[Bug #2794] Aborted (core dumped) BUG on Ruby/DL

Bug #2794: Aborted (core dumped) BUG on Ruby/DL
http://redmine.ruby-lang.org/issues/show/2794

e$B5/I<<Te(B: Takao NISHI
e$B%9%F!<%?%9e(B: Open, e$BM%@hEYe(B: Normal
ruby -v: ruby 1.8.6 (2007-09-24 patchlevel 111) [i486-linux], ruby 1.8.7
(2008-08-11 patchlevel 72) [i386-cygwin]

e$B0J2<$N%3!<%I$Ge(Bcore dumpe$B$7$^$9!#e(B

$ ruby -rdl/import -e ‘s=DL.strdup(“\0”*1024);s[0,1023]=“\xff”’
*** glibc detected *** ruby: free(): invalid next size (fast):
0x0808ec18 ***
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6[0xb7cdea85]
/lib/tls/i686/cmov/libc.so.6(cfree+0x90)[0xb7ce24f0]
/usr/lib/libruby1.8.so.1.8(ruby_xfree+0x37)[0xb7e79ac7]
/usr/lib/ruby/1.8/i486-linux/dl.so(dlfree+0x1d)[0xb7c36a7d]
/usr/lib/ruby/1.8/i486-linux/dl.so(dlptr_free+0x2f)[0xb7c398df]
/usr/lib/libruby1.8.so.1.8(rb_gc_call_finalizer_at_exit+0xa7)[0xb7e79d97]
/usr/lib/libruby1.8.so.1.8[0xb7e5f997]
/usr/lib/libruby1.8.so.1.8(ruby_cleanup+0x100)[0xb7e67b90]
/usr/lib/libruby1.8.so.1.8(ruby_stop+0x1d)[0xb7e67cdd]
/usr/lib/libruby1.8.so.1.8[0xb7e72d51]
ruby[0x80486bd]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe0)[0xb7c89450]
ruby[0x8048601]
======= Memory map: ========
08048000-08049000 r-xp 00000000 08:04 20186180 /usr/bin/ruby1.8
08049000-0804a000 rw-p 00000000 08:04 20186180 /usr/bin/ruby1.8
0804a000-080ad000 rw-p 0804a000 00:00 0 [heap]
b7b00000-b7b21000 rw-p b7b00000 00:00 0
b7b21000-b7c00000 —p b7b21000 00:00 0
b7c2c000-b7c3f000 r-xp 00000000 08:04 20283415
/usr/lib/ruby/1.8/i486-linux/dl.so
b7c3f000-b7c40000 rw-p 00012000 08:04 20283415
/usr/lib/ruby/1.8/i486-linux/dl.so
b7c40000-b7c73000 rw-p b7c40000 00:00 0
b7c73000-b7dbc000 r-xp 00000000 08:04 2195508
/lib/tls/i686/cmov/libc-2.7.so
b7dbc000-b7dbd000 r–p 00149000 08:04 2195508
/lib/tls/i686/cmov/libc-2.7.so
b7dbd000-b7dbf000 rw-p 0014a000 08:04 2195508
/lib/tls/i686/cmov/libc-2.7.so
b7dbf000-b7dc2000 rw-p b7dbf000 00:00 0
b7dc2000-b7de5000 r-xp 00000000 08:04 2195520
/lib/tls/i686/cmov/libm-2.7.so
b7de5000-b7de7000 rw-p 00023000 08:04 2195520
/lib/tls/i686/cmov/libm-2.7.so
b7de7000-b7df0000 r-xp 00000000 08:04 2195517
/lib/tls/i686/cmov/libcrypt-2.7.so
b7df0000-b7df2000 rw-p 00008000 08:04 2195517
/lib/tls/i686/cmov/libcrypt-2.7.so
b7df2000-b7e19000 rw-p b7df2000 00:00 0
b7e19000-b7e1b000 r-xp 00000000 08:04 2195518
/lib/tls/i686/cmov/libdl-2.7.so
b7e1b000-b7e1d000 rw-p 00001000 08:04 2195518
/lib/tls/i686/cmov/libdl-2.7.so
b7e1d000-b7e1e000 rw-p b7e1d000 00:00 0
b7e1e000-b7e32000 r-xp 00000000 08:04 2195546
/lib/tls/i686/cmov/libpthread-2.7.so
b7e32000-b7e34000 rw-p 00013000 08:04 2195546
/lib/tls/i686/cmov/libpthread-2.7.so
b7e34000-b7e36000 rw-p b7e34000 00:00 0
b7e36000-b7ef4000 r-xp 00000000 08:04 20185223
/usr/lib/libruby1.8.so.1.8.6
b7ef4000-b7ef6000 rw-p 000be000 08:04 20185223
/usr/lib/libruby1.8.so.1.8.6
b7ef6000-b7f06000 rw-p b7ef6000 00:00 0
b7f0d000-b7f17000 r-xp 00000000 08:04 2195478 /lib/libgcc_s.so.1
b7f17000-b7f18000 rw-p 0000a000 08:04 2195478 /lib/libgcc_s.so.1
b7f18000-b7f1b000 rw-p b7f18000 00:00 0
b7f1b000-b7f1c000 r-xp b7f1b000 00:00 0 [vdso]
b7f1c000-b7f36000 r-xp 00000000 08:04 2195669 /lib/ld-2.7.so
b7f36000-b7f38000 rw-p 00019000 08:04 2195669 /lib/ld-2.7.so
bfd7c000-bfd91000 rw-p bffeb000 00:00 0 [stack]
Aborted (core dumped)

e$B0J2<$N%3!<%I$G$OLdBj$J$$$N$Ge(BDL.strdupe$B$NLdBj$H;W$o$l$^$9e(B

ruby -rdl/import -e ‘s=DL.malloc(1024);s[0,1023]=“\xff”’

e$B%A%1%C%He(B #2794 e$B$,99?7$5$l$^$7$?!#e(B (by Motohiro KOSAKI)

e$B0J2<$N4D6-$G:F8=!Je(Bi.e. fedora12 on x86_64e$B!Ke(B

ruby 1.8.6 (2009-08-04 patchlevel 383) [x86_64-linux]

http://redmine.ruby-lang.org/issues/show/2794

e$B%A%1%C%He(B #2794 e$B$,99?7$5$l$^$7$?!#e(B (by Motohiro KOSAKI)

DL.strdup(“\0”*1024)e$B$Oe(Blibce$B$Ne(Bstrdupe$B$r8F$S=P$9$N$Ge(BCe$B8@8l$Ne(Bstrdupe$B$N;EMM$K=>$$e(Bstrdup(“\0”)e$B$r<B9T$7#1%P%$%H%P%C%U%!$r:n$j$^$9!#e(B
e$B$J$N$G!";EMM$N$h$&$J5$$b$7$^$9e(B


http://redmine.ruby-lang.org/issues/show/2794

e$B%A%1%C%He(B #2794 e$B$,99?7$5$l$^$7$?!#e(B (by Takao NISHI)

p DL.strdup(“\x0”*1024)
#<DL::PtrData:0x100dd208 ptr=0x100dd1f8 size=1024 free=0x69e08e20>

e$B$He(Bsizee$B$,e(B1024e$B$HG’<1$5$l$F$$$k$N$G!$$d$O$jLdBj$,B8:_$9$k$H;W$o$l$^$9!#e(B

http://redmine.ruby-lang.org/issues/show/2794

e$B%A%1%C%He(B #2794 e$B$,99?7$5$l$^$7$?!#e(B (by Motohiro KOSAKI)

e$B%U%!%$%ke(B 0001-sanity-DL-strdup.patch e$BDI2Ce(B

e$BE:IU$N%Q%C%A$Ge(B comment#3e$B$G;XE&$5$l$?e(B
size=1024e$B$NLdBj$OD>$j$^$9!#e(B

http://redmine.ruby-lang.org/issues/show/2794

e$B%A%1%C%He(B #2794 e$B$,99?7$5$l$^$7$?!#e(B (by Shyouhei U.)

e$B%9%F!<%?%9e(B Opene$B$+$ie(BAssignede$B$KJQ99e(B
e$BC4Ev<Te(B Shyouhei U.e$B$K%;%C%He(B

e$B$"$H$GFI$`!#e(B

http://redmine.ruby-lang.org/issues/show/2794

e$B%A%1%C%He(B #2794 e$B$,99?7$5$l$^$7$?!#e(B (by Shyouhei U.)

e$BC4Ev<Te(B Shyouhei U.e$B$+$ie(BAkinori MUSHAe$B$KJQ99e(B
Target version Ruby 1.8.8e$B$K%;%C%He(B
ruby -v ruby 1.8.6 (2007-09-24 patchlevel 111) [i486-linux], ruby 1.8.7
(2008-08-11 patchlevel 72) [i386-cygwin]e$B$+$ie(Bruby 1.8.6 (2007-09-24
patchlevel 111) [i486-linux], ruby 1.8.7 (2008-08-11 patchlevel 72)
[i386-cygwin], ruby 1.8.8dev (2010-06-08 revision 27061)
[x86_64-linux]e$B$KJQ99e(B

e$B$?$i$$2s$7$K$7$F$4$a$s$J$5$$!“$3$l$Oe(Bstrdupe$B$J$N$@$+$ie(Bstrlene$B$+$i7W;;$9$kD9$5$,K\Mh$NDj5A$G$”$k$h$&$K;d$b;W$$$^$9!#e(B
e$B%4!<%5%$%s$,$G$l$P$3$A$i$G%3%_%C%H$7$^$9!#e(B

http://redmine.ruby-lang.org/issues/show/2794

e$B%A%1%C%He(B #2794 e$B$,99?7$5$l$^$7$?!#e(B (by Akinori MUSHA)

e$B$“!”$3$l$Oe(Bstrlen()+1e$B$,05E]E*$K@5$7$$$G$9$M!#F~$l$^$9!#e(B

http://redmine.ruby-lang.org/issues/show/2794

e$B%A%1%C%He(B #2794 e$B$,99?7$5$l$^$7$?!#e(B (by Motohiro KOSAKI)

DLe$B$J$N$Ge(Blibce$B$Ne(Bstrdupe$B$r8F$V$N$,;EMM$J$N$G$O$J$$$+!)$D$^$j!“e(BRStringe$B$Ne(Bsize=1024e$B$OL5;k$9$k$N$,;EMM$J$N$G$O$J$$$N$+!)$H$$$&5?Ld$,$”$j$^$9!#$H=q$$$?$D$b$j$G$7$?!#@eB-$i$:$G$9$$$^$;$se(B

http://redmine.ruby-lang.org/issues/show/2794

e$B%A%1%C%He(B #2794 e$B$,99?7$5$l$^$7$?!#e(B (by Akinori MUSHA)

e$B%9%F!<%?%9e(B Assignede$B$+$ie(BClosede$B$KJQ99e(B
e$B?JD=e(B % 0e$B$+$ie(B100e$B$KJQ99e(B

This issue was solved with changeset r28250.
Takao, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.


http://redmine.ruby-lang.org/issues/show/2794