Re: Segfault with std.container.Array but not regular dynamic array

Mon, 26 Nov 2012 14:45:29 -0800

On Monday, 26 November 2012 at 19:14:09 UTC, Joseph Rushton Wakeling wrote: 
On 11/26/2012 04:07 PM, Joseph Rushton Wakeling wrote:



Ok, now I really want to know why it crashes. I've narrowed it 
down to an example below. It seems there is a problem with 
RefCounted being used as value in a map.



At the bottom I've included some dissassembly. If anyone can shed 
light and maybe suggest techniques for debugging that would be 
great. The issue is the assignment 'map[1] = Foo()' is calling 
into 'void opAssign(typeof(this) rhs)' of RefCounted!int. But 
upon entry the this pointer looks reasonable but the store is 
bogus:

(gdb) p this

$28 = (struct std.typecons.RefCounted!(int).RefCounted *) 
0x7fffffffd790

(gdb) p *this
$29 = {RefCounted = {_store = 0xffffffffffffffff}}

The rhs of the opAssign looks good:
p rhs
$30 = {RefCounted = {_store = 0x0}}

Any suggestions/pointers/ideas welcome.

Thanks
Dan

-------------------------
import std.typecons;
import std.stdio;

alias RefCounted!(int) Foo;
Foo[int] map;

unittest {
  map[1] = Foo();
}
--------------------
Dump of assembler code for function _D3lnk11__unittest1FZv:
   0x000000000044367c <+0>:       push   %rbp
   0x000000000044367d <+1>:       mov    %rsp,%rbp
   0x0000000000443680 <+4>:       sub    $0x38,%rsp
   0x0000000000443684 <+8>:       push   %rbx
   0x0000000000443685 <+9>:       movl   $0x1,-0x30(%rbp)
   0x000000000044368c <+16>:      lea    -0x30(%rbp),%rcx
   0x0000000000443690 <+20>:      movabs $0x8,%rdx
   0x000000000044369a <+30>:      movabs $0x481340,%rsi
   0x00000000004436a4 <+40>:      mov    %fs:0x0,%rdi

   0x00000000004436ad <+49>:	add    0x2478d4(%rip),%rdi        # 
0x68af88

   0x00000000004436b4 <+56>:      callq  0x44df08 <_aaGetX>
   0x00000000004436b9 <+61>:      mov    %rax,-0x28(%rbp)
   0x00000000004436bd <+65>:      test   %rax,%rax

   0x00000000004436c0 <+68>:	jne    0x4436cc 
<_D3lnk11__unittest1FZv+80>

   0x00000000004436c2 <+70>:      mov    $0x8,%edi
   0x00000000004436c7 <+75>:      callq  0x44c50c <_D3lnk7__arrayZ>
   0x00000000004436cc <+80>:      sub    $0x8,%rsp
   0x00000000004436d0 <+84>:      xor    %rax,%rax
   0x00000000004436d3 <+87>:      mov    %rax,-0x10(%rbp)
   0x00000000004436d7 <+91>:      mov    %rax,-0x18(%rbp)
   0x00000000004436db <+95>:      lea    -0x18(%rbp),%rbx
   0x00000000004436df <+99>:      pushq  (%rbx)
   0x00000000004436e1 <+101>:     lea    -0x20(%rbp),%rdi

   0x00000000004436e5 <+105>:	callq  0x443d60 
<_D3std8typecons18__T10RefCountedTiZ10RefCounted8opAssignMFS3std8typecons18__T10RefCountedTiZ10RefCountedZv>

=> 0x00000000004436ea <+110>:  add    $0x10,%rsp
   0x00000000004436ee <+114>:     lea    -0x20(%rbp),%rsi
   0x00000000004436f2 <+118>:     mov    -0x28(%rbp),%rdi
   0x00000000004436f6 <+122>:     mov    %rdi,-0x38(%rbp)
   0x00000000004436fa <+126>:     movsq  %ds:(%rsi),%es:(%rdi)
   0x00000000004436fc <+128>:     mov    -0x38(%rbp),%rax
   0x0000000000443700 <+132>:     mov    %rax,-0x8(%rbp)

   0x0000000000443704 <+136>:	callq  0x44370b 
<_D3lnk11__unittest1FZv+143>
   0x0000000000443709 <+141>:	jmp    0x443715 
<_D3lnk11__unittest1FZv+153>

   0x000000000044370b <+143>:     lea    -0x20(%rbp),%rdi

   0x000000000044370f <+147>:	callq  0x443ce4 
<_D3std8typecons18__T10RefCountedTiZ10RefCounted6__dtorMFZv>

   0x0000000000443714 <+152>:     retq
   0x0000000000443715 <+153>:     pop    %rbx
   0x0000000000443716 <+154>:     leaveq
   0x0000000000443717 <+155>:     retq
End of assembler dump.























					Reply via email to