Trunk SEGV nkf?

Ruby Development
1

e$BEOJUE/Li$G$9!#e(B

SEGV e$B$7$F$$$k$N$G$*CN$i$;$7$^$9!#=EJ#$7$F$$$?$i$9$$$^$;e(B
e$B$s$G$9!#e(B

ruby 1.9.0 (2008-10-24 revision 19913) [i686-linux]

e$B:F8=%9%/%j%W%H$G$9!#e(B
e$B:F8=J}K!$O!“F~NO9T$,e(B 82 e$B9T$”$k$H:F8=$7$F$$$^$9!#e(B

#! /usr/local/bin/ruby -Ke

-- mode:ruby; coding:euc-jp --

/tmp/j.rb

created: October 23,2008 Thursday 06:09:10

author: tetsu(WATANABE Tetsuya)

$Id$

usage:

require ‘nkf’

while l = gets
p $.
l = NKF.nkf(’-e’, l)
if l =~ /^a/ # j.rb:14
end
end

e$B<!$N<B9T;~$O!"%-!<%!<%I$+$i2~9T$re(B 82 e$B2sBG$A9~$_$^$7$?!#e(B

81

82
j.rb:14: [BUG] Segmentation fault
ruby 1.9.0 (2008-10-24 revision 19913) [i686-linux]

– control frame ----------
c:0003 p:0060 s:0007 b:0007 l:000006 d:000006 TOP j.rb:14
c:0002 p:---- s:0004 b:0004 l:000003 d:000003 FINISH :inherited
c:0001 p:0000 s:0002 b:0002 l:000001 d:000001 TOP :17

DBG> : “j.rb:14:in `’”
– backtrace of native function call (Use addr2line) –
0x80f7e67
0x811b242
0x811b26e
0x80b8788
0x4002d02d
0x400ff900
0x80efeb7
0x80efeff
0x80f6a34
0x80f16d9
0x80ec577
0x80f42a4
0x80f4610
0x805a499
0x805a4fd
0x8059316
0x400ecc1f
0x8059239

zsh: 15680 abort (core dumped) ruby -Ke j.rb

gdb e$B$K$h$j%P%C%/%H%l!<%9$G$9!#e(B

#0 0x400ffc11 in kill () from /lib/i686/libc.so.6
#1 0x4002a341 in pthread_kill () from /lib/i686/libpthread.so.0
#2 0x4002a6bb in raise () from /lib/i686/libpthread.so.0
#3 0x400ff8a4 in raise () from /lib/i686/libc.so.6
#4 0x40101008 in abort () from /lib/i686/libc.so.6
#5 0x0811b273 in rb_bug () at error.c:226
#6 0x080b8788 in sigpipe (sig=11) at signal.c:545
#7 0x4002d02d in __pthread_clock_settime () from
/lib/i686/libpthread.so.0
#8 0x400ff900 in killpg () from /lib/i686/libc.so.6
#9 0x080efeb7 in search_method (klass=1073937284, id=1073946176,
klassp=0x0) at vm_method.c:227
#10 0x080efeff in rb_get_method_body (klass=143217460, id=332,
idp=0xbffff1b8) at vm_method.c:254
#11 0x080f6a34 in rb_call0 (klass=143217460, recv=143217720, mid=332,
argc=1, argv=0xbffff1f0, scope=1, self=6) at vm_eval.c:210
#12 0x080f16d9 in rb_funcall (recv=143217720, mid=332, n=1) at
vm_eval.c:260
#13 0x080ec577 in vm_exec_core (th=0x817aef0, initial=0) at
insns.def:1981
#14 0x080f42a4 in vm_exec (th=0x817aef0) at vm.c:1041
#15 0x080f4610 in rb_iseq_eval (iseqval=135781500) at vm.c:1246
#16 0x0805a499 in ruby_exec_node (n=0x817dc7c, file=0x0) at eval.c:205
#17 0x0805a4fd in ruby_run_node (n=0x817dc7c) at eval.c:233
#18 0x08059316 in main (argc=3, argv=0xbffff664) at main.c:35
#19 0x400ecc1f in __libc_start_main () from /lib/i686/libc.so.6

e$B$h$m$7$/$*4j$$$7$^$9!#e(B

19892 e$B$/$i$$$K5$$,IU$-$^$7$?!#%l%]!<%H$,CY$/$J$j$9$$$^e(B
e$B$;$s!#e(B

2

e$BEOJUE/Li$G$9!#e(B

e$BDI2C>pJs$K$J$j$^$9!#e(B

gdb e$B>e$G<B9T$7$Fe(B SEGV e$B$7$?>l9g$N%P%C%/$H%l!<%9$G$9!#e(Bcore
e$B$h$je(B
e$B>pJs$,$h$5$=$&$G$9!#e(Btable e$B$,e(B 0
e$B$J$N$,LdBj$N$h$&$K$_$($^$9!#e(B

ruby 1.9.0 (2008-10-25 revision 19932) [i686-linux]

81
82

Program received signal SIGSEGV, Segmentation fault.
st_lookup (table=0x0, key=332, value=0xbffff5d8) at st.c:284
284 if (table->entries_packed) {

#0 st_lookup (table=0x0, key=332, value=0xbffff5d8) at st.c:284
#1 0x080efe67 in search_method (klass=143419800, id=332, klassp=0x0)
at vm_method.c:227
#2 0x080efeaf in rb_get_method_body (klass=143419800, id=332,
idp=0xbffff638) at vm_method.c:254
#3 0x080f69e4 in rb_call0 (klass=143419800, recv=143419960, mid=332,
argc=1, argv=0xbffff670, scope=1, self=6) at vm_eval.c:210
#4 0x080f1689 in rb_funcall (recv=143419960, mid=332, n=1) at
vm_eval.c:260
#5 0x080ec527 in vm_exec_core (th=0x817b048, initial=0) at
insns.def:1981
#6 0x080f4254 in vm_exec (th=0x817b048) at vm.c:1041
#7 0x080f45c0 in rb_iseq_eval (iseqval=135780320) at vm.c:1246
#8 0x0805a435 in ruby_exec_node (n=0x817d7e0, file=0x0) at eval.c:205
#9 0x0805a499 in ruby_run_node (n=0x817d7e0) at eval.c:233
#10 0x080592b2 in main (argc=5, argv=0xbffffae4) at main.c:35
#11 0x400ecc1f in __libc_start_main () from /lib/i686/libc.so.6

3

e$B@>;3OB9-$G$9!#e(B

At Fri, 24 Oct 2008 20:23:15 +0900,
WATANABE Tetsuya wrote:

#! /usr/local/bin/ruby -Ke
p $.
l = NKF.nkf(’-e’, l)
if l =~ /^a/ # j.rb:14
end
end

e$B<!$N<B9T;~$O!"%-!<%!<%I$+$i2~9T$re(B 82 e$B2sBG$A9~$_$^$7$?!#e(B

“–oc=eucJP-nkf"e$B$de(B”–oc=eucJP-ASCII"e$B$@$He(B[BUG]e$B$K$J$k$N$Ke(B
"–oc=eucJP"e$B$@$HBg>fIW$J$N$G!"e(Bnkfe$B$NCf$G2?$+$r2u$7$F$7$^$C$F$$$k$N$Oe(B
e$B3N<B$=$&$G$9!#e(B

% ruby-trunk -rnkf -e ‘while //=~NKF.nkf("–oc=eucJP-nkf","");end’
-e:1: [BUG] Segmentation fault
ruby 1.9.0 (2008-10-26 revision 19950) [i686-linux]

– control frame ----------
c:0003 p:0025 s:0006 b:0006 l:000005 d:000005 TOP -e:1
c:0002 p:---- s:0004 b:0004 l:000003 d:000003 FINISH :inherited
c:0001 p:0000 s:0002 b:0002 l:000001 d:000001 TOP :17

DBG> : “-e:1:in `’”
– backtrace of native function call (Use addr2line) –
(e$BN,e(B)
% ruby-trunk -rnkf -e ‘while //=~NKF.nkf("–oc=eucJP-ASCII","");end’
-e:1: [BUG] Segmentation fault
ruby 1.9.0 (2008-10-26 revision 19950) [i686-linux]

– control frame ----------
c:0003 p:0025 s:0006 b:0006 l:000005 d:000005 TOP -e:1
c:0002 p:---- s:0004 b:0004 l:000003 d:000003 FINISH :inherited
c:0001 p:0000 s:0002 b:0002 l:000001 d:000001 TOP :17

4

e$BEOJUE/Li$G$9!#e(B

e$B@>;3$5$s!“3NG’$”$j$,$H$&$4$6$$$^$9!#e(B

e$B$3$A$i$G$NDI2C>pJs$H$7$Fe(B GC.stress = true e$B$G$O!"e(B
e$B$9$00z$-5/$3$5$l$^$9!#e(B

nkf e$B$G2u$l$F!"e(BGC e$B$Ge(B core e$B$H$$$&$3$H$G$7$g$&$+!#e(B

2008/10/26 22:18 Kazuhiro NISHIYAMA [email protected]:

e$B@>;3OB9-$G$9!#e(B

5

e$B1sF#$G$9!#e(B

2008/10/26 22:41 WATANABE Tetsuya [email protected]:

e$B$3$A$i$G$NDI2C>pJs$H$7$Fe(B GC.stress = true e$B$G$O!"e(B
e$B$9$00z$-5/$3$5$l$^$9!#e(B

e$B$J$k$[$I!"e(Brb_nkf_convert e$B$Ge(B result
e$B$,%9%?%C%/>e$K$J$$$?$a!"e(BGC e$B$5$l$ke(B
e$B$_$?$$$G$9$M!#e(B
e$B0J2<$G>I>u$,>C$($k$G$7$g$&$+!#e(B

Index: ext/nkf/nkf.c

— ext/nkf/nkf.c (revision 19951)
+++ ext/nkf/nkf.c (working copy)
@@ -135,6 +135,8 @@
static VALUE
rb_nkf_convert(VALUE obj, VALUE opt, VALUE src)
{

  • volatile VALUE tmp;
  • reinit();
    StringValue(opt);
    nkf_split_options(RSTRING_PTR(opt));
    @@ -155,7 +157,7 @@
    StringValue(src);
    input = (unsigned char *)RSTRING_PTR(src);
    i_len = RSTRING_LEN(src);
  • result = rb_str_new(0, i_len*3 + 10);

  • tmp = result = rb_str_new(0, i_len*3 + 10);

    output_ctr = 0;
    output = (unsigned char *)RSTRING_PTR(result);

6

e$BEOJUE/Li$G$9!#e(B

e$B1sF#$5$s!“$”$j$,$H$&$4$6$$$^$9!#e(B
e$B>I>u$,>C$($k$3$H$r3NG’$7$^$7$?!#e(B

e$B=u$+$j$^$9$G$9!#e(B

2008/10/27 0:06 Yusuke ENDOH [email protected]:

e$B1sF#$G$9!#e(B

7

e$B@.@%$G$9!#e(B

Yusuke ENDOH wrote:

— ext/nkf/nkf.c (revision 19951)
@@ -155,7 +157,7 @@
StringValue(src);
input = (unsigned char *)RSTRING_PTR(src);
i_len = RSTRING_LEN(src);

  • result = rb_str_new(0, i_len*3 + 10);

  • tmp = result = rb_str_new(0, i_len*3 + 10);

    output_ctr = 0;
    output = (unsigned char *)RSTRING_PTR(result);

e$B$J$k$[$I!“e(BGC e$B$G$7$?$+!”$"$j$,$H$&$4$6$$$^$7$?!#e(B
e$B<j85$G2r7h$r3NG’$G$-$?$N$G!"%3%_%C%H$7$F$*$-$^$7$?!#e(B