Actions
Bug #14660
closed
RubyVM::InstructionSequence.load_from_binary(bin).eval may cause SEGV after r62856
Description
A certain script can cause SEGV when ISeq#to_binary -> load_from_binary -> eval.
$ ./miniruby -ve 'str = "class P; def p; end; def q; end; E = \"\"; N = \"\#{E}\"; attr_reader :i; end"; iseq = RubyVM::InstructionSequence.compile(str); bin = iseq.to_binary; RubyVM::InstructionSequence.load_from_binary(bin).eval'
ruby 2.6.0dev (2018-04-02 trunk 63063) [x86_64-linux]
Segmentation fault (core dumped)
(Note above script is shortened version of "minitest/pride_plugin.rb")
git bisect shows it is since r62856, but I don't know the commit is "bad" or not.
It may make apparent a hidden bug, or increase the probability of reproduction.
Updated by nobu (Nobuyoshi Nakada) over 6 years ago
It's since r62851.
Updated by nobu (Nobuyoshi Nakada) over 6 years ago
- Status changed from Open to Closed
Updated by nobu (Nobuyoshi Nakada) over 6 years ago
- Status changed from Closed to Open
It's probably a bug of IBF, and has been revealed by [Feature#14370], I guess.
Updated by nobu (Nobuyoshi Nakada) over 6 years ago
- Status changed from Open to Closed
Applied in changeset trunk|r63103.
compile.c: fix positions encode
- compile.c (ibf_load_iseq_each): iseq_size necessary to encode
positions is set in ibf_load_code(). [Bug #14660]
Actions
Like0
Like0Like0Like0Like0