From: Rei.Odaira@... Date: 2014-03-20T01:59:52+00:00 Subject: [ruby-dev:48058] [ruby-trunk - Bug #9654] [Open] Segmentation fault while printing out C level backtrace information Issue #9654 has been reported by Rei Odaira. ---------------------------------------- Bug #9654: Segmentation fault while printing out C level backtrace information https://bugs.ruby-lang.org/issues/9654 * Author: Rei Odaira * Status: Open * Priority: Normal * Assignee: * Category: * Target version: * ruby -v: ruby 2.2.0dev (2014-03-19) [powerpc64-linux] * Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN ---------------------------------------- When SIGSEGV happens, C level backtrace information should be printed out, but the printing-out itself causes another segmentation fault. ~~~ $ ./ruby -e 'Process.kill :SEGV, $$' -e:1: [BUG] Segmentation fault at 0x00584f ruby 2.2.0dev (2014-03-19) [powerpc64-linux] -- Control frame information ----------------------------------------------- c:0003 p:---- s:0009 e:000008 CFUNC :kill c:0002 p:0015 s:0004 E:00153c EVAL -e:1 [FINISH] c:0001 p:0000 s:0002 E:002574 TOP [FINISH] -- Ruby level backtrace information ---------------------------------------- -e:1:in `
' -e:1:in `kill' -- C level backtrace information ------------------------------------------- ./ruby(Segmentation fault ~~~ This second segmentation fault happens at the following stack context. ~~~ (gdb) bt #0 0x201ba994 in strlen () from /lib/libc.so.6 #1 0x2070cbe0 in kvprintf (fmt=0x207a097d "+0x%lx) [0x%lx] %s:%d\n") at addr2line.c:1009 #2 kprintf (fmt=0x207a097d "+0x%lx) [0x%lx] %s:%d\n") at addr2line.c:771 #3 0x2070e4f8 in rb_dump_backtrace_with_lines (num_traces=18, traces=0x2081762c, syms=0x20a7d720) at addr2line.c:677 #4 0x206f3ffc in rb_print_backtrace () at vm_dump.c:690 #5 rb_vm_bugreport () at vm_dump.c:825 #6 0x207621ac in report_bug (file=, line=, fmt=0x2079857c "Segmentation fault at %p", args=0x2085f864) at error.c:312 #7 0x207624e4 in rb_bug (fmt=0x2079857c "Segmentation fault at %p") at error.c:339 #8 0x206664e0 in sigsegv (sig=, info=0x2085f8f0, ctx=) at signal.c:704 #9 #10 0x2016674c in kill () from /lib/libc.so.6 #11 0x20702c64 in ruby_kill (pid=, sig=) at thread.c:5185 <<<<< snip >>>>> ~~~ This error began to occur after this change: http://www.rubyist.net/~kanemoto/chkbuild/plinux/ruby-trunk/log/20140314T070002Z.diff.html.gz Due to this error, TestBugReporter#test_bug_reporter_add fails on ppc64 GNU/Linux. My guess is that the changes in addr2line.c are doing something, but I am not sure. The second segmentation fault is caused because line->sname points to out-of-range memory. Tracing rb_dump_backtrace_with_lines() and fill_lines(), I found the sname entry was first set correctly by reading the ./ruby file, but it was later overwritten by some incorrect information while reading the /usr/lib/debug/lib/libc-2.5.so.debug file. In libc-2.5.so.debug, there seem to be several symbol table entries whose st_size is quite big (~1.5 GB), so those entries happen to cover all the addresses in traces[], which results in overwritting sname at the line 584 of addr2line.c. I am not familiar with ELF, so I cannot track down further. Hope this report helps. -- https://bugs.ruby-lang.org/