Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Segfault moving out of a struct and then calling a move-out-of-self method #4759

Closed
erickt opened this issue Feb 2, 2013 · 6 comments
Closed

Segfault moving out of a struct and then calling a move-out-of-self method #4759

erickt opened this issue Feb 2, 2013 · 6 comments
Assignees
@nikomatsakis
Labels
A-lifetimes Area: Lifetimes / regions E-needs-test Call for participation: An issue has been fixed and does not reproduce, but no test has been added. I-crash Issue: The compiler crashes (SIGSEGV, SIGABRT, etc). Use I-ICE instead when the compiler panics.

Comments

@erickt
Copy link
Contributor

erickt commented Feb 2, 2013

This code segfaults:

struct T { a: ~int }

trait U {
    fn f(self);
}

impl ~int: U {
    fn f(self) { }
}

fn main() {
    let T { a: a } = T { a: ~0 };
    a.f();
}

with this output:

test(9593,0x10b268000) malloc: *** error for object 0xffffffffffffffff: pointer being freed was not allocated
*** set a breakpoint in malloc_error_break to debug

and this stack trace:

#0  0x00007fff8dd2a558 in malloc_error_break ()
#1  0x00007fff8dd2b912 in free ()
#2  0x000000010028a727 in __morestack () at rust_task.cpp:1327
#3  0x00000001002790c5 in rust_task::call_on_c_stack (this=0x100500000, args=0x1010051e0, fn_ptr=0x10027a5c0) at rust_task.h:494
#4  0x000000010027a591 in upcall_exchange_free (ptr=0xffffffffffffffff) at rust_upcall.cpp:45
#5  0x000000010000192f in glue_free_1935 ()
#6  0x00000001000018d1 in glue_drop_1933 ()
#7  0x000000010000187d in __extensions__::meth_1925::f::_e2974ddf553dde8::_00 ()
#8  0x00000001000019c3 in main::_e2974ddf553dde8::_00 ()
#9  0x0000000100001a5e in _rust_main ()
#10 0x0000000100278ca5 in task_start_wrapper (a=0x150b) at rust_task.cpp:164

When getting rid of the unique pointer, I instead get an llvm assertion. Here's the code:

struct T { a: int }

trait U {
    fn f(self);
}

impl int: U {
    fn f(self) { }
}

fn main() {
    let T { a: a } = T { a: 0 };
    a.f();
}

and the output:

Assertion failed: (S->getType()->isPointerTy() && "Invalid cast"), function CreatePointerCast, file /Users/erickt/Projects/rust/rust/src/llvm/lib/VMCore/Instructions.cpp, line 2383.

and this stack trace:

#0  0x00007fff8ee60212 in __pthread_kill ()
#1  0x00007fff8dd13af4 in pthread_kill ()
#2  0x0000000101f57706 in abort ()
#3  0x0000000101f57758 in __assert_rtn ()
#4  0x0000000101edb490 in llvm::CastInst::CreatePointerCast ()
#5  0x0000000101e4b8d2 in llvm::IRBuilder<true, llvm::ConstantFolder, llvm::IRBuilderDefaultInserter<true> >::CreatePointerCast ()
#6  0x0000000101e44838 in LLVMBuildPointerCast ()
#7  0x0000000100feb8a2 in LLVMBuildPointerCast__c_stack_shim ()
#8  0x000000010143c727 in __morestack () at rust_task.cpp:1327
#9  0x000000010142b0c5 in rust_task::call_on_c_stack (this=0x10270c4e0, args=0x104018e78, fn_ptr=0x104018e78) at rust_task.h:494
#10 0x000000010142be69 in upcall_call_shim_on_c_stack (args=0x104018e78, fn_ptr=0x100feb860) at rust_upcall.cpp:60
#11 0x000000010098f50d in middle::trans::build::PointerCast::_3e38238393e5948d::_06 ()
#12 0x00000001009cbaa9 in middle::trans::callee::trans_call_inner::anon::expr_fn_26727 ()
#13 0x000000010098cd5f in middle::trans::base::with_scope::_fc26e1201346c1::_06 ()
#14 0x00000001009bf41c in middle::trans::callee::trans_method_call::_921043a626596462::_06 ()
#15 0x00000001009d6e25 in middle::trans::expr::trans_rvalue_dps_unadjusted::_6ab5e6d9b19a6bf::_06 ()
#16 0x0000000100941de4 in middle::trans::expr::trans_into::_6ab5e6d9b19a6bf::_06 ()
#17 0x00000001009410ed in middle::trans::base::trans_stmt::_7d7890c648bcf45::_06 ()
#18 0x000000010094086f in middle::trans::controlflow::trans_block::anon::expr_fn_21347 ()
#19 0x000000010093f58e in middle::trans::controlflow::trans_block::_f6936ad596fe591::_06 ()
#20 0x0000000100a3b97c in middle::trans::base::trans_closure::_a0aad068b0e5e392::_06 ()
#21 0x00000001008f7ffb in middle::trans::base::trans_fn::_13f9f715bbcfc56a::_06 ()
#22 0x00000001008edd67 in middle::trans::base::trans_item::_2b701e478e1eb5f::_06 ()
#23 0x0000000100a4203f in middle::trans::base::trans_mod::_e154c83e57d2e40::_06 ()
#24 0x0000000100a5cfda in middle::trans::base::trans_crate::_23f87efa473f426::_06 ()
#25 0x000000010100d295 in __morestack ()
@erickt erickt mentioned this issue Feb 2, 2013
Closed
@ghost ghost assigned nikomatsakis Feb 2, 2013
@lifthrasiir
Copy link
Contributor

The second issue can be reproduced with much more minimal code:

trait U { fn f(self); }
impl U for int { fn f(self) {} }
fn main() { 4.f(); }

This is actually not related to the struct/tuple destructuring but a trait impl of primitive types.

@catamorphism
Copy link
Contributor

This seems like it might be related to #4850, but the behavior is different (in #4850 it's a bad free rather than a segfault).

@catamorphism catamorphism mentioned this issue Mar 25, 2013
Closed
@nikomatsakis
Copy link
Contributor

Not critical for 0.6; removing milestone.

@erickt erickt mentioned this issue Apr 14, 2013
Closed
@catamorphism
Copy link
Contributor

Reproduced with 64963d6. Nominating for milestone 5, production-ready

@erickt erickt mentioned this issue Jun 12, 2013
Closed
@dotdash
Copy link
Contributor

dotdash commented Jun 28, 2013

Seems to be fixed in master

graydon added a commit to graydon/rust that referenced this issue Aug 2, 2013
@graydon
test: add testcase, close rust-lang#4759 which was already fixed.
cba09a6
@alexcrichton alexcrichton mentioned this issue Aug 13, 2013
Closed
alexcrichton added a commit to alexcrichton/rust that referenced this issue Aug 14, 2013
@alexcrichton
Add a bunch of tests for closed issues
783c6a1 
Closes rust-lang#3907
Closes rust-lang#5493
Closes rust-lang#4464
Closes rust-lang#4759
Closes rust-lang#5666
Closes rust-lang#5884
Closes rust-lang#5926
Closes rust-lang#6318
Closes rust-lang#6557
Closes rust-lang#6898
Closes rust-lang#6919
Closes rust-lang#7222
@catamorphism
Copy link
Contributor

It looks like a test for this was added already. Closing.

bors added a commit that referenced this issue Aug 15, 2013
@bors
auto merge of #8485 : alexcrichton/rust/add-tests, r=catamorphism
c4656cf 
Closes #3907
Closes #5493
Closes #4464
Closes #4759
Closes #5666
Closes #5884
Closes #5926
Closes #6318
Closes #6557
Closes #6898
Closes #6919
Closes #7222
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nikomatsakis nikomatsakis

Labels
A-lifetimes Area: Lifetimes / regions E-needs-test Call for participation: An issue has been fixed and does not reproduce, but no test has been added. I-crash Issue: The compiler crashes (SIGSEGV, SIGABRT, etc). Use I-ICE instead when the compiler panics.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add a bunch of tests for closed issues alexcrichton/rust
5 participants
@erickt @nikomatsakis @dotdash @lifthrasiir @catamorphism