New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cmd/compile: fatal error: out of memory on reslice with negative index #28797
Comments
Your playground link doesn't work. Could you paste the code here directly? |
My apologies: https://play.golang.org/p/6TIXJwN55zR
|
Indeed, looks bad. |
@randall77 thanks for confirming so quickly 👍 |
@gopherbot, please open a backport issue for 1.11. |
Backport issue(s) opened: #28799 (for 1.11). Remember to create the cherry-pick CL(s) as soon as the patch is submitted to master, according to https://golang.org/wiki/MinorReleases. |
mac only? Why is this OS dependent? |
It looks it is ok for Go 1.11.2 on Linux amd64, but bad for Go 1.11 and 1.11.1 on Linux amd64. |
It fails for me on 1.11, 1.11.1, 1.11.2, and tip on both linux and darwin. |
Ah, yes, you are right. |
Via |
Thanks for the bisection @DemonWav! Kindly paging @rasky @dr2chase @josharian |
If this is like the last one, (un)signedness is involved. |
Change https://golang.org/cl/151978 mentions this issue: |
@randall77, wouldn't mind your opinion on this.
and we generate code based on that assumption, using an unsigned comparison -- this will fail if AX below happens to be a negative number (and of course it is).
The source code is
I think our two choices for fixing this are either to remove the assumption from prove, or in ssa.go to catch the case where arg1 of OpIsSliceInBounds might be negative and explicitly check for that. I favor the explicit extra check, since as it happens we compile this to code that would not do the correct thing if fed a negative number. Here's another test case making the trick more explicit:
One possibility for improving code for the unoptimized case is to only insert the extra explicit test when phase "prove" is enabled. |
Change https://golang.org/cl/152477 mentions this issue: |
Thanks guys! |
Change https://golang.org/cl/166377 mentions this issue: |
Turns out this makes the fix for 28797 unnecessary, because this order ensures that the RHS of IsSliceInBounds ops are always nonnegative. The real reason for this change is that it also makes dealing with <0 values easier for reporting values in bounds check panics (issue #30116). Makes cmd/go negligibly smaller. Update #28797 Change-Id: I1f25ba6d2b3b3d4a72df3105828aa0a4b629ce85 Reviewed-on: https://go-review.googlesource.com/c/go/+/166377 Run-TryBot: Keith Randall <khr@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>
What version of Go are you using (
go version
)?Does this issue reproduce with the latest release?
Yes
What operating system and processor architecture are you using (
go env
)?go env
OutputWhat did you do?
Performed a reslice with a negative index.
https://play.golang.org/p/6TIXJwN55zR
What did you expect to see?
1
-1
panic: runtime error: slice bounds out of range
What did you see instead?
1
-1
fatal error: out of memory
runtime stack:
runtime.throw(0x10c30b4, 0xd)
/usr/local/go/src/runtime/panic.go:608 +0x72
runtime.largeAlloc(0xfffffffffffffffe, 0x1040100, 0x11be000)
/usr/local/go/src/runtime/malloc.go:1007 +0x181
runtime.mallocgc.func1()
/usr/local/go/src/runtime/malloc.go:914 +0x46
runtime.systemstack(0x0)
/usr/local/go/src/runtime/asm_amd64.s:351 +0x66
runtime.mstart()
/usr/local/go/src/runtime/proc.go:1229
goroutine 1 [running]:
runtime.systemstack_switch()
/usr/local/go/src/runtime/asm_amd64.s:311 fp=0xc00007ae18 sp=0xc00007ae10 pc=0x104eae0
runtime.mallocgc(0xfffffffffffffffe, 0x0, 0x0, 0x0)
/usr/local/go/src/runtime/malloc.go:913 +0x896 fp=0xc00007aeb8 sp=0xc00007ae18 pc=0x100aaa6
runtime.slicebytetostring(0x0, 0xc000014099, 0xfffffffffffffffe, 0x7, 0x0, 0x0)
/usr/local/go/src/runtime/string.go:102 +0x9f fp=0xc00007aee8 sp=0xc00007aeb8 pc=0x103e9af
main.main()
/Users/ccooper/work/polaris/src/github.com/alistanis/oom/main.go:12 +0x173 fp=0xc00007af98 sp=0xc00007aee8 pc=0x10910c3
runtime.main()
/usr/local/go/src/runtime/proc.go:201 +0x207 fp=0xc00007afe0 sp=0xc00007af98 pc=0x10287c7
runtime.goexit()
/usr/local/go/src/runtime/asm_amd64.s:1333 +0x1 fp=0xc00007afe8 sp=0xc00007afe0 pc=0x1050a21
exit status 2
I would expect this to fail in either case, but I was surprised by the error message. I found it when I mistakenly missed a bounds check on a reslice and thought I had actually reached an out of memory issue - the machine I was using had ~200MB of free RAM so I thought that was actually the case at first.
The text was updated successfully, but these errors were encountered: