Ticket #832 (closed bug: fixed)

Opened 5 years ago

Last modified 5 years ago

segfault in _int_malloc

Reported by: coke Owned by:
Priority: major Milestone:
Component: core Version: 1.3.0
Severity: fatal Keywords:
Cc: Language: tcl
Patch status: Platform:

Description (last modified by jkeenan) (diff)

With partcl (r526) running against parrot (r40039), the dict.test spec

test dies (very late in the process) with a segfault. Running under gdb, I have the following information about the segfault:

  • occurs after the failing test, dict-21.16
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb6eda6d0 (LWP 5529)]
0xb707d2cc in _int_malloc (av=0xb716c140, bytes=8) at malloc.c:4130
4130    malloc.c: No such file or directory.
        in malloc.c
(gdb) bt
#0  0xb707d2cc in _int_malloc (av=0xb716c140, bytes=8) at malloc.c:4130
#1  0xb707ef95 in __libc_calloc (n=1, elem_size=8) at malloc.c:3946
#2  0xb7cc243c in mem_sys_allocate_zeroed (size=8) at src/gc/alloc_memory.c:105
#3  0xb7e68a0e in Parrot_FixedIntegerArray_init (interp=0x804f040,
    pmc=0xb260eb90) at ./src/pmc/fixedintegerarray.pmc:44
#4  0xb7cfc2d2 in pmc_new (interp=0x804f040, base_type=25) at src/pmc.c:120
#5  0xb7cd1b96 in Parrot_PCCINVOKE (interp=0x804f040, pmc=0xb260ebd8,
    method_name=0x8070158, signature=0xb7f302e0 "P->") at src/call/pcc.c:2728
#6  0xb7e93ca2 in Parrot_FixedPMCArray_get_iter (interp=0x804f040,
    pmc=0xb260ede8) at ./src/pmc/fixedpmcarray.pmc:653
#7  0xb7eac909 in Parrot_Object_get_iter (interp=0x804f040, pmc=0xb260ee30)
    at ./src/pmc/object.c:2699
#8  0xb7c5bbc2 in Parrot_iter_p_p (cur_opcode=0xb6e1d03c, interp=0x804f040)
    at src/ops/pmc.ops:672
#9  0xb7cff250 in runops_slow_core (interp=0x804f040, pc=0xb6e1d03c)
    at src/runcore/cores.c:462
#10 0xb7cfde4e in runops_int (interp=0x804f040, offset=961)
    at src/runcore/main.c:987
#11 0xb7cd7495 in runops (interp=0x804f040, offs=961) at src/call/ops.c:119
#12 0xb7cd78a4 in runops_args (interp=0x804f040, sub=0x81157e8,
    obj=0xb260ee30, meth_unused=0x80741a8, sig=0xb7f308c1 "S",
    ap=0xbf03a3a4 " í`²è£\003¿G·æ·") at src/call/ops.c:269
#13 0xb7cd82b6 in Parrot_run_meth_fromc_args (interp=0x804f040, sub=0x81157e8,
    obj=0xb260ee30, meth=0x80741a8, sig=0xb7f308c1 "S") at src/call/ops.c:482
#14 0xb7eab74d in Parrot_Object_get_string (interp=0x804f040, pmc=0xb260ee30)
    at ./src/pmc/object.c:3184
#15 0xb7c5c1c0 in Parrot_set_s_p (cur_opcode=0xb6e1ce0c, interp=0x804f040)
    at src/ops/set.ops:148
#16 0xb7cff250 in runops_slow_core (interp=0x804f040, pc=0xb6e1ce0c)
    at src/runcore/cores.c:462
#17 0xb7cfde4e in runops_int (interp=0x804f040, offset=799)
    at src/runcore/main.c:987
#18 0xb7cd7495 in runops (interp=0x804f040, offs=799) at src/call/ops.c:119
#19 0xb7cd78a4 in runops_args (interp=0x804f040, sub=0x8115bf0,
    obj=0xb692ccb8, meth_unused=0x80741a8, sig=0xb7f308c1 "S",
    ap=0xbf03a564 " ï`²") at src/call/ops.c:269
#20 0xb7cd82b6 in Parrot_run_meth_fromc_args (interp=0x804f040, sub=0x8115bf0,
    obj=0xb692ccb8, meth=0x80741a8, sig=0xb7f308c1 "S") at src/call/ops.c:482
#21 0xb7eab74d in Parrot_Object_get_string (interp=0x804f040, pmc=0xb692ccb8)
    at ./src/pmc/object.c:3184
#22 0xb7e92d06 in Parrot_FixedPMCArray_get_string_keyed (interp=0x804f040,
    pmc=0xb260f160, key=0xb260ef20) at ./src/pmc/fixedpmcarray.pmc:304
#23 0xb7e6a118 in Parrot_Iterator_shift_string (interp=0x804f040,
    pmc=0xb260ef50) at ./src/pmc/iterator.pmc:610
#24 0xb7c5b460 in Parrot_shift_s_p (cur_opcode=0xb6e1d060, interp=0x804f040)
    at src/ops/pmc.ops:440
#25 0xb7cff250 in runops_slow_core (interp=0x804f040, pc=0xb6e1d060)
    at src/runcore/cores.c:462
#26 0xb7cfde4e in runops_int (interp=0x804f040, offset=961)
    at src/runcore/main.c:987
#27 0xb7cd7495 in runops (interp=0x804f040, offs=961) at src/call/ops.c:119
#28 0xb7cd78a4 in runops_args (interp=0x804f040, sub=0x81157e8,
    obj=0xb260f1a8, meth_unused=0x80741a8, sig=0xb7f308c1 "S",
    ap=0xbf03a794 "\030ñ`²Ø§\003¿G·æ·") at src/call/ops.c:269
#29 0xb7cd82b6 in Parrot_run_meth_fromc_args (interp=0x804f040, sub=0x81157e8,
    obj=0xb260f1a8, meth=0x80741a8, sig=0xb7f308c1 "S") at src/call/ops.c:482

bt is snipped as it's several thousand frames deep.

If we're recursing in PIR, I'd expect the interpreter to catch it - if we're running out of memory, I'd expect the GC to catch it.

Not sure what's causing the failure mode here.

Change History

Changed 5 years ago by jkeenan

  • component changed from none to hll_interop
  • description modified (diff)

Changed 5 years ago by coke

  • status changed from new to closed
  • component changed from hll_interop to core
  • resolution set to fixed
  • lang set to tcl

This segfault is no longer occurring in recent parrot/partcl.

Note: See TracTickets for help on using tickets.