Bug #3656: Segmentation fault caused by Rational#marshal_load and Complex#marshal_load
http://redmine.ruby-lang.org/issues/show/3656

Author: Heesob Park
Status: Open, Priority: Normal
Category: core, Target version: 1.9.x
ruby -v: ruby 1.9.3dev (2010-08-03 trunk 28837) [i686-linux]

I understand Object#marshal_load is not intended to be called directly.
But anyway, it can be called and results Segmentation fault on some cases.

$ ruby -e "p 1.to_c.marshal_load(0)"
-e:1: [BUG] Segmentation fault
ruby 1.9.3dev (2010-08-03 trunk 28837) [i686-linux]

-- control frame ----------
c:0004 p:---- s:0011 b:0011 l:000010 d:000010 CFUNC  :marshal_load
c:0003 p:0019 s:0007 b:0006 l:000494 d:00082c EVAL   -e:1
c:0002 p:---- s:0004 b:0004 l:000003 d:000003 FINISH
c:0001 p:0000 s:0002 b:0002 l:000494 d:000494 TOP
---------------------------
-- Ruby level backtrace information ----------------------------------------
-e:1:in `<main>'
-e:1:in `marshal_load'

-- C level backtrace information -------------------------------------------
ruby [0x815b515]
ruby [0x8198d59]
ruby(rb_bug+0x28) [0x8198e08]
ruby [0x80ef418]
[0x4b5410]
ruby [0x814c5f8]
ruby [0x814e9bd]
ruby [0x81521eb]
ruby [0x81525c7]
ruby [0x805aa12]
ruby(ruby_run_node+0x32) [0x805c5b2]
ruby [0x8059c5a]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe6) [0x126b56]
ruby [0x8059b61]

[NOTE]
You may have encountered a bug in the Ruby interpreter or extension libraries.
Bug reports are welcome.
For details: http://www.ruby-lang.org/bugreport.html

Aborted




$ ruby -e "p 1.to_r.marshal_load(0)"
-e:1: [BUG] Segmentation fault
ruby 1.9.3dev (2010-08-03 trunk 28837) [i686-linux]

-- control frame ----------
c:0004 p:---- s:0011 b:0011 l:000010 d:000010 CFUNC  :marshal_load
c:0003 p:0019 s:0007 b:0006 l:000544 d:0008dc EVAL   -e:1
c:0002 p:---- s:0004 b:0004 l:000003 d:000003 FINISH
c:0001 p:0000 s:0002 b:0002 l:000544 d:000544 TOP
---------------------------
-- Ruby level backtrace information ----------------------------------------
-e:1:in `<main>'
-e:1:in `marshal_load'

-- C level backtrace information -------------------------------------------
ruby [0x815b515]
ruby [0x8198d59]
ruby(rb_bug+0x28) [0x8198e08]
ruby [0x80ef418]
[0x8b8410]
ruby [0x814c5f8]
ruby [0x814e9bd]
ruby [0x81521eb]
ruby [0x81525c7]
ruby [0x805aa12]
ruby(ruby_run_node+0x32) [0x805c5b2]
ruby [0x8059c5a]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe6) [0x126b56]
ruby [0x8059b61]

[NOTE]
You may have encountered a bug in the Ruby interpreter or extension libraries.
Bug reports are welcome.
For details: http://www.ruby-lang.org/bugreport.html

Aborted


----------------------------------------
http://redmine.ruby-lang.org