In the message of [ruby-talk:02497] Re: Possible problem with GC on 1.5.3 (PR#2)
on 2000/4/18 00:35:06 matz / netlab.co.jp (Yukihiro Matsumoto) wrote:
>|Running the following on ruby 1.5.3 (2000-04-11) [i686-linux]
>
>| t.rb:10: [BUG] Segmentation fault
>| zsh: abort ruby -w t.rb
>
>Here's the patch.
After applying the patch to the current CVS version (2000-05-01),
ruby still crash as follows.
It seems rb_callcc() should initialize th->prev and th->next.
--- eval.c.dist Mon May 1 18:41:14 2000
+++ eval.c Mon May 8 23:47:39 2000
@@ -6362,4 +6362,6 @@ thread_free(th)
if (th->status != THREAD_KILLED && th->prev) {
- th->prev->next = th->next;
- th->next->prev = th->prev;
+ if (th->prev)
+ th->prev->next = th->next;
+ if (th->next)
+ th->next->prev = th->prev;
}
@@ -7767,2 +7769,3 @@ rb_callcc(self)
}
+ th->prev = th->next = 0;
if (THREAD_SAVE_CONTEXT(th)) {
% ./miniruby -v ruby-bugs-2.rb
ruby 1.5.3 (2000-05-01) [sparc-solaris2.5.1]
0: 0 1 2 3 4
1: 5 6 7 8 9
2: 10 11 12 13 14
3: 15 16
ruby-bugs-2.rb:10: [BUG] Segmentation fault
Abort (core dumped)
% gdb miniruby core
กฤกฤ
(gdb) bt
#0 0xef6f9cb4 in kill () from /usr/lib/libc.so.1
#1 0xef6bf914 in abort () from /usr/lib/libc.so.1
#2 0xbe460 in rb_bug (fmt=0xd0688 "Segmentation fault") at ../error.c:162
#3 0x91850 in sigsegv (sig=11) at ../signal.c:376
#4 <signal handler called>
#5 0x2f9f0 in thread_free (th=0x152cd8) at ../eval.c:6364
#6 0x3c6cc in rb_gc_call_finalizer_at_exit () at ../gc.c:1200
#7 0x1cb8c in ruby_run () at ../eval.c:1115
#8 0x1a5fc in main (argc=3, argv=0xeffff684, envp=0xeffff694) at ../main.c:41
(gdb) frame 5
#5 0x2f9f0 in thread_free (th=0x152cd8) at ../eval.c:6364
6364 th->prev->next = th->next;
(gdb) list
6359 if (th->stk_ptr) free(th->stk_ptr);
6360 th->stk_ptr = 0;
6361 if (th->locals) st_free_table(th->locals);
6362 if (th->status != THREAD_KILLED && th->prev) {
6363 if (th->prev)
6364 th->prev->next = th->next;
6365 if (th->next)
6366 th->next->prev = th->prev;
6367 }
6368 if (th != main_thread) free(th);
(gdb) print *th
$1 = {next = 0x0, prev = 0x63616c6c, context = {0, -268441256, 211040,
-268441128, 159484, 1847603246, 775162400, 538976368, 1919512180,
539122798, 595290493, 975184394}, result = 4, stk_len = 947,
stk_max = 947, stk_ptr = 0x0, stk_pos = 0xefffe6cc, frame = 0xefffeb48,
scope = 0x12bbc0, dyna_vars = 0x0, block = 0xefffeff0, iter = 0xefffeb78,
tag = 0xefffefa0, klass = 1227688, wrapper = 0, flags = 0,
file = 0x152aa8 "ruby-bugs-2.rb", line = 1, tracing = 0, errinfo = 4,
last_status = 4, last_line = 4, last_match = 4, safe = 0,
status = THREAD_RUNNABLE, wait_for = 0, fd = 0, delay = 0, join = 0x0,
abort = 0, priority = 0, gid = 1, locals = 0x0, thread = 1160704}
(gdb)
--
Katsuyuki Komatsu <komatsu / sarion.co.jp>