Fix spelling#3
Merged
Merged
Conversation
cremno
referenced
this pull request
in cremno/mruby
Jul 3, 2015
CID 75872 (#3-2 of 3): Pointer to local outside scope (RETURN_LOCAL) 38. use_invalid: Using p, which points to an out-of-scope variable buf.
kou
referenced
this pull request
in kou/mruby
Aug 17, 2015
The following code crashes without this change:
def a
[1].each do
[2].each do
[3].each do
raise "XXX"
end
end
end
end
begin
a
rescue => exception
GC.start
exception.backtrace
end
GDB backtrace:
Program received signal SIGSEGV, Segmentation fault.
strlen () at ../sysdeps/x86_64/strlen.S:106
106 ../sysdeps/x86_64/strlen.S: No such file or directory.
(gdb) bt
#0 strlen () at ../sysdeps/x86_64/strlen.S:106
#1 0x00000000004252cd in mrb_str_new_cstr (mrb=0x69f010,
p=0x101 <error: Cannot access memory at address 0x101>)
at mruby/src/string.c:290
#2 0x00000000004183fe in get_backtrace_i (mrb=0x69f010, loc=0x7fffffffd940,
data=0x6a7410) at mruby/src/backtrace.c:72
#3 0x0000000000418793 in output_backtrace (mrb=0x69f010, ciidx=8,
pc0=0x71940c, func=0x4183af <get_backtrace_i>, data=0x6a7410)
at mruby/src/backtrace.c:140
#4 0x0000000000418862 in exc_output_backtrace (mrb=0x69f010, exc=0x6a5be0,
func=0x4183af <get_backtrace_i>, stream=0x6a7410)
at mruby/src/backtrace.c:157
#5 0x000000000041894c in mrb_exc_backtrace (mrb=0x69f010, self=...)
at mruby/src/backtrace.c:199
#6 0x000000000040dbaf in mrb_context_run (mrb=0x69f010, proc=0x6a61b0,
self=..., stack_keep=0) at mruby/src/vm.c:1126
#7 0x00000000004131d8 in mrb_toplevel_run_keep (mrb=0x69f010, proc=0x6a61b0,
stack_keep=0) at mruby/src/vm.c:2422
#8 0x000000000043a46c in load_exec (mrb=0x69f010, p=0x6f6450, c=0x6c9320)
at mruby/mrbgems/mruby-compiler/core/parse.y:5619
#9 0x000000000043a4e2 in mrb_load_file_cxt (mrb=0x69f010, f=0x6f61f0,
c=0x6c9320)
at mruby/mrbgems/mruby-compiler/core/parse.y:5628
#10 0x0000000000402466 in main (argc=2, argv=0x7fffffffe438)
at mruby/mrbgems/mruby-bin-mruby/tools/mruby/mruby.c:222
Closed
shuujii
added a commit
to shuujii/mruby
that referenced
this pull request
Feb 10, 2021
### Example
##### example.rb
```ruby
h = {}
(1..17).each{h[_1] = _1}
(1..16).each{h.delete(_1)}
h.rehash
```
##### ASAN report
```console
$ bin/mruby example.rb
==52587==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x602000006998 at pc 0x55a29cddf96b bp 0x7fff7b1b1720 sp 0x7fff7b1b1710
READ of size 4 at 0x602000006998 thread T0
#0 0x55a29cddf96a in ib_it_next /mruby/src/hash.c:639
mruby#1 0x55a29cde2ca2 in ht_rehash /mruby/src/hash.c:900
mruby#2 0x55a29cde379f in h_rehash /mruby/src/hash.c:996
mruby#3 0x55a29cde7f3d in mrb_hash_rehash /mruby/src/hash.c:1735
mruby#4 0x55a29ce77b62 in mrb_vm_exec /mruby/src/vm.c:1451
mruby#5 0x55a29ce5fa88 in mrb_vm_run /mruby/src/vm.c:981
mruby#6 0x55a29ceb87e1 in mrb_top_run /mruby/src/vm.c:2874
mruby#7 0x55a29cf36bdf in mrb_load_exec mrbgems/mruby-compiler/core/parse.y:6805
mruby#8 0x55a29cf36f25 in mrb_load_detect_file_cxt mrbgems/mruby-compiler/core/parse.y:6848
mruby#9 0x55a29cdba0a2 in main /mruby/mrbgems/mruby-bin-mruby/tools/mruby/mruby.c:347
mruby#10 0x7f24ef43b0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
mruby#11 0x55a29cdb4a6d in _start (/mruby/bin/mruby+0x2a3a6d)
0x602000006998 is located 0 bytes to the right of 8-byte region [0x602000006990,0x602000006998)
allocated by thread T0 here:
#0 0x7f24f01cfffe in __interceptor_realloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dffe)
mruby#1 0x55a29ceb9440 in mrb_default_allocf /mruby/src/state.c:68
mruby#2 0x55a29cdba747 in mrb_realloc_simple /mruby/src/gc.c:228
mruby#3 0x55a29cdba928 in mrb_realloc /mruby/src/gc.c:242
mruby#4 0x55a29cde12e5 in ht_init /mruby/src/hash.c:749
mruby#5 0x55a29cde2b8e in ht_rehash /mruby/src/hash.c:897
mruby#6 0x55a29cde379f in h_rehash /mruby/src/hash.c:996
mruby#7 0x55a29cde7f3d in mrb_hash_rehash /mruby/src/hash.c:1735
mruby#8 0x55a29ce77b62 in mrb_vm_exec /mruby/src/vm.c:1451
mruby#9 0x55a29ce5fa88 in mrb_vm_run /mruby/src/vm.c:981
mruby#10 0x55a29ceb87e1 in mrb_top_run /mruby/src/vm.c:2874
mruby#11 0x55a29cf36bdf in mrb_load_exec mrbgems/mruby-compiler/core/parse.y:6805
mruby#12 0x55a29cf36f25 in mrb_load_detect_file_cxt mrbgems/mruby-compiler/core/parse.y:6848
mruby#13 0x55a29cdba0a2 in main /mruby/mrbgems/mruby-bin-mruby/tools/mruby/mruby.c:347
mruby#14 0x7f24ef43b0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
```
matz
pushed a commit
that referenced
this pull request
Oct 21, 2022
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.