Segfault when calling module_info/0 from HiPE after a code:delete

Paul Guyot pguyot@REDACTED
Sun Oct 10 16:02:18 CEST 2010 

Hello,

There is a bug in HiPE where calling module_info/0 on a module after a code:purge and code:delete will segfault.

The test case is the following (to be added in module_info_SUITE.erl):

%% Test that module_info works after code:delete.
code_delete(Config) when is_list(Config) ->
    ?line ModuleInfo = module_info_helper:module_info(),
    ?line false = code:purge(module_info_helper),
    ?line true = code:delete(module_info_helper),
    ?line ModuleInfo = module_info_helper:module_info(),
    ok.

module_info_helper is just a dummy module:
----
%%% @doc Helper for module_info_SUITE test.
-module(module_info_helper).

%% API
-export([f/0]).

f() -> ok.
----

If module_info_SUITE is compiled natively, the VM segfaults. If module_info_SUITE is not compiled natively, the test passes as the code server properly reloads the module.

The stacktrace is the following:

Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000020
Crashed Thread:  5
...
Thread 5 Crashed:
0   beam.smp                      	0x0000000010105a75 erts_module_info_1 + 917 (beam_load.c:4692)
1   beam.smp                      	0x0000000010105d2d erts_module_info_0 + 109 (beam_load.c:4453)
2   beam.smp                      	0x000000001004f109 get_module_info_1 + 9 (bif.c:4232)
3   beam.smp                      	0x00000000100fcba6 process_main + 16982 (beam_emu.c:2205)
4   beam.smp                      	0x0000000010073ff2 sched_thread_func + 706 (erl_process.c:3637)
5   beam.smp                      	0x000000001017f8c6 thr_wrapper + 134
6   libSystem.B.dylib             	0x00007fff884a4456 _pthread_start + 331
7   libSystem.B.dylib             	0x00007fff884a4309 thread_start + 13

The crash happens in compilation_info_for_module:
http://github.com/erlang/otp/blob/dev/erts/emulator/beam/beam_load.c#L4692
    code = modp->code;
    ext = (byte *) code[MI_COMPILE_PTR];	<--- here. code is NULL

A similar crash can occur in attributes_for_module:
    code = modp->code;
    ext = (byte *) code[MI_ATTR_PTR];

modp->code is set to NULL when code:delete is called.

Paul
-- 
Semiocast                    http://semiocast.com/
+33.175000290 - 62 bis rue Gay-Lussac, 75005 Paris

More information about the erlang-bugs mailing list