Users with heavily multi-threaded Ruby apps are strongly advised to upgrade to REE 2011.03. Without this fix threading is effectively useless on both the upstream MRI 1.8.7 releases as well as previous REE releases.

It turned out that MRI’s 1.8 branch (the one that is to become MRI 1.8.8) has an updated fix that doesn’t crash, and it has had this fix for more than a year now, but it isn’t included in MRI 1.8.7. We’ve notified the Ruby core team about this and Shyouhei Urabe says he’ll backport it to the next MRI 1.8.7 release. In the mean time we’ve taken the liberty to backport it ourselves.

OS X has this interesting ecosystem in which a lot of users install software through MacPorts. MacPorts software is typically installed to /opt/local. This causes two problems.

The first one is that the compiler does not look in /opt/local by default. Some Ruby gems with native extensions rely on third-party libraries not shipped with OS X. If the user installs those dependencies with MacPorts then gems may not detect them automatically.

The other problem is that people end up with different versions of libraries that are also shipped with the OS. For example OS X comes with OpenSSL 0.9.8 while MacPorts installs OpenSSL 1.0.0 to /opt/local. This may cause crashes when some libraries try to use OpenSSL 0.9.8 and others try to use 1.0.0! For example the we’ve installed libcurl via MacPorts. libcurl depends on OpenSSL so MacPorts installs that as well. The Curb gem depends on libcurl, and its extconf.rb is smart enough to look in /opt/local for libcurl, so the Curb C extension ends up being compiled against MacPorts’s OpenSSL 1.0.0. In the mean time, the Ruby OpenSSL extension’s extconf.rb does not look in /opt/local, so it ends up being compiled against OpenSSL 0.9.8. The net/https library uses the Ruby OpenSSL extension. So if your app uses both Curb and net/https (which may happen indirectly, e.g. via ActiveResource) then Ruby may attempt to load both OpenSSL libraries. These two conflict with each other and may cause crashes. So if you’re an OS X user and you’ve seen mysterious segmentation fault crashes in net/http.rb, then this is probably the cause. Obviously the problem is not limited to only OpenSSL: any situation involving two different versions of the same library to be loaded will cause problems as well.

To fix all this we’ve now modified REE to always look in /opt/local when compiling things.