e$B0J2<$N$h$&$K$9$k$He(B SEGV e$B$K$J$j$^$9!#e(B

% RUBY_DEBUG=gc_stress ./ruby -e ‘def m() yield [] end; m(&lambda {|*v|
p v})’
-e:1: – control frame ----------
c:0007 p:---- s:0016 b:0016 l:000015 d:000015 CFUNC :inspect
c:0006 p:---- s:0014 b:0014 l:000013 d:000013 CFUNC
c:0005 p:0010 s:0010 b:0010 l:000e6c d:000009 BLOCK -e:1
c:0004 p:0005 s:0008 b:0008 l:000007 d:000007 METHOD -e:1
c:0003 p:0019 s:0005 b:0005 l:000e6c d:000e6c TOP -e:1
c:0002 p:---- s:0003 b:0003 l:000002 d:000002 FINISH :inherited
c:0001 p:---- s:0001 b:-001 l:000000 d:000000 ------

DBG> : “-e:1:in p'" DBG> : "-e:1:inblock in '”
DBG> : “-e:1:in m'" DBG> : "-e:1:in'”
– backtrace of native function call (Use addr2line) –
0x80db025
0x80f45e3
0x80f46ab
0x80b21f0
0xb7f8f420
0x80576e4
0x8057733
0x8059c07
0x805a156
0x8076786
0x80e2631
0x80ded7b
0x80e2596
0x80d9ee1
0x8059c68
0x805a156
0x8076786
0x8064001
0x806b81c
0x80d182e
0x80d34b4
0x80d6193
0x80d98e4
0x80d9c1b
0x8059339
0x805c93d
0x8056f76
0xb7df8ea8
0x8056e91

[BUG] Segmentation fault
ruby 1.9.0 (2007-08-18) [i686-linux]

% RUBY_DEBUG=gc_stress,core ./ruby -e ‘def m() yield [] end; m(&lambda
{|*v| p v})’
zsh: segmentation fault (core dumped) RUBY_DEBUG=gc_stress,core ./ruby
-e
% gdb ruby core.27446
GNU gdb 6.4.90-debian
Copyright © 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type “show copying” to see the conditions.
There is absolutely no warranty for GDB. Type “show warranty” for
details.
This GDB was configured as “i486-linux-gnu”…Using host libthread_db
library “/lib/tls/libthread_db.so.1”.

warning: Can’t read pathname for load map: Input/output error.
Reading symbols from /lib/tls/libpthread.so.0…done.
Loaded symbols for /lib/tls/libpthread.so.0
Reading symbols from /lib/tls/libdl.so.2…done.
Loaded symbols for /lib/tls/libdl.so.2
Reading symbols from /lib/tls/libcrypt.so.1…done.
Loaded symbols for /lib/tls/libcrypt.so.1
Reading symbols from /lib/tls/libm.so.6…done.
Loaded symbols for /lib/tls/libm.so.6
Reading symbols from /lib/tls/libc.so.6…done.
Loaded symbols for /lib/tls/libc.so.6
Reading symbols from /lib/ld-linux.so.2…done.
Loaded symbols for /lib/ld-linux.so.2
Core was generated by `./ruby -e def m() yield [] end; m(&lambda {|*v| p
v})’.
Program terminated with signal 11, Segmentation fault.
#0 st_lookup (table=0x0, key=800, value=0xbfd32c18) at st.c:245
245 hash_val = do_hash(key, table);
(gdb) bt
#0 st_lookup (table=0x0, key=800, value=0xbfd32c18) at st.c:245
#1 0x080576e4 in search_method (klass=3084384680, id=800, klassp=0x0)
at eval_method.ci:204
#2 0x08057733 in rb_get_method_body (klass=3084384680, id=800,
idp=0xbfd32ca8) at eval_method.ci:231
#3 0x08059c07 in rb_call (klass=3084384680, recv=3084384700, mid=0,
argc=0, argv=0x0, scope=3) at eval.c:1365
#4 0x0805a156 in rb_funcall (recv=, mid=800, n=0)
at eval.c:1524
#5 0x08076786 in rb_inspect (obj=3084384700) at object.c:263
#6 0x080e2631 in inspect_ary (ary=3084388200, dummy=0, recur=0) at
array.c:1351
#7 0x080ded7b in rb_exec_recursive (func=0x80e25b0 <inspect_ary>,
obj=3084388200, arg=0) at thread.c:2564
#8 0x080e2596 in rb_ary_inspect (ary=0) at array.c:1373
#9 0x080d9ee1 in vm_call0 (th=0x8157160, klass=3084547620,
recv=3084388200, id=800, oid=0, argc=0, argv=0x0,
body=0xb7da74bc, nosuper=0) at vm.c:453
#10 0x08059c68 in rb_call (klass=3084547620, recv=3084388200, mid=800,
argc=0, argv=0x0, scope=3) at eval.c:1416
#11 0x0805a156 in rb_funcall (recv=, mid=800, n=0)
at eval.c:1524
#12 0x08076786 in rb_inspect (obj=3084388200) at object.c:263
#13 0x08064001 in rb_p (obj=3084388200) at io.c:3966
#14 0x0806b81c in rb_f_p (argc=1, argv=0xb7db4034, self=3084588640) at
io.c:3994
#15 0x080d182e in call_cfunc (func=0x806b7f0 <rb_f_p>, recv=3084588640,
len=0, argc=0, argv=0xb7db4034) at insnhelper.ci:277
#16 0x080d34b4 in vm_call_method (th=0x8157160, cfp=0xb7e33ef0, num=1,
blockptr=0x1, flag=8, id=5048, mn=0xb7da2c50,
recv=3084588640, klass=3084588620) at insnhelper.ci:366
#17 0x080d6193 in vm_eval (th=0x8157160, initial=0) at insns.def:1113
#18 0x080d98e4 in vm_eval_body (th=0x8157160) at vm.c:1170
#19 0x080d9c1b in rb_iseq_eval (iseqval=3084384980) at vm.c:1379
#20 0x08059339 in ruby_exec_node (n=0xb7d7fb10, file=0x818b8a9 “-e”) at
eval.c:231
#21 0x0805c93d in ruby_run_node (n=0xb7d7fb10) at eval.c:256
#22 0x08056f76 in main (argc=Cannot access memory at address 0x0
) at main.c:46
(gdb)

In article [email protected],
Tanaka A. [email protected] writes:

e$B0J2<$N$h$&$K$9$k$He(B SEGV e$B$K$J$j$^$9!#e(B

yield e$BD>A0$Ge(B GC.stress = true
e$B$9$l$PJQ$J$3$H$,5/$-$k$h$&$G$9!#e(B

% ./ruby -e ‘def m() GC.stress = true; yield [] end; m(&lambda {|*v| p
v})’
[[…]]

yield e$B$N0z?t$Ne(B []
e$B$rJQ?t$KBeF~$7$F$*$/$HLdBj$,H/@8$7$J$$$N$G!"e(B
e$B$3$l$,>C$($F$k$N$+$J$!!#e(B

% ./ruby -e ‘def m() GC.stress = true; yield a=[] end; m(&lambda {|*v| p
v})’
[[]]

% ./ruby -v
ruby 1.9.0 (2007-08-18 patchlevel 0) [i686-linux]

e$B!!$5$5$@$G$9!#e(B

Tanaka A. wrote:

e$B0J2<$N$h$&$K$9$k$He(B SEGV e$B$K$J$j$^$9!#e(B

% RUBY_DEBUG=gc_stress ./ruby -e ‘def m() yield [] end; m(&lambda {|*v| p v})’

e$B!!$&$A$@$He(B SEGV e$B$7$J$+$C$?$s$G$9$,!"$3$l$Ge(B SEGV
e$B$7$J$/$J$k$+!";n$7$Fe(B
e$B$b$i$($J$$$G$7$g$&$+!#e(B

Index: insnhelper.ci

— insnhelper.ci (e$B%j%S%8%g%se(B 13107)
+++ insnhelper.ci (e$B:n6H%3%T!<e(B)
@@ -114,6 +114,7 @@
else {
VALUE * const dst = argv;
int opt_pc = 0;

• th->mark_stack_len = iseq->arg_size;

  /* mandatory /
  if (argc < (m + iseq->arg_post_len)) { / check with post arg */
  @@ -176,9 +177,7 @@
  if (blockptr->proc == 0) {
  rb_proc_t *proc;

•    th->mark_stack_len = orig_argc; /* for GC */
     blockval = vm_make_proc(th, th->cfp, blockptr);
  

•    th->mark_stack_len = 0;
  
     GetProcPtr(blockval, proc);
     *block = &proc->block;
  

@@ -190,7 +189,7 @@

   dst[iseq->arg_block] = blockval; /* Proc or nil */

}

• th->mark_stack_len = 0;
  return opt_pc;
  }
  }

In article [email protected],
SASADA Koichi [email protected] writes:

e$B!!$&$A$@$He(B SEGV e$B$7$J$+$C$?$s$G$9$,!“$3$l$Ge(B SEGV e$B$7$J$/$J$k$+!”;n$7$Fe(B
e$B$b$i$($J$$$G$7$g$&$+!#e(B

e$B>I>u$,$*$5$^$j$^$9!#e(B