From: "ktsj (Kazuki Tsujimoto)" Date: 2012-12-10T17:17:45+09:00 Subject: [ruby-dev:46721] [ruby-trunk - Bug #953] 深い入れ子の配列の取り扱いで落ちる Issue #953 has been updated by ktsj (Kazuki Tsujimoto). =begin ulimit -s 4096 / Ubuntu 12.04 x64 でtrunk(r38279)で追試してみたところ、 状況が変わっていて、SystemStackErrorにはなるものの MALLOC_CHECK_で落ちるようになっています。 $ ./ruby nest.rb nest.rb:5: stack level too deep (SystemStackError) *** glibc detected *** ./ruby: munmap_chunk(): invalid pointer: 0x0000555555a55f40 *** ======= Backtrace: ========= /lib/x86_64-linux-gnu/libc.so.6(+0x7e626)[0x7ffff6f3f626] ./ruby(+0x1af3e0)[0x5555557033e0] ./ruby(ruby_vm_destruct+0x75)[0x555555702c56] ./ruby(ruby_cleanup+0x382)[0x5555555b29c2] ./ruby(ruby_run_node+0x45)[0x5555555b2b7b] ./ruby(+0x20f09)[0x555555574f09] /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed)[0x7ffff6ee276d] ./ruby(+0x20dd9)[0x555555574dd9] この際のバックトレースは以下の通りです。 Program received signal SIGABRT, Aborted. 0x00007ffff6ef7445 in raise () from /lib/x86_64-linux-gnu/libc.so.6 (gdb) bt #0 0x00007ffff6ef7445 in raise () from /lib/x86_64-linux-gnu/libc.so.6 #1 0x00007ffff6efabab in abort () from /lib/x86_64-linux-gnu/libc.so.6 #2 0x00007ffff6f34e2e in ?? () from /lib/x86_64-linux-gnu/libc.so.6 #3 0x00007ffff6f3f626 in ?? () from /lib/x86_64-linux-gnu/libc.so.6 #4 0x000055555570344d in thread_free (ptr=0x5555559ee570) at vm.c:1762 #5 0x0000555555702cc3 in ruby_vm_destruct (vm=0x5555559edf20) at vm.c:1570 #6 0x00005555555b29c2 in ruby_cleanup (ex=1) at eval.c:233 #7 0x00005555555b2b7b in ruby_run_node (n=0x555555dbd030) at eval.c:307 #8 0x0000555555574f09 in main (argc=5, argv=0x7fffffffe018) at main.c:36 (gdb) fr 4 #4 0x000055555570344d in thread_free (ptr=0x5555559ee570) at vm.c:1762 1762 free(th->altstack); (gdb) p th->altstack $3 = (void *) 0x555555a55f40 これは[Bug #7141]と同件のようなので、まずはそちらの対応待ちということでどうでしょうか。 * 「altstackの周りをmprotectして確認」するパッチを当てるとSEGVするようになる。 * 「ALT_STACK_SIZEを5倍くらいする」パッチを当てると、単にSystemStackErrorで終わるようになる。(MALLOC_CHECK_にもかからない) =end ---------------------------------------- Bug #953: 深い入れ子の配列の取り扱いで落ちる https://bugs.ruby-lang.org/issues/953#change-34583 Author: tadf (tadayoshi funaba) Status: Assigned Priority: Normal Assignee: ko1 (Koichi Sasada) Category: Target version: 2.0.0 ruby -v: ruby 1.9.1 (2008-12-30 patchlevel-5000 trunk 21202) [i686-linux] =begin 以下のスクリプトを実行すると Segmentation fault で落ちました。 $ cat ./nest.rb a = [0] 10000.times do a = [a] end p a $ ./ruby -v ./nest.rb ruby 1.9.1 (2008-12-30 patchlevel-5000 trunk 21202) [i686-linux] Segmentation fault (gdb) bt #0 0x08111407 in vm_get_ruby_level_next_cfp (th=0x81ae758, cfp=0xb7c734a8) at vm.c:131 #1 0x0811159b in rb_sourceline () at vm.c:757 #2 0x0814ead7 in rb_bug (fmt=0x81737d3 "Segmentation fault") at error.c:230 #3 0x080d49e6 in sigsegv (sig=11, info=0x82152fc, ctx=0x821537c) at signal.c:600 #4 #5 frame_func_id (cfp=0xb7c734a8) at eval.c:730 #6 0x0812696a in rb_exec_recursive (func=0x812d040 , obj=135994660, arg=0) at thread.c:3237 #7 0x0812d01a in rb_ary_inspect (ary=4) at array.c:1574 #8 0x0811d854 in vm_call0 (th=0x81ae758, klass=136124880, recv=135994660, id=760, oid=760, argc=0, argv=0x0, body=0x81d1818, nosuper=0) at vm_eval.c:70 #9 0x0811ddb2 in rb_funcall (recv=, mid=760, n=0) at vm_eval.c:248 #10 0x080840aa in rb_inspect (obj=135994660) at object.c:312 #11 0x0812d0f3 in inspect_ary (ary=135994500, dummy=0, recur=0) at array.c:1550 #12 0x08126b5f in rb_exec_recursive (func=0x812d040 , obj=135994500, arg=0) at thread.c:3273 #13 0x0812d01a in rb_ary_inspect (ary=4) at array.c:1574 #14 0x0811d854 in vm_call0 (th=0x81ae758, klass=136124880, recv=135994500, id=760, oid=760, argc=0, argv=0x0, body=0x81d1818, nosuper=0) ---Type to continue, or q to quit--- =end -- http://bugs.ruby-lang.org/