Project

General

Profile

Actions
Copy link

Bug #21648

closed

[prism] ruby crashes for `for * in [10]; end`

Bug #21648: [prism] ruby crashes for `for * in [10]; end`

Added by Earlopain (Earlopain _) about 9 hours ago. Updated about 3 hours ago.

Status:
Closed
Assignee:
-
Target version:
-
ruby -v:
ruby 3.4.6 (2025-09-16 revision dbd83256b1) +PRISM [x86_64-linux]
Backport:
3.2: UNKNOWN, 3.3: UNKNOWN, 3.4: UNKNOWN
[ruby-core:123546]

Description

$ ruby -e "for * in [10]; end"
-e:1: [BUG] Stack consistency error (sp: 15, bp: 14)
ruby 3.4.6 (2025-09-16 revision dbd83256b1) +PRISM [x86_64-linux]

-- Control frame information -----------------------------------------------
c:0004 p:0008 s:0015 e:000013 BLOCK  -e:1 [FINISH]
c:0003 p:---- s:0010 e:000009 CFUNC  :each
c:0002 p:0005 s:0006 e:000005 EVAL   -e:1 [FINISH]
c:0001 p:0000 s:0003 E:0014c0 DUMMY  [FINISH]
...

parse.y handles this. Seems like this is getting miscompiled somewhere:

diff --git a/test.txt b/test.txt
index d1c4ff74..5f2616e4 100644
--- a/test.txt
+++ b/test.txt
@@ -1,4 +1,4 @@
-ruby --dump=insn -e "for * in [10]; end"
+$ ruby --parser=parse.y --dump=insn -e "for * in [10]; end"
 == disasm: #<ISeq:<main>@-e:1 (1,0)-(1,18)>
 0000 duparray                               [10]                      (   1)[Li]
 0002 send                                   <calldata!mid:each, argc:0>, block in <main>
@@ -8,7 +8,22 @@ ruby --dump=insn -e "for * in [10]; end"
 local table (size: 1, argc: 0 [opts: 0, rest: 0, post: 0, block: -1, kw: -1@-1, kwrest: -1])
 [ 1] ?@0<Rest>
 0000 getlocal_WC_0                          ?@0                       (   1)
-0002 expandarray                            1, 0
-0005 nop                                    [Bc]
-0006 putnil
-0007 leave                                  [Br]
+0002 dup
+0003 opt_length                             <calldata!mid:length, argc:0, FCALL|ARGS_SIMPLE>[CcCr]
+0005 putobject_INT2FIX_1_
+0006 opt_eq                                 <calldata!mid:==, argc:1, FCALL|ARGS_SIMPLE>[CcCr]
+0008 branchunless                           24
+0010 dup
+0011 putobject_INT2FIX_0_
+0012 opt_aref                               <calldata!mid:[], argc:1, FCALL|ARGS_SIMPLE>[CcCr]
+0014 putobject                              Array
+0016 swap
+0017 opt_send_without_block                 <calldata!mid:try_convert, argc:1, FCALL|ARGS_SIMPLE>
+0019 dup
+0020 branchunless                           23
+0022 swap
+0023 pop
+0024 expandarray                            0, 0
+0027 nop                                    [Bc]
+0028 putnil
+0029 leave                                  [Br]

Files

crash.txt (19.7 KB) crash.txt Earlopain (Earlopain _), 10/27/2025 10:38 AM

Updated by Earlopain (Earlopain _) about 9 hours ago Actions
Copy link
 #1

  • Description updated (diff)

Updated by Earlopain (Earlopain _) about 4 hours ago Actions
Copy link
 #3

  • Status changed from Open to Closed

Applied in changeset git|0b0da6c4b26f80ad6985722d3fc0f5cdee09125d.

Correctly compile splats in for-loop index in prism

Fixes [Bug #21648]

This is a followup to https://github.com/ruby/ruby/pull/13597.
The added test passed but didn't emit the same instructions.

This also handles bare splats and aligns instructions for all cases

Updated by Earlopain (Earlopain _) about 3 hours ago Actions
Copy link
 #4 [ruby-core:123548]

@kddnewton (Kevin Newton) can you mark for backport? Thanks!

Actions
Copy link

Also available in: PDF Atom