From: "ioquatix (Samuel Williams) via ruby-core" Date: 2023-05-15T01:08:38+00:00 Subject: [ruby-core:113484] [Ruby master Bug#19640] `IO#puts` can generate zero length iov which can cause rb_bug crash. Issue #19640 has been updated by ioquatix (Samuel Williams). I added a test, without the patch, it crashes: ``` > make test-all TESTS=test/fiber/test_io.rb sed 's/{\$([^(){}]*)[^{}]*}//g' common.mk > uncommon.mk compiling io.c generating parse.c revision.h updated generating arm64-darwin22-fake.rb /bin/sh ./tool/ifchange "--timestamp=.rbconfig.time" rbconfig.rb rbconfig.tmp arm64-darwin22-fake.rb updated rbconfig.rb unchanged creating verconf.h verconf.h updated compiling loadpath.c compiling parse.c linking miniruby builtin_binary.inc updated compiling builtin.c linking static-library libruby.3.3-static.a linking ruby Run options: --seed=34720 "--ruby=./miniruby -I./lib -I. -I.ext/common ./tool/runruby.rb --extout=.ext -- --disable-gems" --excludes-dir=./test/excludes --name=!/memory_leak/ # Running tests: [root]/ruby/test/fiber/test_io.rb:187: [BUG] rb_sys_fail_path_in(io_writev, ) - errno == 0 ruby 3.3.0dev (2023-05-14T12:15:13Z fix-writev-zero-le.. 61d1dc1799) [arm64-darwin22] -- Crash Report log information -------------------------------------------- [1/1] 48900=test_iole in one of the following locations: * ~/Library/Logs/DiagnosticReports * /Library/Logs/DiagnosticReports for more details. Don't forget to include the above Crash Report log file in bug reports. -- Control frame information ----------------------------------------------- c:0004 p:---- s:0014 e:000013 CFUNC :write c:0003 p:---- s:0011 e:000010 CFUNC :puts c:0002 p:0007 s:0006 e:000005 BLOCK [root]/ruby/test/fiber/test_io.rb:187 [FINISH] c:0001 p:---- s:0003 e:000002 DUMMY [FINISH] -- Ruby level backtrace information ---------------------------------------- [root]/ruby/test/fiber/test_io.rb:187:in `block (2 levels) in test_puts_empty' [root]/ruby/test/fiber/test_io.rb:187:in `puts' [root]/ruby/test/fiber/test_io.rb:187:in `write' -- Threading information --------------------------------------------------- Total ractor count: 1 Ruby thread count for this ractor: 3 -- C level backtrace information ------------------------------------------- [root]/ruby/ruby(rb_vm_bugreport+0xa04) [0x1003bb3d8] vm_dump.c:1101 [root]/ruby/ruby(rb_vm_bugreport) (null):0 [root]/ruby/ruby(bug_report_end+0x0) [0x10020a8c4] error.c:791 [root]/ruby/ruby(rb_bug_without_die) error.c:791 [root]/ruby/ruby(rb_bug+0x1c) [0x100465d20] error.c:799 [root]/ruby/ruby(rb_syserr_new_path_in.cold.1+0x58) [0x100466044] error.c:3354 [root]/ruby/ruby(rb_syserr_new_path_in+0x4) [0x10020f040] [root]/ruby/ruby(rb_syserr_new_path_in) error.c:3352 [root]/ruby/ruby(io_writev+0x268) [0x10025d38c] io.c:2229 ``` ---------------------------------------- Bug #19640: `IO#puts` can generate zero length iov which can cause rb_bug crash. https://bugs.ruby-lang.org/issues/19640#change-103068 * Author: ioquatix (Samuel Williams) * Status: Open * Priority: Normal * Backport: 3.0: UNKNOWN, 3.1: UNKNOWN, 3.2: REQUIRED ---------------------------------------- In the fiber scheduler, `IO#puts ""` or `IO#puts nil` can generate a zero length `iov` which causes `io_binwritev_internal` to fail since the result is zero. We need to fix `IO#puts` so that it does not generate zero length writes, but also we fix `io_binwritev_internal` to handle this case more robustly. Fix: https://github.com/ruby/ruby/pull/7806/files -- https://bugs.ruby-lang.org/ ______________________________________________ ruby-core mailing list -- ruby-core@ml.ruby-lang.org To unsubscribe send an email to ruby-core-leave@ml.ruby-lang.org ruby-core info -- https://ml.ruby-lang.org/mailman3/postorius/lists/ruby-core.ml.ruby-lang.org/