[bug:trunk] Invalid read by ./ruby -v

e$B0J2<$N$h$&$K!"e(Bruby -v e$B$GJQ$J$H$3$m$rFI$`$h$&$G$9!#e(B

% valgrind ./ruby -v
==15134== Memcheck, a memory error detector.
==15134== Copyright © 2002-2007, and GNU GPL’d, by Julian Seward et
al.
==15134== Using LibVEX rev 1854, a library for dynamic binary
translation.
==15134== Copyright © 2004-2007, and GNU GPL’d, by OpenWorks LLP.
==15134== Using valgrind-3.3.1-Debian, a dynamic binary instrumentation
framework.
==15134== Copyright © 2000-2007, and GNU GPL’d, by Julian Seward et
al.
==15134== For more details, rerun with: -v
==15134==
==15134== Invalid read of size 4
==15134== at 0x813DF26: vm_push_frame (vm_insnhelper.c:32)
==15134== by 0x814EEC1: th_init2 (vm.c:1742)
==15134== by 0x814F93F: Init_BareVM (vm.c:2086)
==15134== by 0x805DF8F: ruby_init (eval.c:54)
==15134== by 0x805D04E: main (main.c:34)
==15134== Address 0x4267164 is 4 bytes after a block of size 524,288
alloc’d
==15134== at 0x4023D6E: malloc (vg_replace_malloc.c:207)
==15134== by 0x806365E: vm_xmalloc (gc.c:657)
==15134== by 0x806380C: ruby_xmalloc2 (gc.c:747)
==15134== by 0x814E959: thread_recycle_stack (vm.c:1552)
==15134== by 0x814EE53: th_init2 (vm.c:1738)
==15134== by 0x814F93F: Init_BareVM (vm.c:2086)
==15134== by 0x805DF8F: ruby_init (eval.c:54)
==15134== by 0x805D04E: main (main.c:34)
ruby 1.9.2dev (2009-11-07 trunk 25681) [i686-linux]
==15134==
==15134== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 23 from
1)
==15134== malloc/free: in use at exit: 311,896 bytes in 11,805 blocks.
==15134== malloc/free: 11,907 allocs, 102 frees, 1,051,073 bytes
allocated.
==15134== For counts of detected errors, rerun with: -v
==15134== searching for pointers to 11,805 not-freed blocks.
==15134== checked 393,272 bytes.
==15134==
==15134== LEAK SUMMARY:
==15134== definitely lost: 210,278 bytes in 8,694 blocks.
==15134== possibly lost: 0 bytes in 0 blocks.
==15134== still reachable: 101,618 bytes in 3,111 blocks.
==15134== suppressed: 0 bytes in 0 blocks.
==15134== Rerun with --leak-check=full to see details of leaked memory.

e$B$J$+$@$G$9!#e(B

At Sun, 8 Nov 2009 01:23:03 +0900,
Tanaka A. wrote in [ruby-dev:39657]:

e$B0J2<$N$h$&$K!"e(Bruby -v e$B$GJQ$J$H$3$m$rFI$`$h$&$G$9!#e(B
ruby 1.9.2dev (2009-11-07 trunk 25681) [i686-linux]

e$B$3$N2]Bj$Oe(B r25682
e$B$NJQ99$G2r7h$5$l$^$7$?e(B(e$B$H;W$$$^$9e(B)e$B!#e(B
Tanaka A. e$B$5$s!"Js9p$re(B(e$B0J2<F1J8e(B)
Ruby e$B$N$H$b$Ke(B(ry