Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Segfault matching copy of dereferenced owned string #4542

Closed
jdm opened this issue Jan 19, 2013 · 8 comments
Closed

Segfault matching copy of dereferenced owned string #4542

jdm opened this issue Jan 19, 2013 · 8 comments
Assignees
@nikomatsakis
Labels
A-codegen Area: Code generation I-crash Issue: The compiler crashes (SIGSEGV, SIGABRT, etc). Use I-ICE instead when the compiler panics.

Comments

@jdm
Copy link
Contributor

jdm commented Jan 19, 2013 

fn main() {
    for os::args().each |arg| {
        match copy *arg {
            s => { }
        }
    }
}

#0  0x000000395a835935 in raise () from /lib64/libc.so.6
#1  0x000000395a8370e8 in abort () from /lib64/libc.so.6
#2  0x000000395a874e8b in __libc_message () from /lib64/libc.so.6
#3  0x000000395a87c00e in _int_free () from /lib64/libc.so.6
#4  0x00007ffff7dae669 in __morestack () from /tmp/../usr/local/lib/rustc/x86_64-unknown-linux-gnu/lib/librustrt.so
#5  0x00007ffff7d9dc68 in call_on_c_stack (fn_ptr=0x7ffff7d9cb70, args=0x7ffff0101650, this=0x407180) at /run/media/jdm/ssd/rust/src/rt/rust_task.h:494
#6  call_upcall_on_c_stack (fn_ptr=0x7ffff7d9cb70, args=0x7ffff0101650, task=<optimized out>) at /run/media/jdm/ssd/rust/src/rt/rust_upcall.cpp:45
#7  upcall_exchange_free (ptr=<optimized out>) at /run/media/jdm/ssd/rust/src/rt/rust_upcall.cpp:208
#8  0x0000000000401d7f in glue_free_1939 ()
#9  0x00000000004021c7 in main::anon::expr_fn_1955 ()
#10 0x000000000040175b in vec::__extensions__::each_1861::anon::expr_fn_1914 ()
#11 0x0000000000401472 in vec::each_1864::anon::expr_fn_1894 ()
#12 0x00000000004011a2 in vec::as_imm_buf_1867::_43d6e68cf6296159::_00 ()
#13 0x00000000004022b4 in __morestack ()
#14 0x0000000000401087 in vec::each_1864::_83f0fe0dda0fc51::_00 ()
#15 0x0000000000400fe5 in vec::__extensions__::each_1861::_a7cec32bfdc93c6::_00 ()
#16 0x0000000000401f83 in main::_fe18229bb2f275::_00 ()
#17 0x000000000040203e in _rust_main ()
#18 0x00007ffff7d9b4e4 in task_start_wrapper (a=0x407fd0) at /run/media/jdm/ssd/rust/src/rt/rust_task.cpp:164
#19 0x0000000000000000 in ?? ()
@ghost ghost assigned catamorphism Jan 24, 2013
@catamorphism
Copy link
Contributor

This simpler example pokes the same bug:

fn main() {
    let a = &~1;
    match copy *a {
        b => ()
    }
}

@catamorphism
Copy link
Contributor

This also segfaults, and prints what appears to be garbage:

fn main() {
    let a = &~1;
    let mut c: ~int;
    match copy *a {
        b => c = b
    };
    log(error, *c);
}

I think borrowck should reject this, since the copy of *a copies a non-copyable value.

@nikomatsakis
Copy link
Contributor

@catamorphism What is noncopyable about ~1? I think this is basically valid.

@catamorphism
Copy link
Contributor

@nikomatsakis You're right; I'm coming up with another example.

@nikomatsakis
Copy link
Contributor

@catamorphism ok. btw, I am working on the move code right now, which is close to this area. it's possible I could look into this bug afterward, I expect the problem is centered around how match handles freeing memory.

@ghost ghost assigned nikomatsakis Jan 30, 2013
@catamorphism
Copy link
Contributor

@nikomatsakis I reassigned this and #4541 to you (that one looks pretty similar to this) -- if you end up not wanting to look into it, feel free to assign back to me once you're done with the move code :-)

catamorphism added a commit that referenced this issue Jan 30, 2013
@catamorphism
testsuite: Add xfailed test for #4542
d73bf62
@catamorphism
Copy link
Contributor

Reproduced with 373504a. Seems at least mildly important.

@nikomatsakis
Copy link
Contributor

Not critical for 0.6; removing milestone.

flip1995 pushed a commit to flip1995/rust that referenced this issue Feb 10, 2022
@bors
Auto merge of rust-lang#8365 - Alexendoo:explicit-write-suggestion, r…
68b4498 
…=camsteffen

Add `explicit_write` suggestions for `write!`s with format args

changelog: Add [`explicit_write`] suggestions for `write!`s with format args

Fixes rust-lang#4542

```rust
writeln!(std::io::stderr(), "macro arg {}", one!()).unwrap();
```

Now suggests:

```
error: use of `writeln!(stderr(), ...).unwrap()`
  --> $DIR/explicit_write.rs:36:9
   |
LL |         writeln!(std::io::stderr(), "macro arg {}", one!()).unwrap();
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: try this: `eprintln!("macro arg {}", one!())`
```

---------

r? `@camsteffen` (again, sorry 😛) for the `FormatArgsExpn` change

Before this change `inputs_span` returned a span pointing to just `1` in

```rust
macro_rules! one {
    () => { 1 };
}

`writeln!(std::io::stderr(), "macro arg {}", one!()).unwrap();`
```

And the `source_callsite` of that span didn't include the format string, it was just `one!()`
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nikomatsakis nikomatsakis

Labels
A-codegen Area: Code generation I-crash Issue: The compiler crashes (SIGSEGV, SIGABRT, etc). Use I-ICE instead when the compiler panics.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jdm @nikomatsakis @catamorphism