Menu
▾
▴
fxruby-users
|
From: Joel V. <vj...@PA...> - 2003-08-24 20:56:32
|
Has anyone seen this? I'm getting a segfault in a finalizer for a
FXTreeList. It happens in 1.8.0, but not 1.7.3.
Here's the backtrace:
Program received signal SIGSEGV, Segmentation fault.
0x0805947b in rb_longjmp (tag=6, mesg=0) at eval.c:3924
3924 JUMP_TAG(tag);
(gdb) bt
#0 0x0805947b in rb_longjmp (tag=6, mesg=0) at eval.c:3924
#1 0x080594f1 in rb_exc_raise (mesg=1087374512) at eval.c:3931
#2 0x080bfe08 in rb_raise (exc=1075655904,
fmt=0x80dafe0 "wrong argument type %s (expected %s)") at error.c:694
#3 0x080befb4 in rb_check_type (x=0, t=135298648) at error.c:254
#4 0x40339825 in SWIG_ConvertPtr (obj=1087378452, ptr=0xbfffede0,
ty=0x406d0580, flags=1) at librb.c:403
#5 0x405a00c2 in _wrap_FXTreeItem_setFocus (argc=1, argv=0xbfffeff0,
self=1087378452) at treelist_wrap.cpp:685
#6 0x080660b6 in call_cfunc (func=0x405a006c <_wrap_FXTreeItem_setFocus>,
recv=1087378452, len=0, argc=1, argv=0xbfffeff0) at eval.c:4769
#7 0x0805b37f in rb_call0 (klass=1087138004, recv=1087378452, id=18049,
oid=0, argc=1, argv=0xbfffeff0, body=0x40cc6460, nosuper=0) at
eval.c:4906
#8 0x0805bb47 in rb_call (klass=1087138004, recv=1087378452, mid=18049,
argc=1, argv=0xbfffeff0, scope=1) at eval.c:5123
#9 0x0805bdbd in rb_funcall (recv=1087378452, mid=18049, n=1) at ruby.h:626
#10 0x405392e5 in void FXRbCallVoidMethod<unsigned char>(FXObject*,
unsigned long, unsigned char) (recv=0x82cc160, func=18049, arg=1 '\001')
at include/FXRuby.h:285
#11 0x405365a8 in FXRbTreeItem::setFocus(unsigned char) (this=0x82cc160,
focus=1 '\001') at impl.cpp:901
#12 0x408f9f93 in FXTreeList::removeItem(FXTreeItem*, unsigned char) ()
from /usr/local/lib/libFOX-1.0.so.0
#13 0x408fa041 in FXTreeList::removeItems(FXTreeItem*, FXTreeItem*,
unsigned cha---Type <return> to continue, or q <return> to quit---li
r) () from /usr/local/lib/libFOX-1.0.so.0
#14 0x408f9cd6 in FXTreeList::removeItem(FXTreeItem*, unsigned char) ()
from /usr/local/lib/libFOX-1.0.so.0
#15 0x408fa041 in FXTreeList::removeItems(FXTreeItem*, FXTreeItem*,
unsigned char) () from /usr/local/lib/libFOX-1.0.so.0
#16 0x408fa08c in FXTreeList::clearItems(unsigned char) ()
from /usr/local/lib/libFOX-1.0.so.0
#17 0x408fa87a in FXTreeList::~FXTreeList() ()
from /usr/local/lib/libFOX-1.0.so.0
#18 0x403c47a8 in ~FXRbTreeList (this=0x82c1b70) at
include/FXRbTreeList.h:193
#19 0x4059a44d in FXRbObject::freefunc(FXObject*) (self=0x82c1b70)
at markfuncs.cpp:78
#20 0x0806c59a in rb_gc_call_finalizer_at_exit () at gc.c:1607
#21 0x08053609 in ruby_finalize_0 (exp=0xbffff3b0) at eval.c:1333
#22 0x0805377b in ruby_cleanup (ex=0) at eval.c:1368
#23 0x0805388f in ruby_stop (ex=0) at eval.c:1395
#24 0x080538d4 in ruby_run () at eval.c:1407
#25 0x08051c01 in main (argc=2, argv=0xbffff454, envp=0xbffff460) at
main.c:50
#26 0x400877f7 in __libc_start_main () from /lib/i686/libc.so.6
--
Joel VanderWerf California PATH, UC Berkeley
mailto:vj...@pa... Ph. (510) 231-9446
http://www.path.berkeley.edu FAX (510) 231-9565
|
|
From: Lyle J. <jl...@cf...> - 2003-08-25 23:13:41
|
Joel VanderWerf wrote: > Has anyone seen this? I'm getting a segfault in a finalizer for a > FXTreeList. It happens in 1.8.0, but not 1.7.3. > > Here's the backtrace: > > Program received signal SIGSEGV, Segmentation fault. > 0x0805947b in rb_longjmp (tag=6, mesg=0) at eval.c:3924 > 3924 JUMP_TAG(tag); > (gdb) bt > #0 0x0805947b in rb_longjmp (tag=6, mesg=0) at eval.c:3924 > #1 0x080594f1 in rb_exc_raise (mesg=1087374512) at eval.c:3931 > #2 0x080bfe08 in rb_raise (exc=1075655904, > fmt=0x80dafe0 "wrong argument type %s (expected %s)") at error.c:694 > #3 0x080befb4 in rb_check_type (x=0, t=135298648) at error.c:254 > #4 0x40339825 in SWIG_ConvertPtr (obj=1087378452, ptr=0xbfffede0, > ty=0x406d0580, flags=1) at librb.c:403 > #5 0x405a00c2 in _wrap_FXTreeItem_setFocus (argc=1, argv=0xbfffeff0, > self=1087378452) at treelist_wrap.cpp:685 <snip> I snipped it here because this part alone has some questionable stuff going on. At frame #5, we see that _wrap_FXTreeItem_setFocus() called SWIG_ConvertPtr(), to extract the pointer to the C++ FXTreeItem object from the Ruby FXTreeItem instance. In both frames 4 and 5, the Ruby instance has a VALUE of 1087378452. But then by the time we get to the call to rb_check_type() at frame #3, this value has become zero (x=0). Are you running under Linux? Have you tried to valgrind it yet? |
|
From: Joel V. <vj...@PA...> - 2003-08-25 18:33:21
|
Lyle Johnson wrote: > Are you running under Linux? Have you tried to valgrind it yet? I'm getting a lot of errors just with 'valgrind ruby hello.rb', but 'valgrind ruby -e 1' is ok. I guess some of the "uninitialized value" warnings are to be expected? I don't see any "clobbered stack" warnings for my program, but that may just be because valgrind stopped showing errors at some point. Do you have a suppressions file for working with fox? |
|
From: Joel V. <vj...@PA...> - 2003-08-26 01:55:10
|
Lyle Johnson wrote: > Joel VanderWerf wrote: > >> Has anyone seen this? I'm getting a segfault in a finalizer for a >> FXTreeList. It happens in 1.8.0, but not 1.7.3. >> >> Here's the backtrace: >> >> Program received signal SIGSEGV, Segmentation fault. >> 0x0805947b in rb_longjmp (tag=6, mesg=0) at eval.c:3924 >> 3924 JUMP_TAG(tag); >> (gdb) bt >> #0 0x0805947b in rb_longjmp (tag=6, mesg=0) at eval.c:3924 >> #1 0x080594f1 in rb_exc_raise (mesg=1087374512) at eval.c:3931 >> #2 0x080bfe08 in rb_raise (exc=1075655904, >> fmt=0x80dafe0 "wrong argument type %s (expected %s)") at error.c:694 >> #3 0x080befb4 in rb_check_type (x=0, t=135298648) at error.c:254 >> #4 0x40339825 in SWIG_ConvertPtr (obj=1087378452, ptr=0xbfffede0, >> ty=0x406d0580, flags=1) at librb.c:403 >> #5 0x405a00c2 in _wrap_FXTreeItem_setFocus (argc=1, argv=0xbfffeff0, >> self=1087378452) at treelist_wrap.cpp:685 > > > <snip> > > I snipped it here because this part alone has some questionable stuff > going on. At frame #5, we see that _wrap_FXTreeItem_setFocus() called > SWIG_ConvertPtr(), to extract the pointer to the C++ FXTreeItem object > from the Ruby FXTreeItem instance. In both frames 4 and 5, the Ruby > instance has a VALUE of 1087378452. But then by the time we get to the > call to rb_check_type() at frame #3, this value has become zero (x=0). > > Are you running under Linux? Have you tried to valgrind it yet? Linux Mandrake 9.1. I've never learned to use valgrind (maybe this would be a good excuse to do so :)) As you point out, this is very strange. The pc at frame #4 is inside the DataGetStruct(obj, ...) macro, which calls rb_check_type() with obj as the first arg. But at that point the value has been clobbered somehow. I'll give valgrind a shot... |
|
From: Lyle J. <jl...@cf...> - 2003-08-25 18:37:19
|
Joel VanderWerf wrote: > Linux Mandrake 9.1. I've never learned to use valgrind (maybe this would > be a good excuse to do so :)) Like most tools, valgrind works great for some debugging expeditions and not so well for others. But it is not too hard to use (no recompilation or other "instrumentation" of your code required) and is a good one to be familiar with. > As you point out, this is very strange. The pc at frame #4 is inside the > DataGetStruct(obj, ...) macro, which calls rb_check_type() with obj as > the first arg. But at that point the value has been clobbered somehow. > > I'll give valgrind a shot... OK, let me know if I need to take a look at it. I just went back and ran 'stress1.rb', one of the stress test cases from the FXRuby/tests subdirectory and it seemed to hold up fine. [That one basically creates and then trashes a large number of tree items, trying to smoke out GC-related problems.] |
|
From: Joel V. <vj...@PA...> - 2003-08-26 13:10:56
|
Lyle Johnson wrote: > OK, let me know if I need to take a look at it. I just went back and ran > 'stress1.rb', one of the stress test cases from the FXRuby/tests > subdirectory and it seemed to hold up fine. [That one basically creates > and then trashes a large number of tree items, trying to smoke out > GC-related problems.] I don't think it's a GC problem this time--GC.disable doesn't fix it. (Or does ruby always turns GC back on during finalizers?) Here's the valgrind output, with GC disabled and the -v and '-error-limit=no' options: http://PATH.Berkeley.EDU/~vjoel/tree-bug/tree-no-gc.err Turning GC off shortens this output to the point where I can read the whole thing, but I don't see anything in there that's obviously relevant. If you want to take a look at the code itself, it's at: http://PATH.Berkeley.EDU/~vjoel/tree-bug/observable-0.3-alpha.tgz http://PATH.Berkeley.EDU/~vjoel/tree-bug/foxtails-0.2-alpha.tgz The buggy code is in foxtails/examples/tree.rb. You can run it without installing anything. Just unpack both of the tarballs under the same dir and then: cd foxtails-0.2/examples RUBYLIB='../lib:../../observable-0.3/lib' ruby tree.rb If you quit immediately (Ctl-Q), there is no segfault. If you select the first tree item, and then quit, it segfaults, but only with ruby 1.8, not 1.7.3. (BTW, the tree example is kinda interesting, before it dies. It lets you have multiple synchronized browsers of trees or even of directed acyclic graphs, and it makes it easier to use existing data structures with their own child/parent relations and not worry about how they are mapped into list items. The browsers are synchronized in the sense that model changes (as opp. visual changes) propagate to all browsers. Currently the example only has one browser, but I'll make it a MDI before release. I'll be releasing this with the next foxtails.) |
|
From: Lyle J. <jl...@cf...> - 2003-08-25 20:56:52
|
Joel VanderWerf wrote: > If you want to take a look at the code itself, it's at: > > http://PATH.Berkeley.EDU/~vjoel/tree-bug/observable-0.3-alpha.tgz > http://PATH.Berkeley.EDU/~vjoel/tree-bug/foxtails-0.2-alpha.tgz > > The buggy code is in foxtails/examples/tree.rb. I can reproduce the bug, but so far haven't been able to track down the root cause. I did notice that if I quit the program using the File->Quit menu option instead the Ctrl+Q accelerator that I don't get the segfault, but the significance of this is still unclear. At the time of the crash we can see that it's trying to call FXTreeItem::setFocus() on one of the tree items. I added some print statements to see which tree items are getting garbage-collected (and when) and it appears that this tree item is indeed still "alive" at this point, so I concur that it doesn't seem to be a GC-related problem. I also did a quick build against the latest CVS sources for Ruby (post 1.8.0) but this didn't change anything. I'm sort-of shooting in the dark at the moment, but will let you know if I can figure it out :( |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X