|
From: Ashton <ash...@pa...> - 2005-03-30 23:47:11
|
Hi, I have a program that loads dynamically/shared libraries at boot time (and can also be done during it's life). The problem shows itself after a call to exit() (but only sometimes). System details: Gentoo Linux i686 The kernel is 2.6.7 on an AMD Duron 1300Mhz glibc version 2.3.4 ld version 2.15 gcc version 3.3.4 valgrind version 2.4.0 Here is what I do know about the code: - The crash always (when it occurs) seems to happen after a call to exit(). - On loading of the libraries (dlopen etc) I make/add to a linked list so I can trace through them. See below for report from valgrind. - It does not happen every time (which makes me think I'm doing something very stupid). - I'm compiling the shared libraries with 'gcc -fPIC -shared -Wl,-soname' as the options and linking them in to the main binary (the program that loads these) with the gcc option -rdynamic. - If I start it with --db-attach=yes, the debugger attaches to the function '_dl_rtld_di_serinfo()' upon the first error, which is also in the gdb backtrace below. - Lastly, the library that was opened first is the one that always 'seems' to cause problems in the end. So basically the program starts, reads in a text file of the file name, handle and such, and then loads them up. During the runtime, it is possible to load new modules, or unload others that were already loaded. But when I exit the program with a call to exit() it (sometimes) segfaults. A GDB backtrace looks something like this (there have been more than one): (gdb) bt #0 0x1bb9148b in __do_global_dtors_aux () from ../bin/lib/test_special.so #1 0x1bb915c6 in _fini () from ../bin/lib/test_special.so #2 0x1b8efcdd in _dl_rtld_di_serinfo () from /lib/ld-linux.so.2 #3 0x1b98c410 in exit () from /lib/libc.so.6 #4 0x080568dc in init_socket (port=5001) at comm.c:307 #5 0x08056794 in init_game (port=3) at comm.c:238 #6 0x1b976488 in __libc_start_main () from /lib/libc.so.6 #7 0x08056381 in call_gmon_start () Right before the crash, Valgrind writes to the log file: ==31369== ==31369== Invalid read of size 4 ==31369== at 0x1BB9148B: (within /mud/fs/fs.test/bin/lib/test_special.so) ==31369== by 0x1BB915C5: (within /mud/fs/fs.test/bin/lib/test_special.so) ==31369== by 0x1B8EFCDC: (within /lib/ld-2.3.4.so) ==31369== by 0x1B98C40F: exit (in /lib/libc-2.3.4.so) ==31369== by 0x80568DB: init_game (comm.c:280) ==31369== by 0x8056793: main (comm.c:228) ==31369== Address 0x15DC is not stack'd, malloc'd or (recently) free'd ==31369== ==31369== Process terminating with default action of signal 11 (SIGSEGV): dumping core ==31369== Access not within mapped region at address 0x15DC ==31369== at 0x1BB9148B: (within /mud/fs/fs.test/bin/lib/test_special.so) ==31369== by 0x1BB915C5: (within /mud/fs/fs.test/bin/lib/test_special.so) ==31369== by 0x1B8EFCDC: (within /lib/ld-2.3.4.so) ==31369== by 0x1B98C40F: exit (in /lib/libc-2.3.4.so) ==31369== by 0x80568DB: init_game (comm.c:280) ==31369== by 0x8056793: main (comm.c:228) And when the module is loaded on the program starting: ==31369== TRANSLATE: 0x1B9C2A50 redirected to 0x1B904D09 ==31369== Reading syms from /mud/fs/fs.test/bin/lib/test_special.so (0x1BB91000) ==31369== ==31369== Conditional jump or move depends on uninitialised value(s) ==31369== at 0x1B8ECCCA: (within /lib/ld-2.3.4.so) ==31369== by 0x1BA471E2: (within /lib/libc-2.3.4.so) ==31369== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==31369== by 0x1BA47526: _dl_open (in /lib/libc-2.3.4.so) ==31369== by 0x1B95DF6A: (within /lib/libdl-2.3.4.so) ==31369== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==31369== by 0x1B95E480: (within /lib/libdl-2.3.4.so) ==31369== by 0x1B95DFB3: dlopen (in /lib/libdl-2.3.4.so) ==31369== by 0x80BAC11: assign_dynamic_procs (spec_procs.c:201) ==31369== by 0x808AE4B: boot_db (db.c:447) ==31369== by 0x805680B: init_game (comm.c:247) ==31369== by 0x8056793: main (comm.c:228) The library does no allocation (malloc etc) whatsoever. I even tried a simple 'return 0' in it and it still happens at times. Admittedly, I have no idea what the functions in frame 0 and frame 2 are or what they do. Does anyone have an idea of what I'm missing ? While this only happens at exit, it still annoys me, because certainly something is wrong ? And one more thing that might be of interest. I don't have a trace of this with valgrind (was using dmalloc at the time though it's happened several times) is another (same ?) bug that shows up on after a call to gethostbyaddr: (gdb) bt #0 0x4001180a in realloc () from /lib/ld-linux.so.2 #1 0x4014af11 in getutmpx () from /lib/libc.so.6 #2 0x4000b686 in _dl_rtld_di_serinfo () from /lib/ld-linux.so.2 #3 0x4014b857 in _dl_open () from /lib/libc.so.6 #4 0x4014cb23 in _dl_mcount_wrapper_check () from /lib/libc.so.6 #5 0x4000b686 in _dl_rtld_di_serinfo () from /lib/ld-linux.so.2 #6 0x4014cad5 in _dl_mcount_wrapper_check () from /lib/libc.so.6 #7 0x4014cbeb in __libc_dlopen_mode () from /lib/libc.so.6 #8 0x4012b435 in __nss_lookup_function () from /lib/libc.so.6 #9 0x4012afff in __nss_database_lookup () from /lib/libc.so.6 #10 0x4012cc37 in __nss_hosts_lookup () from /lib/libc.so.6 #11 0x4012df0b in gethostbyaddr_r () from /lib/libc.so.6 #12 0x4012dc85 in gethostbyaddr () from /lib/libc.so.6 #13 0x08056b07 in new_descriptor (s=3) at comm.c:1192 #14 0x080550f1 in game_loop (mother_desc=3) at comm.c:490 #15 0x08054c4c in init_game (port=5000) at comm.c:234 #16 0x08054bd9 in main (argc=3, argv=0xbffff7b4) at comm.c:207 Think that's all. If I missed anything, I'll be happy to let you know more. Any help or even a point in the right direction would be appreciated. |
|
From: Jeremy F. <je...@go...> - 2005-03-31 01:20:38
|
Ashton wrote:
>I have a program that loads dynamically/shared libraries at boot time
>(and can also be done during it's life). The problem shows itself after
>a call to exit() (but only sometimes).
>
>
Does it happen with all tools, or just memcheck? What kind of crash is
it? You're not including all the output, so its hard to see what's
happening here. Does using --run-libc-freeres=no make a difference?
J
|
|
From: Ashton <ash...@pa...> - 2005-03-31 01:37:56
|
Hi, Have not used this mail client in years. Apparently it replied directly to you. Sending to the list just in case someone else has an idea. -- message -- Hi, Okay, output below. I hope this is everything you're after. The crash happens with any tool (or I would guess because without a tool it happens as well -- that is, --tool=none and also not even loading valgrind or anything else). I will try the option, but because it's hard to duplicate, I don't know if it'll help or not or can't check as easily as I'd like to. I also found a mistake in my code and I'll fix that too. as for the output -- on loading: ==31369== TRANSLATE: 0x1B9C2A50 redirected to 0x1B904D09 ==31369== Reading syms from /mud/fs/fs.test/bin/lib/test_special.so (0x1BB91000) ==31369== ==31369== Conditional jump or move depends on uninitialised value(s) ==31369== at 0x1B8ECCCA: (within /lib/ld-2.3.4.so) ==31369== by 0x1BA471E2: (within /lib/libc-2.3.4.so) ==31369== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==31369== by 0x1BA47526: _dl_open (in /lib/libc-2.3.4.so) ==31369== by 0x1B95DF6A: (within /lib/libdl-2.3.4.so) ==31369== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==31369== by 0x1B95E480: (within /lib/libdl-2.3.4.so) ==31369== by 0x1B95DFB3: dlopen (in /lib/libdl-2.3.4.so) ==31369== by 0x80BAC11: assign_dynamic_procs (spec_procs.c:201) ==31369== by 0x808AE4B: boot_db (db.c:447) ==31369== by 0x805680B: init_game (comm.c:247) ==31369== by 0x8056793: main (comm.c:228) ==31369== ==31369== Conditional jump or move depends on uninitialised value(s) ==31369== at 0x1B8ECCD2: (within /lib/ld-2.3.4.so) ==31369== by 0x1BA471E2: (within /lib/libc-2.3.4.so) ==31369== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==31369== by 0x1BA47526: _dl_open (in /lib/libc-2.3.4.so) ==31369== by 0x1B95DF6A: (within /lib/libdl-2.3.4.so) ==31369== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==31369== by 0x1B95E480: (within /lib/libdl-2.3.4.so) ==31369== by 0x1B95DFB3: dlopen (in /lib/libdl-2.3.4.so) ==31369== by 0x80BAC11: assign_dynamic_procs (spec_procs.c:201) ==31369== by 0x808AE4B: boot_db (db.c:447) ==31369== by 0x805680B: init_game (comm.c:247) ==31369== by 0x8056793: main (comm.c:228) ==31369== ==31369== Conditional jump or move depends on uninitialised value(s) ==31369== at 0x1B8ECE1F: (within /lib/ld-2.3.4.so) ==31369== by 0x1BA471E2: (within /lib/libc-2.3.4.so) ==31369== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==31369== by 0x1BA47526: _dl_open (in /lib/libc-2.3.4.so) ==31369== by 0x1B95DF6A: (within /lib/libdl-2.3.4.so) ==31369== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==31369== by 0x1B95E480: (within /lib/libdl-2.3.4.so) ==31369== by 0x1B95DFB3: dlopen (in /lib/libdl-2.3.4.so) ==31369== by 0x80BAC11: assign_dynamic_procs (spec_procs.c:201) ==31369== by 0x808AE4B: boot_db (db.c:447) ==31369== by 0x805680B: init_game (comm.c:247) ==31369== by 0x8056793: main (comm.c:228) ==31369== ==31369== Conditional jump or move depends on uninitialised value(s) ==31369== at 0x1B8ECE75: (within /lib/ld-2.3.4.so) ==31369== by 0x1BA471E2: (within /lib/libc-2.3.4.so) ==31369== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==31369== by 0x1BA47526: _dl_open (in /lib/libc-2.3.4.so) ==31369== by 0x1B95DF6A: (within /lib/libdl-2.3.4.so) ==31369== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==31369== by 0x1B95E480: (within /lib/libdl-2.3.4.so) ==31369== by 0x1B95DFB3: dlopen (in /lib/libdl-2.3.4.so) ==31369== by 0x80BAC11: assign_dynamic_procs (spec_procs.c:201) ==31369== by 0x808AE4B: boot_db (db.c:447) ==31369== by 0x805680B: init_game (comm.c:247) ==31369== by 0x8056793: main (comm.c:228) at exit: ==31369== Invalid read of size 4 ==31369== at 0x1BB9148B: (within /mud/fs/fs.test/bin/lib/test_special.so) ==31369== by 0x1BB915C5: (within /mud/fs/fs.test/bin/lib/test_special.so) ==31369== by 0x1B8EFCDC: (within /lib/ld-2.3.4.so) ==31369== by 0x1B98C40F: exit (in /lib/libc-2.3.4.so) ==31369== by 0x80568DB: init_game (comm.c:280) ==31369== by 0x8056793: main (comm.c:228) ==31369== Address 0x15DC is not stack'd, malloc'd or (recently) free'd ==31369== ==31369== Process terminating with default action of signal 11 (SIGSEGV): dumping core ==31369== Access not within mapped region at address 0x15DC ==31369== at 0x1BB9148B: (within /mud/fs/fs.test/bin/lib/test_special.so) ==31369== by 0x1BB915C5: (within /mud/fs/fs.test/bin/lib/test_special.so) ==31369== by 0x1B8EFCDC: (within /lib/ld-2.3.4.so) ==31369== by 0x1B98C40F: exit (in /lib/libc-2.3.4.so) ==31369== by 0x80568DB: init_game (comm.c:280) ==31369== by 0x8056793: main (comm.c:228) ==31369== ==31369== ERROR SUMMARY: 71 errors from 13 contexts (suppressed: 0 from 0) ==31369== ==31369== 1 errors in context 1 of 13: ==31369== Invalid read of size 4 ==31369== at 0x1BB9148B: (within /mud/fs/fs.test/bin/lib/test_special.so) ==31369== by 0x1BB915C5: (within /mud/fs/fs.test/bin/lib/test_special.so) ==31369== by 0x1B8EFCDC: (within /lib/ld-2.3.4.so) ==31369== by 0x1B98C40F: exit (in /lib/libc-2.3.4.so) ==31369== by 0x80568DB: init_game (comm.c:280) ==31369== by 0x8056793: main (comm.c:228) ==31369== Address 0x15DC is not stack'd, malloc'd or (recently) free'd ==31369== ==31369== 1 errors in context 2 of 13: ==31369== Source and destination overlap in strcpy(0x8179400, 0x8179400) ==31369== at 0x1B905635: strcpy (mac_replace_strmem.c:102) ==31369== by 0x809DB76: half_chop (interpreter.c:1146) ==31369== by 0x80830B3: do_set (act.wizard.c:2788) ==31369== by 0x809CFEB: command_interpreter (interpreter.c:784) ==31369== by 0x80573AC: game_loop (comm.c:625) ==31369== by 0x8056833: init_game (comm.c:254) ==31369== by 0x8056793: main (comm.c:228) ==31369== ==31369== 1 errors in context 3 of 13: ==31369== Conditional jump or move depends on uninitialised value(s) ==31369== at 0x1B8ECE75: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8E5F25: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8F29CB: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8E4D2D: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8E49C6: (within /lib/ld-2.3.4.so) ==31369== ==31369== 1 errors in context 4 of 13: ==31369== Conditional jump or move depends on uninitialised value(s) ==31369== at 0x1B8ECCD2: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8E5F25: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8F29CB: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8E4D2D: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8E49C6: (within /lib/ld-2.3.4.so) ==31369== ==31369== 1 errors in context 5 of 13: ==31369== Conditional jump or move depends on uninitialised value(s) ==31369== at 0x1B8ECCCA: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8E5F25: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8F29CB: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8E4D2D: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8E49C6: (within /lib/ld-2.3.4.so) ==31369== ==31369== 1 errors in context 6 of 13: ==31369== Conditional jump or move depends on uninitialised value(s) ==31369== at 0x1B8ECCD2: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8E5EB6: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8F29CB: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8E4D2D: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8E49C6: (within /lib/ld-2.3.4.so) ==31369== ==31369== 1 errors in context 7 of 13: ==31369== Conditional jump or move depends on uninitialised value(s) ==31369== at 0x1B8ECCCA: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8E5EB6: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8F29CB: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8E4D2D: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8E49C6: (within /lib/ld-2.3.4.so) ==31369== ==31369== 7 errors in context 8 of 13: ==31369== Conditional jump or move depends on uninitialised value(s) ==31369== at 0x1B8ECE75: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8E5EB6: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8F29CB: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8E4D2D: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8E49C6: (within /lib/ld-2.3.4.so) ==31369== ==31369== 7 errors in context 9 of 13: ==31369== Conditional jump or move depends on uninitialised value(s) ==31369== at 0x1B8ECE1F: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8E5EB6: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8F29CB: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8E4D2D: (within /lib/ld-2.3.4.so) ==31369== by 0x1B8E49C6: (within /lib/ld-2.3.4.so) ==31369== ==31369== 12 errors in context 10 of 13: ==31369== Conditional jump or move depends on uninitialised value(s) ==31369== at 0x1B8ECCD2: (within /lib/ld-2.3.4.so) ==31369== by 0x1BA471E2: (within /lib/libc-2.3.4.so) ==31369== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==31369== by 0x1BA47526: _dl_open (in /lib/libc-2.3.4.so) ==31369== by 0x1B95DF6A: (within /lib/libdl-2.3.4.so) ==31369== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==31369== by 0x1B95E480: (within /lib/libdl-2.3.4.so) ==31369== by 0x1B95DFB3: dlopen (in /lib/libdl-2.3.4.so) ==31369== by 0x80BAC11: assign_dynamic_procs (spec_procs.c:201) ==31369== by 0x808AE4B: boot_db (db.c:447) ==31369== by 0x805680B: init_game (comm.c:247) ==31369== by 0x8056793: main (comm.c:228) ==31369== ==31369== 12 errors in context 11 of 13: ==31369== Conditional jump or move depends on uninitialised value(s) ==31369== at 0x1B8ECCCA: (within /lib/ld-2.3.4.so) ==31369== by 0x1BA471E2: (within /lib/libc-2.3.4.so) ==31369== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==31369== by 0x1BA47526: _dl_open (in /lib/libc-2.3.4.so) ==31369== by 0x1B95DF6A: (within /lib/libdl-2.3.4.so) ==31369== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==31369== by 0x1B95E480: (within /lib/libdl-2.3.4.so) ==31369== by 0x1B95DFB3: dlopen (in /lib/libdl-2.3.4.so) ==31369== by 0x80BAC11: assign_dynamic_procs (spec_procs.c:201) ==31369== by 0x808AE4B: boot_db (db.c:447) ==31369== by 0x805680B: init_game (comm.c:247) ==31369== by 0x8056793: main (comm.c:228) ==31369== ==31369== 13 errors in context 12 of 13: ==31369== Conditional jump or move depends on uninitialised value(s) ==31369== at 0x1B8ECE75: (within /lib/ld-2.3.4.so) ==31369== by 0x1BA471E2: (within /lib/libc-2.3.4.so) ==31369== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==31369== by 0x1BA47526: _dl_open (in /lib/libc-2.3.4.so) ==31369== by 0x1B95DF6A: (within /lib/libdl-2.3.4.so) ==31369== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==31369== by 0x1B95E480: (within /lib/libdl-2.3.4.so) ==31369== by 0x1B95DFB3: dlopen (in /lib/libdl-2.3.4.so) ==31369== by 0x80BAC11: assign_dynamic_procs (spec_procs.c:201) ==31369== by 0x808AE4B: boot_db (db.c:447) ==31369== by 0x805680B: init_game (comm.c:247) ==31369== by 0x8056793: main (comm.c:228) ==31369== ==31369== 13 errors in context 13 of 13: ==31369== Conditional jump or move depends on uninitialised value(s) ==31369== at 0x1B8ECE1F: (within /lib/ld-2.3.4.so) ==31369== by 0x1BA471E2: (within /lib/libc-2.3.4.so) ==31369== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==31369== by 0x1BA47526: _dl_open (in /lib/libc-2.3.4.so) ==31369== by 0x1B95DF6A: (within /lib/libdl-2.3.4.so) ==31369== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==31369== by 0x1B95E480: (within /lib/libdl-2.3.4.so) ==31369== by 0x1B95DFB3: dlopen (in /lib/libdl-2.3.4.so) ==31369== by 0x80BAC11: assign_dynamic_procs (spec_procs.c:201) ==31369== by 0x808AE4B: boot_db (db.c:447) ==31369== by 0x805680B: init_game (comm.c:247) ==31369== by 0x8056793: main (comm.c:228) ==31369== IN SUMMARY: 71 errors from 13 contexts (suppressed: 0 from 0) ==31369== ==31369== malloc/free: in use at exit: 169194 bytes in 3819 blocks. ==31369== malloc/free: 9925 allocs, 6106 frees, 379224 bytes allocated. ==31369== ==31369== searching for pointers to 3819 not-freed blocks. ==31369== checked 975332 bytes. ==31369== ==31369== LEAK SUMMARY: ==31369== definitely lost: 68 bytes in 14 blocks. ==31369== possibly lost: 0 bytes in 0 blocks. ==31369== still reachable: 169126 bytes in 3805 blocks. ==31369== suppressed: 0 bytes in 0 blocks. ==31369== Use --leak-check=full to see details of leaked memory. --31369-- TT/TC: 0 tc sectors discarded. --31369-- 14010 tt_fast misses. --31369-- translate: new 9348 (163860 -> 2072705; ratio 126:10) --31369-- discard 0 (0 -> 0; ratio 0:10). --31369-- chainings: 7543 chainings, 0 unchainings. --31369-- dispatch: 56706010 jumps (bb entries); of them 6969188 (12%) unchained. --31369-- 1135/494236 major/minor sched events. --31369-- reg-alloc: 1566 t-req-spill, 360346+12757 orig+spill uis, --31369-- 46279 total-reg-rank --31369-- sanity: 1136 cheap, 46 expensive checks. --31369-- ccalls: 35868 C calls, 55% saves+restores avoided (117444 bytes) --31369-- 49010 args, avg 0.86 setup instrs each (12900 bytes) --31369-- 0% clear the stack (107604 bytes) --31369-- 15430 retvals, 26% of reg-reg movs avoided (8018 bytes) Jeremy Fitzhardinge wrote: > > Ashton wrote: > > >I have a program that loads dynamically/shared libraries at boot time > >(and can also be done during it's life). The problem shows itself after > >a call to exit() (but only sometimes). > > > > > Does it happen with all tools, or just memcheck? What kind of crash is > it? You're not including all the output, so its hard to see what's > happening here. Does using --run-libc-freeres=no make a difference? > > J > > ------------------------------------------------------- > This SF.net email is sponsored by Demarc: > A global provider of Threat Management Solutions. > Download our HomeAdmin security software for free today! > http://www.demarc.com/Info/Sentarus/hamr30 > _______________________________________________ > Valgrind-users mailing list > Val...@li... > https://lists.sourceforge.net/lists/listinfo/valgrind-users |
|
From: Jeremy F. <je...@go...> - 2005-03-31 01:51:36
|
Ashton wrote:
>>Sorry, did I misunderstand you? Are you saying that the crash also
>>happens without Valgrind?
>>
>>
>
>Yes. But I was hoping to understand what valgrind is saying.
>
>
Well, the error it's pointing out is pretty obvious: your code is using
a bad pointer to 0x15DC. Why is another question. Is this C++ code?
Are you using a static destructor?
J
|
|
From: Ashton <ash...@pa...> - 2005-04-01 02:07:07
|
Jeremy Fitzhardinge wrote: > > Ashton wrote: > > >>Sorry, did I misunderstand you? Are you saying that the crash also > >>happens without Valgrind? > >> > >> > > > >Yes. But I was hoping to understand what valgrind is saying. > > > > > Well, the error it's pointing out is pretty obvious: your code is using > a bad pointer to 0x15DC. Why is another question. Is this C++ code? > Are you using a static destructor? It's not C++. I thought I had it but I got another core. But this time it was when I attempted to load a library. Of course, it isn't happening every time, so it's hard to figure out. Here is valgrind's newest output: Thu Mar 31 17:42:45 :: Loading ../bin/lib/test_special.so ==14857== ==14857== Invalid read of size 1 ==14857== at 0x1B8F587A: (within /lib/ld-2.3.4.so) ==14857== by 0x1BA46BE0: (within /lib/libc-2.3.4.so) ==14857== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==14857== by 0x1BA47526: _dl_open (in /lib/libc-2.3.4.so) ==14857== by 0x1B95DF6A: (within /lib/libdl-2.3.4.so) ==14857== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==14857== by 0x1B95E480: (within /lib/libdl-2.3.4.so) ==14857== by 0x1B95DFB3: dlopen (in /lib/libdl-2.3.4.so) ==14857== by 0x80BB375: assign_dynamic_procs (spec_procs.c:251) ==14857== by 0x80BB9E7: do_dload (spec_procs.c:368) ==14857== by 0x809D5FB: command_interpreter (interpreter.c:787) ==14857== by 0x805746C: game_loop (comm.c:625) ==14857== Address 0x34E is not stack'd, malloc'd or (recently) free'd ==14857== ==14857== Process terminating with default action of signal 11 (SIGSEGV): dumping core ==14857== Access not within mapped region at address 0x34E ==14857== at 0x1B8F587A: (within /lib/ld-2.3.4.so) ==14857== by 0x1BA46BE0: (within /lib/libc-2.3.4.so) ==14857== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==14857== by 0x1BA47526: _dl_open (in /lib/libc-2.3.4.so) ==14857== by 0x1B95DF6A: (within /lib/libdl-2.3.4.so) ==14857== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==14857== by 0x1B95E480: (within /lib/libdl-2.3.4.so) ==14857== by 0x1B95DFB3: dlopen (in /lib/libdl-2.3.4.so) ==14857== by 0x80BB375: assign_dynamic_procs (spec_procs.c:251) ==14857== by 0x80BB9E7: do_dload (spec_procs.c:368) ==14857== by 0x809D5FB: command_interpreter (interpreter.c:787) ==14857== by 0x805746C: game_loop (comm.c:625) ==14857== discard syms at 0x1BBB2000-0x1BBBB000 in /lib/libnss_files-2.3.4.so due to munmap() ==14857== ==14857== ERROR SUMMARY: 80 errors from 13 contexts (suppressed: 0 from 0) ==14857== ==14857== 1 errors in context 1 of 13: ==14857== Invalid read of size 1 ==14857== at 0x1B8F587A: (within /lib/ld-2.3.4.so) ==14857== by 0x1BA46BE0: (within /lib/libc-2.3.4.so) ==14857== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==14857== by 0x1BA47526: _dl_open (in /lib/libc-2.3.4.so) ==14857== by 0x1B95DF6A: (within /lib/libdl-2.3.4.so) ==14857== by 0x1B8EF735: (within /lib/ld-2.3.4.so) ==14857== by 0x1B95E480: (within /lib/libdl-2.3.4.so) ==14857== by 0x1B95DFB3: dlopen (in /lib/libdl-2.3.4.so) ==14857== by 0x80BB375: assign_dynamic_procs (spec_procs.c:251) ==14857== by 0x80BB9E7: do_dload (spec_procs.c:368) ==14857== by 0x809D5FB: command_interpreter (interpreter.c:787) ==14857== by 0x805746C: game_loop (comm.c:625) ==14857== Address 0x34E is not stack'd, malloc'd or (recently) free'd ==14857== ==14857== 1 errors in context 2 of 13: ==14857== Conditional jump or move depends on uninitialised value(s) ==14857== at 0x1B8ECE75: (within /lib/ld-2.3.4.so) ==14857== by 0x1B8E5F25: (within /lib/ld-2.3.4.so) ==14857== by 0x1B8F29CB: (within /lib/ld-2.3.4.so) ==14857== by 0x1B8E4D2D: (within /lib/ld-2.3.4.so) ==14857== by 0x1B8E49C6: (within /lib/ld-2.3.4.so) ==14857== ==14857== 1 errors in context 3 of 13: ==14857== Conditional jump or move depends on uninitialised value(s) ==14857== at 0x1B8ECCD2: (within /lib/ld-2.3.4.so) ==14857== by 0x1B8E5F25: (within /lib/ld-2.3.4.so) ==14857== by 0x1B8F29CB: (within /lib/ld-2.3.4.so) ==14857== by 0x1B8E4D2D: (within /lib/ld-2.3.4.so) ==14857== by 0x1B8E49C6: (within /lib/ld-2.3.4.so) ==14857== ==14857== 1 errors in context 4 of 13: ==14857== Conditional jump or move depends on uninitialised value(s) ==14857== at 0x1B8ECCCA: (within /lib/ld-2.3.4.so) ==14857== by 0x1B8E5F25: (within /lib/ld-2.3.4.so) ==14857== by 0x1B8F29CB: (within /lib/ld-2.3.4.so) ==14857== by 0x1B8E4D2D: (within /lib/ld-2.3.4.so) ==14857== by 0x1B8E49C6: (within /lib/ld-2.3.4.so) ==14857== ==14857== 1 errors in context 5 of 13: ==14857== Conditional jump or move depends on uninitialised value(s) ==14857== at 0x1B8ECCD2: (within /lib/ld-2.3.4.so) ==14857== by 0x1B8E5EB6: (within /lib/ld-2.3.4.so) ==14857== by 0x1B8F29CB: (within /lib/ld-2.3.4.so) ==14857== by 0x1B8E4D2D: (within /lib/ld-2.3.4.so) ==14857== by 0x1B8E49C6: (within /lib/ld-2.3.4.so) ==14857== ==14857== 1 errors in context 6 of 13: ==14857== Conditional jump or move depends on uninitialised value(s) ==14857== at 0x1B8ECCCA: (within /lib/ld-2.3.4.so) ==14857== by 0x1B8E5EB6: (within /lib/ld-2.3.4.so) ==14857== by 0x1B8F29CB: (within /lib/ld-2.3.4.so) ==14857== by 0x1B8E4D2D: (within /lib/ld-2.3.4.so) ==14857== by 0x1B8E49C6: (within /lib/ld-2.3.4.so) Unfortunately I have no idea how to interpret some of this, so how to track this down is beyond me. The call to dlopen was: hnd = dlopen(soname, RTLD_NOW); Where soname is a char array (plenty large) that has the name of the file. hnd was defined as void *. Any idea what could be causing this problem ? I am guessing they're all related but what could crash dlopen is beyond me. Oh and I might add that before this happened, I had actually unloaded it, then loaded it again (a couple times) because I was modifying it. Could that be the problem (I know I can duplicate a crash if I modify it, and then unload it but if I don't it didn't crash straight away anyway). Any more help would be appreciated. |