lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


Hi again,

FWIW glibc malloc with MALLOC_CHECK_=3 fails earlier in the same (fail
#345) test case:

00001777 0x5555555a96b0 128 (nil) 0
realloc(): invalid pointer

Program received signal SIGABRT, Aborted.
0x00007ffff7c968bb in raise () from /lib/x86_64-linux-gnu/libc.so.6
(gdb) bt
#0  0x00007ffff7c968bb in raise () from /lib/x86_64-linux-gnu/libc.so.6
#1  0x00007ffff7c81535 in abort () from /lib/x86_64-linux-gnu/libc.so.6
#2  0x00007ffff7cd8778 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
#3  0x00007ffff7cdee6a in ?? () from /lib/x86_64-linux-gnu/libc.so.6
#4  0x00007ffff7ce3370 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
#5  0x000055555557f73e in l_alloc (ud=0x0, ptr=0x5555555abff0,
osize=32, nsize=64) at lauxlib.c:1009
#6  0x000055555556974d in luaM_realloc_ (L=0x5555555a2018,
block=0x5555555abff0, osize=32, nsize=64) at lmem.c:166
#7  0x0000555555569803 in luaM_saferealloc_ (L=0x5555555a2018,
block=0x5555555abff0, osize=32, nsize=64) at lmem.c:181
#8  0x00005555555695ad in luaM_growaux_ (L=0x5555555a2018,
block=0x5555555abff0, nelems=8, psize=0x5555555ae308, size_elems=4,
limit=2147483647, what=0x555555592d5e "opcodes") at lmem.c:97
#9  0x000055555558034c in luaK_code (fs=0x7fffffffb5e8, i=589894) at lcode.c:393
#10 0x000055555556c62c in retstat (ls=0x7fffffffb9d0) at lparser.c:1868
#11 statement (ls=ls@entry=0x7fffffffb9d0) at lparser.c:1922
#12 0x000055555556c798 in statlist (ls=ls@entry=0x7fffffffb9d0) at lparser.c:792
#13 0x000055555556c9ef in body (ls=ls@entry=0x7fffffffb9d0,
e=e@entry=0x7fffffffb730, ismethod=ismethod@entry=0, line=119) at
lparser.c:993
#14 0x000055555556cc5a in simpleexp (v=0x7fffffffb730,
ls=0x7fffffffb9d0) at lparser.c:1172
#15 subexpr (ls=ls@entry=0x7fffffffb9d0, v=v@entry=0x7fffffffb730,
limit=limit@entry=0) at lparser.c:1260
#16 0x000055555556ce3e in expr (ls=ls@entry=0x7fffffffb9d0,
v=v@entry=0x7fffffffb730) at lparser.c:1280
#17 0x000055555556cf68 in explist (ls=ls@entry=0x7fffffffb9d0,
v=v@entry=0x7fffffffb730) at lparser.c:1007
#18 0x000055555556c5a4 in retstat (ls=0x7fffffffb9d0) at lparser.c:1850
#19 statement (ls=ls@entry=0x7fffffffb9d0) at lparser.c:1922
#20 0x000055555556c798 in statlist (ls=ls@entry=0x7fffffffb9d0) at lparser.c:792
#21 0x000055555556c9ef in body (ls=ls@entry=0x7fffffffb9d0,
e=e@entry=0x7fffffffb900, ismethod=ismethod@entry=0, line=1) at
lparser.c:993
#22 0x000055555556cc5a in simpleexp (v=0x7fffffffb900,
ls=0x7fffffffb9d0) at lparser.c:1172
#23 subexpr (ls=ls@entry=0x7fffffffb9d0, v=v@entry=0x7fffffffb900,
limit=limit@entry=0) at lparser.c:1260
#24 0x000055555556ce3e in expr (ls=ls@entry=0x7fffffffb9d0,
v=v@entry=0x7fffffffb900) at lparser.c:1280
#25 0x000055555556cf3e in explist (ls=ls@entry=0x7fffffffb9d0,
v=v@entry=0x7fffffffb900) at lparser.c:1004
#26 0x000055555556c5a4 in retstat (ls=0x7fffffffb9d0) at lparser.c:1850
#27 statement (ls=ls@entry=0x7fffffffb9d0) at lparser.c:1922
#28 0x000055555556c798 in statlist (ls=ls@entry=0x7fffffffb9d0) at lparser.c:792
#29 0x000055555556db6c in mainfunc (fs=0x7fffffffb988,
ls=0x7fffffffb9d0) at lparser.c:1963
#30 luaY_parser (L=0x5555555a2018, z=0x7fffffffbd20,
buff=0x7fffffffbc78, dyd=<optimized out>, name=0x5555555a83b8
"@test.lua", firstchar=114) at lparser.c:1986
#31 0x000055555556451c in f_parser (L=0x5555555a2018,
ud=0x7fffffffbc70) at ldo.c:796
...

The pointer in question, 0x5555555abff0, had been freed before at
00001346, and, as verified by setting a conditional breakpoint, the
backtrace there is:

Breakpoint 2, l_alloc (ud=0x0, ptr=0x5555555abff0, osize=32, nsize=0)
at lauxlib.c:992
992       if (alloc_idx == fail_alloc_at)

#0  l_alloc (ud=0x0, ptr=0x5555555abff0, osize=32, nsize=0) at lauxlib.c:992
#1  0x0000555555569685 in luaM_free_ (L=0x5555555a2018,
block=0x5555555abff0, osize=32) at lmem.c:135
#2  0x00005555555659e9 in luaF_freeproto (L=0x5555555a2018,
f=0x5555555ae2f0) at lfunc.c:273
#3  0x0000555555567713 in freeobj (L=0x5555555a2018, o=0x5555555ae2f0)
at lgc.c:714
#4  0x00005555555680f5 in sweepgen (L=0x5555555a2018,
g=0x5555555a20e0, p=0x5555555ae380, limit=0x5555555a9660) at
lgc.c:1016
#5  0x0000555555568520 in youngcollection (L=0x5555555a2018,
g=0x5555555a20e0) at lgc.c:1148
#6  0x0000555555568baa in genstep (L=0x5555555a2018, g=0x5555555a20e0)
at lgc.c:1333
#7  0x00005555555693fd in luaC_step (L=0x5555555a2018) at lgc.c:1571
#8  0x000055555556bc7c in close_func (ls=ls@entry=0x7fffffffb9d0) at
lparser.c:762
#9  0x000055555556ca55 in body (ls=ls@entry=0x7fffffffb9d0,
e=e@entry=0x7fffffffb560, ismethod=ismethod@entry=0, line=154) at
lparser.c:997
#10 0x000055555556cc5a in simpleexp (v=0x7fffffffb560,
ls=0x7fffffffb9d0) at lparser.c:1172
#11 subexpr (ls=ls@entry=0x7fffffffb9d0, v=v@entry=0x7fffffffb560,
limit=limit@entry=0) at lparser.c:1260
#12 0x000055555556ce3e in expr (ls=ls@entry=0x7fffffffb9d0,
v=v@entry=0x7fffffffb560) at lparser.c:1280
#13 0x000055555556cf68 in explist (ls=ls@entry=0x7fffffffb9d0,
v=v@entry=0x7fffffffb560) at lparser.c:1007
#14 0x000055555556c5a4 in retstat (ls=0x7fffffffb9d0) at lparser.c:1850
#15 statement (ls=ls@entry=0x7fffffffb9d0) at lparser.c:1922
#16 0x000055555556c798 in statlist (ls=ls@entry=0x7fffffffb9d0) at lparser.c:792
#17 0x000055555556c9ef in body (ls=ls@entry=0x7fffffffb9d0,
e=e@entry=0x7fffffffb730, ismethod=ismethod@entry=0, line=119) at
lparser.c:993
#18 0x000055555556cc5a in simpleexp (v=0x7fffffffb730,
ls=0x7fffffffb9d0) at lparser.c:1172
#19 subexpr (ls=ls@entry=0x7fffffffb9d0, v=v@entry=0x7fffffffb730,
limit=limit@entry=0) at lparser.c:1260
#20 0x000055555556ce3e in expr (ls=ls@entry=0x7fffffffb9d0,
v=v@entry=0x7fffffffb730) at lparser.c:1280
#21 0x000055555556cf68 in explist (ls=ls@entry=0x7fffffffb9d0,
v=v@entry=0x7fffffffb730) at lparser.c:1007
#22 0x000055555556c5a4 in retstat (ls=0x7fffffffb9d0) at lparser.c:1850
#23 statement (ls=ls@entry=0x7fffffffb9d0) at lparser.c:1922
#24 0x000055555556c798 in statlist (ls=ls@entry=0x7fffffffb9d0) at lparser.c:792
#25 0x000055555556c9ef in body (ls=ls@entry=0x7fffffffb9d0,
e=e@entry=0x7fffffffb900, ismethod=ismethod@entry=0, line=1) at
lparser.c:993
#26 0x000055555556cc5a in simpleexp (v=0x7fffffffb900,
ls=0x7fffffffb9d0) at lparser.c:1172
#27 subexpr (ls=ls@entry=0x7fffffffb9d0, v=v@entry=0x7fffffffb900,
limit=limit@entry=0) at lparser.c:1260
#28 0x000055555556ce3e in expr (ls=ls@entry=0x7fffffffb9d0,
v=v@entry=0x7fffffffb900) at lparser.c:1280
#29 0x000055555556cf3e in explist (ls=ls@entry=0x7fffffffb9d0,
v=v@entry=0x7fffffffb900) at lparser.c:1004
#30 0x000055555556c5a4 in retstat (ls=0x7fffffffb9d0) at lparser.c:1850
#31 statement (ls=ls@entry=0x7fffffffb9d0) at lparser.c:1922
#32 0x000055555556c798 in statlist (ls=ls@entry=0x7fffffffb9d0) at lparser.c:792
#33 0x000055555556db6c in mainfunc (fs=0x7fffffffb988,
ls=0x7fffffffb9d0) at lparser.c:1963
#34 luaY_parser (L=0x5555555a2018, z=0x7fffffffbd20,
buff=0x7fffffffbc78, dyd=<optimized out>, name=0x5555555a83b8
"@test.lua", firstchar=114) at lparser.c:1986
#35 0x000055555556451c in f_parser (L=0x5555555a2018,
ud=0x7fffffffbc70) at ldo.c:796
...

(both backtraces from the same program run, just in narrative, not
actual, order).

Best regards,

--
DoubleF