search

brson / miri

An experimental compiler from Rust to WebAssembly (inactive - do not use)
Apache License 2.0
209 stars 15 forks source link

Crash on Linux running `cargo test` #41

Open eholk opened 7 years ago

eholk commented 7 years ago

Here's a stack trace:

Process 132871 launched: './target/debug/deps/mir2wasm-ce627d33d91d8d02' (x86_64)
Process 132871 stopped
* thread #1: tid = 132871, 0x00007ffff358a4e6 libstd-411f48d3.so`free + 150, name = 'mir2wasm-ce627d', stop reason = signal SIGSEGV: invalid address (fault address: 0x8)
    frame #0: 0x00007ffff358a4e6 libstd-411f48d3.so`free + 150
libstd-411f48d3.so`free:
->  0x7ffff358a4e6 <+150>: movq   0x68(%rbp,%rdi,8), %r8
    0x7ffff358a4eb <+155>: movq   %r8, %r9
    0x7ffff358a4ee <+158>: andl   $0x1fe0, %r9d             ; imm = 0x1FE0 
    0x7ffff358a4f5 <+165>: shrq   $0x5, %r9
(lldb) bt
* thread #1: tid = 132871, 0x00007ffff358a4e6 libstd-411f48d3.so`free + 150, name = 'mir2wasm-ce627d', stop reason = signal SIGSEGV: invalid address (fault address: 0x8)
  * frame #0: 0x00007ffff358a4e6 libstd-411f48d3.so`free + 150
    frame #1: 0x00007ffff5eeae33 librustc_llvm-411f48d3.so`operator delete(void*) + 31
    frame #2: 0x0000555555583942 mir2wasm-ce627d33d91d8d02`__gnu_cxx::new_allocator<char>::deallocate(this=0x00007ffff0ebf120, __p="", (null)=140737235239643) + 32 at new_allocator.h:110
    frame #3: 0x000055555557ad6a mir2wasm-ce627d33d91d8d02`std::_Vector_base<char, std::allocator<char> >::_M_deallocate(this=0x00007ffff0ebf120, __p="", __n=140737235239643) + 50 at stl_vector.h:174
    frame #4: 0x00005555555746e1 mir2wasm-ce627d33d91d8d02`std::_Vector_base<char, std::allocator<char> >::~_Vector_base(this=0x00007ffff0ebf120) + 61 at stl_vector.h:160
    frame #5: 0x000055555556e407 mir2wasm-ce627d33d91d8d02`std::vector<char, std::allocator<char> >::~vector(this=0x00007ffff0ebf120) + 65 at stl_vector.h:416
    frame #6: 0x000055555562d9d4 mir2wasm-ce627d33d91d8d02`cashew::IStringSet::~IStringSet(this=0x00007ffff0ebf0f0) + 28 at istring.h:151
    frame #7: 0x0000555555631d40 mir2wasm-ce627d33d91d8d02`cashew::OperatorClass::~OperatorClass(this=0x00007ffff0ebf0f0) + 24 at parser.h:131
    frame #8: 0x0000555555631d5e mir2wasm-ce627d33d91d8d02`void __gnu_cxx::new_allocator<cashew::OperatorClass>::destroy<cashew::OperatorClass>(this=0x00005555558bb530, __p=0x00007ffff0ebf0f0) + 28 at new_allocator.h:124
    frame #9: 0x0000555555631036 mir2wasm-ce627d33d91d8d02`std::enable_if<std::allocator_traits<std::allocator<cashew::OperatorClass> >::__destroy_helper<cashew::OperatorClass>::value, void>::type std::allocator_traits<std::allocator<cashew::OperatorClass> >::_S_destroy<cashew::OperatorClass>(__a=0x00005555558bb530, __p=0x00007ffff0ebf0f0) + 35 at alloc_traits.h:281
    frame #10: 0x00005555556301e9 mir2wasm-ce627d33d91d8d02`void std::allocator_traits<std::allocator<cashew::OperatorClass> >::destroy<cashew::OperatorClass>(__a=0x00005555558bb530, __p=0x00007ffff0ebf0f0) + 35 at alloc_traits.h:405
    frame #11: 0x000055555562ed2c mir2wasm-ce627d33d91d8d02`void std::vector<cashew::OperatorClass, std::allocator<cashew::OperatorClass> >::_M_emplace_back_aux<char const (this=0x00005555558bb530, (null)=<no value available>, (null)=0x00007fffffffdad0, (null)=0x00007fffffffdae0) [8], bool, cashew::OperatorClass::Type>(char const (&) [8], bool&&, cashew::OperatorClass::Type&&) + 516 at vector.tcc:422
    frame #12: 0x000055555562e0a6 mir2wasm-ce627d33d91d8d02`void std::vector<cashew::OperatorClass, std::allocator<cashew::OperatorClass> >::emplace_back<char const (this=0x00005555558bb530, (null)=<no value available>, (null)=0x00007fffffffdad0, (null)=0x00007fffffffdae0) [8], bool, cashew::OperatorClass::Type>(char const (&) [8], bool&&, cashew::OperatorClass::Type&&) + 204 at vector.tcc:101
    frame #13: 0x000055555562da8e mir2wasm-ce627d33d91d8d02`cashew::Init::Init(this=0x00005555558bb568) + 106 at parser.cpp:125
    frame #14: 0x0000555555634325 mir2wasm-ce627d33d91d8d02`::__static_initialization_and_destruction_0(__initialize_p=1, __priority=65535) + 2557 at parser.cpp:148
    frame #15: 0x00005555556343c2 mir2wasm-ce627d33d91d8d02`::_GLOBAL__sub_I_parser.cpp() + 19 at parser.cpp:161
    frame #16: 0x00005555556356ed mir2wasm-ce627d33d91d8d02`__libc_csu_init + 77
    frame #17: 0x00007ffff2a20ed5 libc.so.6`__libc_start_main(main=(mir2wasm-ce627d33d91d8d02`main), argc=1, argv=0x00007fffffffdc58, init=(mir2wasm-ce627d33d91d8d02`__libc_csu_init), fini=<unavailable>, rtld_fini=<unavailable>, stack_end=0x00007fffffffdc48) + 133 at libc-start.c:246
    frame #18: 0x000055555555fef9 mir2wasm-ce627d33d91d8d02`_start + 41

It looks like we're trying to run a destructor on a null pointer, and it seems to be buried in std::vector somewhere. Judging by the deps in the path name, I suspect this is a pass that tests any cargo dependencies too. It might be binaryen-related.

This issue doesn't show up on Macs.

eholk commented 7 years ago

Ah, I just noticed the cashew parts of the stack. That makes me think it's related to this: https://github.com/kripken/cashew

@kripken - any idea what could be causing this?

eholk commented 7 years ago

I'm not seeing this on another machine, so it may be some broken configuration on my original machine.

eholk commented 7 years ago

This seems very similar to another crash I've been seeing, which should be fixed when https://github.com/WebAssembly/binaryen/pull/866 lands.