| Subject: | memory corruption/double free |
| Date: | Mon, 9 Mar 2015 09:52:05 +0100 |
| To: | bug-Tk [...] rt.cpan.org |
| From: | Stefan Tauner <stefan.tauner [...] technikum-wien.at> |
Hi,
the MWE below is killed on my machine after some "allowed" letters are
entered (e.g. fff). It does not seem to be completely deterministic in
terms of how it fails. Sometimes memory corruption is detected,
sometimes it's a simple segfault. In my real application it produces a
double free.
I am using perl v5.18.2 and Tk 804.031 (both from Ubuntu 14.04).
====================================================================
use strict;
use warnings;
use Tk;
my $mw = MainWindow -> new();
my $en_text;
my $en = $mw->Entry(-textvariable => \$en_text,
-validate => 'key',
-validatecommand => \&en_validate)->pack;
MainLoop;
sub en_validate{
if ($_[1] =~ /[mMfF]/){
$en_text = uc $_[1];
$en->configure(-validate => 'key');
}
return 1;
}
====================================================================
Here is the full stack trace (without debugging symbols because I am
lazy).
Starting program: /usr/bin/perl mwe.pl
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
*** Error in `/usr/bin/perl': malloc(): memory corruption (fast): 0x0000000000c20043 ***
Program received signal SIGABRT, Aborted.
0x00007ffff76c2cc9 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
56 ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0 0x00007ffff76c2cc9 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1 0x00007ffff76c60d8 in __GI_abort () at abort.c:89
#2 0x00007ffff76ff394 in __libc_message (do_abort=do_abort@entry=1, fmt=fmt@entry=0x7ffff780db28 "*** Error in `%s': %s: 0x%s ***\n") at ../sysdeps/posix/libc_fatal.c:175
#3 0x00007ffff770a0f7 in malloc_printerr (action=<optimized out>, str=0x7ffff780dec8 "malloc(): memory corruption (fast)", ptr=<optimized out>) at malloc.c:4996
#4 0x00007ffff770ce04 in _int_malloc (av=0x7ffff7a4a760 <main_arena>, bytes=8) at malloc.c:3359
#5 0x00007ffff770e7b0 in __GI___libc_malloc (bytes=8) at malloc.c:2891
#6 0x00007ffff7ae5865 in Perl_safesysmalloc () from /usr/lib/libperl.so.5.18
#7 0x00007ffff7ae5c58 in Perl_savepvn () from /usr/lib/libperl.so.5.18
#8 0x00007ffff7b15315 in Perl_sv_magicext () from /usr/lib/libperl.so.5.18
#9 0x00007ffff7b1548f in Perl_sv_magic () from /usr/lib/libperl.so.5.18
#10 0x00007ffff7aed09f in Perl_mg_copy () from /usr/lib/libperl.so.5.18
#11 0x00007ffff7afede4 in Perl_hv_common () from /usr/lib/libperl.so.5.18
#12 0x00007ffff7aff49e in Perl_hv_common_key_len () from /usr/lib/libperl.so.5.18
#13 0x00007ffff63f5680 in LangCallCallback () from /usr/lib/perl5/auto/Tk/Event/Event.so
#14 0x00007ffff5d37618 in LangDoCallback () from /usr/lib/perl5/auto/Tk/Tk.so
#15 0x00007ffff4228951 in ?? () from /usr/lib/perl5/auto/Tk/Entry/Entry.so
#16 0x00007ffff4227823 in ?? () from /usr/lib/perl5/auto/Tk/Entry/Entry.so
#17 0x00007ffff422b2fb in ?? () from /usr/lib/perl5/auto/Tk/Entry/Entry.so
#18 0x00007ffff5d367fe in Call_Tk () from /usr/lib/perl5/auto/Tk/Tk.so
#19 0x00007ffff5d2a824 in ?? () from /usr/lib/perl5/auto/Tk/Tk.so
#20 0x00007ffff7b0a866 in Perl_pp_entersub () from /usr/lib/libperl.so.5.18
#21 0x00007ffff7b02e86 in Perl_runops_standard () from /usr/lib/libperl.so.5.18
#22 0x00007ffff7a94490 in Perl_call_sv () from /usr/lib/libperl.so.5.18
#23 0x00007ffff63f55a8 in LangCallCallback () from /usr/lib/perl5/auto/Tk/Event/Event.so
#24 0x00007ffff5d3d38f in LangEventCallback () from /usr/lib/perl5/auto/Tk/Tk.so
#25 0x00007ffff5d52477 in Tk_BindEvent () from /usr/lib/perl5/auto/Tk/Tk.so
#26 0x00007ffff5d56c96 in TkBindEventProc () from /usr/lib/perl5/auto/Tk/Tk.so
#27 0x00007ffff5d5a1cc in Tk_HandleEvent () from /usr/lib/perl5/auto/Tk/Tk.so
#28 0x00007ffff5d5a6bc in ?? () from /usr/lib/perl5/auto/Tk/Tk.so
#29 0x00007ffff63f66f7 in Tcl_ServiceEvent () from /usr/lib/perl5/auto/Tk/Event/Event.so
#30 0x00007ffff63f6955 in Tcl_DoOneEvent () from /usr/lib/perl5/auto/Tk/Event/Event.so
#31 0x00007ffff5d25b24 in ?? () from /usr/lib/perl5/auto/Tk/Tk.so
#32 0x00007ffff7b0a866 in Perl_pp_entersub () from /usr/lib/libperl.so.5.18
#33 0x00007ffff7b02e86 in Perl_runops_standard () from /usr/lib/libperl.so.5.18
#34 0x00007ffff7a9b714 in perl_run () from /usr/lib/libperl.so.5.18
#35 0x0000000000400dd9 in main ()
Regards,
--
Dipl.-Ing. Stefan Tauner
Research and Development
Embedded Systems Department
University of Applied Sciences Technikum Wien
Hoechstaedtplatz 6, 1200 Vienna, Austria
T: +43 1 333 40 77-316
E: stefan.tauner@technikum-wien.at
I: embsys.technikum-wien.at
I: www.technikum-wien.at