Successfully reported this slideshow.

There and Back Again

0

Share

Nov. 02, 2012
0 likes 1,237 views
Upcoming SlideShare
Ruby 程式語言綜覽簡介
Ruby 程式語言綜覽簡介
Loading in …3
×
1 of 77
1 of 77

There and Back Again

Nov. 02, 2012
0 likes 1,237 views

0

Share

Technology

The slides for my talk at RubyConf 2012 titled "There and Back Again – or –
How I Set out to Benchmark an Algorithm and Ended Up Fixing Ruby".

The slides for my talk at RubyConf 2012 titled "There and Back Again – or –
How I Set out to Benchmark an Algorithm and Ended Up Fixing Ruby".

Technology
License: CC Attribution-NonCommercial-ShareAlike License

Recommended

More Related Content

Viewers also liked

Advanced python
EU Edge
JavaScript for beginners
Shahrukh Ali Khan
ES2015 workflows
Jarrod Overson
ES6 and BEYOND
Brian Patterson
(Parameterized) Roles
sartak
Exhibition of Atrocity
Michael Pirnat
RubyEnRails2007 - Dr Nic Williams - Keynote
Dr Nic Williams
Advanced Python, Part 2
Zaar Hai
AST - the only true tool for building JavaScript
Ingvar Stepanyan
Practical JavaScript Programming - Session 6/8
Wilson Su
Workshop 10: ECMAScript 6
Visual Engineering
JRuby 9000 - Optimizing Above the JVM
Charles Nutter
Cより速いRubyプログラム
kwatch
JRuby @ Boulder Ruby
Nick Sieger
JavaScript on the GPU
Jarred Nicholls
Vim Hacks
Lin Yo-An
Don't Be Afraid of Abstract Syntax Trees
Jamund Ferguson
Visual Studio를 이용한 어셈블리어 학습 part 2
YEONG-CHEON YOU
Rails on Oracle 2011
Raimonds Simanovskis

Similar to There and Back Again

Debugging Ruby Systems
Engine Yard
SHARE 2014, Pittsburgh CICS scalability
nick_garrod
RailswayCon 2010 - Dynamic Language VMs
Lourens Naudé
Concurrency and parallel in .net
Mohammad Hossein Karami
Linux kernel debugging
Hao-Ran Liu
GC Tuning & Troubleshooting Crash Course
Tier1 app
Практический опыт профайлинга и оптимизации производительности Ruby-приложений
Olga Lavrentieva
Java Hates Linux. Deal With It.
Greg Banks
Performance Tuning - Memory leaks, Thread deadlocks, JDK tools
Haribabu Nandyal Padmanaban
LCU14 201- Binary Analysis Tools
Linaro
Performance tweaks and tools for Linux (Joe Damato)
Ontico
Memory Handling and Garbage Collection in Python
POOJA MEHTA
Kernel Recipes 2017 - Using Linux perf at Netflix - Brendan Gregg
Anne Nicolas
12 virtualmachine
The World of Smalltalk
Java Performance Analysis on Linux with Flame Graphs
Brendan Gregg
穏やかにファイルを削除する
鉄次 尾形
Advanced Linux Game Programming
Leszek Godlewski
Kernel Recipes 2017: Using Linux perf at Netflix
Brendan Gregg
Exploit access root to kernel 2.6.32 2.6.36 privilege escalation exploit
Carlos Eduardo
DB2 for z/OS - Starter's guide to memory monitoring and control
Florence Dubois

More from Joshua Ballanco

The Two Cultures of Programming
Joshua Ballanco
What's Eating Ruby?
Joshua Ballanco
Community in Motion
Joshua Ballanco
RubyMotion: Under the Hood
Joshua Ballanco
Getting Your Ruby EGOT
Joshua Ballanco
A Tale of Two Rubies
Joshua Ballanco
Debugging RubyMotion
Joshua Ballanco
MacRuby for Fun and Profit
Joshua Ballanco
Keeping ruby reasonable
Joshua Ballanco
MacRuby: What is it? and why should you care?
Joshua Ballanco

Featured

What to Upload to SlideShare
SlideShare
Be A Great Product Leader (Amplify, Oct 2019)
Adam Nash
Trillion Dollar Coach Book (Bill Campbell)
Eric Schmidt
APIdays Paris 2019 - Innovation @ scale, APIs as Digital Factories' New Machi...
apidays
A few thoughts on work life-balance
Wim Vanderbauwhede
Is vc still a thing final
Mark Suster
The GaryVee Content Model
Gary Vaynerchuk
Mammalian Brain Chemistry Explains Everything
Loretta Breuning, PhD
Blockchain + AI + Crypto Economics Are We Creating a Code Tsunami?
Dinis Guarda
The AI Rush
Jean-Baptiste Dumont
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
Carol Smith
10 facts about jobs in the future
Pew Research Center's Internet & American Life Project
Harry Surden - Artificial Intelligence and Law Overview
Harry Surden
Inside Google's Numbers in 2017
Rand Fishkin
Pinot: Realtime Distributed OLAP datastore
Kishore Gopalakrishna
How to Become a Thought Leader in Your Niche
Leslie Samuel
Visual Design with Data
Seth Familian
Designing Teams for Emerging Challenges
Aaron Irizarry
UX, ethnography and possibilities: for Libraries, Museums and Archives
Ned Potter
Winners and Losers - All the (Russian) President's Men
Ian Bremmer

Related Books

Free with a 14 day trial from Scribd

See all
The Future Is Faster Than You Think: How Converging Technologies Are Transforming Business, Industries, and Our Lives Peter H. Diamandis
(4.5/5)
Free
Talk to Me: How Voice Computing Will Transform the Way We Live, Work, and Think James Vlahos
(4/5)
Free
SAM: One Robot, a Dozen Engineers, and the Race to Revolutionize the Way We Build Jonathan Waldman
(5/5)
Free
From Gutenberg to Google: The History of Our Future Tom Wheeler
(3.5/5)
Free
So You Want to Start a Podcast: Finding Your Voice, Telling Your Story, and Building a Community That Will Listen Kristen Meinzer
(3.5/5)
Free
Bezonomics: How Amazon Is Changing Our Lives and What the World's Best Companies Are Learning from It Brian Dumaine
(4/5)
Free
No Filter: The Inside Story of Instagram Sarah Frier
(4.5/5)
Free
Autonomy: The Quest to Build the Driverless Car—And How It Will Reshape Our World Lawrence D. Burns
(5/5)
Free
Future Presence: How Virtual Reality Is Changing Human Connection, Intimacy, and the Limits of Ordinary Life Peter Rubin
(4/5)
Free
Live Work Work Work Die: A Journey into the Savage Heart of Silicon Valley Corey Pein
(4.5/5)
Free
Everybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are Seth Stephens-Davidowitz
(4.5/5)
Free
Life After Google: The Fall of Big Data and the Rise of the Blockchain Economy George Gilder
(4/5)
Free
System Identification: Tutorials Presented at the 5th IFAC Symposium on Identification and System Parameter Estimation, F.R. Germany, September 1979 Elsevier Books Reference
(4/5)
Free
Energy Conservation in Buildings: The Achievement of 50% Energy Saving: An Environmental Challenge? Elsevier Books Reference
(4/5)
Free
Young Men and Fire: Twenty-fifth Anniversary Edition Norman Maclean
(4.5/5)
Free
Longitude: The True Story of a Lone Genius Who Solved the Greatest Scientific Problem of His Time Dava Sobel
(4/5)
Free

Related Audiobooks

Free with a 14 day trial from Scribd

See all
If Then: How the Simulmatics Corporation Invented the Future Jill Lepore
(4.5/5)
Free
A Brief History of Motion: From the Wheel, to the Car, to What Comes Next Tom Standage
(4/5)
Free
An Ugly Truth: Inside Facebook’s Battle for Domination Sheera Frenkel
(4.5/5)
Free
Spooked: The Trump Dossier, Black Cube, and the Rise of Private Spies Barry Meier
(4/5)
Free
Second Nature: Scenes from a World Remade Nathaniel Rich
(5/5)
Free
Driven: The Race to Create the Autonomous Car Alex Davies
(4.5/5)
Free
Test Gods: Virgin Galactic and the Making of a Modern Astronaut Nicholas Schmidle
(5/5)
Free
Einstein's Fridge: How the Difference Between Hot and Cold Explains the Universe Paul Sen
(4.5/5)
Free
Dignity in a Digital Age: Making Tech Work for All of Us Ro Khanna
(4/5)
Free
After Steve: How Apple Became a Trillion-Dollar Company and Lost its Soul Tripp Mickle
(4.5/5)
Free
User Friendly: How the Hidden Rules of Design Are Changing the Way We Live, Work, and Play Cliff Kuang
(4.5/5)
Free
Blockchain: The Next Everything Stephen P. Williams
(4/5)
Free
Uncanny Valley: A Memoir Anna Wiener
(4/5)
Free
Lean Out: The Truth About Women, Power, and the Workplace Marissa Orr
(4.5/5)
Free
A World Without Work: Technology, Automation, and How We Should Respond Daniel Susskind
(4.5/5)
Free
The Players Ball: A Genius, a Con Man, and the Secret History of the Internet's Rise David Kushner
(4.5/5)
Free

There and Back Again

  1. 1. There and Back Again – or – How I Set out to Benchmark an Algorithm and Ended Up Fixing Ruby
  2. 2. About Me Name: Joshua Ballanco
  3. 3. About Me Location: Ankara, Turkey
  4. 4. About Me Employer:
  5. 5. About Me Employer: Burnside Digital
  6. 6. WARNING This is an ADVANCED presentation. While you do not need to be an expert on the inner workings of C Ruby, this talk does presume you are familiar with concepts such as pointers, memory allocation, and pages (no, not book pages, memory pages). If you are prone to motion sickness or become nauseous at the sight of hexadecimal memory addresses, this talk may not be for you.
  7. 7. Prelude: How can I contribute to Ruby?
  8. 8. Prelude: How can I contribute to Ruby? Use It!
  9. 9. 4 Rs of Bug Reporting • Reproduce • Report • Reduce • Regress
  10. 10. Reproduce It! • Can you make the bug occur every time? most of the time? some of the time? • .irbrc, .gemrc, Other rc files • Environment and Environment Variables • rvm/rbenv • Ask a friend
  11. 11. Report It! • Ruby Bug Tracker: http://bugs.ruby-lang.org/ • All steps to reproduce, bonus points for attachments • Ruby Version • Crash log (hint: look in Console.app)
  12. 12. Reduce It! • Eliminate libraries • Simple scripts are best • Shrink code (5 or fewer lines is ideal)
  13. 13. Regress It! • Try different Ruby versions • Better: try different Ruby releases • Best: git bisect! • Bonus: try different build settings
  14. 14. 5 Rs of Bug Reporting • Reproduce • Report • Reduce • Regress • Repair!
  15. 15. A long time ago in a faraway land...
  16. 16. A long time ago in a faraway land...
  17. 17. A long time ago in a faraway land...
  18. 18. A long time ago in a faraway land...
  19. 19. A long time ago in a faraway land...
  20. 20. A long time ago in a faraway land... for full backstory, see: http://blogs.burnsidedigital.com/
  21. 21. Disaster Strikes! > ruby delegation_bench.rb Call one method user system total real Pre-delegate 4.940000 0.020000 4.960000 ( 4.954945) Post-delegate 0.060000 0.000000 0.060000 ( 0.060528) On Demand 0.010000 0.000000 0.010000 ( 0.010604) Reversible 0.110000 0.000000 0.110000 ( 0.101494) Call one method 100 times ... Call three methods 100 times user system total real Pre-delegate 5.640000 0.000000 5.640000 ( 5.640255) Post-delegate 0.980000 0.000000 0.980000 ( 0.975919) On Demand 1.210000 0.000000 1.210000 ( 1.205214) Reversible 1.020000 0.000000 1.020000 ( 1.027759) Call three methods 10,000 times user system total real Pre-delegate ruby(5919,0x7fff732a5180) malloc: *** error for object 0x7fb18f80d750: incorrect checksum for freed object - object was probably modified after being freed. *** set a breakpoint in malloc_error_break to debug zsh: abort ruby delegation_bench.rb
  22. 22. Disaster Strikes!
  23. 23. Pack Your Bags • Download Ruby Source (https://github.com/ruby/ruby) • Build ./configure && make (see ./configure --help for more)
  24. 24. Study the Map • ./include/ruby/ruby.h • ID => symbols • VALUE => everything else • rb_id2name => dump symbols in GDB • rb_string_value_cstr => #to_s for GDB • vm_call_method
  25. 25. Bring Your Gardener miniruby • like ruby, only smaller • lexer, parser, interpreter,VM/runtime • core library classes • make miniruby to build
  26. 26. Weapon of Choice gdb • gdb ./miniruby • Set pre-run breakpoints • Pass arguments to miniruby with “run” • Watch it crash!
  27. 27. > gdb ./miniruby ... (gdb) run ./bug.rb Starting program: /Users/jballanc/Source/ruby/miniruby ./bug.rb Reading symbols for shared libraries ++............................ done Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_INVALID_ADDRESS at address: 0x0000001100397198 0x00007fff8e611cfb in tiny_free_list_remove_ptr () (gdb)
  28. 28. > gdb ./miniruby ... (gdb) run ./bug.rb Starting program: /Users/jballanc/Source/ruby/miniruby ./bug.rb Reading symbols for shared libraries ++............................ done Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_INVALID_ADDRESS at address: 0x0000001100397198 0x00007fff8e611cfb in tiny_free_list_remove_ptr () (gdb)
  29. 29. > gdb ./miniruby ... (gdb) run ./bug.rb Starting program: /Users/jballanc/Source/ruby/miniruby ./bug.rb Reading symbols for shared libraries ++............................ done Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_INVALID_ADDRESS at address: 0x0000001100397198 0x00007fff8e611cfb in tiny_free_list_remove_ptr () (gdb)
  30. 30. (gdb) bt #0 0x00007fff8e611cfb in tiny_free_list_remove_ptr () #1 0x00007fff8e60e76d in szone_free_definite_size () #2 0x00007fff8e608898 in free () #3 0x000000010012f5dc in rb_free_method_entry [inlined] () at vm_method.c:155 #4 0x000000010012f5dc in rb_sweep_method_entry (pvm=0xb592caed) at... #5 0x000000010004a00a in gc_lazy_sweep [inlined] () at gc.c:2107 #6 0x000000010004a00a in rb_newobj () at gc.c:1183 #7 0x000000010000caf4 in ary_alloc [inlined] () at array.c:301 #8 0x000000010000caf4 in ary_new (klass=4303833400, capa=3046355020) at... #9 0x000000010000d165 in rb_ary_new2 [inlined] () at array.c:334 #10 0x000000010000d165 in rb_ary_new4 (n=0, elts=0x7fff5fbfee90) at array.c... #11 0x000000010013288a in vm_yield_with_cfunc (th=0x100303e90, block=... #12 0x000000010013dbb1 in rb_vm_invoke_proc (th=0x100303e90, proc=... #13 0x000000010013bd90 in vm_call_bmethod [inlined] () at vm_insnhelper.c:433 #14 0x000000010013bd90 in vm_call_method (th=0x7fff5fbfef60, cfp=0x7fff5fbfef60, num=8766224, blockptr=0x7fff5fbfef60, flag=140734799802208, id=4298129040, me=0x10038ec90, recv=4303733520) at vm_insnhelper.c:566 ... (gdb) p rb_string_value_cstr(4303733520)
  31. 31. (gdb) bt #0 0x00007fff8e611cfb in tiny_free_list_remove_ptr () #1 0x00007fff8e60e76d in szone_free_definite_size () #2 0x00007fff8e608898 in free () #3 0x000000010012f5dc in rb_free_method_entry [inlined] () at vm_method.c:155 #4 0x000000010012f5dc in rb_sweep_method_entry (pvm=0xb592caed) at... #5 0x000000010004a00a in gc_lazy_sweep [inlined] () at gc.c:2107 #6 0x000000010004a00a in rb_newobj () at gc.c:1183 #7 0x000000010000caf4 in ary_alloc [inlined] () at array.c:301 #8 0x000000010000caf4 in ary_new (klass=4303833400, capa=3046355020) at... #9 0x000000010000d165 in rb_ary_new2 [inlined] () at array.c:334 #10 0x000000010000d165 in rb_ary_new4 (n=0, elts=0x7fff5fbfee90) at array.c... #11 0x000000010013288a in vm_yield_with_cfunc (th=0x100303e90, block=... #12 0x000000010013dbb1 in rb_vm_invoke_proc (th=0x100303e90, proc=... #13 0x000000010013bd90 in vm_call_bmethod [inlined] () at vm_insnhelper.c:433 #14 0x000000010013bd90 in vm_call_method (th=0x7fff5fbfef60, cfp=0x7fff5fbfef60, num=8766224, blockptr=0x7fff5fbfef60, flag=140734799802208, id=4298129040, me=0x10038ec90, recv=4303733520) at vm_insnhelper.c:566 ... (gdb) p rb_string_value_cstr(4303733520)
  32. 32. (gdb) bt #0 0x00007fff8e611cfb in tiny_free_list_remove_ptr () #1 0x00007fff8e60e76d in szone_free_definite_size () #2 0x00007fff8e608898 in free () #3 0x000000010012f5dc in rb_free_method_entry [inlined] () at vm_method.c:155 #4 0x000000010012f5dc in rb_sweep_method_entry (pvm=0xb592caed) at... #5 0x000000010004a00a in gc_lazy_sweep [inlined] () at gc.c:2107 #6 0x000000010004a00a in rb_newobj () at gc.c:1183 #7 0x000000010000caf4 in ary_alloc [inlined] () at array.c:301 #8 0x000000010000caf4 in ary_new (klass=4303833400, capa=3046355020) at... #9 0x000000010000d165 in rb_ary_new2 [inlined] () at array.c:334 #10 0x000000010000d165 in rb_ary_new4 (n=0, elts=0x7fff5fbfee90) at array.c... #11 0x000000010013288a in vm_yield_with_cfunc (th=0x100303e90, block=... #12 0x000000010013dbb1 in rb_vm_invoke_proc (th=0x100303e90, proc=... #13 0x000000010013bd90 in vm_call_bmethod [inlined] () at vm_insnhelper.c:433 #14 0x000000010013bd90 in vm_call_method (th=0x7fff5fbfef60, cfp=0x7fff5fbfef60, num=8766224, blockptr=0x7fff5fbfef60, flag=140734799802208, id=4298129040, me=0x10038ec90, recv=4303733520) at vm_insnhelper.c:566 ... (gdb) p rb_string_value_cstr(4303733520)
  33. 33. (gdb) p rb_string_value_cstr(4303733520) ./bug.rb:7: [BUG] object allocation during garbage collection phase ruby 1.9.3p286 (2012-10-12 revision 36243) [x86_64-darwin12.2.0] -- Control frame information ----------------------------------------------- c:0009 p:0011 s:0021 b:0021 l:000888 d:000020 BLOCK ./bug.rb:7 c:0008 p:---- s:0019 b:0019 l:000018 d:000018 FINISH c:0007 p:---- s:0017 b:0017 l:000016 d:000016 CFUNC :times ...
  34. 34. (gdb) p rb_string_value_cstr(4303733520) ./bug.rb:7: [BUG] object allocation during garbage collection phase ruby 1.9.3p286 (2012-10-12 revision 36243) [x86_64-darwin12.2.0] -- Control frame information ----------------------------------------------- c:0009 p:0011 s:0021 b:0021 l:000888 d:000020 BLOCK ./bug.rb:7 c:0008 p:---- s:0019 b:0019 l:000018 d:000018 FINISH c:0007 p:---- s:0017 b:0017 l:000016 d:000016 CFUNC :times ...
  35. 35. (gdb) bt #0 0x00007fff8e611cfb in tiny_free_list_remove_ptr () #1 0x00007fff8e60e76d in szone_free_definite_size () #2 0x00007fff8e608898 in free () #3 0x000000010012f5dc in rb_free_method_entry [inlined] () at vm_method.c:155 #4 0x000000010012f5dc in rb_sweep_method_entry (pvm=0xb592caed) at... #5 0x000000010004a00a in gc_lazy_sweep [inlined] () at gc.c:2107 #6 0x000000010004a00a in rb_newobj () at gc.c:1183 #7 0x000000010000caf4 in ary_alloc [inlined] () at array.c:301 #8 0x000000010000caf4 in ary_new (klass=4303833400, capa=3046355020) at... #9 0x000000010000d165 in rb_ary_new2 [inlined] () at array.c:334 #10 0x000000010000d165 in rb_ary_new4 (n=0, elts=0x7fff5fbfee90) at array.c... #11 0x000000010013288a in vm_yield_with_cfunc (th=0x100303e90, block=... #12 0x000000010013dbb1 in rb_vm_invoke_proc (th=0x100303e90, proc=... #13 0x000000010013bd90 in vm_call_bmethod [inlined] () at vm_insnhelper.c:433 #14 0x000000010013bd90 in vm_call_method (th=0x7fff5fbfef60, cfp=0x7fff5fbfef60, num=8766224, blockptr=0x7fff5fbfef60, flag=140734799802208, id=4298129040, me=0x10038ec90, recv=4303733520) at vm_insnhelper.c:566 ...
  36. 36. Call three methods 10,000 times user system total real Pre-delegate ruby(5919,0x7fff732a5180) malloc: *** error for object 0x7fb18f80d750: incorrect checksum for freed object - object was probably modified after being freed. *** set a breakpoint in malloc_error_break to debug
  37. 37. > gdb ./miniruby ... (gdb) break malloc_error_break Function "malloc_error_break" not defined. Make breakpoint pending on future shared library load? (y or [n]) y Breakpoint 1 (malloc_error_break) pending. (gdb) run ./bug.rb Starting program: /Users/jballanc/Source/ruby/miniruby ./bug.rb Reading symbols for shared libraries ++............................ done Breakpoint 1 at 0x7fff8e607558 Pending breakpoint 1 - "malloc_error_break" resolved Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_INVALID_ADDRESS at address: 0x000000110060c908 0x00007fff8e611cfb in tiny_free_list_remove_ptr () (gdb)
  38. 38. > gdb ./miniruby ... (gdb) break malloc_error_break Function "malloc_error_break" not defined. Make breakpoint pending on future shared library load? (y or [n]) y Breakpoint 1 (malloc_error_break) pending. (gdb) run ./bug.rb Starting program: /Users/jballanc/Source/ruby/miniruby ./bug.rb Reading symbols for shared libraries ++............................ done Breakpoint 1 at 0x7fff8e607558 Pending breakpoint 1 - "malloc_error_break" resolved Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_INVALID_ADDRESS at address: 0x000000110060c908 0x00007fff8e611cfb in tiny_free_list_remove_ptr () (gdb)
  39. 39. > gdb ./miniruby ... (gdb) break malloc_error_break Function "malloc_error_break" not defined. Make breakpoint pending on future shared library load? (y or [n]) y Breakpoint 1 (malloc_error_break) pending. (gdb) run ./bug.rb Starting program: /Users/jballanc/Source/ruby/miniruby ./bug.rb Reading symbols for shared libraries ++............................ done Breakpoint 1 at 0x7fff8e607558 Pending breakpoint 1 - "malloc_error_break" resolved Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_INVALID_ADDRESS at address: 0x000000110060c908 0x00007fff8e611cfb in tiny_free_list_remove_ptr () (gdb)
  40. 40. > gdb ./miniruby ... (gdb) break malloc_error_break Function "malloc_error_break" not defined. Make breakpoint pending on future shared library load? (y or [n]) y Breakpoint 1 (malloc_error_break) pending. (gdb) run ./bug.rb Starting program: /Users/jballanc/Source/ruby/miniruby ./bug.rb Reading symbols for shared libraries ++............................ done Breakpoint 1 at 0x7fff8e607558 Pending breakpoint 1 - "malloc_error_break" resolved Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_INVALID_ADDRESS at address: 0x000000110060c908 0x00007fff8e611cfb in tiny_free_list_remove_ptr () (gdb)
  41. 41. Advanced Weaponry MallocStackLoggingNoCompact • man malloc • Set environment variables to log the stack during allocations • Run in GDB, use malloc_history to view stacks • CFLAGS=”-O0 -g” ./configure
  42. 42. (gdb) set environment MallocStackLoggingNoCompact=true (gdb) run ./bug.rb Starting program: /Users/jballanc/Source/ruby/miniruby ./bug.rb zsh(49630) malloc: recording malloc stacks to disk using standard recorder zsh(49630) malloc: stack logging compaction turned off; size of log files on disk can increase rapidly ... Reading symbols for shared libraries ++............................ done miniruby(49630) malloc: recording malloc stacks to disk using standard recorder miniruby(49630) malloc: stack logging compaction turned off; size of log files on disk can increase rapidly miniruby(49630) malloc: stack logs deleted from /tmp/stack-logs.49630.arch. 2JF4tB.index miniruby(49630) malloc: stack logs being written into /tmp/stack-logs. 49630.miniruby.lZtwm8.index Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_INVALID_ADDRESS at address: 0x0000001000000008 0x00007fff8e611cfb in tiny_free_list_remove_ptr ()
  43. 43. (gdb) set environment MallocStackLoggingNoCompact=true (gdb) run ./bug.rb Starting program: /Users/jballanc/Source/ruby/miniruby ./bug.rb zsh(49630) malloc: recording malloc stacks to disk using standard recorder zsh(49630) malloc: stack logging compaction turned off; size of log files on disk can increase rapidly ... Reading symbols for shared libraries ++............................ done miniruby(49630) malloc: recording malloc stacks to disk using standard recorder miniruby(49630) malloc: stack logging compaction turned off; size of log files on disk can increase rapidly miniruby(49630) malloc: stack logs deleted from /tmp/stack-logs.49630.arch. 2JF4tB.index miniruby(49630) malloc: stack logs being written into /tmp/stack-logs. 49630.miniruby.lZtwm8.index Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_INVALID_ADDRESS at address: 0x0000001000000008 0x00007fff8e611cfb in tiny_free_list_remove_ptr ()
  44. 44. (gdb) set environment MallocStackLoggingNoCompact=true (gdb) run ./bug.rb Starting program: /Users/jballanc/Source/ruby/miniruby ./bug.rb zsh(49630) malloc: recording malloc stacks to disk using standard recorder zsh(49630) malloc: stack logging compaction turned off; size of log files on disk can increase rapidly ... Reading symbols for shared libraries ++............................ done miniruby(49630) malloc: recording malloc stacks to disk using standard recorder miniruby(49630) malloc: stack logging compaction turned off; size of log files on disk can increase rapidly miniruby(49630) malloc: stack logs deleted from /tmp/stack-logs.49630.arch. 2JF4tB.index miniruby(49630) malloc: stack logs being written into /tmp/stack-logs. 49630.miniruby.lZtwm8.index Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_INVALID_ADDRESS at address: 0x0000001000000008 0x00007fff8e611cfb in tiny_free_list_remove_ptr ()
  45. 45. (gdb) set environment MallocStackLoggingNoCompact=true (gdb) run ./bug.rb Starting program: /Users/jballanc/Source/ruby/miniruby ./bug.rb zsh(49630) malloc: recording malloc stacks to disk using standard recorder zsh(49630) malloc: stack logging compaction turned off; size of log files on disk can increase rapidly ... Reading symbols for shared libraries ++............................ done miniruby(49630) malloc: recording malloc stacks to disk using standard recorder miniruby(49630) malloc: stack logging compaction turned off; size of log files on disk can increase rapidly miniruby(49630) malloc: stack logs deleted from /tmp/stack-logs.49630.arch. 2JF4tB.index miniruby(49630) malloc: stack logs being written into /tmp/stack-logs. 49630.miniruby.lZtwm8.index Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_INVALID_ADDRESS at address: 0x0000001000000008 0x00007fff8e611cfb in tiny_free_list_remove_ptr ()
  46. 46. (gdb) bt #0 0x00007fff8e611cfb in tiny_free_list_remove_ptr () #1 0x00007fff8e60e76d in szone_free_definite_size () #2 0x00007fff8e608898 in free () #3 0x000000010006f6cc in vm_xfree (objspace=0x10081c400, ptr=0x1004918b0) at gc.c:830 #4 0x000000010006fa76 in ruby_xfree (x=0x1004918b0) at gc.c:894 ...
  47. 47. > malloc_history 49630 0x1004918b0 malloc_history Report Version: 2.0 Process: miniruby [49630] ... ALLOC 0x1004918b0-0x1004918f7 [size=72]: thread_7fff732a5180 |start | main | ruby_run_node | ruby_exec_node | ruby_exec_internal | rb_iseq_eval_main | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | int_dotimes | rb_yield | rb_yield_0 | vm_yield | invoke_block_from_c | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | rb_class_new_instance | rb_obj_call_init | rb_funcall2 | rb_call | rb_call0 | vm_call0 | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | method_proc | rb_iterate | mlambda | rb_funcall | rb_call | rb_call0 | vm_call0 | call_cfunc | proc_lambda | rb_block_lambda | proc_new | rb_vm_make_proc | rb_proc_alloc | ruby_xmalloc | vm_xmalloc | malloc | malloc_zone_malloc ---- FREE 0x1004918b0-0x1004918f7 [size=72]: thread_7fff732a5180 |start | main | ruby_run_node | ruby_exec_node | ruby_exec_internal | rb_iseq_eval_main | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | int_dotimes | rb_yield | rb_yield_0 | vm_yield | invoke_block_from_c | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | int_dotimes | rb_yield | rb_yield_0 | vm_yield | invoke_block_from_c | vm_exec | vm_exec_core | vm_call_method | vm_call_bmethod | rb_vm_invoke_proc | invoke_block_from_c | vm_yield_with_cfunc | bmcall | rb_method_call | rb_vm_call | vm_call0 | rb_threadptr_execute_interrupts | rb_threadptr_execute_interrupts_common | rb_gc_finalize_deferred | finalize_deferred | finalize_list | run_final | proc_free | ruby_xfree | vm_xfree | free
  48. 48. > malloc_history 49630 0x1004918b0 malloc_history Report Version: 2.0 Process: miniruby [49630] ... ALLOC 0x1004918b0-0x1004918f7 [size=72]: thread_7fff732a5180 |start | main | ruby_run_node | ruby_exec_node | ruby_exec_internal | rb_iseq_eval_main | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | int_dotimes | rb_yield | rb_yield_0 | vm_yield | invoke_block_from_c | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | rb_class_new_instance | rb_obj_call_init | rb_funcall2 | rb_call | rb_call0 | vm_call0 | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | method_proc | rb_iterate | mlambda | rb_funcall | rb_call | rb_call0 | vm_call0 | call_cfunc | proc_lambda | rb_block_lambda | proc_new | rb_vm_make_proc | rb_proc_alloc | ruby_xmalloc | vm_xmalloc | malloc | malloc_zone_malloc ---- FREE 0x1004918b0-0x1004918f7 [size=72]: thread_7fff732a5180 |start | main | ruby_run_node | ruby_exec_node | ruby_exec_internal | rb_iseq_eval_main | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | int_dotimes | rb_yield | rb_yield_0 | vm_yield | invoke_block_from_c | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | int_dotimes | rb_yield | rb_yield_0 | vm_yield | invoke_block_from_c | vm_exec | vm_exec_core | vm_call_method | vm_call_bmethod | rb_vm_invoke_proc | invoke_block_from_c | vm_yield_with_cfunc | bmcall | rb_method_call | rb_vm_call | vm_call0 | rb_threadptr_execute_interrupts | rb_threadptr_execute_interrupts_common | rb_gc_finalize_deferred | finalize_deferred | finalize_list | run_final | proc_free | ruby_xfree | vm_xfree | free
  49. 49. > malloc_history 49630 0x1004918b0 malloc_history Report Version: 2.0 Process: miniruby [49630] ... ALLOC 0x1004918b0-0x1004918f7 [size=72]: thread_7fff732a5180 |start | main | ruby_run_node | ruby_exec_node | ruby_exec_internal | rb_iseq_eval_main | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | int_dotimes | rb_yield | rb_yield_0 | vm_yield | invoke_block_from_c | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | rb_class_new_instance | rb_obj_call_init | rb_funcall2 | rb_call | rb_call0 | vm_call0 | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | method_proc | rb_iterate | mlambda | rb_funcall | rb_call | rb_call0 | vm_call0 | call_cfunc | proc_lambda | rb_block_lambda | proc_new | rb_vm_make_proc | rb_proc_alloc | ruby_xmalloc | vm_xmalloc | malloc | malloc_zone_malloc ---- FREE 0x1004918b0-0x1004918f7 [size=72]: thread_7fff732a5180 |start | main | ruby_run_node | ruby_exec_node | ruby_exec_internal | rb_iseq_eval_main | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | int_dotimes | rb_yield | rb_yield_0 | vm_yield | invoke_block_from_c | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | int_dotimes | rb_yield | rb_yield_0 | vm_yield | invoke_block_from_c | vm_exec | vm_exec_core | vm_call_method | vm_call_bmethod | rb_vm_invoke_proc | invoke_block_from_c | vm_yield_with_cfunc | bmcall | rb_method_call | rb_vm_call | vm_call0 | rb_threadptr_execute_interrupts | rb_threadptr_execute_interrupts_common | rb_gc_finalize_deferred | finalize_deferred | finalize_list | run_final | proc_free | ruby_xfree | vm_xfree | free
  50. 50. > malloc_history 49630 0x1004918b0 malloc_history Report Version: 2.0 Process: miniruby [49630] ... ALLOC 0x1004918b0-0x1004918f7 [size=72]: thread_7fff732a5180 |start | main | ruby_run_node | ruby_exec_node | ruby_exec_internal | rb_iseq_eval_main | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | int_dotimes | rb_yield | rb_yield_0 | vm_yield | invoke_block_from_c | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | rb_class_new_instance | rb_obj_call_init | rb_funcall2 | rb_call | rb_call0 | vm_call0 | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | method_proc | rb_iterate | mlambda | rb_funcall | rb_call | rb_call0 | vm_call0 | call_cfunc | proc_lambda | rb_block_lambda | proc_new | rb_vm_make_proc | rb_proc_alloc | ruby_xmalloc | vm_xmalloc | malloc | malloc_zone_malloc ---- FREE 0x1004918b0-0x1004918f7 [size=72]: thread_7fff732a5180 |start | main | ruby_run_node | ruby_exec_node | ruby_exec_internal | rb_iseq_eval_main | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | int_dotimes | rb_yield | rb_yield_0 | vm_yield | invoke_block_from_c | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | int_dotimes | rb_yield | rb_yield_0 | vm_yield | invoke_block_from_c | vm_exec | vm_exec_core | vm_call_method | vm_call_bmethod | rb_vm_invoke_proc | invoke_block_from_c | vm_yield_with_cfunc | bmcall | rb_method_call | rb_vm_call | vm_call0 | rb_threadptr_execute_interrupts | rb_threadptr_execute_interrupts_common | rb_gc_finalize_deferred | finalize_deferred | finalize_list | run_final | proc_free | ruby_xfree | vm_xfree | free
  51. 51. BFGmalloc libgmalloc.dylib -- (Guard Malloc), an aggressive debugging malloc library
  52. 52. BFGmalloc malloc gmalloc
  53. 53. BFGmalloc malloc gmalloc
  54. 54. BFGmalloc malloc gmalloc
  55. 55. BFGmalloc malloc gmalloc
  56. 56. BFGmalloc malloc gmalloc
  57. 57. BFGmalloc malloc gmalloc
  58. 58. BFGmalloc malloc gmalloc
  59. 59. (gdb) set environment MallocStackLoggingNoCompact=true (gdb) set environment DYLD_INSERT_LIBRARIES=/usr/lib/libgmalloc.dylib (gdb) run ./bug.rb Starting program: /Users/jballanc/Source/ruby/miniruby ./bug.rb GuardMalloc[zsh-50147]: recording malloc stacks to disk using standard recorder GuardMalloc[zsh-50147]: stack logging compaction turned off; size of log files on disk can increase rapidly ...
  60. 60. (gdb) set environment MallocStackLoggingNoCompact=true (gdb) set environment DYLD_INSERT_LIBRARIES=/usr/lib/libgmalloc.dylib (gdb) run ./bug.rb Starting program: /Users/jballanc/Source/ruby/miniruby ./bug.rb GuardMalloc[zsh-50147]: recording malloc stacks to disk using standard recorder GuardMalloc[zsh-50147]: stack logging compaction turned off; size of log files on disk can increase rapidly ...
  61. 61. (gdb) set environment MallocStackLoggingNoCompact=true (gdb) set environment DYLD_INSERT_LIBRARIES=/usr/lib/libgmalloc.dylib (gdb) run ./bug.rb Starting program: /Users/jballanc/Source/ruby/miniruby ./bug.rb GuardMalloc[zsh-50147]: recording malloc stacks to disk using standard recorder GuardMalloc[zsh-50147]: stack logging compaction turned off; size of log files on disk can increase rapidly ...
  62. 62. Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_INVALID_ADDRESS at address: 0x0000000107203fe4 0x0000000100208b3c in rb_thread_mark (ptr=0x10085fce0) at vm.c:1733 1733! ! ! if (cfp->me) ((rb_method_entry_t *)cfp->me)->mark = 1; (gdb) p cfp->me $1 = (rb_method_entry_t *) 0x107203fe0
  63. 63. Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_INVALID_ADDRESS at address: 0x0000000107203fe4 0x0000000100208b3c in rb_thread_mark (ptr=0x10085fce0) at vm.c:1733 1733! ! ! if (cfp->me) ((rb_method_entry_t *)cfp->me)->mark = 1; (gdb) p cfp->me $1 = (rb_method_entry_t *) 0x107203fe0
  64. 64. > malloc_history 50147 0x107203fe0 malloc_history Report Version: 2.0 Process: miniruby [50147] ... FREE 0x107203fe0-0x107203fff [size=32]: thread_7fff732a5180 |start | main | ruby_run_node | ruby_exec_node | ruby_exec_internal | rb_iseq_eval_main | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | int_dotimes | rb_yield | rb_yield_0 | vm_yield | invoke_block_from_c | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | int_dotimes | rb_yield | rb_yield_0 | vm_yield | invoke_block_from_c | vm_exec | vm_exec_core | vm_call_method | vm_call_bmethod | rb_vm_invoke_proc | invoke_block_from_c | vm_yield_with_cfunc | bmcall | rb_method_call | rb_vm_call | vm_call0 | call_cfunc | rb_str_reverse | rb_str_new_with_class | str_new | str_alloc | rb_newobj | gc_lazy_sweep | lazy_sweep | slot_sweep | obj_free | rb_free_m_table | st_foreach | free_method_entry_i | rb_free_method_entry | ruby_xfree | vm_xfree | GMfree | GMmalloc_zone_free
  65. 65. > malloc_history 50147 0x107203fe0 malloc_history Report Version: 2.0 Process: miniruby [50147] ... FREE 0x107203fe0-0x107203fff [size=32]: thread_7fff732a5180 |start | main | ruby_run_node | ruby_exec_node | ruby_exec_internal | rb_iseq_eval_main | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | int_dotimes | rb_yield | rb_yield_0 | vm_yield | invoke_block_from_c | vm_exec | vm_exec_core | vm_call_method | vm_call_cfunc | call_cfunc | int_dotimes | rb_yield | rb_yield_0 | vm_yield | invoke_block_from_c | vm_exec | vm_exec_core | vm_call_method | vm_call_bmethod | rb_vm_invoke_proc | invoke_block_from_c | vm_yield_with_cfunc | bmcall | rb_method_call | rb_vm_call | vm_call0 | call_cfunc | rb_str_reverse | rb_str_new_with_class | str_new | str_alloc | rb_newobj | gc_lazy_sweep | lazy_sweep | slot_sweep | obj_free | rb_free_m_table | st_foreach | free_method_entry_i | rb_free_method_entry | ruby_xfree | vm_xfree | GMfree | GMmalloc_zone_free
  66. 66. https://bugs.ruby-lang.org/issues/6171
  67. 67. Questions? Joshua Ballanco @manhattanmetric https://github.com/jballanc

Editor's Notes

  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n

    • ×