Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EXCEPTION_ACCESS_VIOLATION for a small example #25310

Closed
davidanthoff opened this issue Dec 28, 2017 · 1 comment · Fixed by #25496
Closed

EXCEPTION_ACCESS_VIOLATION for a small example #25310

davidanthoff opened this issue Dec 28, 2017 · 1 comment · Fixed by #25496
Assignees
@vtjnash @quinnj
Labels
bug Indicates an unexpected problem or unintended behavior

Comments

@davidanthoff
Copy link
Contributor 

   _       _ _(_)_     |  A fresh approach to technical computing
  (_)     | (_) (_)    |  Documentation: https://docs.julialang.org
   _ _   _| |_  __ _   |  Type "?help" for help.
  | | | | | | |/ _` |  |
  | | |_| | | | (_| |  |  Version 0.7.0-DEV.3095 (2017-12-19 01:41 UTC)
 _/ |\__'_|_|_|\__'_|  |  Commit 10443357f6* (9 days old master)
|__/                   |  x86_64-w64-mingw32

julia> struct Nullable2{T}
         val::Union{Some{T},Void}
       end

julia> dest_nullable2 = Array{Nullable2{Int},1}(uninitialized, 10)
10-element Array{Nullable2{Int64},1}:

Please submit a bug report with steps to reproduce this fault, and any error messages that follow (in their entirety). Thanks.
Exception: EXCEPTION_ACCESS_VIOLATION at 0x6b5ccc94 -- jl_get_nth_field at /home/Administrator/buildbot/worker/package_win64/build/src\datatype.c:803
in expression starting at no file:0
jl_get_nth_field at /home/Administrator/buildbot/worker/package_win64/build/src\datatype.c:803
jl_f_getfield at /home/Administrator/buildbot/worker/package_win64/build/src\builtins.c:753
show_default at .\show.jl:153
jl_call_fptr_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:380 [inlined]
jl_call_method_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:399 [inlined]
jl_apply_generic at /home/Administrator/buildbot/worker/package_win64/build/src\gf.c:2011
show at .\show.jl:136
jl_call_fptr_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:380 [inlined]
jl_call_method_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:399 [inlined]
jl_apply_generic at /home/Administrator/buildbot/worker/package_win64/build/src\gf.c:2011
jl_apply at /home/Administrator/buildbot/worker/package_win64/build/src\julia.h:1474 [inlined]
jl_f__apply at /home/Administrator/buildbot/worker/package_win64/build/src\builtins.c:556
#sprint#285 at .\strings\io.jl:89
jl_call_fptr_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:380 [inlined]
jl_call_method_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:399 [inlined]
jl_apply_generic at /home/Administrator/buildbot/worker/package_win64/build/src\gf.c:2011 [inlined]
jl_apply at /home/Administrator/buildbot/worker/package_win64/build/src\julia.h:1474 [inlined]
jl_invoke at /home/Administrator/buildbot/worker/package_win64/build/src\gf.c:51
#sprint at .\<missing>:0 [inlined]
alignment at .\show.jl:1624 [inlined]
alignment at .\arrayshow.jl:68
unknown function (ip: 00000000140F7809)
jl_call_fptr_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:380 [inlined]
jl_call_method_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:399 [inlined]
jl_apply_generic at /home/Administrator/buildbot/worker/package_win64/build/src\gf.c:2011
print_matrix at .\arrayshow.jl:187
print_matrix at .\arrayshow.jl:160 [inlined]
print_array at .\arrayshow.jl:309 [inlined]
_display at .\arrayshow.jl:345
show at .\replutil.jl:139
jl_call_fptr_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:380 [inlined]
jl_call_method_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:399 [inlined]
jl_apply_generic at /home/Administrator/buildbot/worker/package_win64/build/src\gf.c:2011
display at .\repl\REPL.jl:126
jl_call_fptr_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:380 [inlined]
jl_call_method_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:399 [inlined]
jl_apply_generic at /home/Administrator/buildbot/worker/package_win64/build/src\gf.c:2011
display at .\repl\REPL.jl:129
jl_call_fptr_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:380 [inlined]
jl_call_method_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:399 [inlined]
jl_apply_generic at /home/Administrator/buildbot/worker/package_win64/build/src\gf.c:2011
display at .\multimedia.jl:291
inner at .\essentials.jl:665
jl_call_fptr_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:380 [inlined]
jl_call_method_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:399 [inlined]
jl_apply_generic at /home/Administrator/buildbot/worker/package_win64/build/src\gf.c:2011
jl_apply at /home/Administrator/buildbot/worker/package_win64/build/src\julia.h:1474 [inlined]
jl_f__apply at /home/Administrator/buildbot/worker/package_win64/build/src\builtins.c:556
jl_f__apply_latest at /home/Administrator/buildbot/worker/package_win64/build/src\builtins.c:594
#invokelatest#3 at .\essentials.jl:666 [inlined]
invokelatest at .\essentials.jl:665 [inlined]
print_response at .\repl\REPL.jl:147
unknown function (ip: 00000000140F140D)
jl_call_fptr_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:380 [inlined]
jl_call_method_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:399 [inlined]
jl_apply_generic at /home/Administrator/buildbot/worker/package_win64/build/src\gf.c:2011
print_response at .\repl\REPL.jl:133
unknown function (ip: 00000000140F0F3D)
jl_call_fptr_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:380 [inlined]
jl_call_method_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:399 [inlined]
jl_apply_generic at /home/Administrator/buildbot/worker/package_win64/build/src\gf.c:2011
do_respond at .\repl\REPL.jl:708
unknown function (ip: 00000000140F0896)
jl_call_fptr_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:380 [inlined]
jl_call_method_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:399 [inlined]
jl_apply_generic at /home/Administrator/buildbot/worker/package_win64/build/src\gf.c:2011
do_call at /home/Administrator/buildbot/worker/package_win64/build/src\interpreter.c:323
eval_value at /home/Administrator/buildbot/worker/package_win64/build/src\interpreter.c:395
eval_body at /home/Administrator/buildbot/worker/package_win64/build/src\interpreter.c:505
jl_interpret_toplevel_thunk_callback at /home/Administrator/buildbot/worker/package_win64/build/src\interpreter.c:720
unknown function (ip: FFFFFFFFFFFFFFFE)
unknown function (ip: 000000001000E84F)
unknown function (ip: FFFFFFFFFFFFFFFF)
jl_toplevel_eval_flex at /home/Administrator/buildbot/worker/package_win64/build/src\toplevel.c:721
jl_toplevel_eval_in at /home/Administrator/buildbot/worker/package_win64/build/src\builtins.c:626
eval at .\boot.jl:289 [inlined]
eval at .\repl\LineEdit.jl:3
jl_call_fptr_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:380 [inlined]
jl_call_method_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:399 [inlined]
jl_apply_generic at /home/Administrator/buildbot/worker/package_win64/build/src\gf.c:2011
run_interface at .\repl\LineEdit.jl:2228
jl_call_fptr_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:380 [inlined]
jl_call_method_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:399 [inlined]
jl_apply_generic at /home/Administrator/buildbot/worker/package_win64/build/src\gf.c:2011
run_frontend at .\repl\REPL.jl:1024
run_repl at .\repl\REPL.jl:183
jl_call_fptr_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:380 [inlined]
jl_call_method_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:399 [inlined]
jl_apply_generic at /home/Administrator/buildbot/worker/package_win64/build/src\gf.c:2011
_start at .\client.jl:420
jl_call_fptr_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:380 [inlined]
jl_call_method_internal at /home/Administrator/buildbot/worker/package_win64/build/src\julia_internal.h:399 [inlined]
jl_apply_generic at /home/Administrator/buildbot/worker/package_win64/build/src\gf.c:2011
jl_apply at /home/Administrator/buildbot/worker/package_win64/build/src\julia.h:1474 [inlined]
true_main at /home/Administrator/buildbot/worker/package_win64/build/ui\repl.c:107
wmain at /home/Administrator/buildbot/worker/package_win64/build/ui\repl.c:237
__tmainCRTStartup at /usr/src/debug/mingw64-x86_64-runtime-5.0.2-1/crt\crtexe.c:329
mainCRTStartup at /usr/src/debug/mingw64-x86_64-runtime-5.0.2-1/crt\crtexe.c:212
BaseThreadInitThunk at C:\WINDOWS\System32\KERNEL32.DLL (unknown line)
RtlUserThreadStart at C:\WINDOWS\SYSTEM32\ntdll.dll (unknown line)
Allocations: 5170144 (Pool: 5167427; Big: 2717); GC: 11
@StefanKarpinski StefanKarpinski added the bug Indicates an unexpected problem or unintended behavior label Dec 28, 2017
@quinnj
Copy link
Member

quinnj commented Jan 2, 2018

So the issue here is that doing Array{Nullable2{Int},1}(uninitialized, 10) just allocates space for each Nullable2 element (16 bytes), using whatever "junk" memory for initialization. Nullable2 is special, however, in that it has an isbits-Union field of Union{Some{T}, Nothing} (assuming T is isbits). The problem then is that the selector byte for this field isn't initialized to zero, but might include any random value from the junk memory.

I see a couple options, I'd be interested to hear what @vtjnash or @JeffBezanson think are the most worthwhile to pursue:

  • Somehow recursively detect if there are isbits Union fields in Array initialization and zero things out if so (currently only direct isbits Union Arrays get zeroed out)
  • Zero out all memory when initializing, a la part 1 of #9147: zero-initialize all Arrays #22974
  • modify jl_nth_union_component to return 0 if the selector byte is "out of range" (i.e. the selector byte has a value that is > the number of types in a Union)

I think I'm inclined to go w/ option 3 since I don't think it would actually be any less correct to just return 0 on invalid selector bytes and it ensures that we don't run into these kinds of issues, no matter how the memory gets allocated. It would actually allow us to remove all the special zero-allocation logic in array.c.

quinnj added a commit that referenced this issue Jan 2, 2018
@quinnj
Modify jl_nth_union_component to be more robust in the case of trying…
80ffd2a 
… to get an invalid 'n'. This can happen if a struct or array containing Unions gets allocated using 'uninitialized' memory and the corresponding union selector bytes may contain arbitrary values. In these cases, we always know that u->a (where 'u' is a Union type) is a valid, non-Union type, so just return that instead. Fixes #25310
This was referenced Jan 10, 2018
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vtjnash vtjnash

@quinnj quinnj

Labels
bug Indicates an unexpected problem or unintended behavior
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

kill isleaftype JuliaLang/julia
4 participants
@StefanKarpinski @vtjnash @davidanthoff @quinnj