From: Tanaka Akira Date: 2010-02-22T01:20:07+09:00 Subject: [ruby-dev:40452] [bug:trunk] Invalid read of size 4 by redefining load 以下のように load 中に load を再定義すると、変なところをアクセスするのが valgrind で観測されます。 % cat tst.rb module Kernel def load(*args) end end raise % valgrind ./ruby -ve 'load "tst.rb"' ==12820== Memcheck, a memory error detector. ==12820== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al. ==12820== Using LibVEX rev 1854, a library for dynamic binary translation. ==12820== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP. ==12820== Using valgrind-3.3.1-Debian, a dynamic binary instrumentation framework. ==12820== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al. ==12820== For more details, rerun with: -v ==12820== ruby 1.9.2dev (2010-02-21 trunk 26723) [i686-linux] tst.rb:2: warning: method redefined; discarding old load ==12820== Invalid read of size 4 ==12820== at 0x814EA8F: vm_backtrace_each (vm.c:737) ==12820== by 0x814EBF2: vm_backtrace (vm.c:771) ==12820== by 0x814D1EE: rb_make_backtrace (vm_eval.c:1590) ==12820== by 0x805EB30: setup_exception (eval.c:378) ==12820== by 0x805F142: rb_raise_jump (eval.c:573) ==12820== by 0x805EF34: rb_f_raise (eval.c:503) ==12820== by 0x8147821: call_cfunc (vm_insnhelper.c:290) ==12820== by 0x81476F9: vm_call_cfunc (vm_insnhelper.c:377) ==12820== by 0x8146CC2: vm_call_method (vm_insnhelper.c:500) ==12820== by 0x81428F8: vm_exec_core (insns.def:999) ==12820== by 0x814F7C5: vm_exec (vm.c:1132) ==12820== by 0x814FF65: rb_iseq_eval (vm.c:1359) ==12820== Address 0x434c014 is 4 bytes inside a block of size 16 free'd ==12820== at 0x4022B8A: free (vg_replace_malloc.c:323) ==12820== by 0x8063B6E: vm_xfree (gc.c:731) ==12820== by 0x8063CC5: ruby_xfree (gc.c:779) ==12820== by 0x814848B: rb_free_method_entry (vm_method.c:141) ==12820== by 0x814881B: rb_add_method_def (vm_method.c:213) ==12820== by 0x81489EC: rb_add_method (vm_method.c:263) ==12820== by 0x8150D8E: vm_define_method (vm.c:1846) ==12820== by 0x8150E3E: m_core_define_method (vm.c:1862) ==12820== by 0x81478B8: call_cfunc (vm_insnhelper.c:302) ==12820== by 0x81476F9: vm_call_cfunc (vm_insnhelper.c:377) ==12820== by 0x8146CC2: vm_call_method (vm_insnhelper.c:500) ==12820== by 0x81428F8: vm_exec_core (insns.def:999) ==12820== ==12820== Invalid read of size 4 ==12820== at 0x814EAAD: vm_backtrace_each (vm.c:740) ==12820== by 0x814EBF2: vm_backtrace (vm.c:771) ==12820== by 0x814D1EE: rb_make_backtrace (vm_eval.c:1590) ==12820== by 0x805EB30: setup_exception (eval.c:378) ==12820== by 0x805F142: rb_raise_jump (eval.c:573) ==12820== by 0x805EF34: rb_f_raise (eval.c:503) ==12820== by 0x8147821: call_cfunc (vm_insnhelper.c:290) ==12820== by 0x81476F9: vm_call_cfunc (vm_insnhelper.c:377) ==12820== by 0x8146CC2: vm_call_method (vm_insnhelper.c:500) ==12820== by 0x81428F8: vm_exec_core (insns.def:999) ==12820== by 0x814F7C5: vm_exec (vm.c:1132) ==12820== by 0x814FF65: rb_iseq_eval (vm.c:1359) ==12820== Address 0x434c018 is 8 bytes inside a block of size 16 free'd ==12820== at 0x4022B8A: free (vg_replace_malloc.c:323) ==12820== by 0x8063B6E: vm_xfree (gc.c:731) ==12820== by 0x8063CC5: ruby_xfree (gc.c:779) ==12820== by 0x814848B: rb_free_method_entry (vm_method.c:141) ==12820== by 0x814881B: rb_add_method_def (vm_method.c:213) ==12820== by 0x81489EC: rb_add_method (vm_method.c:263) ==12820== by 0x8150D8E: vm_define_method (vm.c:1846) ==12820== by 0x8150E3E: m_core_define_method (vm.c:1862) ==12820== by 0x81478B8: call_cfunc (vm_insnhelper.c:302) ==12820== by 0x81476F9: vm_call_cfunc (vm_insnhelper.c:377) ==12820== by 0x8146CC2: vm_call_method (vm_insnhelper.c:500) ==12820== by 0x81428F8: vm_exec_core (insns.def:999) tst.rb:5:in `': unhandled exception from -e:1:in `load' from -e:1:in `
' ==12820== ==12820== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 29 from 1) ==12820== malloc/free: in use at exit: 615,707 bytes in 14,666 blocks. ==12820== malloc/free: 16,023 allocs, 1,357 frees, 1,662,183 bytes allocated. ==12820== For counts of detected errors, rerun with: -v ==12820== searching for pointers to 14,666 not-freed blocks. ==12820== checked 451,824 bytes. ==12820== ==12820== LEAK SUMMARY: ==12820== definitely lost: 467,917 bytes in 9,809 blocks. ==12820== possibly lost: 0 bytes in 0 blocks. ==12820== still reachable: 147,790 bytes in 4,857 blocks. ==12820== suppressed: 0 bytes in 0 blocks. ==12820== Rerun with --leak-check=full to see details of leaked memory. -- [田中 哲][たなか あきら][Tanaka Akira]