diff options
author | Alan Wu <XrXr@users.noreply.github.com> | 2022-10-20 16:45:24 -0400 |
---|---|---|
committer | Alan Wu <XrXr@users.noreply.github.com> | 2022-10-20 18:12:15 -0400 |
commit | 39f7eddec4c55711d56f05b085992a83bf23159e (patch) | |
tree | e671ea20ff3d42a557f8c992e257ac9370ae6e50 /test/ruby/test_autoload.rb | |
parent | 2930302244037b0b08da65176eb725541b3ef800 (diff) | |
download | ruby-39f7eddec4c55711d56f05b085992a83bf23159e.tar.gz |
YJIT: Fix gen_expandarray treating argument as VALUE
The expandarray instruction interpreters its arguments as rb_num_t.
YJIT was treating the num argument as a VALUE previously and when
it has a certain bit pattern, it can look like a GC pointer. The
argument is not a pointer, so YJIT crashed when trying to mark those
pointers.
This bug existed previously, but our test suite didn't expose it until
f55212bce939f736559709a8cd16c409772389c8. TestArgf#test_to_io has a
line like:
a1, a2, a3, a4, a5, a6, a7, a8 = array
Which maps to an expandarray with an argument of 8. Qnil happened to
be defined as 8, which masked the issue.
Fix it by not using the argument as a VALUE.
Diffstat (limited to 'test/ruby/test_autoload.rb')
0 files changed, 0 insertions, 0 deletions