Bug #2781: crash when gc_mark()ing already free'd locals of cloned scope
http://redmine.ruby-lang.org/issues/show/2781
Author: coderrr .
Status: Open, Priority: High
Category: core
ruby -v: >= 1.8.7-p248
This causes a segfault on >= 1.8.7-p248
---
def def_x(arg)
Object.send :define_method, :x do
def_x lambda{}
end
end
GC.stress = true # unnecessary but makes it occur faster
def_x nil
n = 3 # minimum for crash, increase if needed
n.times { x 0 }
---
This bug was caused by the fix i suggested for #1322,
http://github.com/rubyspec/matzruby/commit/7c646cbba0815b3c9c7dc76f80fae58b30ec66b4.
The previous fix is flawed in that it added the SCOPE_MALLOC flag to the
scope just so scope_dup() didn't process it. This had the side-effect
that gc_mark_children() now processes the scope whereas it would not
have before. A better fix is the following, which instead of adding
the SCOPE_MALLOC flag, we add a check for the SCOPE_CLONE flag to
scope_dup(). This fixes bug #1322 as well as the segfault:
http://github.com/coderrr/matzruby/commit/249c7d9912b961a9350f300ed148857100a659f8
Please check the patch for other unforseen side effects. I didn't see
any changes in rubyspec failures from p174 to a patched p248.
on 2010-02-23 00:49
on 2010-02-23 21:08
Issue #2781 has been updated by coderrr .. just realized the check for SCOPE_CLONE is also no longer needed before freeing locals: http://github.com/coderrr/matzruby/commit/9c80aae67002e443314033b04ceb9c6e5b886c57 ---------------------------------------- http://redmine.ruby-lang.org/issues/show/2781
on 2010-03-02 10:15
Issue #2781 has been updated by coderrr .. By the way, this causes the popular web framework sinatra to segfault due to http://github.com/sinatra/sinatra/blob/master/lib/sinatra/base.rb#L687-702 ---------------------------------------- http://redmine.ruby-lang.org/issues/show/2781
on 2010-08-30 22:42
Issue #2781 has been updated by Aman Gupta. With 1.8.7-p302, I am unable to get the def_x test case provided in the bug report to segfault. However, I still see segfaults when using Sinatra <= 0.9.5. The segfaults go away if I manually apply this patch to Sinatra 0.9.4: http://github.com/sinatra/sinatra/commit/ae34a6fde5e15e9ba3ca40cf800d0366e44eec1f ---------------------------------------- http://redmine.ruby-lang.org/issues/show/2781
Enable email notification
Enable multi-page viewPlease log in before posting. Registration is free and takes only a minute.
Existing account
(Switch to SSL-encrypted connection)
NEW: Do you have a Google/GoogleMail or Yahoo account? No registration required!
Log in with Google account | Log in with Yahoo account
Log in with Google account | Log in with Yahoo account
No account? Register here.