Skip Menu |
Report information
Id: 124108
Status: open
Priority: 0/
Queue: perl6

Owner: Nobody
Requestors: dhoekman [at] gmail.com
Cc:
AdminCc:

Severity: (no value)
Tag: Bug
Platform: (no value)
Patch Status: (no value)
VM: (no value)



Date: Wed, 18 Mar 2015 05:13:41 -0700
Subject: [BUG] reduce meta-operator fails with 'max' on list larger than 2**15 with MoarVM
To: rakudobug [...] perl.org
From: David Hoekman <dhoekman [...] gmail.com>
Download (untitled) / with headers
text/plain 447b
In perl6 (version=2015.01-147-g949b809) under MoarVM (version=2015.01-69-g5bbfd1a):

> perl6-j -e 'say [max] 1..2**15'
32768
> perl6-m -e 'say [max] 1..2**15'
32768
> perl6-j -e 'say [max] 1..(1+2**15)'
32769
> perl6-m -e 'say [max] 1..(1+2**15)'
arg flag is empty in slurpy positional
  in sub infix:<max> at src/gen/m-CORE.setting:2181
  in sub  at src/gen/m-CORE.setting:20740
  in block <unit> at -e:1

[min] fails as well, but [minmax] works
From: Nicholas Clark <nick [...] ccl4.org>
Date: Thu, 19 Mar 2015 09:14:06 +0000
To: perl6-compiler [...] perl.org
Subject: Re: [perl #124108] [BUG] reduce meta-operator fails with 'max' on list larger than 2**15 with MoarVM
Download (untitled) / with headers
text/plain 2.2k
On Wed, Mar 18, 2015 at 05:13:54AM -0700, David Hoekman wrote: Thanks for the concise and interesting bug report. There might be a whole bunch more things that break in a similar way... Show quoted text
> > perl6-m -e 'say [max] 1..(1+2**15)'
> arg flag is empty in slurpy positional > in sub infix:<max> at src/gen/m-CORE.setting:2181 > in sub at src/gen/m-CORE.setting:20740 > in block <unit> at -e:1
$ ./perl6-m -Ilib -e 'say [max] 1..(1+2**15)' ASAN:SIGSEGV ================================================================= ==1476==ERROR: AddressSanitizer: SEGV on unknown address 0x000000040000 (pc 0x7fa75096588a sp 0x7fffda54e0e0 bp 0x7fffda54e210 T0) #0 0x7fa750965889 in flatten_args src/core/args.c:711 #1 0x7fa75095aff7 in MVM_args_checkarity src/core/args.c:140 #2 0x7fa750979e30 in MVM_interp_run src/core/interp.c:573 #3 0x7fa750bf4f8b in MVM_vm_run_file src/moar.c:210 #4 0x4019bf in main src/main.c:189 #5 0x7fa750267d5c in __libc_start_main (/lib64/libc.so.6+0x1ed5c) #6 0x400fc8 (/home/nicholas/Sandpit/moar-san/bin/moar+0x400fc8) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV src/core/args.c:711 flatten_args ==1476==ABORTING and a non-ASAN build under valgrind reports ==17316== ==17316== Invalid write of size 8 ==17316== at 0x4F4D91B: flatten_args (args.c:711) ==17316== by 0x4F4A427: MVM_args_checkarity (args.c:140) ==17316== by 0x4F54721: MVM_interp_run (interp.c:573) ==17316== by 0x5039D5C: MVM_vm_run_file (moar.c:210) ==17316== by 0x401250: main (main.c:189) ==17316== Address 0x40000 is not stack'd, malloc'd or (recently) free'd ==17316== ==17316== ==17316== Process terminating with default action of signal 11 (SIGSEGV) ==17316== Access not within mapped region at address 0x40000 ==17316== at 0x4F4D91B: flatten_args (args.c:711) ==17316== by 0x4F4A427: MVM_args_checkarity (args.c:140) ==17316== by 0x4F54721: MVM_interp_run (interp.c:573) ==17316== by 0x5039D5C: MVM_vm_run_file (moar.c:210) ==17316== by 0x401250: main (main.c:189) Is this something to do with P6Int having alternative storage representations? If so, it implies that some more tests would be useful for values around the switchover points. (To be robust I'd suggest testing all ranges ±2 around values 256**n for n 0 to 9) Nicholas Clark
Subject: Re: [perl #124108] [BUG] reduce meta-operator fails with 'max' on list larger than 2**15 with MoarVM
To: perl6-compiler [...] perl.org
Date: Thu, 19 Mar 2015 10:51:48 +0100
From: Moritz Lenz <moritz [...] faui2k3.org>
Download (untitled) / with headers
text/plain 2.4k
On 03/19/2015 10:14 AM, Nicholas Clark wrote: Show quoted text
> On Wed, Mar 18, 2015 at 05:13:54AM -0700, David Hoekman wrote: > > Thanks for the concise and interesting bug report. > There might be a whole bunch more things that break in a similar way... >
>>> perl6-m -e 'say [max] 1..(1+2**15)'
>> arg flag is empty in slurpy positional >> in sub infix:<max> at src/gen/m-CORE.setting:2181 >> in sub at src/gen/m-CORE.setting:20740 >> in block <unit> at -e:1
> > $ ./perl6-m -Ilib -e 'say [max] 1..(1+2**15)' > ASAN:SIGSEGV > ================================================================= > ==1476==ERROR: AddressSanitizer: SEGV on unknown address 0x000000040000 (pc 0x7fa75096588a sp 0x7fffda54e0e0 bp 0x7fffda54e210 T0) > #0 0x7fa750965889 in flatten_args src/core/args.c:711 > #1 0x7fa75095aff7 in MVM_args_checkarity src/core/args.c:140 > #2 0x7fa750979e30 in MVM_interp_run src/core/interp.c:573 > #3 0x7fa750bf4f8b in MVM_vm_run_file src/moar.c:210 > #4 0x4019bf in main src/main.c:189 > #5 0x7fa750267d5c in __libc_start_main (/lib64/libc.so.6+0x1ed5c) > #6 0x400fc8 (/home/nicholas/Sandpit/moar-san/bin/moar+0x400fc8) > > AddressSanitizer can not provide additional info. > SUMMARY: AddressSanitizer: SEGV src/core/args.c:711 flatten_args > ==1476==ABORTING > > and a non-ASAN build under valgrind reports > > ==17316== > ==17316== Invalid write of size 8 > ==17316== at 0x4F4D91B: flatten_args (args.c:711) > ==17316== by 0x4F4A427: MVM_args_checkarity (args.c:140) > ==17316== by 0x4F54721: MVM_interp_run (interp.c:573) > ==17316== by 0x5039D5C: MVM_vm_run_file (moar.c:210) > ==17316== by 0x401250: main (main.c:189) > ==17316== Address 0x40000 is not stack'd, malloc'd or (recently) free'd > ==17316== > ==17316== > ==17316== Process terminating with default action of signal 11 (SIGSEGV) > ==17316== Access not within mapped region at address 0x40000 > ==17316== at 0x4F4D91B: flatten_args (args.c:711) > ==17316== by 0x4F4A427: MVM_args_checkarity (args.c:140) > ==17316== by 0x4F54721: MVM_interp_run (interp.c:573) > ==17316== by 0x5039D5C: MVM_vm_run_file (moar.c:210) > ==17316== by 0x401250: main (main.c:189) > > > Is this something to do with P6Int having alternative storage representations?
sounds more like the number of arguments is a signed 16 bit int somewhere, and overflows for calls with >= 2**15 arguments (which a long list flattened into an argument list can cause). Cheers, Moritz
Download (untitled) / with headers
text/plain 502b
New behavior on current Rakudo: ➜ perl6-m -e 'say [max] 1..(1+2**15)' 32769 ➜ perl6-m -e 'say [max] 1..(1+2**16)' Too many arguments in flattening array. in block <unit> at -e line 1 I.e. it gives a useful error message now, instead of an LTA one. So maybe this RT can be closed? On the other hand, it could be argued that the [ ] metaop should be smart enough to handle a single Range (or other lazy Iterable) argument without forcing it to eagerly flatten.


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

For issues related to this RT instance (aka "perlbug"), please contact perlbug-admin at perl.org