Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The following input demonstrates a crash:
def a yield ensure Array.new.uniq {} end def b yield ensure lambda { a { a a { return proc{} } } }.call end GC.start lambda { b { b { b { b { b { b { b { b { b { b { b { b { b { b { b { b { b { b { b { b { b { b { return proc{} } } } } } } } } } } } } } } } } } } } } } } }.call
ASAN report:
==53746==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000002 (pc 0x000107e76d81 bp 0x7fff57f13110 sp 0x7fff57f12d60 T0) ==53746==The signal is caused by a READ memory access. ==53746==Hint: address points to the zero page. #0 0x107e76d80 in ecall vm.c:323 #1 0x107e5de06 in mrb_vm_exec vm.c:1920 #2 0x107e459e6 in mrb_vm_run vm.c:866 #3 0x107e79cdf in mrb_top_run vm.c:2768 #4 0x107f4bdd5 in mrb_load_exec parse.y:5780 #5 0x107f4c725 in mrb_load_file_cxt parse.y:5789 #6 0x107ce4e46 in main mruby.c:227 #7 0x7fffe5638234 in start (libdyld.dylib:x86_64+0x5234) ==53746==Register values: rax = 0x0000000000000002 rbx = 0x00007fff57f12dc0 rcx = 0x0000000000000002 rdx = 0x0000100000000000 rdi = 0x0000100000000000 rsi = 0x0000100000000000 rbp = 0x00007fff57f13110 rsp = 0x00007fff57f12d60 r8 = 0x0000100000000000 r9 = 0x0000000000000000 r10 = 0x00001c280000148c r11 = 0x0000100000000000 r12 = 0xf2f20000f1f1f1f1 r13 = 0x00001fffeafe3448 r14 = 0xf2f20000f2f2f2f2 r15 = 0xf2f2f2f2f2040000 AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV vm.c:323 in ecall ==53746==ABORTING Abort trap: 6
This issue was reported by https://hackerone.com/ahihi
The text was updated successfully, but these errors were encountered:
7ff90b5
Simplify rescue stack management; ref #3683
eb5a606
Revert "Simplify rescue stack management; ref #3683"
788cea2
This reverts commit eb5a606 and 079f310. The rescue stack works differently from ensure stack, so the change caused #3686 and #3688. It might take long to solve the problems, so that I would revert the changes for now. Fix #3688
No branches or pull requests
The following input demonstrates a crash:
ASAN report:
This issue was reported by https://hackerone.com/ahihi
The text was updated successfully, but these errors were encountered: