Bug #2558: r24591 causes Segfault
http://redmine.ruby-lang.org/issues/show/2558

Author: Alex Legler
Status: Open, Priority: Normal
ruby -v: ruby 1.9.1p376 (2009-12-07 revision 26041) [x86_64-linux]

While looking into a test failure in test_thread.rb (ticket #2506), I stumbled upon a segmentation fault that was randomly happening.

To reproduce, run `make test', or the extracted sample (attached) while redirecting output. i.e. `./ruby19 ~/reprod.rb > /dev/null' multiple times, until randomly a segv occurs. 
The segfault only seems to occur on systems with a glibc >= 2.10, I reproduced it on Gentoo x86 with glibc 2.10 and amd64 with glibc 2.11.

I "bisected" my way through the changes between 1.9.1_p243 and 1.9.1_p376 and found that r24591 (applied in the 1_9_1 branch in r25539) is the cause. If I take a pristine p376 snapshot and just revert the aforementioned change, the issue goes away.

This is what the crash output looks like:

--
/home/alex/file.rb:114: [BUG] Segmentation fault
ruby 1.9.1p376 (2009-12-07 revision 26041) [x86_64-linux]

-- control frame ----------
c:0003 p:0000 s:0007 b:0007 l:001f88 d:000006 BLOCK  /home/alex/file.rb:114
c:0002 p:---- s:0004 b:0004 l:000003 d:000003 FINISH
c:0001 p:---- s:0002 b:0002 l:000001 d:000001 TOP   
---------------------------
-- Ruby level backtrace information-----------------------------------------
/home/alex/file.rb:114:in `block (2 levels) in <main>'

-- C level backtrace information -------------------------------------------
0x7f8e9a8443d1 ./libruby19.so.1.9(rb_vm_bugreport+0x51) [0x7f8e9a8443d1]
0x7f8e9a76caae ./libruby19.so.1.9(+0x50aae) [0x7f8e9a76caae]
0x7f8e9a76cc13 ./libruby19.so.1.9(rb_bug+0xb3) [0x7f8e9a76cc13]
0x7f8e9a7eebb5 ./libruby19.so.1.9(+0xd2bb5) [0x7f8e9a7eebb5]
0x7f8e9a50f010 /lib/libpthread.so.0(+0xf010) [0x7f8e9a50f010]
0x72e6e0 [0x72e6e0]

[NOTE]
You may encounter a bug of Ruby interpreter. Bug reports are welcome.
For details: http://www.ruby-lang.org/bugreport.html
--

Note that file.rb is what I attach as reprod.rb and does not have 114 lines!

Please also find more info from gdb attached.


----------------------------------------
http://redmine.ruby-lang.org