Segmentation fault in eval


#1

e$B@>;3OB9-$G$9!#e(B

http://d.hatena.ne.jp/mamamoto/20081007/1223349255
e$B$N%9%/%j%W%H$r85$K$$$8$C$F$$$?$ie(Bs="n=$*"e$B$GMn$A$^$7$?!#e(B

e$B:G>.$^$G$O9J$C$F$$$^$;$s$,!"$"$kDxEY9J$j$3$s$Ge(B
e$B:F8=%9%/%j%W%H$O0J2<$N$h$&$K$J$j$^$7$?!#e(B

% cat b.rb
#/usr/bin/ruby
def f(s)
n = 0
eval(s)
rescue Exception
nil
end

a = %w[= $ *]

9.times{|i|
a.permutation(i+1){|b|
c = %w[n]
d = b + c
c.size.step(0, -1){|j|
d.permutation(d.size-j){|e|
f(e.join)
}
}
}
}
% ruby-trunk b.rb
(eval):1: warning: variable $= is no longer effective
(eval):1: warning: variable $= is no longer effective
(eval):1: warning: variable $= is no longer effective
(eval):1: warning: variable $= is no longer effective
(eval):1: warning: variable $= is no longer effective
(eval):1: warning: variable $= is no longer effective
(eval):1: [BUG] Segmentation fault
ruby 1.9.0 (2008-10-09 revision 19722) [i686-linux]

– control frame ----------
c:0019 p:0004 s:0050 b:0050 l:000041 d:000049 EVAL (eval):1
c:0018 p:---- s:0048 b:0048 l:000047 d:000047 FINISH :===
c:0017 p:---- s:0046 b:0046 l:000045 d:000045 CFUNC :eval
c:0016 p:0019 s:0042 b:0042 l:000041 d:000041 METHOD b.rb:4
c:0015 p:0018 s:0037 b:0037 l:000006 d:000036 BLOCK b.rb:16
c:0014 p:---- s:0036 b:0036 l:000035 d:000035 FINISH
c:0013 p:---- s:0034 b:0034 l:000033 d:000033 CFUNC :permutation
c:0012 p:0024 s:0030 b:0030 l:000006 d:000029 BLOCK b.rb:16
c:0011 p:---- s:0029 b:0029 l:000028 d:000028 FINISH :==
c:0010 p:---- s:0027 b:0027 l:000026 d:000026 CFUNC :step
c:0009 p:0042 s:0022 b:0022 l:000006 d:000021 BLOCK b.rb:15
c:0008 p:---- s:0019 b:0019 l:000018 d:000018 FINISH :remove_const
c:0007 p:---- s:0017 b:0017 l:000016 d:000016 CFUNC :permutation
c:0006 p:0017 s:0013 b:0013 l:000006 d:000012 BLOCK b.rb:12
c:0005 p:---- s:0012 b:0012 l:000011 d:000011 FINISH :class_eval
c:0004 p:---- s:0010 b:0010 l:000009 d:000009 CFUNC :times
c:0003 p:0039 s:0007 b:0007 l:000006 d:000006 TOP b.rb:11
c:0002 p:---- s:0004 b:0004 l:000003 d:000003 FINISH :inherited
c:0001 p:0000 s:0002 b:0002 l:000001 d:000001 TOP :17

DBG> : “(eval):1:in f'" DBG> : "b.rb:4:ineval’”
DBG> : “b.rb:4:in f'" DBG> : "b.rb:16:inblock (4 levels) in '”
DBG> : “b.rb:16:in permutation'" DBG> : "b.rb:16:inblock (3 levels) in '”
DBG> : “b.rb:15:in step'" DBG> : "b.rb:15:inblock (2 levels) in '”
DBG> : “b.rb:12:in permutation'" DBG> : "b.rb:12:inblock in '”
DBG> : “b.rb:11:in times'" DBG> : "b.rb:11:in'”
– backtrace of native function call (Use addr2line) –
0xb7ed13d7
0xb7df4053
0xb7df40c9
0xb7e7c5d9
0xb7f30440
0xb7ec5312
0xb7ecc1b8
0xb7ecd595
0xb7ecdba1
0xb7ecdcf8
0xb7ec02d3
0xb7ecee98
0xb7ec77bb
0xb7ecc1b8
0xb7ecc818
0xb7eccff5
0xb7dd1bc7
0xb7dd1b49
0xb7dd1b49
0xb7dd1b49
0xb7dd68ea
0xb7ec02d3
0xb7ecee98
0xb7ec77bb
0xb7ecc1b8
0xb7ecc818
0xb7eccff5
0xb7e26fe4
0xb7ec02d3
0xb7ecee98
0xb7ec77bb
0xb7ecc1b8
0xb7ecc818
0xb7eccff5
0xb7dd1bc7
0xb7dd1b49
0xb7dd1b49
0xb7dd68ea
0xb7ec02d3
0xb7ecee98
0xb7ec77bb
0xb7ecc1b8
0xb7ecc818
0xb7eccff5
0xb7e225bf
0xb7ec02be
0xb7ecee98
0xb7ec77bb
0xb7ecc1b8
0xb7ecc3fd
0xb7df62af
0xb7df7d12
0x8048734
0xb7c1eea8
0x8048631


#2

e$B$J$+$@$G$9!#e(B

At Fri, 10 Oct 2008 06:59:39 +0900,
Kazuhiro NISHIYAMA wrote in [ruby-dev:36698]:

http://d.hatena.ne.jp/mamamoto/20081007/1223349255
e$B$N%9%/%j%W%H$r85$K$$$8$C$F$$$?$ie(Bs="n=$*"e$B$GMn$A$^$7$?!#e(B

$=0; $ e$B$,:G>.$G$9$M!#e(B

argfe$B2s$j$r@0M}$7$?$H$-$K!“e(Brb_define_virtual_variable()e$B$H4V0c$($Fe(B
rb_define_hooked_variable()e$B$Ne(Bsettere$B$Ke(B0e$B$rEO$9$h$&$K$7$?$?$a$K!”%Ge(B
e$B%U%)%k%H$Ne(Bsettere$B$,;H$o$l$F$7$^$C$F$$$k$H$$$&%_%9$G$7$?!#e(B

e$B$7$+$7!“8+D>$7$F$_$k$He(Brb_define_hooked_variable()e$B$Ge(Breadonlye$BJQ?te(B
e$B$r:n$kJ}K!$O$J$$$h$&$G$9!#e(Breadonly_setter()e$B$J$I$r8x3+$9$k$N$,4Je(B
e$BC1$J$N$G$9$,!”$I$&$7$?$b$N$G$7$g$&$+!#e(B

e$B$5$i$K$$$&$H!“e(Bmarkere$B$rFH<+$K;XDj$9$kJ}K!$b$”$j$^$;$s!#e(B

Index: io.c

— io.c (revision 19741)
+++ io.c (working copy)
@@ -8445,9 +8445,9 @@ Init_IO(void)

 rb_define_hooked_variable("$.", &argf, argf_lineno_getter, 

argf_lineno_setter);

  • rb_define_hooked_variable("$FILENAME", &argf, argf_filename_getter,
    0);
  • rb_define_hooked_variable("$FILENAME", &argf, argf_filename_getter,
    rb_gvar_readonly_setter);
    ARGF.filename = rb_str_new2("-");

    rb_define_hooked_variable("$-i", &argf, opt_i_get, opt_i_set);

  • rb_define_hooked_variable("$*", &argf, argf_argv_getter, 0);
  • rb_define_hooked_variable("$*", &argf, argf_argv_getter,
    rb_gvar_readonly_setter);

#if defined (_WIN32) || defined(CYGWIN)
Index: variable.c

— variable.c (revision 19741)
+++ variable.c (working copy)
@@ -287,9 +287,9 @@ rb_obj_classname(VALUE obj)
}

-struct global_variable;
+#define global_variable rb_global_variable

-typedef VALUE gvar_getter_t(ID id, void *data, struct global_variable
*gvar);
-typedef void gvar_setter_t(VALUE val, ID id, void *data, struct
global_variable *gvar);
-typedef void gvar_marker_t(VALUE *var);
+#define gvar_getter_t rb_gvar_getter_t
+#define gvar_setter_t rb_gvar_setter_t
+#define gvar_marker_t rb_gvar_marker_t

struct trace_var {
@@ -315,15 +315,17 @@ struct global_entry {
};

-static VALUE undef_getter(ID id, void *data, struct global_variable
*gvar);
-static void undef_setter(VALUE val, ID id, void *data, struct
global_variable *gvar);
-static void undef_marker(VALUE *var);

-static VALUE val_getter(ID id, void *data, struct global_variable
*gvar);
-static void val_setter(VALUE val, ID id, void *data, struct
global_variable *gvar);
-static void val_marker(VALUE *var);

-static VALUE var_getter(ID id, void *data, struct global_variable
*gvar);
-static void var_setter(VALUE val, ID id, void *data, struct
global_variable *gvar);
-static void var_marker(VALUE *var);
+#define undef_getter rb_gvar_undef_getter
+#define undef_setter rb_gvar_undef_setter
+#define undef_marker rb_gvar_undef_marker
+
+#define val_getter rb_gvar_val_getter
+#define val_setter rb_gvar_val_setter
+#define val_marker rb_gvar_val_marker
+
+#define var_getter rb_gvar_var_getter
+#define var_setter rb_gvar_var_setter
+#define var_marker rb_gvar_var_marker
+
+#define readonly_setter rb_gvar_readonly_setter

struct global_entry*
@@ -355,5 +357,5 @@ rb_global_entry(ID id)
}

-static VALUE
+VALUE
undef_getter(ID id, void *data, struct global_variable *var)
{
@@ -363,5 +365,5 @@ undef_getter(ID id, void *data, struct g
}

-static void
+void
undef_setter(VALUE val, ID id, void *data, struct global_variable *var)
{
@@ -373,10 +375,10 @@ undef_setter(VALUE val, ID id, void *dat
}

-static void
+void
undef_marker(VALUE *var)
{
}

-static VALUE
+VALUE
val_getter(ID id, void *data, struct global_variable *var)
{
@@ -384,5 +386,5 @@ val_getter(ID id, void *data, struct glo
}

-static void
+void
val_setter(VALUE val, ID id, void *data, struct global_variable *var)
{
@@ -390,5 +392,5 @@ val_setter(VALUE val, ID id, void *data,
}

-static void
+void
val_marker(VALUE *var)
{
@@ -397,5 +399,5 @@ val_marker(VALUE *var)
}

-static VALUE
+VALUE
var_getter(ID id, void *data, struct global_variable *gvar)
{
@@ -405,5 +407,5 @@ var_getter(ID id, void *data, struct glo
}

-static void
+void
var_setter(VALUE val, ID id, void *data, struct global_variable *gvar)
{
@@ -411,5 +413,5 @@ var_setter(VALUE val, ID id, void *data,
}

-static void
+void
var_marker(VALUE *var)
{
@@ -417,5 +419,5 @@ var_marker(VALUE *var)
}

-static void
+void
readonly_setter(VALUE val, ID id, void *data, struct global_variable
*gvar)
{
Index: include/ruby/ruby.h

— include/ruby/ruby.h (revision 19741)
+++ include/ruby/ruby.h (working copy)
@@ -847,4 +847,24 @@ void rb_include_module(VALUE,VALUE);
void rb_extend_object(VALUE,VALUE);

+struct rb_global_variable;
+
+typedef VALUE rb_gvar_getter_t(ID id, void *data, struct
rb_global_variable *gvar);
+typedef void rb_gvar_setter_t(VALUE val, ID id, void *data, struct
rb_global_variable *gvar);
+typedef void rb_gvar_marker_t(VALUE *var);
+
+VALUE rb_gvar_undef_getter(ID id, void *data, struct rb_global_variable
*gvar);
+void rb_gvar_undef_setter(VALUE val, ID id, void *data, struct
rb_global_variable *gvar);
+void rb_gvar_undef_marker(VALUE *var);
+
+VALUE rb_gvar_val_getter(ID id, void *data, struct rb_global_variable
*gvar);
+void rb_gvar_val_setter(VALUE val, ID id, void *data, struct
rb_global_variable *gvar);
+void rb_gvar_val_marker(VALUE *var);
+
+VALUE rb_gvar_var_getter(ID id, void *data, struct rb_global_variable
*gvar);
+void rb_gvar_var_setter(VALUE val, ID id, void data, struct
rb_global_variable gvar);
+void rb_gvar_var_marker(VALUE var);
+
+void rb_gvar_readonly_setter(VALUE val, ID id, void data, struct
rb_global_variable gvar);
+
void rb_define_variable(const char
,VALUE
);
void rb_define_virtual_variable(const
char
,VALUE(
)(ANYARGS),void(
)(ANYARGS));


#3

e$B$^$D$b$He(B e$B$f$-$R$m$G$9e(B

In message “Re: [ruby-dev:36703] Re: Segmentation fault in eval”
on Fri, 10 Oct 2008 18:23:30 +0900, Nobuyoshi N.
removed_email_address@domain.invalid writes:

|At Fri, 10 Oct 2008 06:59:39 +0900,
|Kazuhiro NISHIYAMA wrote in [ruby-dev:36698]:
|> http://d.hatena.ne.jp/mamamoto/20081007/1223349255
|> e$B$N%9%/%j%W%H$r85$K$$$8$C$F$$$?$ie(Bs=“n=$"e$B$GMn$A$^$7$?!#e(B
|
|$
=0; $* e$B$,:G>.$G$9$M!#e(B
|
|argfe$B2s$j$r@0M}$7$?$H$-$K!“e(Brb_define_virtual_variable()e$B$H4V0c$($Fe(B
|rb_define_hooked_variable()e$B$Ne(Bsettere$B$Ke(B0e$B$rEO$9$h$&$K$7$?$?$a$K!”%Ge(B
|e$B%U%)%k%H$Ne(Bsettere$B$,;H$o$l$F$7$^$C$F$$$k$H$$$&%%9$G$7$?!#e(B
|
|e$B$7$+$7!"8+D>$7$F$
$k$He(Brb_define_hooked_variable()e$B$Ge(Breadonlye$BJQ?te(B
|e$B$r:n$kJ}K!$O$J$$$h$&$G$9!#e(Breadonly_setter()e$B$J$I$r8x3+$9$k$N$,4Je(B
|e$BC1$J$N$G$9$,!”$I$&$7$?$b$N$G$7$g$&$+!#e(B

e$B$J$s$+8=>u$,$h$/$o$+$i$J$$$N$G$9$,!":G>/$Ge(Bfixe$B$9$k$N$O$I$s$Je(B
e$B46$8$J$s$G$7$g$&$+!#e(B

readonly_setter()e$B$J$I$O4JC1$J$b$N$J$N$G!"<+J,$GDj5A$9$l$P$$e(B
e$B$$$s$8$c$J$$$+$H!#e(B

|e$B$5$i$K$$$&$H!“e(Bmarkere$B$rFH<+$K;XDj$9$kJ}K!$b$”$j$^$;$s!#e(B

e$BI,MW$J%1!<%9$C$F$"$j$^$7$?$C$1!#e(B

hooked
variablee$B$O$"$s$^$j!V$h$$!We(BAPIe$B$G$O$J$$e(B(Rubye$BE*$J0UL#$Ge(B)
e$B$N$G!"$"$s$^$j5!G=6/2=$7$?$/$J$$$s$G$9$,!#e(B

                            e$B$^$D$b$He(B e$B$f$-$R$me(B /:|)

#4

e$B$J$+$@$G$9!#e(B

At Tue, 14 Oct 2008 21:17:55 +0900,

|e$B$7$+$7!“8+D>$7$F$_$k$He(Brb_define_hooked_variable()e$B$Ge(Breadonlye$BJQ?te(B
|e$B$r:n$kJ}K!$O$J$$$h$&$G$9!#e(Breadonly_setter()e$B$J$I$r8x3+$9$k$N$,4Je(B
|e$BC1$J$N$G$9$,!”$I$&$7$?$b$N$G$7$g$&$+!#e(B

e$B$J$s$+8=>u$,$h$/$o$+$i$J$$$N$G$9$,!":G>/$Ge(Bfixe$B$9$k$N$O$I$s$Je(B
e$B46$8$J$s$G$7$g$&$+!#e(B

readonly_setter()e$B$@$1$r8x3+$K$9$k$"$?$j$+$bCN$l$^$;$s!#e(B

readonly_setter()e$B$J$I$O4JC1$J$b$N$J$N$G!"<+J,$GDj5A$9$l$P$$e(B
e$B$$$s$8$c$J$$$+$H!#e(B

e$BF1$8$b$N$r:n$k$N$b$P$+$P$+$7$$$7!"5U$KC1=c$@$+$i$3$=B>$K1F6A$,=Pe(B
e$B$k$h$&$J$3$H$O$G$-$J$$$N$G$O$J$$$+$H!#e(B

|e$B$5$i$K$$$&$H!“e(Bmarkere$B$rFH<+$K;XDj$9$kJ}K!$b$”$j$^$;$s!#e(B

e$BI,MW$J%1!<%9$C$F$"$j$^$7$?$C$1!#e(B

e$B$d$O$je(BARGVe$B$G$9$M!#e(B

ARGVe$B$r85$N$h$&$Ke(BARGFe$B$+$iJ,N%$9$k$H$$$&J}K!$b$"$k$N$G$9$,!"%0%m!<e(B
e$B%P%kJQ?t$O$G$-$k$3$H$J$ie(B(e$B$H$/$Ke(Bmvme$B2=$r9M$($k$He(B)e$BA}$d$7$?$/$J$$$He(B
e$B;W$C$F$$$^$9!#e(B

hooked variablee$B$O$"$s$^$j!V$h$$!We(BAPIe$B$G$O$J$$e(B(Rubye$BE*$J0UL#$Ge(B)
e$B$N$G!"$"$s$^$j5!G=6/2=$7$?$/$J$$$s$G$9$,!#e(B

e$B$&!<$s!"HyL/$KCfESH>C<$J46$8$,$9$k$N$G$9$,!D!#e(B