Issue #12670 has been updated by _ wanabe.


I got it.
SEGV is raised from gc_marks_continue(), line 5426: `slots = heap->free_pages->free_slots`,
as pointed by out.log. https://github.com/ruby/ruby/blob/v2_3_1/gc.c#L5426
My gdb shows the value of `heap->free_pages` is NULL when SEGV.

heap_page_resurrect() can return page even if `page->freelist` is NULL. It is intended - see r43461.
In the case, heap_add_freepage() does not set `heap->free_pages` and still keeps it NULL.

----------------------------------------
Bug #12670: Segmentation fault on `Magick::Image#get_pixels` on ruby since ruby-2.2
https://bugs.ruby-lang.org/issues/12670#change-60358

* Author: Pavel Lobashov
* Status: Open
* Priority: Normal
* Assignee: 
* ruby -v: 2.31
* Backport: 2.1: UNKNOWN, 2.2: UNKNOWN, 2.3: UNKNOWN
----------------------------------------
1. Create test.rb this code

~~~ ruby
require 'rmagick'
include Magick

(0..10).each do |_|
  ImageList.new('1.bmp').get_pixels(0, 0, 1600, 800).each_slice(1600).to_a
end
~~~
2. Create any 1.bmp file with dimension at least 1600*800 (Include zip file with it, extract it in directory with test.tb)
3. Install ruby 2.1.9 (via RVM for example) and run

~~~ text
  ruby -v # ruby 2.1.9p490 (2016-03-30 revision 54437) [x86_64-linux]
  ruby test.rb # Nothing output, all good
~~~

4. Install ruby 2.3.1 (via RVM for example) and run

~~~ text
  ruby 2.3.1p112 (2016-04-26 revision 54768) [x86_64-linux]
  ruby test.rb # You get a big log of Segmentation failed
~~~

I issued an problem on `rmagick` issue tracker (https://github.com/rmagick/rmagick/issues/212) but there is no progress at all
So I thought since both rubies use same version of rmagick I think problem may be in ruby itself.

---Files--------------------------------
out.log (25.8 KB)
1.bmp.zip (37.7 KB)


-- 
https://bugs.ruby-lang.org/

Unsubscribe: <mailto:ruby-core-request / ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>