Project

General

Profile

« Previous | Next » 

Revision 20389994

Added by shyouhei (Shyouhei Urabe) over 6 years ago

fix SEGV touching uninitialized memory

This function can be called from rb_data_typed_object_zalloc().
No assumption can be made about object internals.

(lldb) run
Process 22135 launched: './miniruby' (x86_64)
Process 22135 stopped

  • thread #1: tid = 0x14a3af, 0x000000010008ac8a minirubyvm_block_type(block=0x0000000000000000) + 12 at vm_core.h:1364, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x18) frame #0: 0x000000010008ac8a minirubyvm_block_type(block=0x0000000000000000) + 12 at vm_core.h:1364
    1361 break;
    1362 }
    1363 #endif
    -> 1364 return block->type;
    1365 }
    1366
    1367 static inline void
    (lldb) bt
  • thread #1: tid = 0x14a3af, 0x000000010008ac8a miniruby`vm_block_type(block=0x0000000000000000) + 12 at vm_core.h:1364, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x18)
    • frame #0: 0x000000010008ac8a minirubyvm_block_type(block=0x0000000000000000) + 12 at vm_core.h:1364 frame #1: 0x000000010008acdb minirubyvm_block_iseq(block=0x0000000000000000) + 24 at vm_core.h:1399
      frame #2: 0x000000010008acc1 minirubyvm_proc_iseq(procval=4310866360) + 32 at vm_core.h:1387 frame #3: 0x000000010009cbed minirubyrb_raw_obj_info(buff="0x0000000100f299b8 [0 ] proc (Proc)", buff_size=256, obj=4310866360) + 1513 at gc.c:9349
      frame #4: 0x000000010009cf01 minirubyobj_info(obj=4310866360) + 98 at gc.c:9428 frame #5: 0x000000010008ca1b minirubynewobj_init(klass=4311027960, flags=12, v1=4298186080, v2=1, v3=0, wb_protected=32, objspace=0x00000001007cf280, obj=4310866360) + 338 at gc.c:1887
      frame #6: 0x000000010008cce5 minirubynewobj_of(klass=4311027960, flags=12, v1=4298186080, v2=1, v3=0, wb_protected=32) + 171 at gc.c:1970 frame #7: 0x000000010008d01d minirubyrb_data_typed_object_wrap(klass=4311027960, datap=0x0000000000000000, type=0x0000000100311d60) + 133 at gc.c:2062
      frame #8: 0x000000010008d04e minirubyrb_data_typed_object_zalloc(klass=4311027960, size=40, type=0x0000000100311d60) + 42 at gc.c:2073 frame #9: 0x000000010011b459 minirubyrb_proc_alloc(klass=4311027960) + 36 at proc.c:113
      frame #10: 0x0000000100204d8e minirubyvm_proc_create_from_captured(klass=4311027960, captured=0x00000001025003f8, block_type=block_type_iseq, is_from_method='\0', is_lambda='\x01') + 44 at vm.c:814 frame #11: 0x00000001002050d8 minirubyrb_vm_make_proc_lambda(ec=0x00000001007cf548, captured=0x00000001025003f8, klass=4311027960, is_lambda='\x01') + 134 at vm.c:892
      frame #12: 0x000000010011c0d2 minirubyproc_new(klass=4311027960, is_lambda='\x01') + 445 at proc.c:752 frame #13: 0x000000010011c154 minirubyrb_block_lambda + 27 at proc.c:808
      frame #14: 0x00000001001ee7e3 minirubycall_cfunc_0(func=(minirubyrb_block_lambda at proc.c:807), recv=4310991600, argc=0, argv=0x0000000102400480) + 41 at vm_insnhelper.c:1729
      frame #15: 0x00000001001ef2c3 minirubyvm_call_cfunc_with_frame(ec=0x00000001007cf548, reg_cfp=0x00000001025003e0, calling=0x00007fff5fbfd4d0, ci=0x0000000102537be0, cc=0x000000010253e0f0) + 386 at vm_insnhelper.c:1918 frame #16: 0x00000001001ef412 minirubyvm_call_cfunc(ec=0x00000001007cf548, reg_cfp=0x00000001025003e0, calling=0x00007fff5fbfd4d0, ci=0x0000000102537be0, cc=0x000000010253e0f0) + 149 at vm_insnhelper.c:1934
      frame #17: 0x00000001001f0655 minirubyvm_call_method_each_type(ec=0x00000001007cf548, cfp=0x00000001025003e0, calling=0x00007fff5fbfd4d0, ci=0x0000000102537be0, cc=0x000000010253e0f0) + 239 at vm_insnhelper.c:2232 frame #18: 0x00000001001f0ce0 minirubyvm_call_method(ec=0x00000001007cf548, cfp=0x00000001025003e0, calling=0x00007fff5fbfd4d0, ci=0x0000000102537be0, cc=0x000000010253e0f0) + 117 at vm_insnhelper.c:2355
      frame #19: 0x00000001001f0eb6 minirubyvm_call_general(ec=0x00000001007cf548, reg_cfp=0x00000001025003e0, calling=0x00007fff5fbfd4d0, ci=0x0000000102537be0, cc=0x000000010253e0f0) + 59 at vm_insnhelper.c:2398 frame #20: 0x00000001001f6e61 minirubyvm_exec_core(ec=0x00000001007cf548, initial=0) + 7480 at insns.def:850
      frame #21: 0x0000000100207995 minirubyvm_exec(ec=0x00000001007cf548) + 230 at vm.c:1771 frame #22: 0x0000000100208647 minirubyrb_iseq_eval_main(iseq=0x0000000100f29fd0) + 52 at vm.c:2019
      frame #23: 0x000000010007b750 minirubyruby_exec_internal(n=0x0000000100f29fd0) + 297 at eval.c:246 frame #24: 0x000000010007b876 minirubyruby_exec_node(n=0x0000000100f29fd0) + 36 at eval.c:310
      frame #25: 0x000000010007b849 minirubyruby_run_node(n=0x0000000100f29fd0) + 62 at eval.c:302 frame #26: 0x0000000100000c05 minirubymain(argc=2, argv=0x00007fff5fbfdbf0) + 113 at main.c:42
      frame #27: 0x00007fff88eda5ad libdyld.dylib`start + 1
      (lldb)

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61565 b2dd03c8-39d4-4d8f-98ff-823fe69b080e