Nim icon indicating copy to clipboard operation
Nim copied to clipboard

Published 20 hours ago verified publisher icon nim-lang

Case object with fields that inherit from RootObj causes SIGSEGV

Open z------------- opened this issue 1 year ago • 9 comments
trafficstars

Description

This code produces SIGSEGV at runtime:

type
  Date = object of RootObj # no bug if not `of RootObj`
  Common = object of RootObj
    name: string
    date: Date
  Foo = object
    name: string
    date: Date # no bug if this field is removed
  Bar = object of Common # no bug if not `of Common`, even if its fields are copied here
  ItemKind = enum
    ikFoo
    ikBar
  Item = object
    case kind: ItemKind
    of ikFoo:
      fooVal: Foo
    of ikBar:
      barVal: Bar
 
# also crashes if the below is wrapped in a main proc
let kind = ikBar # no bug if this is const
let item = Item(kind: kind)

Happens on:

  • devel
  • 2.0.8
  • 1.6.20 with --mm:orc/arc -d:useMalloc

GCC/Clang/-d:release make no difference.

Happens on ORC/ARC. Does not happen on Refc.

Nim Version

Nim Compiler Version 2.1.9 [Linux: amd64]
Compiled at 2024-08-01
Copyright (c) 2006-2024 by Andreas Rumpf

git hash: 12b968029159ae05b9813095fbe671e4aa57922b
active boot switches: -d:release

Current Output

Segmentation fault (core dumped)

# with -d:useMalloc:

free(): invalid pointer
Traceback (most recent call last)
<...>/repro.nim(22) repro
SIGABRT: Abnormal termination.

# valgrind:

==1317806== Memcheck, a memory error detector
==1317806== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
==1317806== Using Valgrind-3.19.0 and LibVEX; rerun with -h for copyright info
==1317806== Command: ./repro_malloc_devel_g
==1317806==
==1317806== Invalid free() / delete / delete[] / realloc()
==1317806==    at 0x484317B: free (vg_replace_malloc.c:872)
==1317806==    by 0x109F32: system::deallocImpl(pointer) (malloc.nim:28)
==1317806==    by 0x109F40: system::deallocSharedImpl(pointer) (malloc.nim:45)
==1317806==    by 0x109F4E: deallocShared (memalloc.nim:308)
==1317806==    by 0x10E85E: repro::eqdestroy_(var<repro::Item>) (repro.nim:27)
==1317806==    by 0x10E917: NimMainModule (repro.nim:22)
==1317806==    by 0x10E93E: NimMainInner (excpt.nim:140)
==1317806==    by 0x10E951: NimMain (excpt.nim:151)
==1317806==    by 0x10E973: main (excpt.nim:159)
==1317806==  Address 0x113140 is 0 bytes inside data symbol "NTIv2__n6cF8kktmytyPUtSJ0YOdg_"
==1317806==
==1317806==
==1317806== HEAP SUMMARY:
==1317806==     in use at exit: 0 bytes in 0 blocks
==1317806==   total heap usage: 0 allocs, 1 frees, 0 bytes allocated
==1317806==
==1317806== All heap blocks were freed -- no leaks are possible
==1317806==
==1317806== For lists of detected and suppressed errors, rerun with: -s
==1317806== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)

Expected Output

No response

Possible Solution

No response

Additional Information

No response

z------------- avatar Aug 03 '24 06:08 z-------------