Skip to content

Memory corruption when matching on an Option of a vector slice #8498

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Closed
catamorphism opened this issue Aug 13, 2013 · 5 comments · Fixed by #11975
Closed

Memory corruption when matching on an Option of a vector slice #8498

catamorphism opened this issue Aug 13, 2013 · 5 comments · Fixed by #11975
Labels
A-codegen Area: Code generation E-needs-test Call for participation: An issue has been fixed and does not reproduce, but no test has been added.

Comments

@catamorphism
Copy link
Contributor 

use std::io;

fn main() {
// This is ok
    match &[(~5,~7)] {
        ps => {
           let (ref y, _) = ps[0];
           io::println(fmt!("1. y = %d", **y));
           assert!(**y == 5);
        }
    }

// This is not entirely ok
    match Some(&[(~5,)]) {
        Some(ps) => {
           let (ref y,) = ps[0];
           io::println(fmt!("2. y = %d", **y));
           if **y != 5 { io::println("sadness"); }
        }
        None => ()
    }

// This is not ok
    match Some(&[(~5,~7)]) {
        Some(ps) => {
           let (ref y, ref z) = ps[0];
           io::println(fmt!("3. y = %d z = %d", **y, **z));
           assert!(**y == 5);
        }
        None => ()
    }
}

The output:

1. y = 5
2. y = 5
sadness
3. y = 2 z = 3458764513820540928
task <unnamed> failed at 'assertion failed: **y == 5', /Users/tjc/rust/src/test/run-pass/spawn-env-2.rs:28

In the second match, the first print statement prints out the right answer, but reading **y for the second time yields garbage (perhaps y is wrongly getting moved out of here even though it's a ref binding?). The third match just prints out garbage.
@catamorphism catamorphism mentioned this issue Aug 13, 2013
Closed
@bblum
Copy link
Contributor

bblum commented Aug 14, 2013

there must have been some heroic test-case minimization behind the scenes of this issue

catamorphism added a commit to catamorphism/rust that referenced this issue Aug 14, 2013
@catamorphism
std: Change ProcessOptions struct to have an option of a ~ vector
cf4694e 
This is a workaround for rust-lang#8498
catamorphism added a commit to catamorphism/rust that referenced this issue Aug 14, 2013
@catamorphism
testsuite: Add xfailed test for rust-lang#8498
5be4408
@catamorphism
Copy link
Contributor Author

@bblum Indeed, at first I thought the problem was process spawning... it's actually the arguments to process spawning that go wrong, even before any process gets spawned!

@catamorphism catamorphism mentioned this issue Aug 16, 2013
Closed
@catamorphism
Copy link
Contributor Author

I thought this might be related to #5917, but it's not; the test still fails when compiling from a branch that includes the fix for #5917.

@emberian
Copy link
Member

Modernized testcase:

fn main() {
// This is ok
    match &[(~5,~7)] {
        ps => {
           let (ref y, _) = ps[0];
           println!("1. y = {}", **y);
           assert!(**y == 5);
        }
    }

// This is not entirely ok
    match Some(&[(~5,)]) {
        Some(ps) => {
           let (ref y,) = ps[0];
           println!("2. y = {}", **y);
           if **y != 5 { println("sadness"); }
        }
        None => ()
    }

// This is not ok
    match Some(&[(~5,~7)]) {
        Some(ps) => {
           let (ref y, ref z) = ps[0];
           println!("3. y = {} z = {}", **y, **z);
           assert!(**y == 5);
        }
        None => ()
    }
}

New output:

1. y = 5
2. y = 140097404013712
sadness
3. y = 0 z = 140097404013744
task '<main>' failed at 'assertion failed: **y == 5', foo.rs:26

@alexcrichton
Copy link
Member

This appears to have been fixed, flagging as needstest.

jfager added a commit to jfager/rust that referenced this issue Feb 1, 2014
@jfager
un-xfail test for rust-lang#8498 and replace prints w/ asserts
e704561
@jfager jfager mentioned this issue Feb 1, 2014
Merged
@bors bors closed this as completed in 16f1a72 Feb 2, 2014
flip1995 pushed a commit to flip1995/rust that referenced this issue Mar 24, 2022
@bors
Auto merge of rust-lang#8547 - Jarcho:transmute_8501, r=flip1995
2b0e730 
More `transmute_undefined_repr` fixes

fixes: rust-lang#8498
fixes: rust-lang#8501
fixes: rust-lang#8503

changelog: Allow `transumte_undefined_repr` between fat pointers and `(usize, usize)`
changelog: Allow `transumte_undefined_repr` when one side is a union
changelog: Fix `transumte_undefined_repr` on tuples with one non-zero-sized type.
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
A-codegen Area: Code generation E-needs-test Call for participation: An issue has been fixed and does not reproduce, but no test has been added.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

un-xfail test for #8498 and replace prints w/ asserts jfager/rust
4 participants
@alexcrichton @catamorphism @emberian @bblum