On Wed, Apr 10, 2013 at 9:21 PM, Roland Mainz <[email protected]> wrote: > Attached (as "astksh20130409_abort_crash1.sh.gz") is a testcase > (derived from a test in the "sh_match.sh" test module) which triggers > a memory-corruption-related crash in ast-ksh.2013-04-09 in 32bit debug > builds (64bit/AMD64 builds do not trigger the crash) on SuSE 12.3 > Linux x86 when run with VMALLOC_OPTIONS=abort ... > > Example: > -- snip -- > $ VMALLOC_OPTIONS=abort ~/bin/ksh astksh20130409_abort_crash1.sh > 9762 characters to process... > corrupted data:region=f772b028:block=f734b890:bad byte at=4096: > Aborted > -- snip -- > > The crash may happen sporadically... it seems it depends on memory > layout and on the order and way how the "xar" 2D array is being > filled. > > The stack trace usually looks like this: > -- snip -- > $ VMALLOC_OPTIONS=abort gdb --args ~/bin/ksh astksh20130409_abort_crash1.sh > GNU gdb (GDB) SUSE (7.5.1-2.1.1) > [snip] > (gdb) run > Starting program: /home/test001/bin/ksh astksh20130409_abort_crash1.sh > Detaching after fork from child process 2111. > 9762 characters to process... > corrupted data:region=f7fc5028:block=f7c0d8c8:bad byte at=4096: > > Program received signal SIGABRT, Aborted. > 0xf7fda430 in __kernel_vsyscall () > (gdb) where > #0 0xf7fda430 in __kernel_vsyscall () > #1 0xf7de08cf in __GI_raise (sig=sig@entry=6) at > ../nptl/sysdeps/unix/sysv/linux/raise.c:56 > #2 0xf7de21b3 in __GI_abort () at abort.c:90 > #3 0x08161090 in vmdbwarn (vm=0xf7fc5028, mesg=0xffffa9f4 "corrupted > data:region=f7fc5028:block=f7c0d8c8:bad byte at=4096:\n", n=64) > at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/lib/libast/vmalloc/vmdebug.c:93 > #4 0x081616f6 in dbwarn (vm=0xf7fc5028, data=0xf7c0d8c8, where=4096, > file=0x0, line=0, func=0x0, type=0) > at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/lib/libast/vmalloc/vmdebug.c:182 > #5 0x081624c9 in vmdbcheck (vm=0xf7fc5028) at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/lib/libast/vmalloc/vmdebug.c:607 > #6 0x0815434c in _ast_malloc (size=141) at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/lib/libast/vmalloc/malloc.c:518 > #7 0x0809677c in nv_putval (np=0xf7d9c218, > string=0xf7c0e844 "<!-- Use the variablelist.term.separator and > the\n variablelist.term.break.after parameters to\n control > the term elements. -->", flags=0) > at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/cmd/ksh93/sh/name.c:1946 > #8 0x08053f6c in nv_putv (np=0xf7d9c218, > value=0xf7c0e844 "<!-- Use the variablelist.term.separator and > the\n variablelist.term.break.after parameters to\n control > the term elements. -->", flags=0, nfp=0x0) > at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/cmd/ksh93/sh/nvdisc.c:157 > #9 0x08060ca1 in array_putval (np=0xf7d9c218, > string=0xf7c0e844 "<!-- Use the variablelist.term.separator and > the\n variablelist.term.break.after parameters to\n control > the term elements. -->", flags=0, > dp=0xf7bec168) at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/cmd/ksh93/sh/array.c:717 > #10 0x08053f42 in nv_putv (np=0xf7d9c218, > value=0xf7c0e844 "<!-- Use the variablelist.term.separator and > the\n variablelist.term.break.after parameters to\n control > the term elements. -->", flags=0, nfp=0x0) > at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/cmd/ksh93/sh/nvdisc.c:152 > #11 0x08095789 in nv_putval (np=0xf7d9c218, > string=0xf7c0e844 "<!-- Use the variablelist.term.separator and > the\n variablelist.term.break.after parameters to\n control > the term elements. -->", flags=0) > at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/cmd/ksh93/sh/name.c:1602 > #12 0x08095527 in nv_open ( > name=0xf7c0e7a8 "ar[i][j]=<!-- Use the variablelist.term.separator > and the\n variablelist.term.break.after parameters to\n > control the term elements. -->", > root=0xf7c16ed0, flags=131584) at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/cmd/ksh93/sh/name.c:1532 > #13 0x080928a9 in sh_setlist (shp=0x821b400 <sh>, arg=0xf7c15430, > flags=131584, typ=0x0) at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/cmd/ksh93/sh/name.c:594 > #14 0x080b6732 in sh_exec (shp=0x821b400 <sh>, t=0xf7c154a8, flags=4) > at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/cmd/ksh93/sh/xec.c:1154 > #15 0x080ba17f in sh_exec (shp=0x821b400 <sh>, t=0xf7c154cc, flags=4) > at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/cmd/ksh93/sh/xec.c:2221 > #16 0x080ba83c in sh_exec (shp=0x821b400 <sh>, t=0xf7c15320, > flags=516) at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/cmd/ksh93/sh/xec.c:2348 > #17 0x080ba83c in sh_exec (shp=0x821b400 <sh>, t=0xf7c15294, flags=4) > at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/cmd/ksh93/sh/xec.c:2348 > #18 0x080ba0a4 in sh_exec (shp=0x821b400 <sh>, t=0xf7c15568, flags=6) > at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/cmd/ksh93/sh/xec.c:2200 > #19 0x080bf65d in sh_funscope_20120720 (shp=0x821b400 <sh>, argn=3, > argv=0xf7c119a0, fun=0x0, arg=0xffffcb04, execflg=4) > at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/cmd/ksh93/sh/xec.c:4051 > #20 0x080bdb90 in sh_funct (shp=0x821b400 <sh>, np=0xf7c156e8, argn=3, > argv=0xf7c119a0, envlist=0x0, execflg=4) > at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/cmd/ksh93/sh/xec.c:3359 > #21 0x080b7ee2 in sh_exec (shp=0x821b400 <sh>, t=0xf7dac8c0, flags=4) > at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/cmd/ksh93/sh/xec.c:1541 > #22 0x0805341f in exfile (shp=0x821b400 <sh>, iop=0xf7da17c8, fno=11) > at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/cmd/ksh93/sh/main.c:588 > #23 0x080527c6 in sh_main (ac=2, av=0xffffd3f4, userinit=0x0) at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/cmd/ksh93/sh/main.c:360 > #24 0x0805153b in main (argc=2, argv=0xffffd3f4) at > /home/test001/work/ast_ksh_20130409/build_i386_32bit_debug/src/cmd/ksh93/sh/pmain.c:45 > -- snip --
Erm... David... can you reproduce the problem on your side ? I wasn't able to reproduce the problem with a shorter testcase... it seems to be an issue where memory gets corrupted after some build-up of allocations or something like that... ;-( ---- Bye, Roland -- __ . . __ (o.\ \/ /.o) [email protected] \__\/\/__/ MPEG specialist, C&&JAVA&&Sun&&Unix programmer /O /==\ O\ TEL +49 641 3992797 (;O/ \/ \O;) _______________________________________________ ast-developers mailing list [email protected] http://lists.research.att.com/mailman/listinfo/ast-developers
