From 4523aaec015ff0bf900710efc2ec3411e8841fb1 Mon Sep 17 00:00:00 2001
From: Bouke van der Bijl <boukevanderbijl@gmail.com>
Date: Wed, 16 Nov 2016 14:01:49 -0500
Subject: Fix segfault when defining class inside instance_exec on primitive

---
 mrbgems/mruby-object-ext/test/object.rb | 28 ++++++++++++++++++++++++++++
 src/vm.c                                | 14 ++++++++++----
 2 files changed, 38 insertions(+), 4 deletions(-)

diff --git a/mrbgems/mruby-object-ext/test/object.rb b/mrbgems/mruby-object-ext/test/object.rb
index fe56f1ec5..f0742f8ce 100644
--- a/mrbgems/mruby-object-ext/test/object.rb
+++ b/mrbgems/mruby-object-ext/test/object.rb
@@ -23,3 +23,31 @@ assert('Object#tap') do
   ], ret
   assert_equal(:tap_ok, Class.new {def m; tap{return :tap_ok}; end}.new.m)
 end
+
+assert('instance_exec on primitives with class and module definition') do
+  begin
+    class A
+      1.instance_exec do
+        class B
+        end
+      end
+    end
+
+    assert_kind_of Class, A::B
+  ensure
+    Object.remove_const :A
+  end
+
+  begin
+    class A
+      1.instance_exec do
+        module B
+        end
+      end
+    end
+
+    assert_kind_of Module, A::B
+  ensure
+    Object.remove_const :A
+  end
+end
diff --git a/src/vm.c b/src/vm.c
index a7418e6e7..41e19b0c0 100644
--- a/src/vm.c
+++ b/src/vm.c
@@ -2261,7 +2261,7 @@ RETRY_TRY_BLOCK:
 
     CASE(OP_CLASS) {
       /* A B    R(A) := newclass(R(A),Syms(B),R(A+1)) */
-      struct RClass *c = 0;
+      struct RClass *c = 0, *baseclass;
       int a = GETARG_A(i);
       mrb_value base, super;
       mrb_sym id = syms[GETARG_B(i)];
@@ -2269,7 +2269,10 @@ RETRY_TRY_BLOCK:
       base = regs[a];
       super = regs[a+1];
       if (mrb_nil_p(base)) {
-        base = mrb_obj_value(mrb->c->ci->target_class);
+        baseclass = mrb->c->ci->proc->target_class;
+        if (!baseclass) baseclass = mrb->c->ci->target_class;
+
+        base = mrb_obj_value(baseclass);
       }
       c = mrb_vm_define_class(mrb, base, super, id);
       regs[a] = mrb_obj_value(c);
@@ -2279,14 +2282,17 @@ RETRY_TRY_BLOCK:
 
     CASE(OP_MODULE) {
       /* A B            R(A) := newmodule(R(A),Syms(B)) */
-      struct RClass *c = 0;
+      struct RClass *c = 0, *baseclass;
       int a = GETARG_A(i);
       mrb_value base;
       mrb_sym id = syms[GETARG_B(i)];
 
       base = regs[a];
       if (mrb_nil_p(base)) {
-        base = mrb_obj_value(mrb->c->ci->target_class);
+        baseclass = mrb->c->ci->proc->target_class;
+        if (!baseclass) baseclass = mrb->c->ci->target_class;
+
+        base = mrb_obj_value(baseclass);
       }
       c = mrb_vm_define_module(mrb, base, id);
       regs[a] = mrb_obj_value(c);
-- 
cgit v1.2.3