Issue #4492 has been updated by Koichi Sasada.

Description updated
Status changed from Feedback to Closed

It was fixed.

----------------------------------------
Bug #4492: Segfault on successive stack overflows
https://bugs.ruby-lang.org/issues/4492#change-62768

* Author: Pierre Chapuis
* Status: Closed
* Priority: Normal
* Assignee: Koichi Sasada
* Target version: next minor
* ruby -v: ruby 1.9.2p136 (2010-12-25 revision 30365) [x86_64-darwin10.6.0]
* Backport: 2.2: UNKNOWN, 2.3: UNKNOWN, 2.4: UNKNOWN
----------------------------------------
On a Mac, this snippet crashes Ruby:

```
 def f(*x); end
 begin
   f(*(0..120000))
 rescue
   nil
 end
 f(*(0..120000))
```

Here is the result when run with ruby:

```
 segfaulter.rb:7: [BUG] Segmentation fault
 ruby 1.9.2p136 (2010-12-25 revision 30365) [x86_64-darwin10.6.0]

 -- control frame ----------
 c:0003 p:0048 s:120009 b:0006 l:0014e8 d:000c08 EVAL   segfaulter.rb:7
 c:0002 p:---- s:0004 b:0004 l:000003 d:000003 FINISH
 c:0001 p:0000 s:0002 b:0002 l:0014e8 d:0014e8 TOP   
 ---------------------------
 -- Ruby level backtrace information ----------------------------------------
 segfaulter.rb:7:in `<main>'

 -- C level backtrace information -------------------------------------------

 [NOTE]
 You may have encountered a bug in the Ruby interpreter or extension libraries.
 Bug reports are welcome.
 For details: http://www.ruby-lang.org/bugreport.html

 Abort trap
```

Here is the result in irb:

```
 ruby-1.9.2-p136 :001 > def f(*x); end
  => nil 
 ruby-1.9.2-p136 :002 > begin
 ruby-1.9.2-p136 :003 >       f(*(0..120000))
 ruby-1.9.2-p136 :004?>   rescue
 ruby-1.9.2-p136 :005?>     nil
 ruby-1.9.2-p136 :006?>   end
  => nil 
 ruby-1.9.2-p136 :007 > f(*(0..120000))
 (irb):7: [BUG] Bus Error
 ruby 1.9.2p136 (2010-12-25 revision 30365) [x86_64-darwin10.6.0]

 -- control frame ----------
 c:0023 p:0013 s:120084 b:0082 l:001af8 d:000081 EVAL   (irb):7
 c:0022 p:---- s:0080 b:0080 l:000079 d:000079 FINISH
 c:0021 p:---- s:0078 b:0078 l:000077 d:000077 CFUNC  :eval
 c:0020 p:0028 s:0071 b:0071 l:000070 d:000070 METHOD /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/workspace.rb:80
 c:0019 p:0033 s:0064 b:0063 l:000062 d:000062 METHOD /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/context.rb:254
 c:0018 p:0031 s:0058 b:0058 l:0007a8 d:000057 BLOCK  /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:159
 c:0017 p:0042 s:0050 b:0050 l:000049 d:000049 METHOD /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:273
 c:0016 p:0011 s:0045 b:0045 l:0007a8 d:000044 BLOCK  /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:156
 c:0015 p:0144 s:0041 b:0041 l:000024 d:000040 BLOCK  /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/ruby-lex.rb:243
 c:0014 p:---- s:0038 b:0038 l:000037 d:000037 FINISH
 c:0013 p:---- s:0036 b:0036 l:000035 d:000035 CFUNC  :loop
 c:0012 p:0009 s:0033 b:0033 l:000024 d:000032 BLOCK  /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/ruby-lex.rb:229
 c:0011 p:---- s:0031 b:0031 l:000030 d:000030 FINISH
 c:0010 p:---- s:0029 b:0029 l:000028 d:000028 CFUNC  :catch
 c:0009 p:0023 s:0025 b:0025 l:000024 d:000024 METHOD /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/ruby-lex.rb:228
 c:0008 p:0046 s:0022 b:0022 l:0007a8 d:0007a8 METHOD /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:155
 c:0007 p:0011 s:0019 b:0019 l:000bd8 d:000018 BLOCK  /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:70
 c:0006 p:---- s:0017 b:0017 l:000016 d:000016 FINISH
 c:0005 p:---- s:0015 b:0015 l:000014 d:000014 CFUNC  :catch
 c:0004 p:0183 s:0011 b:0011 l:000bd8 d:000bd8 METHOD /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:69
 c:0003 p:0142 s:0006 b:0006 l:0014e8 d:001078 EVAL   /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/bin/irb:16
 c:0002 p:---- s:0004 b:0004 l:000003 d:000003 FINISH
 c:0001 p:0000 s:0002 b:0002 l:0014e8 d:0014e8 TOP   
 ---------------------------
 -- Ruby level backtrace information ----------------------------------------
 /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/bin/irb:16:in `<main>'
 /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:69:in `start'
 /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:69:in `catch'
 /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:70:in `block in start'
 /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:155:in `eval_input'
 /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/ruby-lex.rb:228:in `each_top_level_statement'
 /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/ruby-lex.rb:228:in `catch'
 /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/ruby-lex.rb:229:in `block in each_top_level_statement'
 /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/ruby-lex.rb:229:in `loop'
 /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/ruby-lex.rb:243:in `block (2 levels) in each_top_level_statement'
 /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:156:in `block in eval_input'
 /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:273:in `signal_status'
 /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb.rb:159:in `block (2 levels) in eval_input'
 /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/context.rb:254:in `evaluate'
 /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/workspace.rb:80:in `evaluate'
 /Users/pierre/.rvm/rubies/ruby-1.9.2-p136/lib/ruby/1.9.1/irb/workspace.rb:80:in `eval'
 (irb):7:in `irb_binding'

 -- C level backtrace information -------------------------------------------
 0   libruby.1.9.1.dylib                 0x0000000100180792 rb_vm_bugreport + 210
 1   libruby.1.9.1.dylib                 0x000000010003a614 report_bug + 372
 2   libruby.1.9.1.dylib                 0x000000010003a7d8 rb_bug + 200
 3   libruby.1.9.1.dylib                 0x00000001000fff42 sigbus + 18
 4   libSystem.B.dylib                   0x00007fff84c7767a _sigtramp + 26
 5   ???                                 0x00007fff5fbf7990 0x0 + 140734799772048
 6   libruby.1.9.1.dylib                 0x00000001001619b4 rb_thread_mark + 100
 7   libruby.1.9.1.dylib                 0x0000000100054924 gc_mark_children + 4036
 8   libruby.1.9.1.dylib                 0x0000000100054d77 gc_mark_children + 5143
 9   libruby.1.9.1.dylib                 0x0000000100055d81 mark_keyvalue + 465
 10  libruby.1.9.1.dylib                 0x0000000100108a50 st_foreach + 192
 11  libruby.1.9.1.dylib                 0x0000000100054831 gc_mark_children + 3793
 12  libruby.1.9.1.dylib                 0x00000001000555a9 mark_entry + 217
 13  libruby.1.9.1.dylib                 0x0000000100108a50 st_foreach + 192
 14  libruby.1.9.1.dylib                 0x0000000100054b5c gc_mark_children + 4604
 15  libruby.1.9.1.dylib                 0x000000010005430e gc_mark_children + 2478
 16  libruby.1.9.1.dylib                 0x000000010015cf65 iseq_mark + 293
 17  libruby.1.9.1.dylib                 0x0000000100054924 gc_mark_children + 4036
 18  libruby.1.9.1.dylib                 0x0000000100058188 mark_method_entry_i + 424
 19  libruby.1.9.1.dylib                 0x0000000100108a50 st_foreach + 192
 20  libruby.1.9.1.dylib                 0x0000000100054b34 gc_mark_children + 4564
 21  libruby.1.9.1.dylib                 0x000000010005430e gc_mark_children + 2478
 22  libruby.1.9.1.dylib                 0x000000010015cf65 iseq_mark + 293
 23  libruby.1.9.1.dylib                 0x0000000100054924 gc_mark_children + 4036
 24  libruby.1.9.1.dylib                 0x0000000100054c95 gc_mark_children + 4917
 25  libruby.1.9.1.dylib                 0x000000010015cfa5 iseq_mark + 357
 26  libruby.1.9.1.dylib                 0x0000000100054924 gc_mark_children + 4036
 27  libruby.1.9.1.dylib                 0x0000000100054c95 gc_mark_children + 4917
 28  libruby.1.9.1.dylib                 0x000000010015cfa5 iseq_mark + 357
 29  libruby.1.9.1.dylib                 0x0000000100054924 gc_mark_children + 4036
 30  libruby.1.9.1.dylib                 0x0000000100058188 mark_method_entry_i + 424
 31  libruby.1.9.1.dylib                 0x0000000100108a50 st_foreach + 192
 32  libruby.1.9.1.dylib                 0x0000000100054b34 gc_mark_children + 4564
 33  libruby.1.9.1.dylib                 0x0000000100053ddf gc_mark_children + 1151
 34  libruby.1.9.1.dylib                 0x00000001000555a9 mark_entry + 217
 35  libruby.1.9.1.dylib                 0x0000000100108a50 st_foreach + 192
 36  libruby.1.9.1.dylib                 0x0000000100054b5c gc_mark_children + 4604
 37  libruby.1.9.1.dylib                 0x000000010005430e gc_mark_children + 2478
 38  libruby.1.9.1.dylib                 0x000000010015cf65 iseq_mark + 293
 39  libruby.1.9.1.dylib                 0x0000000100054924 gc_mark_children + 4036
 40  libruby.1.9.1.dylib                 0x0000000100058188 mark_method_entry_i + 424
 41  libruby.1.9.1.dylib                 0x0000000100108a50 st_foreach + 192
 42  libruby.1.9.1.dylib                 0x0000000100054b34 gc_mark_children + 4564
 43  libruby.1.9.1.dylib                 0x00000001000555a9 mark_entry + 217
 44  libruby.1.9.1.dylib                 0x0000000100108a50 st_foreach + 192
 45  libruby.1.9.1.dylib                 0x0000000100054b5c gc_mark_children + 4604
 46  libruby.1.9.1.dylib                 0x00000001000555a9 mark_entry + 217
 47  libruby.1.9.1.dylib                 0x00000001001089df st_foreach + 79
 48  libruby.1.9.1.dylib                 0x0000000100054b5c gc_mark_children + 4604
 49  libruby.1.9.1.dylib                 0x0000000100053ddf gc_mark_children + 1151
 50  libruby.1.9.1.dylib                 0x0000000100053ddf gc_mark_children + 1151
 51  libruby.1.9.1.dylib                 0x000000010015cf95 iseq_mark + 341
 52  libruby.1.9.1.dylib                 0x0000000100054924 gc_mark_children + 4036
 53  libruby.1.9.1.dylib                 0x0000000100058188 mark_method_entry_i + 424
 54  libruby.1.9.1.dylib                 0x0000000100108a50 st_foreach + 192
 55  libruby.1.9.1.dylib                 0x0000000100054b34 gc_mark_children + 4564
 56  libruby.1.9.1.dylib                 0x00000001000555a9 mark_entry + 217
 57  libruby.1.9.1.dylib                 0x00000001001089df st_foreach + 79
 58  libruby.1.9.1.dylib                 0x0000000100054b5c gc_mark_children + 4604
 59  libruby.1.9.1.dylib                 0x00000001000555a9 mark_entry + 217
 60  libruby.1.9.1.dylib                 0x00000001001089df st_foreach + 79
 61  libruby.1.9.1.dylib                 0x0000000100054b5c gc_mark_children + 4604
 62  libruby.1.9.1.dylib                 0x0000000100053ddf gc_mark_children + 1151
 63  libruby.1.9.1.dylib                 0x0000000100053ddf gc_mark_children + 1151
 64  libruby.1.9.1.dylib                 0x0000000100053ddf gc_mark_children + 1151
 65  libruby.1.9.1.dylib                 0x0000000100053ddf gc_mark_children + 1151
 66  libruby.1.9.1.dylib                 0x0000000100058188 mark_method_entry_i + 424
 67  libruby.1.9.1.dylib                 0x00000001001089df st_foreach + 79
 68  libruby.1.9.1.dylib                 0x0000000100054b34 gc_mark_children + 4564
 69  libruby.1.9.1.dylib                 0x00000001000555a9 mark_entry + 217
 70  libruby.1.9.1.dylib                 0x00000001001089df st_foreach + 79
 71  libruby.1.9.1.dylib                 0x0000000100054b5c gc_mark_children + 4604
 72  libruby.1.9.1.dylib                 0x00000001000555a9 mark_entry + 217
 73  libruby.1.9.1.dylib                 0x00000001001089df st_foreach + 79
 74  libruby.1.9.1.dylib                 0x0000000100054b5c gc_mark_children + 4604
 75  libruby.1.9.1.dylib                 0x0000000100053ddf gc_mark_children + 1151
 76  libruby.1.9.1.dylib                 0x0000000100053ddf gc_mark_children + 1151
 77  libruby.1.9.1.dylib                 0x0000000100053ddf gc_mark_children + 1151
 78  libruby.1.9.1.dylib                 0x0000000100053ddf gc_mark_children + 1151
 79  libruby.1.9.1.dylib                 0x0000000100053ddf gc_mark_children + 1151
 80  libruby.1.9.1.dylib                 0x00000001000572bc garbage_collect + 4396
 81  libruby.1.9.1.dylib                 0x0000000100057906 vm_xmalloc + 150
 82  libruby.1.9.1.dylib                 0x000000010000bd4d ary_new + 221
 83  libruby.1.9.1.dylib                 0x000000010000c989 rb_ary_new4 + 41
 84  libruby.1.9.1.dylib                 0x0000000100178551 vm_callee_setup_arg_complex + 225
 85  libruby.1.9.1.dylib                 0x000000010017c469 vm_call_method + 2921
 86  libruby.1.9.1.dylib                 0x0000000100167e54 vm_exec_core + 8260
 87  libruby.1.9.1.dylib                 0x000000010016faf3 vm_exec + 1507
 88  libruby.1.9.1.dylib                 0x0000000100170340 eval_string_with_cref + 880
 89  libruby.1.9.1.dylib                 0x0000000100170a62 rb_f_eval + 242
 90  libruby.1.9.1.dylib                 0x000000010017bca3 vm_call_method + 931
 91  libruby.1.9.1.dylib                 0x0000000100167e54 vm_exec_core + 8260
 92  libruby.1.9.1.dylib                 0x000000010016faf3 vm_exec + 1507
 93  libruby.1.9.1.dylib                 0x000000010017e031 loop_i + 561
 94  libruby.1.9.1.dylib                 0x000000010003f787 rb_rescue2 + 519
 95  libruby.1.9.1.dylib                 0x0000000100162d56 rb_f_loop + 54
 96  libruby.1.9.1.dylib                 0x000000010017bca3 vm_call_method + 931
 97  libruby.1.9.1.dylib                 0x0000000100167e54 vm_exec_core + 8260
 98  libruby.1.9.1.dylib                 0x000000010016faf3 vm_exec + 1507
 99  libruby.1.9.1.dylib                 0x000000010017dcb4 catch_i + 596
 100 libruby.1.9.1.dylib                 0x0000000100161f45 rb_catch_obj + 325
 101 libruby.1.9.1.dylib                 0x0000000100162c10 rb_f_catch + 48
 102 libruby.1.9.1.dylib                 0x000000010017bca3 vm_call_method + 931
 103 libruby.1.9.1.dylib                 0x0000000100167e54 vm_exec_core + 8260
 104 libruby.1.9.1.dylib                 0x000000010016faf3 vm_exec + 1507
 105 libruby.1.9.1.dylib                 0x000000010017dcb4 catch_i + 596
 106 libruby.1.9.1.dylib                 0x0000000100161f45 rb_catch_obj + 325
 107 libruby.1.9.1.dylib                 0x0000000100162c10 rb_f_catch + 48
 108 libruby.1.9.1.dylib                 0x000000010017bca3 vm_call_method + 931
 109 libruby.1.9.1.dylib                 0x0000000100167e54 vm_exec_core + 8260
 110 libruby.1.9.1.dylib                 0x000000010016faf3 vm_exec + 1507
 111 libruby.1.9.1.dylib                 0x000000010016fdfb rb_iseq_eval_main + 507
 112 libruby.1.9.1.dylib                 0x000000010003f9f2 ruby_exec_internal + 178
 113 libruby.1.9.1.dylib                 0x000000010004237c ruby_run_node + 60
 114 ruby                                0x0000000100000ecf main + 79
 115 ruby                                0x0000000100000e74 start + 52
 116 ???                                 0x0000000000000002 0x0 + 2

 [NOTE]
 You may have encountered a bug in the Ruby interpreter or extension libraries.
 Bug reports are welcome.
 For details: http://www.ruby-lang.org/bugreport.html

 Abort trap
```

I cannot reproduce this on a EC2 instance running Linux, where 'ruby -v' gives:

 ruby 1.9.2p136 (2010-12-25 revision 30365) [x86_64-linux]




-- 
https://bugs.ruby-lang.org/

Unsubscribe: <mailto:ruby-core-request / ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>