Bug #4321
closed
valgrind report "Invalid read" for Object#clone
Description
=begin
以下のようなスクリプトを valgrind を使って実行すると Invalid read of size 4 のようなエラーが報告されます。
optflags=-O3 を指定してビルドした時に発生します。
script¶
obj = Object.new
def obj.meth
end
GC.stress = true
obj.clone
message¶
==22864== Invalid read of size 4
==22864== at 0x8069B25: mark_method_entry_i (gc.c:1416)
==22864== by 0x8107ADF: st_foreach (st.c:747)
==22864== by 0x8066C29: gc_mark_children (gc.c:1451)
==22864== by 0x80667F3: gc_mark_children (gc.c:1540)
==22864== by 0x8067EAC: mark_current_machine_context (gc.c:1540)
==22864== by 0x8067FCD: gc_marks (gc.c:2361)
==22864== by 0x806843C: garbage_collect (gc.c:2409)
==22864== by 0x8068A06: vm_xmalloc (gc.c:650)
==22864== by 0x809A142: init_copy (object.c:211)
==22864== by 0x809A2DC: rb_obj_clone (object.c:271)
==22864== by 0x8162468: vm_call_method (vm_insnhelper.c:403)
==22864== by 0x8163C5B: vm_exec_core (insns.def:1010)
==22864== Address 0x4594b2c is 124 bytes inside a block of size 148 free'd
==22864== at 0x4025DFA: free (vg_replace_malloc.c:323)
==22864== by 0x806516E: finalize_list (gc.c:2838)
==22864== by 0x8176EA4: rb_threadptr_execute_interrupts_rec (thread.c:1307)
==22864== by 0x816A53A: vm_call0 (vm_eval.c:146)
==22864== by 0x816AC33: rb_call0 (vm_eval.c:235)
==22864== by 0x816BB52: rb_add_method (vm_eval.c:438)
==22864== by 0x819D4B3: clone_method (class.c:136)
==22864== by 0x8107ADF: st_foreach (st.c:747)
==22864== by 0x819D3CC: rb_singleton_class_clone (class.c:243)
==22864== by 0x809A295: rb_obj_clone (object.c:269)
==22864== by 0x8162468: vm_call_method (vm_insnhelper.c:403)
==22864== by 0x8163C5B: vm_exec_core (insns.def:1010)
==22864==
==22864== Invalid read of size 1
==22864== at 0x816FAAF: vm_setup_method (vm_insnhelper.c:461)
==22864== by 0x81626AF: vm_call_method (vm_insnhelper.c:520)
==22864== by 0x8163C5B: vm_exec_core (insns.def:1010)
==22864== by 0x816947B: vm_exec (vm.c:1150)
==22864== by 0x81697D9: rb_iseq_eval_main (vm.c:1391)
==22864== by 0x805B861: ruby_exec_internal (eval.c:225)
==22864== by 0x805D331: ruby_run_node (eval.c:272)
==22864== by 0x805AC2F: main (main.c:38)
==22864== Address 0x4594af8 is 72 bytes inside a block of size 148 free'd
==22864== at 0x4025DFA: free (vg_replace_malloc.c:323)
==22864== by 0x806516E: finalize_list (gc.c:2838)
==22864== by 0x8176EA4: rb_threadptr_execute_interrupts_rec (thread.c:1307)
==22864== by 0x816A53A: vm_call0 (vm_eval.c:146)
==22864== by 0x816AC33: rb_call0 (vm_eval.c:235)
==22864== by 0x816BB52: rb_add_method (vm_eval.c:438)
==22864== by 0x819D4B3: clone_method (class.c:136)
==22864== by 0x8107ADF: st_foreach (st.c:747)
==22864== by 0x819D3CC: rb_singleton_class_clone (class.c:243)
==22864== by 0x809A295: rb_obj_clone (object.c:269)
==22864== by 0x8162468: vm_call_method (vm_insnhelper.c:403)
==22864== by 0x8163C5B: vm_exec_core (insns.def:1010)
=end
Updated by nagachika (Tomoyuki Chikanaga) about 13 years ago
- Status changed from Open to Closed
- % Done changed from 0 to 100
=begin
This issue was solved with changeset r30659.
Tomoyuki, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.
- class.c (clone_method): add GC guard to prevent intermediate
variable from GC. [Bug #4321] [ruby-dev:43107]
=end