[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: [Patch] Finalization of function objects
- From: "Thomas Harning Jr." <harningt@...>
- Date: Sun, 22 Mar 2009 14:00:49 -0400
On Sun, Mar 22, 2009 at 1:28 PM, Thomas Harning Jr. <harningt@gmail.com> wrote:
> On Sat, Feb 14, 2009 at 8:11 AM, Nodir Temirhodzhaev
> <nodir.temir@gmail.com> wrote:
>> Patch for Lua 5.1.4:
>>
>> http://lua-users.org/files/wiki_insecure/users/tnodir/lua-5.1.4-finpatch.tar.gz
>>
>> Bugfix: Finalize resources after coroutine yields while using a resource and
>> garbage collected.
> Just wondering, has anyone else worked with this yet?
>
> Are there any potential blockers to this patch being included in a
> stable product (potential overflows/etc in 'normal' use)?
I just found an ugly valgrind-detect glitch... not 100% sure on how to
diagnose this, but inlined is the output.
It looks like either it was directly caused by the GC-ed coroutine:
==15379== Memcheck, a memory error detector.
==15379== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al.
==15379== Using LibVEX rev 1854, a library for dynamic binary translation.
==15379== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
==15379== Using valgrind-3.3.1, a dynamic binary instrumentation framework.
==15379== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al.
==15379== For more details, rerun with: -v
==15379==
-- Finalize on error
Z
W
Y lua-5.1.4-finpatch/test.lua:11: attempt to perform arithmetic on
local 'x' (a nil value)
nil lua-5.1.4-finpatch/test.lua:11: attempt to perform arithmetic on
local 'x' (a nil value)
W lua-5.1.4-finpatch/test.lua:11: attempt to perform arithmetic on
local 'x' (a nil value)
OK
-- Redirected output
Display
OK
-- Manually finalized block
OK
-- Tail call
OK
-- Transaction
OK
-- Coroutine
F lua-5.1.4-finpatch/test.lua:113: on failure
Z lua-5.1.4-finpatch/test.lua:113: on failure
OK
-- GC'ed coroutine
==15379== Invalid read of size 1
==15379== at 0x40A247: luaD_precall (ldo.c:272)
==15379== by 0x40AD79: luaD_call (ldo.c:463)
==15379== by 0x40ACC6: luaD_finalize (ldo.c:444)
==15379== by 0x4127A4: luaE_freethread (lstate.c:139)
==15379== by 0x40D306: freeobj (lgc.c:391)
==15379== by 0x40D433: sweeplist (lgc.c:429)
==15379== by 0x40DC3A: singlestep (lgc.c:588)
==15379== by 0x40DEFA: luaC_fullgc (lgc.c:661)
==15379== by 0x407323: lua_gc (lapi.c:914)
==15379== by 0x41F1F9: luaB_collectgarbage (lbaselib.c:200)
==15379== by 0x40A5D9: luaD_precall (ldo.c:321)
==15379== by 0x41848D: luaV_execute (lvm.c:587)
==15379== Address 0x5dd5baa is 10 bytes inside a block of size 48 free'd
==15379== at 0x4C2178F: free (in
/usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so)
==15379== by 0x41AB5C: l_alloc (lauxlib.c:631)
==15379== by 0x40E2B4: luaM_realloc_ (lmem.c:79)
==15379== by 0x40C098: luaF_freeclosure (lfunc.c:155)
==15379== by 0x40D2D9: freeobj (lgc.c:386)
==15379== by 0x40D433: sweeplist (lgc.c:429)
==15379== by 0x40DC3A: singlestep (lgc.c:588)
==15379== by 0x40DEFA: luaC_fullgc (lgc.c:661)
==15379== by 0x407323: lua_gc (lapi.c:914)
==15379== by 0x41F1F9: luaB_collectgarbage (lbaselib.c:200)
==15379== by 0x40A5D9: luaD_precall (ldo.c:321)
==15379== by 0x41848D: luaV_execute (lvm.c:587)
==15379==
==15379== Invalid read of size 8
==15379== at 0x40A257: luaD_precall (ldo.c:275)
==15379== by 0x40AD79: luaD_call (ldo.c:463)
==15379== by 0x40ACC6: luaD_finalize (ldo.c:444)
==15379== by 0x4127A4: luaE_freethread (lstate.c:139)
==15379== by 0x40D306: freeobj (lgc.c:391)
==15379== by 0x40D433: sweeplist (lgc.c:429)
==15379== by 0x40DC3A: singlestep (lgc.c:588)
==15379== by 0x40DEFA: luaC_fullgc (lgc.c:661)
==15379== by 0x407323: lua_gc (lapi.c:914)
==15379== by 0x41F1F9: luaB_collectgarbage (lbaselib.c:200)
==15379== by 0x40A5D9: luaD_precall (ldo.c:321)
==15379== by 0x41848D: luaV_execute (lvm.c:587)
==15379== Address 0x5dd5bc0 is 32 bytes inside a block of size 48 free'd
==15379== at 0x4C2178F: free (in
/usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so)
==15379== by 0x41AB5C: l_alloc (lauxlib.c:631)
==15379== by 0x40E2B4: luaM_realloc_ (lmem.c:79)
==15379== by 0x40C098: luaF_freeclosure (lfunc.c:155)
==15379== by 0x40D2D9: freeobj (lgc.c:386)
==15379== by 0x40D433: sweeplist (lgc.c:429)
==15379== by 0x40DC3A: singlestep (lgc.c:588)
==15379== by 0x40DEFA: luaC_fullgc (lgc.c:661)
==15379== by 0x407323: lua_gc (lapi.c:914)
==15379== by 0x41F1F9: luaB_collectgarbage (lbaselib.c:200)
==15379== by 0x40A5D9: luaD_precall (ldo.c:321)
==15379== by 0x41848D: luaV_execute (lvm.c:587)
==15379==
==15379== Invalid read of size 8
==15379== at 0x41675E: luaV_execute (lvm.c:383)
==15379== by 0x40AD8B: luaD_call (ldo.c:464)
==15379== by 0x40ACC6: luaD_finalize (ldo.c:444)
==15379== by 0x4127A4: luaE_freethread (lstate.c:139)
==15379== by 0x40D306: freeobj (lgc.c:391)
==15379== by 0x40D433: sweeplist (lgc.c:429)
==15379== by 0x40DC3A: singlestep (lgc.c:588)
==15379== by 0x40DEFA: luaC_fullgc (lgc.c:661)
==15379== by 0x407323: lua_gc (lapi.c:914)
==15379== by 0x41F1F9: luaB_collectgarbage (lbaselib.c:200)
==15379== by 0x40A5D9: luaD_precall (ldo.c:321)
==15379== by 0x41848D: luaV_execute (lvm.c:587)
==15379== Address 0x5dd5bc0 is 32 bytes inside a block of size 48 free'd
==15379== at 0x4C2178F: free (in
/usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so)
==15379== by 0x41AB5C: l_alloc (lauxlib.c:631)
==15379== by 0x40E2B4: luaM_realloc_ (lmem.c:79)
==15379== by 0x40C098: luaF_freeclosure (lfunc.c:155)
==15379== by 0x40D2D9: freeobj (lgc.c:386)
==15379== by 0x40D433: sweeplist (lgc.c:429)
==15379== by 0x40DC3A: singlestep (lgc.c:588)
==15379== by 0x40DEFA: luaC_fullgc (lgc.c:661)
==15379== by 0x407323: lua_gc (lapi.c:914)
==15379== by 0x41F1F9: luaB_collectgarbage (lbaselib.c:200)
==15379== by 0x40A5D9: luaD_precall (ldo.c:321)
==15379== by 0x41848D: luaV_execute (lvm.c:587)
==15379==
==15379== Invalid read of size 8
==15379== at 0x416C4F: luaV_execute (lvm.c:448)
==15379== by 0x40AD8B: luaD_call (ldo.c:464)
==15379== by 0x40ACC6: luaD_finalize (ldo.c:444)
==15379== by 0x4127A4: luaE_freethread (lstate.c:139)
==15379== by 0x40D306: freeobj (lgc.c:391)
==15379== by 0x40D433: sweeplist (lgc.c:429)
==15379== by 0x40DC3A: singlestep (lgc.c:588)
==15379== by 0x40DEFA: luaC_fullgc (lgc.c:661)
==15379== by 0x407323: lua_gc (lapi.c:914)
==15379== by 0x41F1F9: luaB_collectgarbage (lbaselib.c:200)
==15379== by 0x40A5D9: luaD_precall (ldo.c:321)
==15379== by 0x41848D: luaV_execute (lvm.c:587)
==15379== Address 0x5dd5bc8 is 40 bytes inside a block of size 48 free'd
==15379== at 0x4C2178F: free (in
/usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so)
==15379== by 0x41AB5C: l_alloc (lauxlib.c:631)
==15379== by 0x40E2B4: luaM_realloc_ (lmem.c:79)
==15379== by 0x40C098: luaF_freeclosure (lfunc.c:155)
==15379== by 0x40D2D9: freeobj (lgc.c:386)
==15379== by 0x40D433: sweeplist (lgc.c:429)
==15379== by 0x40DC3A: singlestep (lgc.c:588)
==15379== by 0x40DEFA: luaC_fullgc (lgc.c:661)
==15379== by 0x407323: lua_gc (lapi.c:914)
==15379== by 0x41F1F9: luaB_collectgarbage (lbaselib.c:200)
==15379== by 0x40A5D9: luaD_precall (ldo.c:321)
==15379== by 0x41848D: luaV_execute (lvm.c:587)
OK
==15379==
==15379== ERROR SUMMARY: 4 errors from 4 contexts (suppressed: 4 from 1)
==15379== malloc/free: in use at exit: 0 bytes in 0 blocks.
==15379== malloc/free: 6,699 allocs, 6,699 frees, 1,167,188 bytes allocated.
==15379== For counts of detected errors, rerun with: -v
==15379== All heap blocks were freed -- no leaks are possible.
I tested this in both 32-bit and 64-bit compiled with pretty much the
same results (though its # of suppressed errors is larger on 32-bit)
--
Thomas Harning Jr.
