This is the mail archive of the guile@sourceware.cygnus.com mailing list for the Guile project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

I suspect a serious bug: it is in the GC



Hello!

My previous post on this subject did not cause a lot of reaction on
this mailing-list.
(Ok, I know you are all on vacation after releasing 1.3.4, but the bug
hunt is never over!)

So I post again the following code, with some more comments.

#include <guile/gh.h>
#include <stdlib.h>

static void
inner_main (void *closure, int argc, char **argv)
{
  int N = atoi(argv[1]);
  SCM res;
  double * U = calloc(N, sizeof(double));
  int i;

  for (i = 0; i < N; ++i) {
    U[i] = i + 0.5;
  }
  gh_eval_str("(display \"Strange\n\")");
  res = gh_doubles2scm(U, N);
  gh_display(gh_vector_ref(res, gh_int2scm(0)));
  gh_newline();
  gh_display(gh_vector_ref(res, gh_int2scm(N-1)));
  gh_newline();
}

int
main (int argc, char **argv)
{
  scm_boot_guile (argc, argv, inner_main, 0);
  return 0; /* never reached */
}

This produces the following output:
$ for i in 500 5000 50000 500000
> do
> a.out $i
> a.out $i
> done
Strange
0.5
499.5
Strange
0.5
499.5
Strange
#<freed cell 31980; GC missed a reference>
4999.5
Strange
#<freed cell 321c8; GC missed a reference>
4999.5
Strange
48196.5
49999.5
Strange
48197.5
49999.5
Strange
494129.5
499999.5
Strange
494129.5
499999.5
$ gcc --version
egcs-2.90.29 980515 (egcs-1.0.3 release)
$ uname -a
SunOS min 5.6 Generic_105181-05 sun4u sparc SUNW,Ultra-5_10
$ guile --version
Guile 1.3.4

Actually, I downgraded to guile-1.3, and the same kind of behaviour
was observed !!!

Then, with guile-1.3.4, I suppressed the GC from being called:
void
scm_igc (what)
     const char *what;
{
  return;
}

and the problem disappeared completely...

It is probably uncommon to allocate a huge vector of double as in
the above exemple, so it may explain why this was not discovered
before. 

I have then put some printf in some routines of gc.c to analyse
what happens.

The allocation happen in 2 steps: first, a vector with unbound content
is allocated. If this triggers a GC, it is safe.
Then, all the N elements of the vector must be initialized. 
This calls NEWCELL N times.
If this operation triggers GC at step N1, it leads to the above problem, by
apparently deallocating some of the cells allocated before step N1.

If someone has more hints...

-- 

B. Urban

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]