#10 YAP segfaults: Memory allocation error + FIX
Hi Everyone,
I've been running YAP with an ILP system on a large
dataset and experiences segfaults, just after 30s of
the simulation. Repeatedly. Every time at the same place.
I decided to look at it with gdb and I think I
identified the problem and found a solution.
Nonetheless, I do not understad YAP code, so I'd like
to ask you to have a look at it.
*** File C/index.c: 4113. ***
static istack_entry *
push_stack(istack_entry *sp, Int arg, Term Tag, Term
extra, struct intermediates *cint)
{
if (sp+1 > (istack_entry *)Yap_TrailTop) {
longjmp(cint->CompilerBotch,4);
}
sp->pos = arg;
sp->val = Tag;
sp->extra = extra;
sp++;
sp->pos = 0; return sp;
}
*** File C/index.c:5130. ***
static path_stack_entry *
push_path(path_stack_entry *sp, yamop **pipc, ClauseDef
*clp, struct intermediates *cint)
{
if (sp+1 > (path_stack_entry *)Yap_TrailTop) {
longjmp(cint->CompilerBotch,4);
}
sp->flag = pc_entry;
sp->u.pce.pi_pc = pipc;
sp->u.pce.code = clp->Code;
sp->u.pce.current_code = clp->CurrentCode;
sp->u.pce.work_pc = clp->u.WorkPC;
sp->u.pce.tag = clp->Tag;
return sp+1;
}
Yap_TrailTop is the end of allocated memory space, more
precisely Yap_TrailTop-1 is the last addressable byte.
Checking sp+1 > Yap_TrailTop merely checks if the
structure itself is in an addressable space (which is
normal, as we would have segfaulted otherwise) and is
_not sufficient_ to check if sp can be increased by one.
In both cases the correct comparison is:
if (sp+2 > (path_stack_entry *)Yap_TrailTop) {
This fixed my problems (YAP runs ok with my datasets),
and _quickly_ looking though the code have not found
similar situations.
Could you please (developers):
- confirm that the problem exists and that my fix is valid.
- check if there are similar memory allocation problems.
Thanks for a great prolog!
Regards,
Tadek
patch -p0 < yap-4.5.5-segfault.patch --- Fixes the memory allocation problem