Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

segfault and memory corruption in type instantiation, possibly because of integer overflow? #57814

Open
nsajko opened this issue Mar 18, 2025 · 0 comments
Open

segfault and memory corruption in type instantiation, possibly because of integer overflow? #57814

nsajko opened this issue Mar 18, 2025 · 0 comments
Labels
bug Indicates an unexpected problem or unintended behavior types and dispatch Types, subtyping and method dispatch

Comments

@nsajko
Copy link
Contributor

nsajko commented Mar 18, 2025

NB: replacing typemax(Int) by typemax(Int) - 1 prevents the segfault

julia> versioninfo()
Julia Version 1.13.0-DEV.249
Commit bc98abcfbe3 (2025-03-18 05:23 UTC)
Build Info:
  Official https://julialang.org release
Platform Info:
  OS: Linux (x86_64-linux-gnu)
  CPU: 8 × AMD Ryzen 3 5300U with Radeon Graphics
  WORD_SIZE: 64
  LLVM: libLLVM-19.1.7 (ORCJIT, znver2)
  GC: Built with stock GC
Threads: 1 default, 1 interactive, 1 GC (on 8 virtual cores)
Environment:
  JULIA_NUM_PRECOMPILE_TASKS = 4
  JULIA_PKG_PRECOMPILE_AUTO = 0

julia> struct T{
           N,
           (Tuple{Vararg{T, N}} where {T}) <: Tup <: Tuple,
       }
       end

julia> T{typemax(Int)}

[3849] signal 11 (1): Segmentation fault
r:1expression starting at �8*r
ijl_svec_fill at /cache/build/builder-amdci5-6/julialang/julia-master/src/simplevector.c:91
jl_tupletype_fill at /cache/build/builder-amdci5-6/julialang/julia-master/src/jltypes.c:2081
inst_tuple_w_ at /cache/build/builder-amdci5-6/julialang/julia-master/src/jltypes.c:2557
inst_type_w_ at /cache/build/builder-amdci5-6/julialang/julia-master/src/jltypes.c:2725
inst_type_w_ at /cache/build/builder-amdci5-6/julialang/julia-master/src/jltypes.c:2644
inst_type_w_ at /cache/build/builder-amdci5-6/julialang/julia-master/src/jltypes.c:2622
ijl_instantiate_unionall at /cache/build/builder-amdci5-6/julialang/julia-master/src/jltypes.c:1535
ijl_apply_type at /cache/build/builder-amdci5-6/julialang/julia-master/src/jltypes.c:1469
_jl_invoke at /cache/build/builder-amdci5-6/julialang/julia-master/src/gf.c:3455 [inlined]
ijl_apply_generic at /cache/build/builder-amdci5-6/julialang/julia-master/src/gf.c:3655
jl_apply at /cache/build/builder-amdci5-6/julialang/julia-master/src/julia.h:2345 [inlined]
do_call at /cache/build/builder-amdci5-6/julialang/julia-master/src/interpreter.c:124
eval_value at /cache/build/builder-amdci5-6/julialang/julia-master/src/interpreter.c:242
eval_stmt_value at /cache/build/builder-amdci5-6/julialang/julia-master/src/interpreter.c:193 [inlined]
eval_body at /cache/build/builder-amdci5-6/julialang/julia-master/src/interpreter.c:692
jl_interpret_toplevel_thunk at /cache/build/builder-amdci5-6/julialang/julia-master/src/interpreter.c:897
jl_toplevel_eval_flex at /cache/build/builder-amdci5-6/julialang/julia-master/src/toplevel.c:1032
__repl_entry_eval_expanded_with_loc at /cache/build/builder-amdci5-6/julialang/julia-master/usr/share/julia/stdlib/v1.13/REPL/src/REPL.jl:285
_jl_invoke at /cache/build/builder-amdci5-6/julialang/julia-master/src/gf.c:3455 [inlined]
ijl_apply_generic at /cache/build/builder-amdci5-6/julialang/julia-master/src/gf.c:3655
jl_apply at /cache/build/builder-amdci5-6/julialang/julia-master/src/julia.h:2345 [inlined]
jl_f_invokelatest at /cache/build/builder-amdci5-6/julialang/julia-master/src/builtins.c:853
toplevel_eval_with_hooks at /cache/build/builder-amdci5-6/julialang/julia-master/usr/share/julia/stdlib/v1.13/REPL/src/REPL.jl:292
toplevel_eval_with_hooks at /cache/build/builder-amdci5-6/julialang/julia-master/usr/share/julia/stdlib/v1.13/REPL/src/REPL.jl:296
toplevel_eval_with_hooks at /cache/build/builder-amdci5-6/julialang/julia-master/usr/share/julia/stdlib/v1.13/REPL/src/REPL.jl:289 [inlined]
eval_user_input at /cache/build/builder-amdci5-6/julialang/julia-master/usr/share/julia/stdlib/v1.13/REPL/src/REPL.jl:314
repl_backend_loop at /cache/build/builder-amdci5-6/julialang/julia-master/usr/share/julia/stdlib/v1.13/REPL/src/REPL.jl:426
#start_repl_backend#41 at /cache/build/builder-amdci5-6/julialang/julia-master/usr/share/julia/stdlib/v1.13/REPL/src/REPL.jl:411
start_repl_backend at /cache/build/builder-amdci5-6/julialang/julia-master/usr/share/julia/stdlib/v1.13/REPL/src/REPL.jl:408 [inlined]
#run_repl#48 at /cache/build/builder-amdci5-6/julialang/julia-master/usr/share/julia/stdlib/v1.13/REPL/src/REPL.jl:634
run_repl at /cache/build/builder-amdci5-6/julialang/julia-master/usr/share/julia/stdlib/v1.13/REPL/src/REPL.jl:620
jfptr_run_repl_21515.1 at /home/nsajko/tmp/jl/jl/nightly_assert/share/julia/compiled/v1.13/REPL/u0gqU_TD7ui.so (unknown line)
_jl_invoke at /cache/build/builder-amdci5-6/julialang/julia-master/src/gf.c:3455 [inlined]
ijl_apply_generic at /cache/build/builder-amdci5-6/julialang/julia-master/src/gf.c:3655
run_std_repl at ./client.jl:488
jfptr_run_std_repl_21032.1 at /home/nsajko/tmp/jl/jl/nightly_assert/lib/julia/sys.so (unknown line)
_jl_invoke at /cache/build/builder-amdci5-6/julialang/julia-master/src/gf.c:3455 [inlined]
ijl_apply_generic at /cache/build/builder-amdci5-6/julialang/julia-master/src/gf.c:3655
jl_apply at /cache/build/builder-amdci5-6/julialang/julia-master/src/julia.h:2345 [inlined]
jl_f_invokelatest at /cache/build/builder-amdci5-6/julialang/julia-master/src/builtins.c:853
run_main_repl at ./client.jl:509
repl_main at ./client.jl:596 [inlined]
_start at ./client.jl:571
jfptr__start_20245.1 at /home/nsajko/tmp/jl/jl/nightly_assert/lib/julia/sys.so (unknown line)
_jl_invoke at /cache/build/builder-amdci5-6/julialang/julia-master/src/gf.c:3455 [inlined]
ijl_apply_generic at /cache/build/builder-amdci5-6/julialang/julia-master/src/gf.c:3655
jl_apply at /cache/build/builder-amdci5-6/julialang/julia-master/src/julia.h:2345 [inlined]
true_main at /cache/build/builder-amdci5-6/julialang/julia-master/src/jlapi.c:951
jl_repl_entrypoint at /cache/build/builder-amdci5-6/julialang/julia-master/src/jlapi.c:1111
main at /cache/build/builder-amdci5-6/julialang/julia-master/cli/loader_exe.c:58
unknown function (ip: 0x720d7dfe6487) at /usr/lib/libc.so.6
__libc_start_main at /usr/lib/libc.so.6 (unknown line)
unknown function (ip: 0x4010b8) at /workspace/srcdir/glibc-2.17/csu/../sysdeps/x86_64/start.S
Allocations: 2312057 (Pool: 2311877; Big: 180); GC: 3
Segmentation fault (core dumped)
@nsajko nsajko added bug Indicates an unexpected problem or unintended behavior types and dispatch Types, subtyping and method dispatch labels Mar 18, 2025
@nsajko nsajko changed the title segfault and memory corruption in type instantiation, possibly because of an off-by-one error and integer overflow? segfault and memory corruption in type instantiation, possibly because of integer overflow? Mar 18, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Indicates an unexpected problem or unintended behavior types and dispatch Types, subtyping and method dispatch
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@nsajko