This is the mail archive of the libc-hacker@sourceware.cygnus.com mailing list for the glibc project.
Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
From slouken@devolution.com Thu May 13 16:10:26 1999 Return-Path: <slouken@devolution.com> Delivered-To: hjl@lucon.org Received: from roboto.devolution.com (roboto.devolution.com [204.247.175.130]) by ocean.lucon.org (Postfix) with ESMTP id 027C657B7 for <hjl@lucon.org>; Thu, 13 May 1999 16:10:25 -0700 (PDT) Received: from slouken by roboto.devolution.com with local (Exim 2.11 #1) id 10i4dZ-0004Fi-00; Thu, 13 May 1999 16:11:33 -0700 To: hjl@lucon.org (H.J. Lu) Cc: slouken@devolution.com, highlander@lokigames.com Subject: Problems with glibc and gdb on Alpha (SX164 2.2.7) X-Mailer: My Mailer 1.5 <slouken@devolution.com> Message-Id: <E10i4dZ-0004Fi-00@roboto.devolution.com> From: Sam Lantinga <slouken@devolution.com> Date: Thu, 13 May 1999 16:11:33 -0700 Okay, I'm trying to track down a memory stomping bug on Alpha SX164 running Linux 2.2.7. I have the gdb and glibc that shipped with RedHat 6.0 GNU gdb 4.17.0.11 with Linux support /lib/libc-2.1.1.so First problem: The backtrace() API doesn't seem to work. It returns 0. I stepped into the call with a debug version of glibc: __backtrace (array=0x1201507e8, size=8192) at ../sysdeps/generic/backtrace.c:66 66 int cnt = 0; (gdb) list 61 int size; 62 { 63 struct layout *current; 64 void *top_frame; 65 void *top_stack; 66 int cnt = 0; 67 68 top_frame = __builtin_frame_address (0); 69 top_stack = CURRENT_STACK_FRAME; 70 (gdb) 71 /* We skip the call to this function, it makes no sense to record it. */ 72 current = (struct layout *) top_frame; 73 while (cnt < size) 74 { 75 if ((void *) current INNER_THAN top_stack 76 || !((void *) current INNER_THAN __libc_stack_end)) 77 /* This means the address is out of range. Note that for the 78 toplevel we see a frame pointer with value NULL which clearly is 79 out of range. */ 80 break; (gdb) n 69 top_stack = CURRENT_STACK_FRAME; (gdb) 72 current = (struct layout *) top_frame; (gdb) 73 while (cnt < size) (gdb) print current $2 = (struct layout *) 0x11ffffa20 (gdb) print top_stack $3 = (void *) 0x11ffffa30 (gdb) print __libc_stack_end $4 = (void *) 0x11ffffab0 (gdb) print *current $5 = {next = 0x120005948, return_address = 0x11ffffa40} (gdb) print *current->next $6 = {next = 0x23bd090827ba0015, return_address = 0xb02f001044000401} (gdb) bt #0 __backtrace (array=0x1201507e8, size=8192) at ../sysdeps/generic/backtrace.c:73 #1 0x120005948 in foo () at t.c:15 #2 0x120005a08 in main (argc=1, argv=0x11ffffac8) at t.c:23 #3 0x120005b10 in __libc_start_main (main=0x1200059e0 <main>, argc=1, argv=0x11ffffac8, init=0x1200057c0 <_init>, fini=0x120044000 <_fini>, rtld_fini=0x1201507e8 <symbols>, stack_end=0x11ffffab0) at ../sysdeps/generic/libc-start.c:78 Second problem: I added lots of debugging to malloc.c, to find out where the problem is, but gdb won't give me a full backtrace: Ack! Hit me! ((char*)p + sz <= (char*)(((mbinptr)((char*)&(((ar_ptr)->av)[2*(0) + 2]) - 2*(sizeof(size_t))))->fd)) Program received signal SIGINT, Interrupt. 0x121532148 in __libc_nanosleep () at __libc_nanosleep:-1 __libc_nanosleep:-1: No such file or directory. Current language: auto; currently c (gdb) bt #0 0x121532148 in __libc_nanosleep () at __libc_nanosleep:-1 #1 0x121532080 in __sleep (seconds=536868536) at ../sysdeps/unix/sysv/linux/sleep.c:78 #2 0x1214eaa28 in do_check_chunk (ar_ptr=0x11ffff5a8, p=0x100000000) at malloc.c:2188 #3 0x1214eb324 in do_check_inuse_chunk (ar_ptr=0x121a9cf38, p=0x122730a20) at malloc.c:2232 (gdb) The backtrace shows my malloc debugging hooks, but nothing about where the function was called from. Third problem: The program is multi-threaded, and pthread_self() crashes if I link with the dmalloc library. It crashes at: return THREAD_GETMEM(self, p_tid); which is defined to be: self->p_tid Fourth problem: gdb crashes if I try to print malloc_stats() from the command line. It works fine in a simple test program, but when I break anywhere in the game, it runs malloc_stats() and then crashes, apparently in a random C library function: main (argc=1, argv=0x11ffffb78) at ctp/civ3_main.cpp:2211 2211 Setup_FPU(); (gdb) print malloc_stats() Arena 0: system bytes = 53520 in use bytes = 47712 Total (incl. mmap): system bytes = 53520 in use bytes = 47712 max system bytes = 53520 max mmap regions = 0 max mmap bytes = 0 Program received signal SIGSEGV, Segmentation fault. getenv (name=0x121626728 "LD_WARN") at ../sysdeps/generic/getenv.c:84 ../sysdeps/generic/getenv.c:84: No such file or directory. The program being debugged stopped while in a function called from GDB. When the function (malloc_stats) is done executing, GDB will silently stop (instead of continuing to evaluate the expression containing the function call). (gdb) If any of the above problems can be fixed, I can find the problem. I told you everything in the hopes that you can see a pattern or a solution that I haven't. I will get gdb-4.17.0.12 and gdb-4.18 in the hopes that one of them will work, and keep going, but if you can see a solution, it would be GREATLY appreciated. :) Thanks! -Sam Lantinga (slouken@devolution.com) Lead Programmer, Loki Entertainment Software -- "Any sufficiently advanced bug is indistinguishable from a feature" -- Rich Kulawiec -- H.J. Lu (hjl@gnu.org)
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |