← index #15670Issue #17728
Related · high · value 2.587
QUERY · ISSUE

Binary operations on undefined variables crash the native emitter.

openby agattiopened 2024-08-16updated 2024-12-30
bug

Port, board and/or hardware

unix

MicroPython version

MicroPython v1.24.0-preview.206.ge9814e987.dirty on 2024-08-16; linux [GCC 14.2.1] version

Reproduction

Run the following code:

@micropython.native
def f():
    a += 0  # Or anything else, really
f()

Expected behaviour

A NameError exception should be raised. (CPython raises NameError: name 'a' is not defined)

Observed behaviour

This is the backtrace of the crash when running the interpreter under GDB:

Program received signal SIGSEGV, Segmentation fault.
mp_obj_get_type (o_in=o_in@entry=0x0) at ../../py/obj.c:61
61              return o->type;
(gdb) bt
#0  mp_obj_get_type (o_in=o_in@entry=0x0) at ../../py/obj.c:61
#1  0x0000555555591333 in mp_binary_op (op=MP_BINARY_OP_INPLACE_ADD, lhs=0x0, rhs=0x1) at ../../py/runtime.c:630
#2  0x00007ffff7fc0053 in ?? ()
#3  0x00007ffff7a06440 in ?? ()
#4  0x00007ffff7fc006d in ?? ()
#5  0x00007fffffff9610 in ?? ()
#6  0x0000000000000003 in ?? ()
#7  0x00007fffffff9760 in ?? ()
#8  0x0000000000000000 in ?? ()

Additional Information

No, I've provided everything above.

Code of Conduct

Yes, I agree

CANDIDATE · ISSUE

segfault with improper use of super()

openby jepleropened 2025-07-20updated 2025-07-20
bug

Port, board and/or hardware

unix, coverage build

MicroPython version

MicroPython v1.26.0-preview.387.ge4e97f5aa7.dirty on 2025-07-20; linux [GCC 12.2.0] version

Reproduction

Run the following code:

import framebuf

class FB(framebuf.FrameBuffer):
    def __init__(self, n):
        self = n
        super().__init__(bytearray(2 * n * n), n, n, framebuf.RGB565)

fb = FB(n=3)

Expected behaviour

super() should not segfault.

Observed behaviour

crash in native_base_init_wrapper

Program received signal SIGSEGV, Segmentation fault.
0x00005555556120c7 in native_base_init_wrapper (n_args=5, args=0x7fffffffd6c0, 
    kw_args=0x7fffffffd510) at ../../py/objtype.c:91
91	    instance_count_native_bases(self->base.type, &native_base);
(gdb) p self
$1 = (mp_obj_instance_t *) 0x7

Additional Information

This is a minimized version of a script produced by fuzzing micropython.

Code of Conduct

Yes, I agree

Keyboard

j / / n
next pair
k / / p
previous pair
1 / / h
show query pane
2 / / l
show candidate pane
c
copy suggested comment
r
toggle reasoning
g i
go to index
?
show this help
esc
close overlays

press ? or esc to close

copied