Redmineに認識させるために再転送します。
こうしないと既に流れたメールをredmineに登録できない問題は私に暇ができたら直します。

---------- 転送メッセージ ----------
From:  <patamanta / mail.goo.ne.jp>
日付: 2009年10月3日3:29
件名: [ruby-dev:39420] Marshal.load で例外発生時に Segmentation fault エラー
To: ruby developers list <ruby-dev / ruby-lang.org>


金田有二と申します。

次のコードで Segmentation fault が発生しましたので
ご報告させて頂きます。

---
#! /usr/local/bin/ruby
GC.stress = true
loop do
 begin
   f = File.open("d")
   Marshal.load(f)
 rescue
 end
end
---
# dは空のファイルです。

ざっとソースをみたところ marshal.c の 1480 行目で r_byte 関数を呼び出して
864行目で rb_eof_error で例外を発生させたあたりでエラーとなっているようです。
おそらく、1478行目でスタック上の作成した arg.wrapper オブジェクトを
GCが発生した際に適切に mark できなかったようにみえます。

Rubyのバージョンはx86_64-linux 上の1.8.7でバックトレースは次のようになります。
i686-linux では発生しないようです。

$ ruby marshal_error.rb
marshal_error.rb:5: [BUG] Segmentation fault
ruby 1.8.7 (2009-06-12 patchlevel 174) [x86_64-linux]

アボートしました (core dumped)
$ gdb /usr/local/bin/ruby core.13316
GNU gdb Fedora (6.8-27.el5)
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu"...
Reading symbols from /lib64/librt.so.1...done.
Loaded symbols for /lib64/librt.so.1
Reading symbols from /lib64/libdl.so.2...done.
Loaded symbols for /lib64/libdl.so.2
Reading symbols from /lib64/libcrypt.so.1...done.
Loaded symbols for /lib64/libcrypt.so.1
Reading symbols from /lib64/libm.so.6...done.
Loaded symbols for /lib64/libm.so.6
Reading symbols from /lib64/libc.so.6...done.
Loaded symbols for /lib64/libc.so.6
Reading symbols from /lib64/libpthread.so.0...done.
Loaded symbols for /lib64/libpthread.so.0
Reading symbols from /lib64/ld-linux-x86-64.so.2...done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
Core was generated by `ruby marshal_error.rb'.
Program terminated with signal 6, Aborted.
[New process 13316]
#0  0x0000003131030215 in raise () from /lib64/libc.so.6
(gdb) bt
#0  0x0000003131030215 in raise () from /lib64/libc.so.6
#1  0x0000003131031cc0 in abort () from /lib64/libc.so.6
#2  0x0000000000499438 in rb_bug (fmt=0x4b5acd "Segmentation fault")
at error.c:213
#3  0x000000000047044a in sigsegv (sig=<value optimized out>) at signal.c:634
#4  <signal handler called>
#5  0x0000000000472d1b in st_foreach (table=0x2baa79483e70,
func=0x42de60 <mark_entry>, arg=
0)
   at st.c:487
#6  0x000000000042df31 in mark_locations_array (x=0x7fff31686de8,
n=2008) at gc.c:684
#7  0x000000000042e106 in garbage_collect () at gc.c:1468
#8  0x000000000042eba7 in rb_newobj () at gc.c:436
#9  0x0000000000474499 in str_alloc (klass=7257920) at string.c:67
#10 0x0000000000474599 in str_new3 (klass=7257920, str=0) at string.c:143
#11 0x00000000004745e6 in rb_str_new3 (str=48011179162360) at string.c:157
#12 0x0000000000416501 in rb_eval (self=48011179299480, n=0x0) at eval.c:3865
#13 0x0000000000416e41 in rb_eval (self=48011179299480, n=<value
optimized out>) at eval.c:3
498
#14 0x0000000000415f3c in rb_eval (self=48011179299480, n=<value
optimized out>) at eval.c:3
698
#15 0x00000000004186bb in rb_eval (self=48011179299480, n=<value
optimized out>) at eval.c:3
319
#16 0x000000000041a2d5 in rb_yield_0 (val=6, self=48011179299480, klass=0,
   flags=<value optimized out>, avalue=0) at eval.c:5090
#17 0x0000000000424fe7 in loop_i () at eval.c:5222
#18 0x0000000000410704 in rb_rescue2 (b_proc=0x424fd0 <loop_i>,
data1=0, r_proc=0, data2=0)
   at eval.c:5486
#19 0x00000000004108e0 in rb_f_loop () at eval.c:5247
#20 0x000000000041b56a in rb_call0 (klass=48011179309360,
recv=48011179299480, id=4121, oid=
4121,
   argc=0, argv=0x0, body=0x2baa79497b78, flags=<value optimized out>)
at eval.c:5917
#21 0x000000000041c278 in rb_call (klass=48011179309360,
recv=48011179299480, mid=4121, argc
=0,
   argv=0x0, scope=1, self=48011179299480) at eval.c:6164
#22 0x0000000000416fec in rb_eval (self=<value optimized out>,
n=<value optimized out>)
   at eval.c:3518
#23 0x0000000000418ff2 in rb_eval (self=48011179299480, n=<value
optimized out>) at eval.c:3
233
#24 0x0000000000427b89 in ruby_exec_internal () at eval.c:1652
#25 0x0000000000427bd5 in ruby_exec () at eval.c:1672
#26 0x0000000000427bff in ruby_run () at eval.c:1682
#27 0x000000000040ddc3 in main (argc=2, argv=0x7fff3168a048,
envp=<value optimized out>)
   at main.c:48





-- 
-- 
Yuki Sonoda (Yugui)
yugui / yugui.jp
http://yugui.jp