From owner-cvs-all@FreeBSD.ORG Thu Feb 1 19:29:21 2007 Return-Path: X-Original-To: cvs-all@freebsd.org Delivered-To: cvs-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 1038316A492 for ; Thu, 1 Feb 2007 19:29:21 +0000 (UTC) (envelope-from zombyfork@gmail.com) Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.186]) by mx1.freebsd.org (Postfix) with ESMTP id 84C1A13C4AC for ; Thu, 1 Feb 2007 19:29:20 +0000 (UTC) (envelope-from zombyfork@gmail.com) Received: by nf-out-0910.google.com with SMTP id m19so983396nfc for ; Thu, 01 Feb 2007 11:29:19 -0800 (PST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:references; b=erg2G6Mu/JtuIaQ8R2+HXsWjGns32pTrdEOtUkUm7LjZGC2seDQf4mBDOCvsn/hqGOm6+SuaTnjc7UiJpS1IcO2dcPdSos/exl7aZp6IAQEcdAQum+4lcLNxbArUqcMo358SBiSl4g9/GBwy4iixeuDjVBSHntNjuJ/a3vCxNPQ= Received: by 10.48.204.7 with SMTP id b7mr5123706nfg.1170358158356; Thu, 01 Feb 2007 11:29:18 -0800 (PST) Received: by 10.49.63.7 with HTTP; Thu, 1 Feb 2007 11:29:18 -0800 (PST) Message-ID: <346a80220702011129s7b1d976l523655cae9b7f903@mail.gmail.com> Date: Thu, 1 Feb 2007 12:29:18 -0700 From: "Coleman Kane" To: "John Baldwin" In-Reply-To: <200702011121.10651.jhb@freebsd.org> MIME-Version: 1.0 References: <200701312254.l0VMsKZ6050188@repoman.freebsd.org> <346a80220701311514j6aa9e3eavc5a4de2bffc039d7@mail.gmail.com> <45C1316C.8010500@FreeBSD.org> <200702011121.10651.jhb@freebsd.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: cvs-src@freebsd.org, src-committers@freebsd.org, Jason Evans , cvs-all@freebsd.org Subject: Re: cvs commit: src/lib/libc/stdlib malloc.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: cokane@cokane.org List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Feb 2007 19:29:21 -0000 On 2/1/07, John Baldwin wrote: > > On Wednesday 31 January 2007 19:16, Jason Evans wrote: > > Coleman Kane wrote: > > > Modified files: > > > lib/libc/stdlib malloc.c > > > Log: > > > Fix a utrace(2)-related bug in calloc(3). > > > > > > Integrate various pedantic cleanups. > > > > > > Submitted by: Andrew Doran ad@netbsd.org>> > > > > > > Revision Changes Path > > > 1.139 +56 -44 src/lib/libc/stdlib/malloc.c > > > _______________________________________________ > > > > > > Does this fix the following error I get in GDB alot: > > > Assertion failed: (mapelm.free == false), function arena_salloc, file > > > /usr/src/lib/libc/stdlib/malloc.c, line 2355. > > > > That assertion failure is likely due to an application bug, specifically > > a double free. > > Yes. I fixed at least one double free in gdb a while back and sent the > patch > to obrien@ and marcel@ but never heard back. > > Here's the original message I sent: > > > Tracked down and fixed a bug in ports/gdb6 at work that we've been running > into. It appears to apply to src/contrib/gdb as well. I assume you all > are > more familiar with gdb internals than I am, but there appears to be this > target stack of "driver backends" (more or less). And at the top there is > a > dummy ¤t_target which is _not_ included in the global target_structs > list (presumably on purpose). There is this function that realloc()'s a > target's to_sections pointer and then goes through and updates all the > other > targets that are using the same pointer. The problem is that since > current_target isn't in the global list, ¤t_target won't get updated > if > it's using the same value that is being realloc'd (the test case at work > involved debugging apache, which makes heavy use of dlopen() and > dlclose()). > The patch below fixes the problem, and I thought I'd let you 2 see it to > see > if you wanted to do anything with it: > > --- gdb/target.c.orig Mon Aug 2 17:57:26 2004 > +++ gdb/target.c Mon Oct 30 15:07:51 2006 > @@ -1415,6 +1415,13 @@ > (*t)->to_sections_end = target->to_sections_end; > } > } > + > + /* JHB: Need to update current_target too. */ > + if (current_target.to_sections == old_value) > + { > + current_target.to_sections = target->to_sections; > + current_target.to_sections_end = target->to_sections_end; > + } > } > > > > -- > John Baldwin > _______________________________________________ > cvs-src@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/cvs-src > To unsubscribe, send any mail to "cvs-src-unsubscribe@freebsd.org" > Thanks, this patch definitely fixes this crasher in my case... however I have not researched the internals of GDB much to claim that this patch doesn't have any nasty side-effects... for my other projects GDB seems to work fine still. I'll defer to the more knowledgeable to determine if its a safe change. This was a pretty reliable GDB crash bug for me and this patch solved it, thanks all. -- Coleman Kane