Debian GNU/Linux (sarge) e$B$Ne(B gcc-3.4 e$B$r;H$C$F%S%k%I$7$?e(B ruby
e$B$G!"0J2<$N$h$&$K$9$k$He(B SEGV e$B$7$^$9!#e(B

% svn co http://svn.ruby-lang.org/repos/ruby/trunk ruby
…
% autoconf
% ./configure --prefix=/tmp/a CC=gcc-3.4
…
% make
…
% ./miniruby -ve ‘while true; /a/ =~ “a”; end’
ruby 1.9.0 (2008-01-05 revision 0) [i686-linux]
zsh: segmentation fault ./miniruby -ve ‘while true; /a/ =~ “a”; end’

e$B%9%?%C%/%5%$%:$rJQ$($k$HMn$A$k$^$G$N;~4V$,JQ$o$k$N$G$I$&$b%9e(B
e$B%?%C%/%*!<%P!<%U%m!<$N$h$&$G$9!#e(B
e$B;d$N;n$7$?4D6-$@$H!"%9%?%C%/%5%$%:e(B 8Mbytes e$B$N>l9g?tIC$GMn$Ae(B
e$B$^$9!#e(B

e$B0J2<$O%9%?%C%/%5%$%:$re(B 2Mbytes e$B$H$7$FD4$Y$?$b$N$G$9!#e(B

% limit
cputime unlimited
filesize unlimited
datasize unlimited
stacksize 2MB
coredumpsize 0kB
memoryuse unlimited
maxproc 27643
descriptors 1024
memorylocked 32kB
addressspace unlimited
maxfilelocks unlimited
% gdb miniruby
GNU gdb 6.3-debian
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type “show copying” to see the conditions.
There is absolutely no warranty for GDB. Type “show warranty” for
details.
This GDB was configured as “i386-linux”…Using host libthread_db
library “/lib/tls/libthread_db.so.1”.

(gdb) run -ve ‘while true; /a/ =~ “a”; end’
Starting program: /tmp/a/ruby/miniruby -ve ‘while true; /a/ =~ “a”; end’
[Thread debugging using libthread_db enabled]
[New Thread -1210779968 (LWP 14167)]
[New Thread -1211511888 (LWP 14170)]
ruby 1.9.0 (2008-01-05 revision 0) [i686-linux]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1210779968 (LWP 14167)]
match_at (reg=0x81a7f18, str=0xb7ad5958 “a”, end=0xb7ad5959 “”,
sstart=0xb7ad5958 “a”, sprev=0x0, msa=0xbf96bda0)
at regexec.c:1290
1290 STACK_PUSH_ENSURED(STK_ALT, FinishCode); /* bottom stack */

e$B%9%?%C%/%]%$%s%?6aJU$rD4$Y$F$_$k$H$?$7$+$K%a%b%j$,ES@Z$l$F$$e(B
e$B$k$h$&$G$9!#e(B

(gdb) p $sp
$1 = (void *) 0xbf96afe0
(gdb) x $sp
0xbf96afe0: Cannot access memory at address 0xbf96afe0
(gdb) x $sp+1
0xbf96afe1: Cannot access memory at address 0xbf96afe1
(gdb) x $sp+4
0xbf96afe4: Cannot access memory at address 0xbf96afe4
(gdb) x $sp+10
0xbf96afea: Cannot access memory at address 0xbf96afea
(gdb) x $sp+100
0xbf96b044: 0x08164f44

e$B$7$+$7!"%P%C%/%H%l!<%9$r8+$k$H$=$l$[$I%9%?%C%/$r>CHq$7$F$$$ke(B
e$B$h$&$K$O8+$($^$;$s!#e(B

(gdb) bt
#0 match_at (reg=0x81a7f18, str=0xb7ad5958 “a”, end=0xb7ad5959 “”,
sstart=0xb7ad5958 “a”, sprev=0x0, msa=0xbf96bda0)
at regexec.c:1290
#1 0x080cd9e5 in onig_search (reg=0x81a7f18, str=0xb7ad5958 “a”,
end=0xb7ad5959 “”, start=0xbf96bda0 “”,
range=0xb7ad5959 “”, region=0x8164f24, option=0) at regexec.c:3608
#2 0x080bdbf3 in rb_reg_search (re=3083514820, str=3081591120, pos=0,
reverse=0) at re.c:1069
#3 0x080be85d in reg_match_pos (re=3083514820, strp=0xbf96bed4, pos=0)
at re.c:2209
#4 0x080be8c3 in rb_reg_match (re=0, str=3081591120) at re.c:2256
#5 0x08109a85 in vm_eval (th=0x8168160, initial=0) at insns.def:2014
#6 0x0810f3d0 in vm_eval_body (th=0x8168160) at vm.c:1148
#7 0x08110e83 in rb_iseq_eval (iseqval=3083514180) at vm.c:1357
#8 0x08070b9f in ruby_exec_node (n=0xb7cab324, file=0x81a71b1 “-e”) at
eval.c:229
#9 0x08074099 in ruby_run_node (n=0xb7cab324) at eval.c:259
#10 0x080584f0 in main (argc=3, argv=0xbfb68df4, envp=0xbfb68e04) at
main.c:36

e$B3F%9%?%C%/%U%l!<%$rD4$Y$F$_$k$H!"$I$&$b!"e(Bvm_eval e$B$N%9%?%C%/e(B e$B%U%l!<%$,7c$7$/Bg$-$$$h$&$G$9!#e(B

(gdb) up
#1 0x080cd9e5 in onig_search (reg=0x81a7f18, str=0xb7ad5958
“a”, end=0xb7ad5959 “”, start=0xbf96bda0 “”,
range=0xb7ad5959 “”, region=0x8164f24, option=0) at
regexec.c:3608
3608 MATCH_AND_RETURN_CHECK(orig_range);
(gdb)
#2 0x080bdbf3 in rb_reg_search (re=3083514820,
str=3081591120, pos=0, reverse=0) at re.c:1069
1069 result = onig_search(RREGEXP(re)->ptr,
(gdb)
#3 0x080be85d in reg_match_pos (re=3083514820,
strp=0xbf96bed4, pos=0) at re.c:2209
2209 return rb_reg_search(re, str, pos, 0);
(gdb)
#4 0x080be8c3 in rb_reg_match (re=0, str=3081591120) at
re.c:2256
2256 long pos = reg_match_pos(re, &str, 0);
(gdb)
#5 0x08109a85 in vm_eval (th=0x8168160, initial=0) at
insns.def:2014
2014 val = rb_reg_match(r, obj);
(gdb) p $sp
$3 = (void *) 0xbf96bed0
(gdb) p $fp
$4 = (void *) 0xbfb68ab8
(gdb) p $fp-$sp
$5 = 2083816

e$BA[A|$9$k$K!"e(Bvm_eval e$B$N%k!<%W$NCf$G%9%?%C%/$r$I$s$I$sF0E*$K3Ne(B
e$BJ]$7$F$$$/$h$&$J$3$H$K$J$C$F$$$k$s$8$c$J$$$G$7$g$&$+!#e(B

e$B$J$*!"e(BDebian GNU/Linux (etch) e$B$Ne(B gcc-3.4
e$B$G$O:F8=$7$^$;$s$Ge(B
e$B$7$?!#e(B

Gimitee$B$H$$$$$^$9!#e(B

[ruby-dev:32831]e$B$bF1$8860x$N$h$&$G$9!#e(B

$ gdb ruby19 ruby19.core
GNU gdb 6.1.1 [FreeBSD]
…
#0 match_at (reg=0x8276600, str=0x82d54ec " ", end=0x82d54ed “”,
sstart=0x82d54ec " ", sprev=0x0, msa=0xbfa00730) at regexec.c:1288
1288 STACK_PUSH_ENSURED(STK_ALT, FinishCode); /* bottom stack */
[New Thread 0x8154300 (LWP 100131)]
[New Thread 0x8154000 (LWP 100215)]
(gdb) p $sp
$1 = (void *) 0xbf9ff960
(gdb) x $sp
0xbf9ff960: Cannot access memory at address 0xbf9ff960
…
(gdb) up
#11 0x080d497d in vm_eval (th=0x8156000, initial=0) at insns.def:1050
1050 CALL_METHOD(num, blockptr, flag, id, mn, recv, klass);
(gdb) p $fp-$sp
$12 = 2082248

08/01/05 e$B$Ke(B Tanaka A.[email protected] e$B$5$s$O=q$-$^$7$?e(B:

e$B!!$5$5$@$G$9!#e(B

Hiroshi Ichikawa wrote:

Gimitee$B$H$$$$$^$9!#e(B

[ruby-dev:32831]e$B$bF1$8860x$N$h$&$G$9!#e(B

$ gdb ruby19 ruby19.core
GNU gdb 6.1.1 [FreeBSD]

e$B!!e(BIRC
e$B$GEDCf$5$s$KHH?M$r65$($F$b$i$$$^$7$?!#$3$l$G$I$&$J$k$+;n$7$FLce(B
e$B$($J$$$G$7$g$&$+!#e(B

Index: vm.h

— vm.h (e$B%j%S%8%g%se(B 14893)
+++ vm.h (e$B:n6H%3%T!<e(B)
@@ -144,7 +144,6 @@

/* for GCC 3.4.x */
#define TC_DISPATCH(insn) \

• DISPATCH_ARCH_DEPEND_WAY(GET_CURRENT_INSN());
  INSN_DISPATCH_SIG(insn);
  goto *GET_CURRENT_INSN();
  ;

Gimitee$B$G$9!#e(B

08/01/05 e$B$Ke(B SASADA Koichi[email protected] e$B$5$s$O=q$-$^$7$?e(B:

e$B!!e(BIRC e$B$GEDCf$5$s$KHH?M$r65$($F$b$i$$$^$7$?!#$3$l$G$I$&$J$k$+;n$7$FLce(B
e$B$($J$$$G$7$g$&$+!#e(B

e$BMn$A$J$/$J$j$^$7$?!#$"$j$,$H$&$4$6$$$^$7$?!#e(B