diff options
author | shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2018-01-02 06:41:58 +0000 |
---|---|---|
committer | shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2018-01-02 06:41:58 +0000 |
commit | 5851706073362fa65ba866df8706f1781ec722a4 (patch) | |
tree | 73ae515e3b1c9e4852d5f447e5fb495be873b26f /variable.c | |
parent | e5914dd479a86e2a9af01288d5915c78fa0bfae8 (diff) |
fix SEGV touching uninitialized memory
This function can be called from boot_defclass().
No assumption can be made about object internals.
(lldb) run
Process 2386 launched: './miniruby' (x86_64)
Process 2386 stopped
* thread #1: tid = 0x13f3b6, 0x00000001001e0b26 miniruby`rb_class_path_cached(klass=4311373720) + 20 at variable.c:321, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x8)
frame #0: 0x00000001001e0b26 miniruby`rb_class_path_cached(klass=4311373720) + 20 at variable.c:321
318 VALUE
319 rb_class_path_cached(VALUE klass)
320 {
-> 321 st_table *ivtbl = RCLASS_IV_TBL(klass);
322 st_data_t n;
323
324 if (!ivtbl) return Qnil;
(lldb) bt
* thread #1: tid = 0x13f3b6, 0x00000001001e0b26 miniruby`rb_class_path_cached(klass=4311373720) + 20 at variable.c:321, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x8)
* frame #0: 0x00000001001e0b26 miniruby`rb_class_path_cached(klass=4311373720) + 20 at variable.c:321
frame #1: 0x000000010009cbd0 miniruby`rb_raw_obj_info(buff="0x0000000100fa5798 [2 ] T_CLASS", buff_size=256, obj=4311373720) + 1393 at gc.c:9341
frame #2: 0x000000010009cf16 miniruby`obj_info(obj=4311373720) + 98 at gc.c:9423
frame #3: 0x000000010008ca87 miniruby`newobj_init(klass=0, flags=66, v1=0, v2=0, v3=0, wb_protected=1, objspace=0x00000001007cf280, obj=4311373720) + 338 at gc.c:1887
frame #4: 0x000000010008cd51 miniruby`newobj_of(klass=0, flags=66, v1=0, v2=0, v3=0, wb_protected=1) + 171 at gc.c:1970
frame #5: 0x000000010008ce1b miniruby`rb_wb_protected_newobj_of(klass=0, flags=66) + 54 at gc.c:1990
frame #6: 0x0000000100027563 miniruby`class_alloc(flags=2, klass=0) + 46 at class.c:165
frame #7: 0x000000010002761a miniruby`rb_class_boot(super=0) + 35 at class.c:203
frame #8: 0x0000000100028612 miniruby`boot_defclass(name="BasicObject", super=0) + 28 at class.c:537
frame #9: 0x000000010002868b miniruby`Init_class_hierarchy + 26 at class.c:548
frame #10: 0x00000001000efe69 miniruby`InitVM_Object + 9 at object.c:3892
frame #11: 0x00000001000f138e miniruby`Init_Object + 57 at object.c:4122
frame #12: 0x00000001000a59bd miniruby`rb_call_inits + 29 at inits.c:23
frame #13: 0x000000010007af30 miniruby`ruby_setup + 229 at eval.c:61
frame #14: 0x000000010007af7e miniruby`ruby_init + 13 at eval.c:78
frame #15: 0x0000000100000c58 miniruby`main(argc=2, argv=0x00007fff5fbfdbf0) + 88 at main.c:41
frame #16: 0x00007fff88eda5ad libdyld.dylib`start + 1
(lldb)
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61562 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'variable.c')
-rw-r--r-- | variable.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/variable.c b/variable.c index 5a0c45159e..dda92cd723 100644 --- a/variable.c +++ b/variable.c @@ -318,10 +318,11 @@ rb_class_path_no_cache(VALUE klass) VALUE rb_class_path_cached(VALUE klass) { - st_table *ivtbl = RCLASS_IV_TBL(klass); + st_table *ivtbl; st_data_t n; - if (!ivtbl) return Qnil; + if (!RCLASS_EXT(klass)) return Qnil; + if (!(ivtbl = RCLASS_IV_TBL(klass))) return Qnil; if (st_lookup(ivtbl, (st_data_t)classpath, &n)) return (VALUE)n; if (st_lookup(ivtbl, (st_data_t)tmp_classpath, &n)) return (VALUE)n; return Qnil; |