Ticket #992 (closed bug: fixed)

Opened 12 years ago

Last modified 12 years ago

Memory errors when evaling invalid :vtable methods in a namespace

Reported by: dukeleto Owned by:
Priority: normal Milestone:
Component: testing Version: 1.5.0
Severity: medium Keywords:
Cc: Language:
Patch status: Platform:

Description

This code, which is meant to test that an invalid :vtable method throws the correct exception: 

.sub 'main' :main
    .include 'test_more.pir'
    throws_like(<<'CODE',':s but was used with \:vtable')
.namespace [ "Test" ]

.sub monkey :method :vtable("not_in_the_vtable")
    .param int key
    .return("monkey")
.end
CODE

.end

causes memory corruption errors: 

parrot(23952) malloc: *** error for object 0x4154: Non-aligned pointer being freed
*** set a breakpoint in malloc_error_break to debug
parrot(23952) malloc: *** error for object 0xc: Non-aligned pointer being freed
*** set a breakpoint in malloc_error_break to debug
parrot(23952) malloc: *** error for object 0x3000: pointer being freed was not allocated
*** set a breakpoint in malloc_error_break to debug
parrot(23952) malloc: *** error for object 0xa164: Non-aligned pointer being freed
*** set a breakpoint in malloc_error_break to debug
parrot(23952) malloc: *** error for object 0x920d70: double free
*** set a breakpoint in malloc_error_break to debug

A backtrace for darwin-x86/gcc 4.0.1 : 

(gdb) bt
#0  0x91ed74a9 in malloc_error_break ()
#1  0x91ed2497 in szone_error ()
#2  0x91dfc523 in szone_free ()
#3  0x91dfc38d in free ()
#4  0x0049209e in mem_sys_free (from=0x4154) at src/gc/alloc_memory.c:325
#5  0x006af616 in free_sym (r=0x91b4d0) at compilers/imcc/symreg.c:1287
#6  0x006c288b in imcc_compile (interp=0x9017c0, s=0x209aa00 ".namespace [\"PGE\";\"Grammar\"]\n      .sub \"_regex10\" :method \n          .param pmc adverbs   :slurpy :named\n          .local pmc mob\n          .const 'Sub' corou = \"_regex10_corou\"\n          $P0 = corou"..., pasm_file=0, error_message=0xbffff040) at compilers/imcc/parser_util.c:723
#7  0x006c2d45 in imcc_compile_pir_ex (interp=0x9017c0, s=0x209aa00 ".namespace [\"PGE\";\"Grammar\"]\n      .sub \"_regex10\" :method \n          .param pmc adverbs   :slurpy :named\n          .local pmc mob\n          .const 'Sub' corou = \"_regex10_corou\"\n          $P0 = corou"...) at compilers/imcc/parser_util.c:874
#8  0x004b6120 in pcf_P_Jt (interp=0x9017c0, self=0xe81b0) at src/nci.c:237
#9  0x005e0a41 in Parrot_NCI_invoke (interp=0x9017c0, pmc=0xe81b0, next=0xa0b3b0) at nci.pmc:338
#10 0x004012f2 in Parrot_invokecc_p (cur_opcode=0xa0b3a8, interp=0x9017c0) at core.ops:433
#11 0x004fcf3e in runops_slow_core (interp=0x9017c0, runcore=0x90b8a0, pc=0xa0b3a8) at src/runcore/cores.c:1013
#12 0x004fb4aa in runops_int (interp=0x9017c0, offset=1318) at src/runcore/main.c:629
#13 0x004a6135 in runops (interp=0x9017c0, offs=0) at src/call/ops.c:119
#14 0x004a6477 in runops_args (interp=0x9017c0, sub=0xe8270, obj=0x203b2f0, meth_unused=0x0, sig=0x6c88a2 "vP", ap=0xbffff32c "??\016") at src/call/ops.c:269
#15 0x004a718a in Parrot_runops_fromc_args (interp=0x9017c0, sub=0xe8270, sig=0x6c88a2 "vP") at src/call/ops.c:338
#16 0x00481a61 in Parrot_runcode (interp=0x9017c0, argc=1, argv=0xbffff430) at src/embed.c:852
#17 0x006ad507 in imcc_run_pbc (interp=0x9017c0, obj_file=0, output_file=0x0, argc=1, argv=0xbffff430) at compilers/imcc/main.c:797
#18 0x006ae1b9 in imcc_run (interp=0x9017c0, sourcefile=0xbffff54e "boom.pir", argc=1, argv=0xbffff430) at compilers/imcc/main.c:1088
#19 0x00002559 in main (argc=1, argv=0xbffff430) at src/main.c:60

Attachments

boom.pir Download (234 bytes) - added by dukeleto 12 years ago.
Causes memory errors
boom-valgrind.log Download (71.1 KB) - added by dukeleto 12 years ago.
Output of valgrind --show-reachable=yes --dsymutil=yes ./parrot boom.pir

Change History

Changed 12 years ago by dukeleto

  • summary changed from Memory errors when evaling :vtable methods to Memory errors when evaling invalid :vtable methods

Changed 12 years ago by dukeleto

  • summary changed from Memory errors when evaling invalid :vtable methods to Memory errors when evaling invalid :vtable methods in a namespace

Changed 12 years ago by dukeleto

Removing the '.namespace [ "Test" ]' lines makes the test pass.

Changed 12 years ago by dukeleto

Causes memory errors

Changed 12 years ago by dukeleto

The salient part of the valgrind output for boom.pir seems to be 

==7335== Conditional jump or move depends on uninitialised value(s)
==7335==    at 0x498518: trace_mem_block (system.c:447)
==7335==    by 0x49861D: trace_system_stack (system.c:243)
==7335==    by 0x49869B: trace_system_areas (system.c:216)
==7335==    by 0x496938: Parrot_gc_trace_root (mark_sweep.c:239)
==7335==    by 0x495AD2: gc_ms_trace_active_PMCs (gc_ms.c:251)
==7335==    by 0x495C04: gc_ms_mark_and_sweep (gc_ms.c:176)
==7335==    by 0x493082: Parrot_gc_mark_and_sweep (api.c:795)
==7335==    by 0x495E96: gc_ms_more_traceable_objects (gc_ms.c:337)
==7335==    by 0x495FFF: gc_ms_get_free_object (gc_ms.c:402)
==7335==    by 0x49269C: Parrot_gc_new_pmc_header (api.c:329)
==7335==    by 0x4F9685: get_new_pmc_header (pmc.c:458)
==7335==    by 0x4F97A7: pmc_new (pmc.c:164)

Full output is attached.

Changed 12 years ago by dukeleto

Output of valgrind --show-reachable=yes --dsymutil=yes ./parrot boom.pir

Changed 12 years ago by NotFound

Doesn't fail for me with r45981 in debian/amd64. Can someone still reproduce?

Changed 12 years ago by dukeleto

The test passes for me now, with r45974 on darwin/x86. I will add the test to the suite and then close the ticket. Where should the test go?

Changed 12 years ago by dukeleto

  • status changed from new to closed
  • resolution set to fixed

Test added to t/oo/vtableoverride.t in r45993

Note: See TracTickets for help on using tickets.