From: fujidig Date: 2008-08-26T23:37:44+09:00 Subject: [ruby-dev:35989] [Bug:1.9] ObjectSpace.each_object Segmentation fault Ruby 1.9.0-4 の irb で ObjectSpace.each_object(String){|s| s.dup } を 実行すると SEGV します。 $ irb-1.9.0-4 irb(main):001:0> ObjectSpace.each_object(String){|s| s.dup } (irb):1: [BUG] Segmentation fault ruby 1.9.0 (2008-08-26 revision 18849) [i686-linux] -- control frame ---------- c:0028 p:---- s:0088 b:0088 l:000087 d:000087 CFUNC :initialize_copy c:0027 p:---- s:0086 b:0086 l:000085 d:000085 CFUNC :dup c:0026 p:0011 s:0083 b:0083 l:0013b4 d:000082 BLOCK (irb):1 c:0025 p:---- s:0082 b:0082 l:000081 d:000081 FINISH :new c:0024 p:---- s:0080 b:0080 l:000079 d:000079 CFUNC :each_object c:0023 p:0022 s:0076 b:0076 l:0013b4 d:002484 EVAL (irb):1 c:0022 p:---- s:0074 b:0074 l:000073 d:000073 FINISH :empty? c:0021 p:---- s:0072 b:0072 l:000071 d:000071 CFUNC :eval c:0020 p:0027 s:0065 b:0065 l:000064 d:000064 METHOD /usr/local/lib/ruby/1.9.0/irb/workspace.rb:80 c:0019 p:0031 s:0058 b:0057 l:000056 d:000056 METHOD /usr/local/lib/ruby/1.9.0/irb/context.rb:218 c:0018 p:0030 s:0052 b:0052 l:000dc4 d:000051 BLOCK /usr/local/lib/ruby/1.9.0/irb.rb:149 c:0017 p:0037 s:0044 b:0044 l:000043 d:000043 METHOD /usr/local/lib/ruby/1.9.0/irb.rb:263 c:0016 p:0011 s:0039 b:0039 l:000dc4 d:000038 BLOCK /usr/local/lib/ruby/1.9.0/irb.rb:146 c:0015 p:0113 s:0035 b:0035 l:000022 d:000034 BLOCK /usr/local/lib/ruby/1.9.0/irb/ruby-lex.rb:243 c:0014 p:---- s:0034 b:0034 l:000033 d:000033 FINISH :block_given? c:0013 p:---- s:0032 b:0032 l:000031 d:000031 CFUNC :loop c:0012 p:0009 s:0029 b:0029 l:000022 d:000028 BLOCK /usr/local/lib/ruby/1.9.0/irb/ruby-lex.rb:230 c:0011 p:---- s:0029 b:0029 l:000028 d:000028 FINISH :each c:0010 p:---- s:0027 b:0027 l:000026 d:000026 CFUNC :catch c:0009 p:0023 s:0023 b:0023 l:000022 d:000022 METHOD /usr/local/lib/ruby/1.9.0/irb/ruby-lex.rb:229 c:0008 p:0042 s:0020 b:0020 l:000dc4 d:000dc4 METHOD /usr/local/lib/ruby/1.9.0/irb.rb:145 c:0007 p:0011 s:0017 b:0017 l:001b14 d:000016 BLOCK /usr/local/lib/ruby/1.9.0/irb.rb:69 c:0006 p:---- s:0017 b:0017 l:000016 d:000016 FINISH :(null) c:0005 p:---- s:0015 b:0015 l:000014 d:000014 CFUNC :catch c:0004 p:0172 s:0011 b:0011 l:001b14 d:001b14 METHOD /usr/local/lib/ruby/1.9.0/irb.rb:68 c:0003 p:0039 s:0006 b:0006 l:000005 d:000005 TOP /usr/local/bin/irb-1.9.0-4:12 c:0002 p:---- s:0004 b:0004 l:000003 d:000003 FINISH :private_class_method c:0001 p:0000 s:0002 b:0002 l:000001 d:000001 TOP :17 --------------------------- DBG> : "(irb):1:in `initialize_copy'" DBG> : "(irb):1:in `dup'" DBG> : "(irb):1:in `block (4 levels) in irb_binding'" DBG> : "(irb):1:in `each_object'" DBG> : "(irb):1:in `irb_binding'" DBG> : "/usr/local/lib/ruby/1.9.0/irb/workspace.rb:80:in `eval'" DBG> : "/usr/local/lib/ruby/1.9.0/irb/workspace.rb:80:in `evaluate'" DBG> : "/usr/local/lib/ruby/1.9.0/irb/context.rb:218:in `evaluate'" DBG> : "/usr/local/lib/ruby/1.9.0/irb.rb:149:in `block (2 levels) in eval_input'" DBG> : "/usr/local/lib/ruby/1.9.0/irb.rb:263:in `signal_status'" DBG> : "/usr/local/lib/ruby/1.9.0/irb.rb:146:in `block in eval_input'" DBG> : "/usr/local/lib/ruby/1.9.0/irb/ruby-lex.rb:243:in `block (2 levels) in each_top_level_statement'" DBG> : "/usr/local/lib/ruby/1.9.0/irb/ruby-lex.rb:230:in `loop'" DBG> : "/usr/local/lib/ruby/1.9.0/irb/ruby-lex.rb:230:in `block in each_top_level_statement'" DBG> : "/usr/local/lib/ruby/1.9.0/irb/ruby-lex.rb:229:in `catch'" DBG> : "/usr/local/lib/ruby/1.9.0/irb/ruby-lex.rb:229:in `each_top_level_statement'" DBG> : "/usr/local/lib/ruby/1.9.0/irb.rb:145:in `eval_input'" DBG> : "/usr/local/lib/ruby/1.9.0/irb.rb:69:in `block in start'" DBG> : "/usr/local/lib/ruby/1.9.0/irb.rb:68:in `catch'" DBG> : "/usr/local/lib/ruby/1.9.0/irb.rb:68:in `start'" DBG> : "/usr/local/bin/irb-1.9.0-4:12:in `
'" -- backtrace of native function call (Use addr2line) -- 0x810e2d4 0x8134d9c 0x8134e0b 0x80d0d21 0xb7f46440 0x80e4831 0x8109bf8 0x810a544 0x80846bd 0x80847e9 0x8100ffd 0x8102e0b 0x8107f5a 0x81084e4 0x81088c7 0x8062e4d 0x80feec4 0x8100ffd 0x8102e0b 0x8107f5a 0x81091a8 0x8109751 0x8109aaa 0x80feec4 0x8100ffd 0x8102e0b 0x8107f5a 0x81084e4 0x81089e8 0x805cac2 0x810005b 0x8100ffd 0x8102e0b 0x8107f5a 0x81084e4 0x8108ae2 0x80feec4 0x8100ffd 0x8102e0b 0x8107f5a 0x81084e4 0x8108ae2 0x80feec4 0x8100ffd 0x8102e0b 0x8107f5a 0x8108181 0x805cddf 0x805e622 0x805b7f0 0xb7d80450 0x805b721 ------------------------------------------------------- Aborted $ gdb ruby-1.9.0-4 GNU gdb 6.8-debian Copyright (C) 2008 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i486-linux-gnu"... (gdb) run -rirb -e "IRB.start" Starting program: /home/fujidig/src/ruby-1.9.0-4/ruby-1.9.0-4 -rirb -e "IRB.start" [Thread debugging using libthread_db enabled] [New Thread 0xb7da46b0 (LWP 12295)] [New Thread 0xb7f78b90 (LWP 12298)] irb(main):001:0> ObjectSpace.each_object(String){|s| s.dup } Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb7da46b0 (LWP 12295)] 0xb7e199b5 in memcpy () from /lib/tls/i686/cmov/libc.so.6 (gdb) bt #0 0xb7e199b5 in memcpy () from /lib/tls/i686/cmov/libc.so.6 #1 0x080d999e in str_replace_shared (str2=138428520, str=0) at string.c:475 #2 0x080e4831 in rb_str_replace (str=138428520, str2=137671160) at string.c:3494 #3 0x08109bf8 in vm_call0 (th=0x819d658, klass=136093120, recv=138428520, id=552, oid=0, argc=1, argv=0xbfe88ea0, body=0x81c9cbc, nosuper=0) at vm_eval.c:75 #4 0x0810a544 in rb_funcall (recv=, mid=552, n=1) at vm_eval.c:260 #5 0x080846bd in init_copy (dest=138428520, obj=137671160) at object.c:200 #6 0x080847e9 in rb_obj_dup (obj=137671160) at object.c:271 #7 0x08100ffd in vm_call_method (th=0x819d658, cfp=0xb7d21a58, num=0, blockptr=0x1, flag=0, id=680, mn=0x81ccf48, recv=137671160, klass=136093120) at vm_insnhelper.c:378 #8 0x08102e0b in vm_eval (th=0x819d658, initial=) at insns.def:999 #9 0x08107f5a in vm_eval_body (th=0x819d658) at vm.c:1062 #10 0x081084e4 in invoke_block_from_c (th=0x819d658, block=0xb7d21b14, self=136098380, argc=1, argv=0xbfe89580, blockptr=0x0, cref=0x0) at vm.c:474 #11 0x081088c7 in rb_yield (val=137671160) at vm.c:504 #12 0x08062e4d in os_each_obj (argc=1, argv=0xb7ca213c, os=135980920) at gc.c:2138 #13 0x080feec4 in call_cfunc (func=0x8062ca0 , recv=135980920, len=0, argc=138428500, argv=0xb7ca213c) at vm_insnhelper.c:288 #14 0x08100ffd in vm_call_method (th=0x819d658, cfp=0xb7d21b00, num=1, blockptr=0xb7d21b15, flag=0, id=8648, mn=0x81ae6ec, recv=135980920, klass=135980820) at vm_insnhelper.c:378 #15 0x08102e0b in vm_eval (th=0x819d658, initial=) at insns.def:999 #16 0x08107f5a in vm_eval_body (th=0x819d658) at vm.c:1062 #17 0x081091a8 in eval_string_with_cref (self=137877140, src=137528360, scope=137876380, cref=0x0, file=0x837d0fc "(irb)", line=1) at vm_eval.c:743 #18 0x08109751 in eval_string (self=0, src=138428500, scope=0, file=0x837d0fc "(irb)", line=1) at vm_eval.c:777 #19 0x08109aaa in rb_f_eval (argc=4, argv=0xb7ca2110, self=137877140) at vm_eval.c:826 #20 0x080feec4 in call_cfunc (func=0x81099d0 , recv=137877140, len=0, argc=138428500, argv=0xb7ca2110) at vm_insnhelper.c:288 #21 0x08100ffd in vm_call_method (th=0x819d658, cfp=0xb7d21ba8, num=4, blockptr=0x1, flag=8, id=2640, mn=0x81c6abc, recv=137877140, klass=137156980) at vm_insnhelper.c:378 #22 0x08102e0b in vm_eval (th=0x819d658, initial=) at insns.def:999 #23 0x08107f5a in vm_eval_body (th=0x819d658) at vm.c:1062 #24 0x081084e4 in invoke_block_from_c (th=0x819d658, block=0xb7d21d7c, self=137852940, argc=0, argv=0x0, blockptr=0x0, cref=0x0) at vm.c:474 #25 0x081089e8 in loop_i () at vm.c:504 #26 0x0805cac2 in rb_rescue2 (b_proc=0x81089a0 , data1=0, r_proc=0, data2=0) at eval.c:626 #27 0x0810005b in rb_f_loop () at vm_eval.c:566 #28 0x08100ffd in vm_call_method (th=0x819d658, cfp=0xb7d21d68, num=0, blockptr=0xb7d21d7d, flag=8, id=2760, mn=0x81c633c, recv=137852940, klass=138290180) at vm_insnhelper.c:378 #29 0x08102e0b in vm_eval (th=0x819d658, initial=) ---Type to continue, or q to quit--- at insns.def:999 #30 0x08107f5a in vm_eval_body (th=0x819d658) at vm.c:1062 #31 0x081084e4 in invoke_block_from_c (th=0x819d658, block=0xb7d21e24, self=137852940, argc=1, argv=0xbfe8ac80, blockptr=0x0, cref=0x0) at vm.c:474 #32 0x08108ae2 in rb_f_catch (argc=1, argv=0xb7ca2068) at vm.c:504 #33 0x080feec4 in call_cfunc (func=0x8108a20 , recv=137852940, len=0, argc=138428500, argv=0xb7ca2068) at vm_insnhelper.c:288 #34 0x08100ffd in vm_call_method (th=0x819d658, cfp=0xb7d21e10, num=1, blockptr=0xb7d21e25, flag=8, id=2744, mn=0x81c6454, recv=137852940, klass=138290180) at vm_insnhelper.c:378 #35 0x08102e0b in vm_eval (th=0x819d658, initial=) at insns.def:999 #36 0x08107f5a in vm_eval_body (th=0x819d658) at vm.c:1062 #37 0x081084e4 in invoke_block_from_c (th=0x819d658, block=0xb7d21f3c, self=136826980, argc=1, argv=0xbfe8b3e0, blockptr=0x0, cref=0x0) at vm.c:474 #38 0x08108ae2 in rb_f_catch (argc=1, argv=0xb7ca2038) at vm.c:504 #39 0x080feec4 in call_cfunc (func=0x8108a20 , recv=136826980, len=0, argc=138428500, argv=0xb7ca2038) at vm_insnhelper.c:288 #40 0x08100ffd in vm_call_method (th=0x819d658, cfp=0xb7d21f28, num=1, blockptr=0xb7d21f3d, flag=8, id=2744, mn=0x81c6454, recv=136826980, klass=136826920) at vm_insnhelper.c:378 #41 0x08102e0b in vm_eval (th=0x819d658, initial=) at insns.def:999 #42 0x08107f5a in vm_eval_body (th=0x819d658) at vm.c:1062 #43 0x08108181 in rb_iseq_eval (iseqval=138228380) at vm.c:1267 #44 0x0805cddf in ruby_exec_node (n=0x83d329c, file=0x0) at eval.c:217 #45 0x0805e622 in ruby_run_node (n=0x83d329c) at eval.c:245 #46 0x0805b7f0 in main (argc=4, argv=0xbfe8bbc4) at main.c:34