Mirror of forum.nim-lang.org

4700 :: Some weird Heisenbug with the implicit result variable which results in a segfault

• Clyybber (orginal) [2019-03-08T00:51:48+01:00] view original

  So while cleaning up https://github.com/haldean/nimage I came across a rather weird bug, which results in a segfault/SIGSEV.

  To reproduce, clone this repo: https://github.com/Clyybber/nimage.git and checkout the branch "crash" and do nim c tests/test1.nim and then run ./tests/test1

  In this line https://github.com/Clyybber/nimage/blob/crash/private/zutil.nim#L47 it will segfault.

  Apparently it has to do with invalid writes/reads according to valgrind:

   Invalid write of size 8
      at 0x10E249: removeChunkFromMatrix2_XFftAAJrARamxGOKUFQy9aw (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x10E577: getBigChunk_stlXHMKRKFIGOvq8t4ynRQ (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x10F6CC: rawAlloc_mE4QEVyMvGRVliDWDngZCQ (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x114251: rawNewObj_ehkAaLROrd0Hc9aLROWt1nQ (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x114321: newObjNoInit (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x114391: rawNewStringNoInit (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x114A0F: setLengthStr (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x11F7CC: zuncompress_VbbZ4LVDy6izxF4k3Gvj3g (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x121798: load_idat_P5PrAgoAkNqPZC5CDuYW7A (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x12311B: load_png_ACPUuVacvyp8EtUpaNSq9cg (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x1237F7: NimMainModule (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x123699: NimMainInner (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
    Address 0x17 is not stack'd, malloc'd or (recently) free'd
   
   Invalid read of size 8
      at 0x10E1B4: removeChunkFromMatrix2_XFftAAJrARamxGOKUFQy9aw (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x10E577: getBigChunk_stlXHMKRKFIGOvq8t4ynRQ (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x10E70C: getSmallChunk_0ixBBlKB5QN59bxrmztRmCw (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x10F3B0: rawAlloc_mE4QEVyMvGRVliDWDngZCQ (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x114251: rawNewObj_ehkAaLROrd0Hc9aLROWt1nQ (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x114864: newObj (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x1148FA: rawNewString (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x11798E: signalHandler (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x4A33DFF: ??? (in /usr/lib/libc-2.28.so)
      by 0x10E248: removeChunkFromMatrix2_XFftAAJrARamxGOKUFQy9aw (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x10E577: getBigChunk_stlXHMKRKFIGOvq8t4ynRQ (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x10F6CC: rawAlloc_mE4QEVyMvGRVliDWDngZCQ (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
    Address 0xf is not stack'd, malloc'd or (recently) free'd
   
   
   Process terminating with default action of signal 11 (SIGSEGV): dumping core
    Access not within mapped region at address 0xF
      at 0x10E1B4: removeChunkFromMatrix2_XFftAAJrARamxGOKUFQy9aw (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x10E577: getBigChunk_stlXHMKRKFIGOvq8t4ynRQ (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x10E70C: getSmallChunk_0ixBBlKB5QN59bxrmztRmCw (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x10F3B0: rawAlloc_mE4QEVyMvGRVliDWDngZCQ (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x114251: rawNewObj_ehkAaLROrd0Hc9aLROWt1nQ (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x114864: newObj (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x1148FA: rawNewString (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x11798E: signalHandler (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x4A33DFF: ??? (in /usr/lib/libc-2.28.so)
      by 0x10E248: removeChunkFromMatrix2_XFftAAJrARamxGOKUFQy9aw (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x10E577: getBigChunk_stlXHMKRKFIGOvq8t4ynRQ (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
      by 0x10F6CC: rawAlloc_mE4QEVyMvGRVliDWDngZCQ (in /home/clyybber/projects/wyven/concept/image/nimage/tests/test1)
  Run

  Now the weird parts:

  Placing a var in front of result here: https://github.com/Clyybber/nimage/blob/crash/private/zutil.nim#L38 , fixes the crash and it runs successfully. So it probably has something to do with the implicit result variable...

  Using nim c -d:useSysAssert tests/test1.nim to compile the programm also fixes the crash and makes the programm run successfully. But since -d:useSysAssert only enables this branch: https://github.com/nim-lang/Nim/blob/2b5e48d80735be60c68023de114a586bbcc18360/lib/system.nim#L1660 , which is never run (otherwise the programm wouldn't terminate successfully), it shouldn't affect this, right??

---

• Varriount (orginal) [2019-03-08T02:40:54+01:00] view original

  I would double-check the ZLIB binding code that you have, to make sure that everything is correct. This looks suspiciously like a memory-corruption issue, which tends to happen when Nim bindnigs don't accurately represent the functions/structures they are wrapping.

  You _might have some luck with defining the symbol 'checkAbi' (so -d:checkAbi) to insert C binding checks.

---

• Clyybber (orginal) [2019-03-08T13:50:59+01:00] view original

  @Varriount Thanks for the suggestion, compiling with -d:checkAbi spits some error during compilation:

  : execution of an external compiler program 'gcc -c  -w  -I/home/clyybber/builds/nim/lib -I/home/clyybber/projects/wyven/concept/image/nimage/tests -o /home/clyybber/.cache/nim/test1_d/stdlib_iterators.c.o /home/clyybber/.cache/nim/test1_d/stdlib_iterators.c' failed with exit code: 1
  
  In file included from /home/clyybber/.cache/nim/test1_d/stdlib_iterators.c:9:
  /home/clyybber/builds/nim/lib/nimbase.h:520:3: error: static assertion failed: "Nim & C disagree on type size"
     _Static_assert(sizeof(typ) == sz, "Nim & C disagree on type size")
     ^~~~~~~~~~~~~~
  /home/clyybber/.cache/nim/test1_d/stdlib_iterators.c:33:1: note: in expansion of macro ‘NIM_CHECK_SIZE’
   NIM_CHECK_SIZE(TFrame, -3);
   ^~~~~~~~~~~~~~
  Run

---

• Clyybber (orginal) [2019-03-10T15:14:58+01:00] view original

  Looks like this has been fixed (by accident?) on devel, I suspect it was this commit: https://github.com/nim-lang/Nim/commit/f8bf24623c630f9eac172cd45ba4c3ea21bec30d. Anyways I can't reproduce this anymore.

---