Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use-after-free bug in trace #1245

Open
jinwoo opened this issue Feb 24, 2024 · 1 comment
Open

Use-after-free bug in trace #1245

jinwoo opened this issue Feb 24, 2024 · 1 comment

Comments

@jinwoo
Copy link

jinwoo commented Feb 24, 2024

I'm running version 9.3.1-8-g551cdfe51 on Mac, which I built from HEAD using homebrew a few days ago.

It seems to have a use-after-free bug in trace. A simple example below.

  • File: foo.pl
my_plus(A, B, C) :-
    C is A + B.

If I load and run this without tracing, things run fine.

% swipl
Welcome to SWI-Prolog (threaded, 64 bits, version 9.3.1-8-g551cdfe51)
SWI-Prolog comes with ABSOLUTELY NO WARRANTY. This is free software.
Please run ?- license. for legal details.

For online help and background, visit https://www.swi-prolog.org
For built-in help, use ?- help(Topic). or ?- apropos(Word).

?- [foo].
true.

?- foldl(my_plus, [1,2,3], 0, N).
N = 6.

But if I enable tracing, it crashes. The stack trace shows prolog_trace:my_plus/3 (vs user:my_plus/3) and <garbage_collected>. It seems to suggest that there's a use-after-free bug somewhere around trace.

% swipl
Welcome to SWI-Prolog (threaded, 64 bits, version 9.3.1-8-g551cdfe51)
SWI-Prolog comes with ABSOLUTELY NO WARRANTY. This is free software.
Please run ?- license. for legal details.

For online help and background, visit https://www.swi-prolog.org
For built-in help, use ?- help(Topic). or ?- apropos(Word).

?- [foo].
true.

?- trace(foldl).
%     apply:foldl/4: [all]
%     apply:foldl/5: [all]
%     apply:foldl/6: [all]
%     apply:foldl/7: [all]
true.

?- foldl(my_plus, [1,2,3], 0, N).
 T [12] Call: apply:foldl(my_plus, [1, 2, 3], 0, _33416)
ERROR: Unknown procedure: prolog_trace:my_plus/3
ERROR: In:
ERROR:   [20] prolog_trace:my_plus(1,0,_344)
ERROR:   [19] apply:foldl_('<garbage_collected>',prolog_trace:my_plus,0,_380) at /opt/homebrew/Cellar/swi-prolog/HEAD-551cdfe/lib/swipl/library/apply.pl:317
ERROR:   [17] call('<garbage_collected>') at /opt/homebrew/Cellar/swi-prolog/HEAD-551cdfe/lib/swipl/boot/init.pl:502
ERROR:   [16] call_cleanup(prolog_trace:call(...),prolog_trace:(_456=true)) at /opt/homebrew/Cellar/swi-prolog/HEAD-551cdfe/lib/swipl/boot/init.pl:685
ERROR:   [15] '<meta-call>'('<garbage_collected>') <foreign>
ERROR:   [14] call('<garbage_collected>') at /opt/homebrew/Cellar/swi-prolog/HEAD-551cdfe/lib/swipl/boot/init.pl:502
ERROR:   [13] call_cleanup(prolog_trace:call(...),prolog_trace:(_562=true)) at /opt/homebrew/Cellar/swi-prolog/HEAD-551cdfe/lib/swipl/boot/init.pl:685
ERROR:   [12] apply:'$wrap$foldl'(my_plus,[1,2|...],0,_600)1-st clause of '$wrap$foldl'/4 <no source>
ERROR:   [11] toplevel_call('<garbage_collected>') at /opt/homebrew/Cellar/swi-prolog/HEAD-551cdfe/lib/swipl/boot/toplevel.pl:1317
ERROR:
ERROR: Note: some frames are missing due to last-call optimization.
ERROR: Re-run your program in debug mode (:- debug.) to get more detail.
   Exception: (20) prolog_trace:my_plus(1, 0, _264) ?

Maybe a similar issue as the one in the http package: SWI-Prolog/packages-http#164?
@JanWielemaker
Copy link
Member

This issue has been mentioned on SWI-Prolog. There might be relevant details there:

https://swi-prolog.discourse.group/t/another-use-after-free-bug-report/7258/1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jinwoo @JanWielemaker