[Openmcl-devel] Stack/Frame corruption?

Neil Baylis neil.baylis at gmail.com
Mon Aug 30 08:03:28 PDT 2010 

Is this something that will be fixed at some point, or do I need to come up
with a workaround for my demo?

Neil

On Sun, Aug 29, 2010 at 12:37 PM, Gary Byers <gb at clozure.com> wrote:

> I was just looking at it; the bug seems to be in the implemetation of ATAN
> (in some cases when both args are provided and float zeroes.)
>
> ? (atan 0.0d0 0.0d0)
> 0.0D0                   ; looks right, but:
> ? *
> #<BOGUS object @ #xB029BE6D>
> ?
>
> The returned value is stack-allocated.  It's of course wrong to return
> stack-allocated things past the limit of their extent, but that's only
> easily detectable if the stack-allocated thing hasn't been overwritten.
> (In the case above, something - perhaps READ, reading the * - has
> overwritten
> the stack-allocated DOUBLE-FLOAT so that it doesn't look like a valid
> object at all; until that happens, it looks like a perfectly valid 0.0d0.)
>
> (ATAN 0.0s0 0.0s0) has the same bug (as well as this one) on 32-bit
> platforms.  I'm not sure what else does, and could easily believe that
> the test suite that we use tests these cases and just sees what looks
> like a valid result.
>
> I'm not sure what else may share this bug.
>
>
> On Sun, 29 Aug 2010, Neil Baylis wrote:
>
>  In the following function, I think I'm seeing some kind of stack/frame
>> corruption.
>> This happens with dx86cl64 when running my ca-multilayer demo (posted
>> earlier today).
>>
>> (defun place-layer (layer center theta radius)
>>   (format t "~A~%" (* radius (cos theta)))
>>   (#/removeAllAnimations layer)     ;Causes corruption here
>>   (let* ((cx (+ (ns:ns-point-x center) (* radius (cos theta))))
>>          (cy (+ (ns:ns-point-y center) (* radius (sin theta))))
>>          (gp (make-record :<CGP>oint x (cgfl cx) y (cgfl cy))))
>> ;    (#/removeAllAnimations layer)    ;Does not cause corruption here
>>     (#/setPosition: layer gp)
>>     (set-layer-angle layer (cgfl (+ theta (radians 45) (radians (/ radius
>> 1.25)))))
>>     (free gp)))
>>
>> The failure scenario is when both theta and radius take the values 0.0D0.
>> I get the following:
>>
>> CL-USER> 0.0D0
>> > Error: value #<BOGUS object @ #x7FFF5FBFEA1D> is not of the expected
>> type REAL.
>> > While executing: (:INTERNAL |-[CADemoView mouseDown:]|), in process
>> Initial(0).
>>
>>
>> ;;;
>> ;;; #<APPKIT-PROCESS Initial(0) [Active] #x3020000B528D> requires access
>> to Shared Terminal Input
>> ;;; Type (:y 0) to yield control to this thread.
>> ;;;
>> (:y 0)
>>
>>
>> ;;;
>> ;;; Shared Terminal Input is now owned by #<APPKIT-PROCESS Initial(0)
>> [Active] #x3020000B528D>
>> ;;;
>>
>> > Type :POP to abort, :R for a list of available restarts.
>> > Type :? for other options.
>> CL-USER> (b)
>>  (44B9F8) : 0 (FUNCALL #'#<(:INTERNAL |-[CADemoView mouseDown:]|)>
>> #<TYPE-ERROR #x30200213F99D>) 141
>>  (44BA20) : 1 (SIGNAL #<TYPE-ERROR #x30200213F99D>) 973
>>  (44BA78) : 2 (%ERROR #<TYPE-ERROR #x30200213F99D> NIL 563047) 117
>>  (44BAA0) : 3 (FUNCALL #'#<CCL::DEFAULT-REQUIRE-TYPE-RESTARTS> 563047
>> #<BOGUS object @ #x7FFF5FBFEA1D> REAL) 1069
>>  (44BB38) : 4 (%SHORT-FLOAT #<BOGUS object @ #x7FFF5FBFEA1D>) 237
>>  (44BB60) : 5 (COS #<BOGUS object @ #x7FFF5FBFEA1D>) 413
>>  (44BB78) : 6 (PLACE-LAYER #<CA-LAYER <CALayer: 0x1e1b80> (#x1E1B80)>
>> #<NS-POINT 400,400 [gcable] (#x5A3C10) #x30200213FD0D>
>> #<BOGUS object @ #x7FFF5FBFEA1D> 0.0D0) 549
>>  (44BBC0) : 7 (LAYOUT-RADIAL (#<CA-LAYER <CALayer: 0x1e1b80> (#x1E1B80)>)
>> #<NS-POINT 400,400 [gcable] (#x5A3C10)
>> #x30200213FD0D> #<NS-POINT 400,400 [gcable] (#x5A3C10) #x30200213FD0D>)
>> 565
>>  (44BC30) : 8 (FUNCALL #'#<|-[CADemoView mouseDown:]|> 17591849975144)
>> 1461
>>  (44BCC0) : 9 (%PASCAL-FUNCTIONS% 307 17591849975144) 365
>>  (44BD78) : 10 (FUNCALL #'#<Anonymous Function #x302000C82F9F> #<A Foreign
>> Pointer [stack-allocated] (:* #) #x7FFF5FBFF0F0>
>> #<A Foreign Pointer #x7FFF81A78B60> #<NS-EVENT NSEvent: type=LMouseDown
>> loc=(497,195) time=176165.2 flags=0x100 win=0x0
>> winNum=1633 ctxt=0x0 evNum=5627 click=1 buttonNumber=0 pressure=1
>> (#x5A3920)>) 373
>>  (44BDA8) : 11 (%CALL-NEXT-OBJC-METHOD #<LISP-APPLICATION
>> <LispApplication: 0x567ae0> (#x567AE0)> #<OBJC:OBJC-CLASS
>> GUI::LISP-APPLICATION (#x55C2D0)> #<A Foreign Pointer #x7FFF81A78B60>
>> (:VOID :ID) #<NS-EVENT NSEvent: type=LMouseDown
>> loc=(497,195) time=176165.2 flags=0x100 win=0x0 winNum=1633 ctxt=0x0
>> evNum=5627 click=1 buttonNumber=0 pressure=1 (#x5A3920)>)
>> 773
>>  (44BE08) : 12 (FUNCALL #'#<GUI::|-[LispApplication sendEvent:]|>
>> 17591849975368) 965
>>  (44BE78) : 13 (%PASCAL-FUNCTIONS% 15 17591849975368) 365
>>  (44BF30) : 14 (FUNCALL #'#<Anonymous Function #x302000B9EAFF>
>> #<LISP-APPLICATION <LispApplication: 0x567ae0> (#x567AE0)>
>> #S(CCL::OBJC-SELECTOR :NAME "run" :%SEL #<A Foreign Pointer
>> #x7FFF81A78B3C>)) 173
>>  (44BF50) : 15 (FUNCALL #'#<(:OBJC-DISPATCH NEXTSTEP-FUNCTIONS:|run|)>
>> ???) 565
>>  (44BF88) : 16 (EVENT-LOOP NIL) 421
>> CL-USER> (:f 6)
>>  (44BB78) : 6 (PLACE-LAYER #<CA-LAYER <CALayer: 0x1e1b80> (#x1E1B80)>
>> #<NS-POINT 400,400 [gcable] (#x5A3C10) #x30200213FD0D>
>> #<BOGUS object @ #x7FFF5FBFEA1D> 0.0D0) 549
>>   (LAYER CENTER THETA RADIUS)
>>    LAYER: #<CA-LAYER <CALayer: 0x1e1b80> (#x1E1B80)>
>>    CENTER: #<NS-POINT 400,400 [gcable] (#x5A3C10) #x30200213FD0D>
>>    THETA: #<BOGUS object @ #x7FFF5FBFEA1D>
>>    RADIUS: 0.0D0
>>
>> Note that it successfully prints the value of (* radius (cos theta))
>> before it errors out while computing cx in the let* form.
>>
>> If I move the call to #/removeAllAnimations to inside the let* form, I do
>> not see the error. (See commented out statement).
>>
>> When it hits this error, it also corrupts some local variables in the
>> frame of the calling function.
>>
>> Neil
>>
>>


-- 
http://www.pixpopuli.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clozure.com/pipermail/openmcl-devel/attachments/20100830/cd71c5a4/attachment.htm>

More information about the Openmcl-devel mailing list