Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The following input demonstrates a crash:
GC.start begin [0].all? do[].- end rescue => e GC.start e.dup.backtrace end
ASAN report:
==90143==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000009 (pc 0x0001078ac6a0 bp 0x7fff5836ba50 sp 0x7fff5836b700 T0) ==90143==The signal is caused by a READ memory access. ==90143==Hint: address points to the zero page. #0 0x1078ac69f in each_backtrace backtrace.c:132 #1 0x1078ab4ea in output_backtrace backtrace.c:182 #2 0x1078a9324 in exc_output_backtrace backtrace.c:199 #3 0x1078a9ca4 in mrb_exc_backtrace backtrace.c:303 #4 0x1078fd45e in exc_get_backtrace (mruby:x86_64+0x10007345e) #5 0x1079fbca5 in mrb_vm_exec (mruby:x86_64+0x100171ca5) #6 0x1079f0dbf in mrb_vm_run (mruby:x86_64+0x100166dbf) #7 0x107a24619 in mrb_top_run (mruby:x86_64+0x10019a619) #8 0x107af5a85 in mrb_load_exec (mruby:x86_64+0x10026ba85) #9 0x107af63d5 in mrb_load_file_cxt (mruby:x86_64+0x10026c3d5) #10 0x10788c0d6 in main mruby.c:227 #11 0x7fffbdf72234 in start (libdyld.dylib:x86_64+0x5234) ==90143==Register values: rax = 0x0000000000000009 rbx = 0x00007fff5836b760 rcx = 0x0000000000000009 rdx = 0x0000100000000001 rdi = 0x0000000000000001 rsi = 0x0000100000000000 rbp = 0x00007fff5836ba50 rsp = 0x00007fff5836b700 r8 = 0x0000000100000010 r9 = 0x0000100000000000 r10 = 0x0000000000000080 r11 = 0xffffe060a7c9f1e0 r12 = 0x0000100000000000 r13 = 0x000062f0000099d0 r14 = 0x000061400000a460 r15 = 0x00001c280000148c AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV backtrace.c:132 in each_backtrace ==90143==ABORTING Abort trap: 6
This issue was reported by Dinko Galetic & Denis Kasak (https://hackerone.com/dgaletic).
The text was updated successfully, but these errors were encountered:
Simplify backtrace mechanism; fix #3633 #3634 #3644
9644ad5
Instead of preserving a backtrace in `mrb_state`, `mrb_exc_set` keeps packed backtrace in an exception object. `#backtrace` unpacks it to an array of strings.
No branches or pull requests
The following input demonstrates a crash:
ASAN report:
This issue was reported by Dinko Galetic & Denis Kasak (https://hackerone.com/dgaletic).
The text was updated successfully, but these errors were encountered: