Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The following input demonstrates a crash:
(Hash::prepend Enumerable).dup()
ASAN report:
ASAN:DEADLYSIGNAL ================================================================= ==37239==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x000106e6eca0 bp 0x7ffee9eb6080 sp 0x7ffee9eb6080 T0) ==37239==The signal is caused by a READ memory access. ==37239==Hint: address points to the zero page. #0 0x106e6ec9f in __asan::QuickCheckForUnpoisonedRegion(unsigned long, unsigned long) (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x15c9f) #1 0x106ea8538 in __asan_memcpy (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x4f538) #2 0x105e521d1 in mrb_hash_keys hash.c:768 #3 0x105ddf551 in mrb_vm_exec vm.c:1472 #4 0x105dd2c9b in mrb_vm_run vm.c:950 #5 0x105dc94cf in mrb_run vm.c:2991 #6 0x105dc6df0 in mrb_funcall_with_block vm.c:506 #7 0x105dc2fa9 in mrb_funcall_argv vm.c:516 #8 0x105dc29e6 in mrb_funcall vm.c:396 #9 0x105d4c176 in init_copy kernel.c:300 #10 0x105d4caab in mrb_obj_dup kernel.c:383 #11 0x105d5dc13 in copy_class kernel.c:265 #12 0x105d4bd99 in init_copy kernel.c:284 #13 0x105d4a43e in mrb_obj_clone kernel.c:345 #14 0x105ddf551 in mrb_vm_exec vm.c:1472 #15 0x105dd2c9b in mrb_vm_run vm.c:950 #16 0x105e0a9f3 in mrb_top_run vm.c:3005 #17 0x10600a0c7 in mrb_load_exec parse.y:5835 #18 0x10600af09 in mrb_load_file_cxt parse.y:5844 #19 0x105d371d5 in main mruby.c:279 #20 0x7fff65687014 in start (libdyld.dylib:x86_64+0x1014) ==37239==Register values: rax = 0x0000100000000000 rbx = 0x0000000107c39880 rcx = 0x1d7d89af7d7d7ecc rdx = 0x0000000000000000 rdi = 0xebec4d7bebebf660 rsi = 0x0000000000000010 rbp = 0x00007ffee9eb6080 rsp = 0x00007ffee9eb6080 r8 = 0x0000007cbebebebe r9 = 0x00007ffee9eb6404 r10 = 0x00007ffee9eb6660 r11 = 0x00001e1ee9eb1f00 r12 = 0x0000000000000010 r13 = 0x00007ffee9eb69a0 r14 = 0x00007ffee9eb69c0 r15 = 0xebec4d7bebebf660 AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x15c9f) in __asan::QuickCheckForUnpoisonedRegion(unsigned long, unsigned long) ==37239==ABORTING Abort trap: 6
This issue was reported by Daniel Teuchert, Cornelius Aschermann, Tommaso Frassetto, and Tigist Abera (https://hackerone.com/pnoltof).
The text was updated successfully, but these errors were encountered:
Clear __classname__ of duped class/module; ref #4027
__classname__
1dddc2f
b64ce17
Clear __classname__ of duped class/module; ref mruby#4027
adb98b8
Should not call initialize_copy for TT_ICLASS; fix mruby#4027
initialize_copy
TT_ICLASS
89f6aab
Since `TT_ICLASS` is a internal object that should never be revealed to Ruby world.
No branches or pull requests
The following input demonstrates a crash:
ASAN report:
This issue was reported by Daniel Teuchert, Cornelius Aschermann, Tommaso Frassetto, and Tigist Abera (https://hackerone.com/pnoltof).
The text was updated successfully, but these errors were encountered: