Projects

Ticket #814 (closed defect: fixed)

Opened 19 months ago

Last modified 19 months ago

SegFault running CGI script from command line

Reported by: pwilson@… Owned by: lsansonetti@…
Priority: blocker Milestone: MacRuby 0.7
Component: MacRuby Keywords:
Cc:

Description (last modified by martinlagardette@…) (diff)

With latest MacRuby nightly (July 27), the following code causes a seg fault if run directly from the command line: 

require 'cgi'
c = CGI.new

It works OK when run through the web server. When ruby 1.9 runs this from the command line it asks for data from stdin to serve as query parameters.

Under MacRuby I get this crash: 

(offline mode: enter name=value pairs on standard input)
Segmentation fault

and this stack trace: 

(gdb) bt
#0  0x00007fff832c5120 in objc_msgSend ()
#1  0x0000000100043ff1 in rb_io_read_internal (io_struct=0x101166520, buffer=0x7fff5fbfb5cf "", len=1) at io.c:981
#2  0x000000010004900f in rb_io_gets_m (io=<value temporarily unavailable, due to optimizations>, sel=<value temporarily unavailable, due to optimizations>, argc=<value temporarily unavailable, due to optimizations>, argv=<value temporarily unavailable, due to optimizations>) at io.c:1423
#3  0x000000010004b20c in rb_io_readlines [inlined] () at /Users/naixn/Documents/Projets/MacRuby/io.c:1549
#4  0x000000010004b20c in argf_readlines (argf=<value temporarily unavailable, due to optimizations>, sel=0x101112ac0, argc=0, argv=0x0) at io.c:3422
#5  0x00000001001303c9 in rb_vm_dispatch (_vm=0x100f1e4a0, cache=0x100e78cc0, top=8590007072, self=8590007072, klass=0x2000ca420, sel=0x101112ac0, block=0x0, opt=1 '\001', argc=0, argv=0x0) at dispatcher.cpp:435
#6  0x000000010355a4d0 in ?? ()
#7  0x000000010356632c in ?? ()
#8  0x0000000100130326 in rb_vm_dispatch (_vm=0x100f1e4a0, cache=0x100e513c0, top=8590007072, self=8590007072, klass=0x2000ca420, sel=0x105244590, block=0x0, opt=1 '\001', argc=<value temporarily unavailable, due to optimizations>, argv=0x0) at dispatcher.cpp:159
#9  0x000000010355a4d0 in ?? ()
#10 0x0000000103567319 in ?? ()
#11 0x0000000100130326 in rb_vm_dispatch (_vm=0x100f1e4a0, cache=0x100e6d8c0, top=8590007072, self=8590007072, klass=0x2000ca420, sel=0x10526ce00, block=0x0, opt=2 '\002', argc=<value temporarily unavailable, due to optimizations>, argv=0x0) at dispatcher.cpp:159
#12 0x000000010355a4d0 in ?? ()
#13 0x000000010356843f in ?? ()
#14 0x000000010013030b in rb_vm_dispatch (_vm=0x100f1e4a0, cache=0x100e6bac0, top=0, self=8590007072, klass=0x200217ae0, sel=0x7fff87e4d6b8, block=0x0, opt=2 '\002', argc=<value temporarily unavailable, due to optimizations>, argv=0x7fff5fbfe060) at dispatcher.cpp:161
#15 0x000000010005dd32 in rb_class_new_instance_imp (klass=<value temporarily unavailable, due to optimizations>, sel=<value temporarily unavailable, due to optimizations>, argc=0, argv=0x0) at vm.h:594
#16 0x00000001001303c9 in rb_vm_dispatch (_vm=0x100f1e4a0, cache=0x100e66fc0, top=8590070304, self=8592128736, klass=0x200217aa0, sel=0x7fff87e4d700, block=0x0, opt=0 '\0', argc=0, argv=0x0) at dispatcher.cpp:435
#17 0x000000010355a4d0 in ?? ()
#18 0x000000010355a0bd in ?? ()
#19 0x000000010013d108 in rb_vm_run (fname=<value temporarily unavailable, due to optimizations>, node=0x2000ceb40, binding=<value temporarily unavailable, due to optimizations>, inside_eval=false) at vm.cpp:3787
#20 0x000000010002f8b0 in ruby_run_node (n=0x2000ceb40) at eval.c:211
#21 0x0000000100000cf8 in main (argc=2, argv=0x100f1de20, envp=<value temporarily unavailable, due to optimizations>) at main.cpp:40
(gdb) call rb_symbolicate(0x000000010356632c)
addr 0x10356632c start 0x103566120 selector read_from_cmdline location /Library/Frameworks/MacRuby.framework/Versions/0.7/usr/lib/ruby/1.9.2/cgi/core.rb:542
(gdb) fr 1 
#1  0x0000000100043ff1 in rb_io_read_internal (io_struct=0x101166520, buffer=0x7fff5fbfb5cf "", len=1) at io.c:981
981	    if (io_struct->buf == NULL || CFDataGetLength(io_struct->buf) == 0) {
Current language:  auto; currently c
(gdb) p io_struct
$1 = (rb_io_t *) 0x101166520
(gdb) po io_struct

Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0x0000000000000013
0x00007fff832c52b6 in objc_msgSend_fixup ()
error on line 266 of "/SourceCache/gdb/gdb-1502/src/gdb/macosx/i386-macosx-nat-exec.c" in function "store_inferior_registers": (os/kern) invalid argument (0x4)

Change History

Changed 19 months ago by martinlagardette@…

  • description modified (diff)

Modified the stack trace for a more correct interpretation. The crash occurs when rb_io_read_internal() calls CFDataGetLength on io_struct->buf. GDB also whines when trying to po io_struct. The IO being read is ARGF.current_file, is there a change the corresponding IO struct is not correctly initialized?

Changed 19 months ago by lsansonetti@…

  • milestone MacRuby 0.7 deleted

It crashes differently here. 

(gdb) bt
#0  0x00007fffffe00ecf in __memcpy ()
#1  0x00000001000bfd84 in str_splice (self=0x4007730e0, pos=17184326549, len=-8589934576, str=0x400773060, ucs2_mode=true) at string.c:791
#2  0x00000001000c0448 in rstr_sub_bang (str=17187680480, sel=<value temporarily unavailable, due to optimizations>, argc=<value temporarily unavailable, due to optimizations>, argv=<value temporarily unavailable, due to optimizations>) at string.c:3747
#3  0x00000001000c0992 in rstr_sub (str=17187680480, sel=<value temporarily unavailable, due to optimizations>, argc=2, argv=0x7fff5fbfc1a8) at string.c:3796
#4  0x000000010012f829 in rb_vm_dispatch (_vm=0x100e0b840, cache=0x100be4140, top=17183102176, self=17187448352, klass=0x40030ace0, sel=0x100eaa9c0, block=0x0, opt=0 '\0', argc=2, argv=0x7fff5fbfc1a8) at dispatcher.cpp:435
#5  0x0000000102700550 in ?? ()
#6  0x0000000102707aa4 in ?? ()
#7  0x0000000100132337 in rb_vm_yield_args (_vm=0x100e0b840, argc=<value temporarily unavailable, due to optimizations>, argv=0x40030ace0) at dispatcher.cpp:100
...

Changed 19 months ago by lsansonetti@…

Nevermind, my copy of macruby was corrupted. I now get the real crash :-)

Changed 19 months ago by lsansonetti@…

Reduction: 

./miniruby -e "p readlines"

Changed 19 months ago by lsansonetti@…

  • status changed from new to closed
  • resolution set to fixed
  • milestone set to MacRuby 0.7

Fixed in r4398. 

(gdb) r
Starting program: /usr/local/bin/macruby -r cgi -e p\ CGI.new
Reading symbols for shared libraries +++++...................................................... done
(offline mode: enter name=value pairs on standard input)
foo=bar
#<CGI:0x40074b700 @options={:accept_charset=>"UTF-8"} @accept_charset="UTF-8" @multipart=false @params={"foo"=>["bar"]} @cookies={} @output_cookies=nil @output_hidden=nil>

Program exited normally.
(gdb) 
|||
Note: See TracTickets for help on using tickets.