027 l:000026 d:000026 METHOD /usr/lib/ruby/1.9.1/dl/func.rb:39
c:0006 p:0019 s:0020 b:0020 l:000019 d:000019 METHOD (eval):2
c:0005 p:0027 s:0015 b:0015 l:000014 d:000014 METHOD /home/instable/Desktop/zik/dev/taglib.rb:227
c:0004 p:0018 s:0012 b:0011 l:000010 d:000010 METHOD /home/instable/Desktop/zik/dev/taglib.rb:153
c:0003 p:0048 s:0008 b:0007 l:0014e4 d:000618 EVAL ./es.rb:9
c:0002 p:---- s:0004 b:0004 l:000003 d:000003 FINISH
c:0001 p:0000 s:0002 b:0002 l:0014e4 d:0014e4 TOP

-- Ruby level backtrace information-----------------------------------------
/usr/lib/ruby/1.9.1/dl/func.rb:39:in call' /usr/lib/ruby/1.9.1/dl/func.rb:39:in call'
(eval):2:in taglib_file_tag' /home/instable/Desktop/zik/dev/taglib.rb:227:in tag'
/home/instable/Desktop/zik/dev/taglib.rb:153:in title' ./es.rb:9:in '

-- C level backtrace information -------------------------------------------
0xb76dc929 /usr/lib/ [0xb76dc929]
0xb75f592f /usr/lib/ [0xb75f592f]
0xb75f59ca /usr/lib/ [0xb75f59ca]
0xb76829c4 /usr/lib/ [0xb76829c4]
0xb7751410 [0xb7751410]
0xb71c7fa0 /usr/lib/ruby/1.9.1/i486-linux/ [0xb71c7fa0]
0xb76c9af3 /usr/lib/ [0xb76c9af3]
0xb76c9e84 /usr/lib/ [0xb76c9e84]
0xb76d617c /usr/lib/ [0xb76d617c]
0xb76d0673 /usr/lib/ [0xb76d0673]
0xb76d3b46 /usr/lib/ [0xb76d3b46]
0xb76d3dbb /usr/lib/ [0xb76d3dbb]
0xb75f7c77 /usr/lib/ [0xb75f7c77]
0xb75f9276 /usr/lib/ [0xb75f9276]
0x80487c8 ruby1.9.1(main+0x68) [0x80487c8]
0xb73ecbd6 /lib/tls/i686/cmov/ [0xb73ecbd6]
0x80486c1 ruby1.9.1() [0x80486c1]

You may encounter a bug of Ruby interpreter. Bug reports are welcome.
For details:


Actions #1

Updated by tenderlovemaking (Aaron Patterson) almost 12 years ago

  • Category set to ext
  • Assignee set to tenderlovemaking (Aaron Patterson)



Actions #2

Updated by shyouhei (Shyouhei Urabe) almost 12 years ago

  • Status changed from Open to Assigned



Actions #3

Updated by tenderlovemaking (Aaron Patterson) almost 12 years ago

  • Status changed from Assigned to Rejected

If you pass a wrong pointer to a function, it will segv just like the C code would segv. DL is not meant to protect you from errors you could also make in C.

Here is an example of doing a null check, but with a crash. Provide a good file to taglib, and it won't crash.

 require 'dl'
 require 'dl/import'
 module Foo
   extend DL::Importer
   dlload '/opt/local/lib/libtag_c.dylib'
   extern 'void* taglib_file_tag(void*)'
   extern 'void* taglib_file_new(char*)'
 taglib_file = Foo.taglib_file_new(ARGV[0] || 'foo')
 if taglib_file.null?
   puts "bad file"
   Foo.taglib_file_tag(taglib_file) # This will SEGV because it's a NULL pointer
   file_tag = Foo.taglib_file_tag(taglib_file)



Also available in: Atom PDF