| Title: | mps_arena_destroy may crash if some objects aren't destroyed |
| Status: | open |
| Priority: | essential |
| Assigned user: | Nick Barnes |
| Organization: | Ravenbrook |
| Description: | If a root is not destroyed first, mps_arena_destroy() can crash (in ArenaFinish -> GlobalsFinish -> GlobalsCheck -> RingCheck). This may also apply to other data structures allocated in the control pool. |
| Analysis: | The control pool is finished from ArenaDestroy, and may be unmapped as a result. Then GlobalsFinish calls GlobalsCheck, which calls RingCheck on the rootRing. If there is a root left on the rootRing, this may crash when dereferencing the root structure to test ring->prev->next == ring. This won't always show up, because the arena has some hysteresis in mapping and unmapping memory, so some or all of the control pool memory may not get unmapped, especially in small tests. This was reported by a client [1], who also reports hard crashes if he forgets to destroy an allocation point. There's a similar failure mode for that. We should check that the root ring is empty before destroying the control pool. RHSK 2010-03-02 I think I encountered this too: see changelist 168533 [2], 2009/08/28, mps/branch/2009-03-31/padding/ GDR 2012-10-26: I encountered this too. See point 6 of [3]. |
| How found: | customer |
| Evidence: | [1] <http://info.ravenbrook.com/mail/2003/01/09/13-22-45/0/>[2] < https://info.ravenbrook.com/infosys/cgi/perfbrowse.cgi?@describe+168533>[3] < http://info.ravenbrook.com/mail/2012/10/04/17-38-59/0/> |
| Observed in: | 1.100.1 |
| Created by: | Nick Barnes |
| Created on: | 2003‑01‑09 17:18:03 |
| Last modified by: | Gareth Rees |
| Last modified on: | 2012‑11‑06 16:14:57 |
| History: | 2003-01-09 NB Created. 2010-03-02 RHSK Encountered again. 2012-10-26 GDR And again! |
Generated at 2013-05-22 14:53:38 by $Id: //info.ravenbrook.com/infosys/cgi/issue.cgi#476 $
Copyright © Ravenbrook Limited. This document is provided "as is", without any express or implied warranty. In no event will the authors be held liable for any damages arising from the use of this document. You may not duplicate or reproduce this document in any form without the express permission of the copyright holder.