Asp Forum - Server crashes since ruby upgrade

Ken Dunlap

6/24/2008 4:20:00 PM

I've built ruby 1.8.6-p230 due to vulnerabilities in older versions.
Previously using 1.8.6-p110. Built in a NetBSD 3.1 environment.
I have a rails app using the rails 2.0.2. This is running fine on
the production server using ruby 1.8.6-p110, but the test server
using 1.8.6-p230 crashes and dumps core with either a segmentation fault
or an illegal hardware error, depending on the page I was trying to load.
This happens whether I am using Mongrel or Webrick. It looks like
(based on what I saw in a few ktraces) that it crashed as soon as it
was ready to start rendering the page (it had finished reading in all
the templates).

Here's what I've been seeing from Webrick:

k1# script/server webrick
=> Booting WEBrick...
=> Rails application started on http://0....
=> Ctrl-C to shutdown server; call with --help for options
[2008-06-24 11:53:46] INFO WEBrick 1.3.1
[2008-06-24 11:53:46] INFO ruby 1.8.6 (2008-06-20) [i386-netbsdelf3.1]
[2008-06-24 11:53:46] INFO WEBrick::HTTPServer#start: pid=20021 port=3000
166.84.1.253 - - [24/Jun/2008:11:53:56 EDT] "GET /acct/charge HTTP/1.1" 200 3751
- -> /acct/charge
ruby in free(): warning: chunk is already free.
ruby in free(): warning: chunk is already free.
ruby in free(): warning: chunk is already free.
ruby in free(): warning: chunk is already free.
166.84.1.253 - - [24/Jun/2008:11:54:06 EDT] "GET /vc HTTP/1.1" 200 5303
http://localhost:3000/acct/charge -> /vc
166.84.1.253 - - [24/Jun/2008:11:54:08 EDT] "GET /images/plainbar/0.png HTTP/1.1" 200 150
http://localhost:3000/vc -> /images/plainbar/0.png
166.84.1.253 - - [24/Jun/2008:11:54:08 EDT] "GET /images/plainbar/76.png HTTP/1.1" 200 174
http://localhost:3000/vc -> /images/plainbar/76.png
ruby in free(): warning: chunk is already free.
ruby in free(): warning: chunk is already free.
ruby in free(): warning: chunk is already free.
ruby in malloc(): warning: chunk is already free.
166.84.1.253 - - [24/Jun/2008:11:54:10 EDT] "GET /vc HTTP/1.1" 304 0
http://localhost:3000/vc -> /vc
zsh: illegal hardware instruction (core dumped) script/server webrick

Any ideas?

Ken

--

I use the words you taught me. If they don't mean anything any more,
teach me others. Or let me be silent.
Samuel Beckett (Clov, Endgame)

1 Answer

Robert Thau

6/24/2008 4:37:00 PM

Ken Dunlap wrote:
> I've built ruby 1.8.6-p230 due to vulnerabilities in older versions.
> Previously using 1.8.6-p110. Built in a NetBSD 3.1 environment.
> I have a rails app using the rails 2.0.2. This is running fine on
> the production server using ruby 1.8.6-p110, but the test server
> using 1.8.6-p230 crashes and dumps core with either a segmentation fault
> or an illegal hardware error, depending on the page I was trying to
> load.

It's not just you. There's been quite a bit of discussion on
the problem in another thread on this mailing list, following
up the original announcement; if you've already tossed those
messages and would like to look back, see here:

http://www.ruby-...to...

At this point, there's a patch available for the released
1.8.6-p230 here, which undoes one apparently problematic
change (and appears to be working for folks):

http://dev.smartleaf.com/misc/p230_fixit...

and also multiple patch sets which attempt to cherry-pick
the security fixes only for application to an earlier
release, including one from the mod_rails guys here:

http://blog.p...

which also (I believe) incorporates their storage
management hacks. (FWIW, "p230_fixit_patch" is something
I made available, but the contents are the output of
"svn diff" on the problematic revision, pretty much
straight.) See also discussion in comments on the
official rails blog, following up on their announcement:

http://weblog.rubyonrails.com/2008/6/21/multiple-ruby-security-vulne...

Robert Thau
rst AT {ai,alum}.mit.edu
--
Posted via http://www.ruby-....

comp.lang.ruby

Server crashes since ruby upgrade

Ken Dunlap

Robert Thau

x Login to ForumsZone