Re: [AC21.5] segfault during compilation
Alexey,
thanks for your investigation, I could use more of it on that bug.
>>>>"AM" == Alexey Mahotkin
<squadette(a)gmail.com> writes:
AM> #0 0x081b1e9d in set_lookup_table
(ptr=0xb7a4a800, ph=0x83fb6b0)
AM> at mc-alloc.c:533
AM> 533 LEVEL2 (l2, L2_INDEX (ptr)) = ph;
AM> (gdb) print l2
AM> $1 = (struct level_2_lookup_tree *) 0x3
This is probably a memory corruption bug, debugging these is a real
pain in the ass... However, you should be able to set a watchpoint on
this slot of the lookup table and see what writes the 0x3 to it.
Something like this should work:
First, figure out the address of the lookup table slot:
(gdb) print &mc_allocator_globals.ptr_lookup_table[l1_index]
$1 = (level_2_lookup_tree **) 0xXXXXXXXX
Then, set a watchpoint to this address:
(gdb) watch *(int *) 0xXXXXXXXX
And re-start the program from the beginning:
(gdb) run
This should hopefully lead to
Hardware watchpoint 1: *(int *) 0xXXXXXXXX
Old value = <something>
New value = 3
and a backtrace to the wrongdoer.
AM> ==17813== Invalid read of size 4
AM> ==17813== at 0x81B3694: mc_free (mc-alloc.c:1631)
AM> ==17813== by 0x808B65F: free_lrecord (alloc.c:645)
AM> ==17813== by 0x81D108C: free_opaque_ptr (opaque.c:187)
AM> ==17813== by 0x80E2F3A: condition_bind_unwind (eval.c:1761)
AM> ==17813== Address 0x3CB5BAD4 is not stack'd, malloc'd or free'd
AM> Segmentation fault (core dumped)
The invalid read is maybe related to the above memory corruption and
will hopefully go away once the above is fixed. It hits the assert
statement in line 1631. Since this is a complex one, it is
interesting to split it up and see what part of it causes the invalid
access:
--- mc-alloc.c 14 Sep 2005 14:24:30 -0000 1.4
+++ mc-alloc.c 15 Sep 2005 11:12:22 -0000
@@ -1628,7 +1628,9 @@
mc_free (void *ptr)
{
page_header *ph = get_page_header (ptr);
- assert (!PH_ON_FREE_LIST_P (ph));
+ assert (ph);
+ assert (PH_PLH (ph));
+ assert (PLH_LIST_TYPE (PH_PLH (ph)) != FREE_LIST);
remove_cell (ptr, ph);
Attaching to the debugger after valgrind reports the error and looking
at `*ph' and `*ph->plh' might also be useful (`--db-attach=yes').
Thanks again for your help!
--
Marcus