search

vermaseren / form

The FORM project for symbolic manipulation of very big expressions
GNU General Public License v3.0
1.01k stars 120 forks source link

Memory error for local $-variable in TFORM #253

Closed tueda closed 5 years ago

tueda commented 6 years ago

The second bug of #250 can be reproduced by

#$x = 0;
ModuleOption local $x;
.end

Then valgrind tvorm -w2 test.frm gives

==25739== Memcheck, a memory error detector
==25739== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==25739== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==25739== Command: tvorm -w2 test.frm
==25739==
TFORM 4.2.0 (Dec 13 2017, v4.2.0-28-g4493f01) 64-bits 2 workers  Run: Wed Dec 13 18:29:05 2017
    #$x = 0;
    ModuleOption local $x;
==25739== Invalid read of size 4
==25739==    at 0x4533C0: DoModDollar (module.c:682)
==25739==    by 0x45373F: DoModLocal (module.c:605)
==25739==    by 0x4526E4: CoModuleOption (module.c:171)
==25739==    by 0x427C05: CompileStatement (compiler.c:634)
==25739==    by 0x4B887D: PreProcessor (pre.c:1045)
==25739==    by 0x4F52A6: main (startup.c:1607)
==25739==  Address 0x6536090 is 0 bytes after a block of size 96 alloc'd
==25739==    at 0x4C2AB96: malloc (vg_replace_malloc.c:299)
==25739==    by 0x50CBD6: Malloc1 (tools.c:2230)
==25739==    by 0x4EF922: EndSort (sort.c:741)
==25739==    by 0x4306FA: CatchDollar (dollar.c:117)
==25739==    by 0x4B88B5: PreProcessor (pre.c:1050)
==25739==    by 0x4F52A6: main (startup.c:1607)
==25739==
    .end
  0.04 sec + 0.00 sec: 0.05 sec out of 0.05 sec
==25739==
==25739== HEAP SUMMARY:
==25739==     in use at exit: 1,064,554,288 bytes in 217 blocks
==25739==   total heap usage: 750 allocs, 533 frees, 1,087,471,061 bytes allocated
==25739==
==25739== LEAK SUMMARY:
==25739==    definitely lost: 0 bytes in 0 blocks
==25739==    indirectly lost: 0 bytes in 0 blocks
==25739==      possibly lost: 0 bytes in 0 blocks
==25739==    still reachable: 1,064,554,288 bytes in 217 blocks
==25739==         suppressed: 0 bytes in 0 blocks
tueda commented 6 years ago

git bisect claims a0b635c6ba559227abc4bd7cdbbfe272af4c2941 is the first bad commit.

tueda commented 6 years ago

dollar->size was modified from 1 to 32 https://github.com/vermaseren/form/blob/4493f01b3732abd5124309ac05618c2689e07f46/sources/dollar.c#L140 while the Valgrind message says that EndSort() allocated only 24 WORDs??

tueda commented 5 years ago

Fixed by f1b83ae78e33cbc35b2a7d3c66e0dd0012beaa15 and 19a2da2928d45026b58e0c7c751c970856cb3915 (introducing MINALLOC).