Marshal.load $B$GNc30H/@8;~$K(B Segmentation fault $B%(%i!<(B

e$B6bEDM-Fs$H?=$7$^$9!#e(B

e$B<!$N%3!<%I$Ge(B Segmentation fault e$B$,H/@8$7$^$7$?$N$Ge(B
e$B$4Js9p$5$;$FD:$-$^$9!#e(B


#! /usr/local/bin/ruby
GC.stress = true
loop do
begin
f = File.open(“d”)
Marshal.load(f)
rescue
end
end

de$B$O6u$N%U%!%$%k$G$9!#e(B

e$B$6$C$H%=!<%9$r$$?$H$3$me(B marshal.c e$B$Ne(B 1480 e$B9TL$Ge(B
r_byte e$B4X?t$r8F$S=P$7$Fe(B
864e$B9TL$Ge(B rb_eof_error
e$B$GNc30$rH/@8$5$;$?$"$?$j$G%(%i!<$H$J$C$F$$$k$h$&$G$9!#e(B
e$B$$=$i$/!"e(B1478e$B9TL$G%9%?%C%/>e$N:n@.$7$?e(B arg.wrapper
e$B%
%V%8%'%/%H$re(B
GCe$B$,H/@8$7$?:]$KE,@Z$Ke(B mark e$B$G$-$J$+$C$?$h$&$K$
$($^$9!#e(B

Rubye$B$N%P!<%8%g%s$Oe(Bx86_64-linux
e$B>e$Ne(B1.8.7e$B$G%P%C%/%H%l!<%9$O<!$N$h$&$K$J$j$^$9!#e(B
i686-linux e$B$G$OH/@8$7$J$$$h$&$G$9!#e(B

$ ruby marshal_error.rb
marshal_error.rb:5: [BUG] Segmentation fault
ruby 1.8.7 (2009-06-12 patchlevel 174) [x86_64-linux]

e$B%"%!<%H$7$^$7$?e(B (core dumped)
$ gdb /usr/local/bin/ruby core.13316
GNU gdb Fedora (6.8-27.el5)
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type “show
copying”
and “show warranty” for details.
This GDB was configured as “x86_64-redhat-linux-gnu”…
Reading symbols from /lib64/librt.so.1…done.
Loaded symbols for /lib64/librt.so.1
Reading symbols from /lib64/libdl.so.2…done.
Loaded symbols for /lib64/libdl.so.2
Reading symbols from /lib64/libcrypt.so.1…done.
Loaded symbols for /lib64/libcrypt.so.1
Reading symbols from /lib64/libm.so.6…done.
Loaded symbols for /lib64/libm.so.6
Reading symbols from /lib64/libc.so.6…done.
Loaded symbols for /lib64/libc.so.6
Reading symbols from /lib64/libpthread.so.0…done.
Loaded symbols for /lib64/libpthread.so.0
Reading symbols from /lib64/ld-linux-x86-64.so.2…done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
Core was generated by `ruby marshal_error.rb’.
Program terminated with signal 6, Aborted.
[New process 13316]
#0 0x0000003131030215 in raise () from /lib64/libc.so.6
(gdb) bt
#0 0x0000003131030215 in raise () from /lib64/libc.so.6
#1 0x0000003131031cc0 in abort () from /lib64/libc.so.6
#2 0x0000000000499438 in rb_bug (fmt=0x4b5acd “Segmentation fault”) at
error.c:213
#3 0x000000000047044a in sigsegv (sig=) at
signal.c:634
#4
#5 0x0000000000472d1b in st_foreach (table=0x2baa79483e70,
func=0x42de60 <mark_entry>, arg=
0)
at st.c:487
#6 0x000000000042df31 in mark_locations_array (x=0x7fff31686de8,
n=2008) at gc.c:684
#7 0x000000000042e106 in garbage_collect () at gc.c:1468
#8 0x000000000042eba7 in rb_newobj () at gc.c:436
#9 0x0000000000474499 in str_alloc (klass=7257920) at string.c:67
#10 0x0000000000474599 in str_new3 (klass=7257920, str=0) at
string.c:143
#11 0x00000000004745e6 in rb_str_new3 (str=48011179162360) at
string.c:157
#12 0x0000000000416501 in rb_eval (self=48011179299480, n=0x0) at
eval.c:3865
#13 0x0000000000416e41 in rb_eval (self=48011179299480, n=) at eval.c:3
498
#14 0x0000000000415f3c in rb_eval (self=48011179299480, n=) at eval.c:3
698
#15 0x00000000004186bb in rb_eval (self=48011179299480, n=) at eval.c:3
319
#16 0x000000000041a2d5 in rb_yield_0 (val=6, self=48011179299480,
klass=0,
flags=, avalue=0) at eval.c:5090
#17 0x0000000000424fe7 in loop_i () at eval.c:5222
#18 0x0000000000410704 in rb_rescue2 (b_proc=0x424fd0 <loop_i>, data1=0,
r_proc=0, data2=0)
at eval.c:5486
#19 0x00000000004108e0 in rb_f_loop () at eval.c:5247
#20 0x000000000041b56a in rb_call0 (klass=48011179309360,
recv=48011179299480, id=4121, oid=
4121,
argc=0, argv=0x0, body=0x2baa79497b78, flags=)
at eval.c:5917
#21 0x000000000041c278 in rb_call (klass=48011179309360,
recv=48011179299480, mid=4121, argc
=0,
argv=0x0, scope=1, self=48011179299480) at eval.c:6164
#22 0x0000000000416fec in rb_eval (self=, n=)
at eval.c:3518
#23 0x0000000000418ff2 in rb_eval (self=48011179299480, n=) at eval.c:3
233
#24 0x0000000000427b89 in ruby_exec_internal () at eval.c:1652
#25 0x0000000000427bd5 in ruby_exec () at eval.c:1672
#26 0x0000000000427bff in ruby_run () at eval.c:1682
#27 0x000000000040ddc3 in main (argc=2, argv=0x7fff3168a048, envp=)
at main.c:48

In article [email protected],
[email protected] writes:


de$B$O6u$N%U%!%$%k$G$9!#e(B

e$B$6$C$H%=!<%9$r$$?$H$3$me(B marshal.c e$B$Ne(B 1480 e$B9TL$Ge(B r_byte e$B4X?t$r8F$S=P$7$Fe(B
864e$B9TL$Ge(B rb_eof_error e$B$GNc30$rH/@8$5$;$?$"$?$j$G%(%i!<$H$J$C$F$$$k$h$&$G$9!#e(B
e$B$$=$i$/!"e(B1478e$B9TL$G%9%?%C%/>e$N:n@.$7$?e(B arg.wrapper e$B%%V%8%'%/%H$re(B
GCe$B$,H/@8$7$?:]$KE,@Z$Ke(B mark e$B$G$-$J$+$C$?$h$&$K$
$($^$9!#e(B

e$B$3$l$bD>$C$?$s$8$c$$$J$$$+$J$!!#e(B

Redminee$B$KG’<1$5$;$k$?$a$K:FE>Aw$7$^$9!#e(B
e$B$3$&$7$J$$$H4{$KN.$l$?%a!<%k$re(Bredminee$B$KEPO?$G$-$J$$LdBj$O;d$K2K$,$G$-$?$iD>$7$^$9!#e(B

---------- e$BE>Aw%a%C%;!<%8e(B ----------
From: [email protected]
e$BF|IUe(B: 2009e$BG/e(B10e$B7ne(B3e$BF|e(B3:29
e$B7oL>e(B: [ruby-dev:39420] Marshal.load e$B$GNc30H/@8;~$Ke(B
Segmentation fault e$B%(%i!<e(B
To: ruby developers list [email protected]

e$B6bEDM-Fs$H?=$7$^$9!#e(B

e$B<!$N%3!<%I$Ge(B Segmentation fault e$B$,H/@8$7$^$7$?$N$Ge(B
e$B$4Js9p$5$;$FD:$-$^$9!#e(B


#! /usr/local/bin/ruby
GC.stress = true
loop do
begin
f = File.open(“d”)
Marshal.load(f)
rescue
end
end

de$B$O6u$N%U%!%$%k$G$9!#e(B

e$B$6$C$H%=!<%9$r$$?$H$3$me(B marshal.c e$B$Ne(B 1480 e$B9TL$Ge(B
r_byte e$B4X?t$r8F$S=P$7$Fe(B
864e$B9TL$Ge(B rb_eof_error
e$B$GNc30$rH/@8$5$;$?$"$?$j$G%(%i!<$H$J$C$F$$$k$h$&$G$9!#e(B
e$B$$=$i$/!"e(B1478e$B9TL$G%9%?%C%/>e$N:n@.$7$?e(B arg.wrapper
e$B%
%V%8%'%/%H$re(B
GCe$B$,H/@8$7$?:]$KE,@Z$Ke(B mark e$B$G$-$J$+$C$?$h$&$K$
$($^$9!#e(B

Rubye$B$N%P!<%8%g%s$Oe(Bx86_64-linux
e$B>e$Ne(B1.8.7e$B$G%P%C%/%H%l!<%9$O<!$N$h$&$K$J$j$^$9!#e(B
i686-linux e$B$G$OH/@8$7$J$$$h$&$G$9!#e(B

$ ruby marshal_error.rb
marshal_error.rb:5: [BUG] Segmentation fault
ruby 1.8.7 (2009-06-12 patchlevel 174) [x86_64-linux]

e$B%"%!<%H$7$^$7$?e(B (core dumped)
$ gdb /usr/local/bin/ruby core.13316
GNU gdb Fedora (6.8-27.el5)
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type “show
copying”
and “show warranty” for details.
This GDB was configured as “x86_64-redhat-linux-gnu”…
Reading symbols from /lib64/librt.so.1…done.
Loaded symbols for /lib64/librt.so.1
Reading symbols from /lib64/libdl.so.2…done.
Loaded symbols for /lib64/libdl.so.2
Reading symbols from /lib64/libcrypt.so.1…done.
Loaded symbols for /lib64/libcrypt.so.1
Reading symbols from /lib64/libm.so.6…done.
Loaded symbols for /lib64/libm.so.6
Reading symbols from /lib64/libc.so.6…done.
Loaded symbols for /lib64/libc.so.6
Reading symbols from /lib64/libpthread.so.0…done.
Loaded symbols for /lib64/libpthread.so.0
Reading symbols from /lib64/ld-linux-x86-64.so.2…done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
Core was generated by `ruby marshal_error.rb’.
Program terminated with signal 6, Aborted.
[New process 13316]
#0 0x0000003131030215 in raise () from /lib64/libc.so.6
(gdb) bt
#0 0x0000003131030215 in raise () from /lib64/libc.so.6
#1 0x0000003131031cc0 in abort () from /lib64/libc.so.6
#2 0x0000000000499438 in rb_bug (fmt=0x4b5acd “Segmentation fault”)
at error.c:213
#3 0x000000000047044a in sigsegv (sig=) at
signal.c:634
#4
#5 0x0000000000472d1b in st_foreach (table=0x2baa79483e70,
func=0x42de60 <mark_entry>, arg=
0)
at st.c:487
#6 0x000000000042df31 in mark_locations_array (x=0x7fff31686de8,
n=2008) at gc.c:684
#7 0x000000000042e106 in garbage_collect () at gc.c:1468
#8 0x000000000042eba7 in rb_newobj () at gc.c:436
#9 0x0000000000474499 in str_alloc (klass=7257920) at string.c:67
#10 0x0000000000474599 in str_new3 (klass=7257920, str=0) at
string.c:143
#11 0x00000000004745e6 in rb_str_new3 (str=48011179162360) at
string.c:157
#12 0x0000000000416501 in rb_eval (self=48011179299480, n=0x0) at
eval.c:3865
#13 0x0000000000416e41 in rb_eval (self=48011179299480, n=) at eval.c:3
498
#14 0x0000000000415f3c in rb_eval (self=48011179299480, n=) at eval.c:3
698
#15 0x00000000004186bb in rb_eval (self=48011179299480, n=) at eval.c:3
319
#16 0x000000000041a2d5 in rb_yield_0 (val=6, self=48011179299480,
klass=0,
flags=, avalue=0) at eval.c:5090
#17 0x0000000000424fe7 in loop_i () at eval.c:5222
#18 0x0000000000410704 in rb_rescue2 (b_proc=0x424fd0 <loop_i>,
data1=0, r_proc=0, data2=0)
at eval.c:5486
#19 0x00000000004108e0 in rb_f_loop () at eval.c:5247
#20 0x000000000041b56a in rb_call0 (klass=48011179309360,
recv=48011179299480, id=4121, oid=
4121,
argc=0, argv=0x0, body=0x2baa79497b78, flags=)
at eval.c:5917
#21 0x000000000041c278 in rb_call (klass=48011179309360,
recv=48011179299480, mid=4121, argc
=0,
argv=0x0, scope=1, self=48011179299480) at eval.c:6164
#22 0x0000000000416fec in rb_eval (self=,
n=)
at eval.c:3518
#23 0x0000000000418ff2 in rb_eval (self=48011179299480, n=) at eval.c:3
233
#24 0x0000000000427b89 in ruby_exec_internal () at eval.c:1652
#25 0x0000000000427bd5 in ruby_exec () at eval.c:1672
#26 0x0000000000427bff in ruby_run () at eval.c:1682
#27 0x000000000040ddc3 in main (argc=2, argv=0x7fff3168a048,
envp=)
at main.c:48

e$B%A%1%C%He(B #2175 e$B$,99?7$5$l$^$7$?!#e(B (by Nobuyoshi N.)

e$B%9%F!<%?%9e(B Opene$B$+$ie(BFeedbacke$B$KJQ99e(B
ruby -v ruby 1.8.7 (2009-06-12 patchlevel 174)
[x86_64-linux]e$B$K%;%C%He(B

r25230e$B$GD>$C$F$$$^$;$s$+e(B?

http://redmine.ruby-lang.org/issues/show/2175

e$B%A%1%C%He(B #2175 e$B$,99?7$5$l$^$7$?!#e(B (by Yuji Kaneda)

e$B6bED$G$9!#e(B

[ruby-dev:39436]e$B$G$bJs9p$$$?$7$^$7$?$,e(Br25230e$B$GD>$C$F$$$^$9!#e(B
Redminee$B$NJQ99$,$L$1$F$*$j?=$7Lu$"$j$^$;$s!#e(B

http://redmine.ruby-lang.org/issues/show/2175