Project

General

Profile

Bug #14660

RubyVM::InstructionSequence.load_from_binary(bin).eval may cause SEGV after r62856

Added by wanabe (_ wanabe) 11 months ago. Updated 11 months ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
[ruby-core:86437]

Description

A certain script can cause SEGV when ISeq#to_binary -> load_from_binary -> eval.

$ ./miniruby -ve 'str = "class P; def p; end; def q; end; E = \"\"; N = \"\#{E}\"; attr_reader :i; end"; iseq = RubyVM::InstructionSequence.compile(str); bin = iseq.to_binary; RubyVM::InstructionSequence.load_from_binary(bin).eval'
ruby 2.6.0dev (2018-04-02 trunk 63063) [x86_64-linux]
Segmentation fault (core dumped)

(Note above script is shortened version of "minitest/pride_plugin.rb")

git bisect shows it is since r62856, but I don't know the commit is "bad" or not.
It may make apparent a hidden bug, or increase the probability of reproduction.

Associated revisions

Revision 02df45c4
Added by nobu (Nobuyoshi Nakada) 11 months ago

Reproducible test for [Feature#14370] @ [Bug #14660]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63075 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 63075
Added by nobu (Nobuyoshi Nakada) 11 months ago

Reproducible test for [Feature#14370] @ [Bug #14660]

Revision 63075
Added by nobu (Nobuyoshi Nakada) 11 months ago

Reproducible test for [Feature#14370] @ [Bug #14660]

Revision 7084c015
Added by nobu (Nobuyoshi Nakada) 11 months ago

compile.c: fix positions encode

  • compile.c (ibf_load_iseq_each): iseq_size necessary to encode positions is set in ibf_load_code(). [Bug #14660]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63103 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 63103
Added by nobu (Nobuyoshi Nakada) 11 months ago

compile.c: fix positions encode

  • compile.c (ibf_load_iseq_each): iseq_size necessary to encode positions is set in ibf_load_code(). [Bug #14660]

Revision 63103
Added by nobu (Nobuyoshi Nakada) 11 months ago

compile.c: fix positions encode

  • compile.c (ibf_load_iseq_each): iseq_size necessary to encode positions is set in ibf_load_code(). [Bug #14660]

History

#2

Updated by nobu (Nobuyoshi Nakada) 11 months ago

  • Status changed from Open to Closed

Applied in changeset trunk|r63075.


Reproducible test for [Feature#14370] @ [Bug #14660]

Updated by nobu (Nobuyoshi Nakada) 11 months ago

  • Status changed from Closed to Open

It's probably a bug of IBF, and has been revealed by [Feature#14370], I guess.

#4

Updated by nobu (Nobuyoshi Nakada) 11 months ago

  • Status changed from Open to Closed

Applied in changeset trunk|r63103.


compile.c: fix positions encode

  • compile.c (ibf_load_iseq_each): iseq_size necessary to encode positions is set in ibf_load_code(). [Bug #14660]

Also available in: Atom PDF