Server crashes since ruby upgrade

Ruby
1

I’ve built ruby 1.8.6-p230 due to vulnerabilities in older versions.
Previously using 1.8.6-p110. Built in a NetBSD 3.1 environment.
I have a rails app using the rails 2.0.2. This is running fine on
the production server using ruby 1.8.6-p110, but the test server
using 1.8.6-p230 crashes and dumps core with either a segmentation fault
or an illegal hardware error, depending on the page I was trying to
load.
This happens whether I am using Mongrel or Webrick. It looks like
(based on what I saw in a few ktraces) that it crashed as soon as it
was ready to start rendering the page (it had finished reading in all
the templates).

Here’s what I’ve been seeing from Webrick:

k1# script/server webrick
=> Booting WEBrick…
=> Rails application started on http://0.0.0.0:3000
=> Ctrl-C to shutdown server; call with --help for options
[2008-06-24 11:53:46] INFO WEBrick 1.3.1
[2008-06-24 11:53:46] INFO ruby 1.8.6 (2008-06-20) [i386-netbsdelf3.1]
[2008-06-24 11:53:46] INFO WEBrick::HTTPServer#start: pid=20021
port=3000
166.84.1.253 - - [24/Jun/2008:11:53:56 EDT] “GET /acct/charge HTTP/1.1”
200 3751

  • → /acct/charge
    ruby in free(): warning: chunk is already free.
    ruby in free(): warning: chunk is already free.
    ruby in free(): warning: chunk is already free.
    ruby in free(): warning: chunk is already free.
    166.84.1.253 - - [24/Jun/2008:11:54:06 EDT] “GET /vc HTTP/1.1” 200 5303
    http://localhost:3000/acct/charge → /vc
    166.84.1.253 - - [24/Jun/2008:11:54:08 EDT] “GET /images/plainbar/0.png
    HTTP/1.1” 200 150
    http://localhost:3000/vc → /images/plainbar/0.png
    166.84.1.253 - - [24/Jun/2008:11:54:08 EDT] “GET /images/plainbar/76.png
    HTTP/1.1” 200 174
    http://localhost:3000/vc → /images/plainbar/76.png
    ruby in free(): warning: chunk is already free.
    ruby in free(): warning: chunk is already free.
    ruby in free(): warning: chunk is already free.
    ruby in malloc(): warning: chunk is already free.
    166.84.1.253 - - [24/Jun/2008:11:54:10 EDT] “GET /vc HTTP/1.1” 304 0
    http://localhost:3000/vc → /vc
    zsh: illegal hardware instruction (core dumped) script/server webrick

Any ideas?

Ken

I use the words you taught me. If they don’t mean anything any more,
teach me others. Or let me be silent.
Samuel Beckett (Clov, Endgame)

2

Ken Dunlap wrote:

I’ve built ruby 1.8.6-p230 due to vulnerabilities in older versions.
Previously using 1.8.6-p110. Built in a NetBSD 3.1 environment.
I have a rails app using the rails 2.0.2. This is running fine on
the production server using ruby 1.8.6-p110, but the test server
using 1.8.6-p230 crashes and dumps core with either a segmentation fault
or an illegal hardware error, depending on the page I was trying to
load.

It’s not just you. There’s been quite a bit of discussion on
the problem in another thread on this mailing list, following
up the original announcement; if you’ve already tossed those
messages and would like to look back, see here:

Ruby 1.9.0/1.8.7/1.8.6/1.8.5 new releases (Security Fix) - Ruby - Ruby-Forum

At this point, there’s a patch available for the released
1.8.6-p230 here, which undoes one apparently problematic
change (and appears to be working for folks):

http://dev.smartleaf.com/misc/p230_fixit_patch.txt

and also multiple patch sets which attempt to cherry-pick
the security fixes only for application to an earlier
release, including one from the mod_rails guys here:

http://blog.phusion.nl/

which also (I believe) incorporates their storage
management hacks. (FWIW, “p230_fixit_patch” is something
I made available, but the contents are the output of
“svn diff” on the problematic revision, pretty much
straight.) See also discussion in comments on the
official rails blog, following up on their announcement:

Peak Obsession

Robert Thau
rst AT {ai,alum}.mit.edu