Segv with callcc like

e$B:XF#$H?=$7$^$9!#$3$s$P$s$O!#e(B

e$B$U$H;W$$N)$C$F!"0JA0e(Bakre$B$5$s$,Ej$2$i$l$?e(Bcallcce$B$Ge(Bcoree$B$rEG$/%F%9%H$r8=>u$Ne(B
e$B<BAu$G$b9T$C$F$$^$7$?!#7k2L!"e(B[ruby-dev:24291]e$B$N$$,8=:_$G$be(Bcoree$B$rEG$/e(B
e$B$h$&$G$9!#e(B

[ruby-dev:30917]e$B$G$NA0?6$j$OBg$-$9$.$?$$?$$$G$9!"$9$$^$;$s!#e(B

$ cat 24291.rb

“send” replaced with “funcall”

arr = (1…100).map {|i| i.to_s }
class << arr[50]; self; end.funcall(:define_method, :<=>) {|v|
if not defined? $result
callcc {|k| $k = k }
else
$result.clear; $result.compact!
end
1
}
$result = arr.sort_by {|i| i }
$k.call

$ ruby-trunk 24291.rb
24291.rb:11: – stack frame ------------
0000 (0x402dc008): 00000000
0001 (0x402dc00c): 00000004
0002 (0x402dc010): 00000001
0003 (0x402dc014): 4037ed18
0004 (0x402dc018): 00000004
0005 (0x402dc01c): 4037dc38
0006 (0x402dc020): 4037ed18
0007 (0x402dc024): 00000004
0008 (0x402dc028): 4035bf75 <- lfp <- dfp
– control frame ----------
c:0004 p:---- s:0009 b:0009 l:000008 d:000008 CFUNC :sort_by
c:0003 p:0039 s:0006 b:0006 l:0x22d0 d:0x22d0 TOP 24291.rb:11
c:0002 p:---- s:0003 b:0003 l:000002 d:000002 FINISH :(null)
c:0001 p:---- s:0001 b:-001 l:000000 d:000000 ------

DBG> : “24291.rb:11:in `’”
– backtrace of native function call (Use addr2line) –
0x400e7a50
0x40042366
0x400af1df
0xffffe420
0x4003fb19
0x400c8f4d
0x4003fc3f
0x400e60ae
0x400e4d3d
0x400e5a69
0x400e5e6a
0x400e7c4b
0x40048901
0x40048934
0x400489a1
0x804874e
0x401bb974
0x8048661

[BUG] Segmentation fault
ruby 1.9.0 (2007-06-07) [i686-linux]

e$B%"%!<%H$7$^$7$?e(B (core dumped)

e$B$?$@$7!“0J2<$N0lO”$N%F%9%H$O@5>o$KF0:n$7$?;v$b9g$o$;$FJs9p$5$;$F$b$i$$e(B
e$B$^$9!#e(B
(e$BL58B%k!<%W$9$k$b$N$O!"G0$N$?$ae(B10e$BIC0J>eBT$C$F%A%’%C%/$7$^$7$?e(B)

[ruby-dev:25226]
[ruby-dev:25003]
[ruby-dev:24738]
[ruby-dev:24737]
[ruby-dev:24735]
[ruby-dev:24727]
[ruby-dev:24671]
[ruby-dev:24642]
[ruby-dev:24499]
[ruby-dev:24487]
[ruby-dev:24463]
[ruby-dev:24432]
[ruby-dev:24400]
[ruby-dev:24399]
[ruby-dev:24378]
[ruby-dev:24311]
[ruby-dev:24310]
[ruby-dev:24303]
[ruby-dev:24301]
[ruby-dev:24289]
[ruby-dev:24287]
[ruby-dev:24284]

e$B$J$*>e5-$N%j%9%H$O!"<j85$Ne(Bruby-deve$B%"!<%+%$%Ve(B(2004/4e$B!Ae(B)e$B$re(B
e$B!&Ej9F$7$?$N$,e(Bakre$B$5$s$G$"$je(B
e$B!&K\J8$Ke(Bcallcce$B$,4^$^$l$ke(B
e$B$H$$$&>r7o$G%U%#%k%?%j%s%0$7$?8e!"$5$i$K@v$$=P$7$?$b$N$G$9!#e(B

e$B$h$m$7$/$*4j$$$7$^$9!#e(B

e$B$J$+$@$G$9!#e(B

At Thu, 7 Jun 2007 17:49:35 +0900,
Tadashi S. wrote in [ruby-dev:30918]:

e$B$U$H;W$$N)$C$F!"0JA0e(Bakre$B$5$s$,Ej$2$i$l$?e(Bcallcce$B$Ge(Bcoree$B$rEG$/%F%9%H$r8=>u$Ne(B
e$B<BAu$G$b9T$C$F$$^$7$?!#7k2L!"e(B[ruby-dev:24291]e$B$N$$,8=:_$G$be(Bcoree$B$rEG$/e(B
e$B$h$&$G$9!#e(B

e$B$$$C$Q$$$"$C$F8+Mn$H$7$F$?$_$?$$$G$9$M$’!#e(B1.8e$B$G$b$=$N$^$^$N$h$&$Je(B
e$B5$$,$7$^$9!#e(B

Index: enum.c

— enum.c (revision 12456)
+++ enum.c (working copy)
@@ -628,5 +628,9 @@ sort_by_cmp(const void ap, const void *
VALUE a = (
(NODE *const )ap)->u1.value;
VALUE b = (
(NODE *const *)bp)->u1.value;

  • VALUE ary = (VALUE)data;

  • if (RBASIC(ary)->klass) {

  • rb_raise(rb_eRuntimeError, “sort_by reentered”);

  • }
    return rb_cmpint(rb_funcall(a, id_cmp, 1, b), a, b);
    }
    @@ -718,5 +722,6 @@ enum_sort_by(VALUE obj)
    rb_block_call(obj, id_each, 0, 0, sort_by_i, ary);
    if (RARRAY_LEN(ary) > 1) {

  • ruby_qsort(RARRAY_PTR(ary), RARRAY_LEN(ary), sizeof(VALUE),
    sort_by_cmp, 0);
  • ruby_qsort(RARRAY_PTR(ary), RARRAY_LEN(ary), sizeof(VALUE),
  •   sort_by_cmp, (void *)ary);
    
    }
    if (RBASIC(ary)->klass) {