[plt-scheme] Seg fault in 371.3

From: Eric Hanchrow (offby1 at blarg.net)
Date: Sat Jan 5 10:47:03 EST 2008
Previous message: [plt-scheme] Seg fault in 371.3
Next message: [plt-scheme] Seg fault in 371.3
Messages sorted by: [date] [thread] [subject] [author]
>>>>> "Matthew" == Matthew Flatt <mflatt at cs.utah.edu> writes:

    Matthew> This isn't a crash.  MzScheme's GC will handle the signal
    Matthew> to implement a write barrier.

    Matthew> Use the commands

    Matthew>   handle SIGSEGV nostop noprint c

    Matthew> to continue in gdb.

Ah, of course.  OK, I told gdb to handle SIGSEGV, and ran a program, and saw this:

    (gdb) run -qu anagrams.scm 
    Starting program: /usr/local/bin/mzscheme -qu anagrams.scm
    Seg fault (internal error) at 0x10

    Program received signal SIGABRT, Aborted.
    0xffffe410 in __kernel_vsyscall ()
    (gdb) bt
    #0  0xffffe410 in __kernel_vsyscall ()
    #1  0xb7dab9a1 in raise () from /lib/tls/i686/cmov/libc.so.6
    #2  0xb7dad2b9 in abort () from /lib/tls/i686/cmov/libc.so.6
    #3  0x081830e6 in fault_handler (sn=11, si=0x0, ctx=0xbf8fdccc) at sighand.c:20
    #4  <signal handler called>
    #5  do_optimize_info_lookup (info=0x0, pos=1, j=3, closure_offset=0xbf8fe050) at xsrc/env.c:2965
    #6  0x08073ef2 in optimize_application2 (o=0xb6f17a20, info=0xb6f17e7c) at xsrc/eval.c:2207
    #7  0x08073187 in scheme_optimize_expr (expr=0xb6f17a20, info=0x3) at xsrc/eval.c:2636
    #8  0x08073053 in scheme_optimize_expr (expr=0xb6f17a0c, info=0xb6f17e7c) at xsrc/eval.c:2489
    #9  0x0807351d in scheme_optimize_expr (expr=0xb6f179e8, info=0xb6f17e7c) at xsrc/eval.c:2499
    #10 0x0807311c in scheme_optimize_expr (expr=0x3, info=0xb6f17e7c) at xsrc/eval.c:2403
    #11 0x0815b321 in scheme_optimize_lets (form=dwarf2_read_address: Corrupted DWARF expression.
    ) at xsrc/syntax.c:3370
    #12 0x08072eb4 in scheme_optimize_expr (expr=0xb6f17884, info=0x3) at xsrc/eval.c:2642
    #13 0x0807351d in scheme_optimize_expr (expr=0xb6f17870, info=0xb6f17dec) at xsrc/eval.c:2499
    #14 0x0807332d in scheme_optimize_expr (expr=0xb6f1785c, info=0xb6f17dec) at xsrc/eval.c:2255
    #15 0x0815b321 in scheme_optimize_lets (form=dwarf2_read_address: Corrupted DWARF expression.
    ) at xsrc/syntax.c:3370
    #16 0x08072eb4 in scheme_optimize_expr (expr=0xb6f177a8, info=0x3) at xsrc/eval.c:2642
    #17 0x08073550 in scheme_optimize_expr (expr=0xb6f17784, info=0xb6f17d7c) at xsrc/eval.c:2504
    #18 0x0809225c in scheme_optimize_closure_compilation (_data=0x0, info=0xb6f17d7c) at xsrc/fun.c:611
    #19 0x08072ecf in scheme_optimize_expr (expr=0xb6f17ae0, info=0x3) at xsrc/eval.c:2641
    #20 0x0815aecb in scheme_optimize_lets (form=0xb6f1774c, info=0xb6f17be4, for_inline=0) at xsrc/syntax.c:3205
    #21 0x08072eb4 in scheme_optimize_expr (expr=0xb6f1774c, info=0x3) at xsrc/eval.c:2642
    #22 0x0815b321 in scheme_optimize_lets (form=dwarf2_read_address: Corrupted DWARF expression.
    ) at xsrc/syntax.c:3370
    #23 0x08073cb2 in optimize_for_inline (info=0xb6f176ec, le=0xb6f1774c, argc=4, app=0xb6f14fa4, app2=0x0, app3=0x0, _flags=0xbf8ff32c) at xsrc/eval.c:1973
    #24 0x0807368e in scheme_optimize_expr (expr=0x0, info=0xb6f176ec) at xsrc/eval.c:2134
    #25 0x0815aecb in scheme_optimize_lets (form=0xb6f17648, info=0xb6f17518, for_inline=1) at xsrc/syntax.c:3205
    #26 0x08073cb2 in optimize_for_inline (info=0xb6f17518, le=0xb6f17568, argc=2, app=0x0, app2=0x0, app3=0xb6f14f90, _flags=0xbf8ff63c) at xsrc/eval.c:1973
    #27 0x080732f0 in scheme_optimize_expr (expr=0xb6f14f90, info=0xb6f17518) at xsrc/eval.c:2250
    #28 0x08073550 in scheme_optimize_expr (expr=0xb6f14f58, info=0xb6f17518) at xsrc/eval.c:2504
    #29 0x0815aecb in scheme_optimize_lets (form=0xb6f14f20, info=0xb6f17458, for_inline=0) at xsrc/syntax.c:3205
    #30 0x08072eb4 in scheme_optimize_expr (expr=0xb6f14f20, info=0x3) at xsrc/eval.c:2642
    #31 0x0807351d in scheme_optimize_expr (expr=0xb6f14f0c, info=0xb6f17458) at xsrc/eval.c:2499
    #32 0x0807332d in scheme_optimize_expr (expr=0xb6f14ef8, info=0xb6f17458) at xsrc/eval.c:2255
    #33 0x0815b321 in scheme_optimize_lets (form=dwarf2_read_address: Corrupted DWARF expression.
    ) at xsrc/syntax.c:3370
    #34 0x08072eb4 in scheme_optimize_expr (expr=0xb6f14e44, info=0x3) at xsrc/eval.c:2642
    #35 0x08073550 in scheme_optimize_expr (expr=0xb6f14e20, info=0xb6f173e8) at xsrc/eval.c:2504
    #36 0x0809225c in scheme_optimize_closure_compilation (_data=0x0, info=0xb6f173e8) at xsrc/fun.c:611
    #37 0x08072ecf in scheme_optimize_expr (expr=0xb6f1517c, info=0x3) at xsrc/eval.c:2641
    #38 0x0815aecb in scheme_optimize_lets (form=0xb6f0ee00, info=0xb6f17348, for_inline=0) at xsrc/syntax.c:3205
    #39 0x08072eb4 in scheme_optimize_expr (expr=0xb6f0ee00, info=0x3) at xsrc/eval.c:2642
    #40 0x0809225c in scheme_optimize_closure_compilation (_data=0x0, info=0xb6f17348) at xsrc/fun.c:611
    #41 0x08072ecf in scheme_optimize_expr (expr=0xb6f0948c, info=0x3) at xsrc/eval.c:2641
    #42 0x08156c23 in define_values_optimize (data=0x0, info=0xb6f14740) at xsrc/syntax.c:852
    #43 0x08072e91 in scheme_optimize_expr (expr=0xb6f15468, info=0x3) at xsrc/eval.c:2633
    #44 0x080c986e in module_optimize (data=0xb7ac0338, info=0xb6f14740) at xsrc/module.c:3956
    #45 0x08072e91 in scheme_optimize_expr (expr=0xb6f14730, info=0x3) at xsrc/eval.c:2633
    #46 0x08083bca in compile_k () at xsrc/eval.c:3923
    #47 0x08094660 in top_level_do (k=0x80834a9 <compile_k>, eb=0, sj_start=0xbf9009f8) at xsrc/fun.c:1689
    #48 0x0809486d in scheme_top_level_do (k=0, eb=0) at xsrc/fun.c:1728
    #49 0x0807f293 in scheme_default_compile_handler (argc=2, argv=0xbf900d68) at xsrc/eval.c:8708
    #50 0x0807e018 in scheme_do_eval (obj=<value optimized out>, num_rands=2, rands=0xbf900d68, get_value=1) at xsrc/eval.c:7169
    #51 0x08094be1 in apply_k () at xsrc/fun.c:1926
    #52 0x08094660 in top_level_do (k=0x8094b2f <apply_k>, eb=1, sj_start=0xbf900d18) at xsrc/fun.c:1689
    #53 0x0809486d in scheme_top_level_do (k=0, eb=0) at xsrc/fun.c:1728
    #54 0x08074f4c in call_compile_handler (form=<value optimized out>, immediate_eval=<value optimized out>) at xsrc/eval.c:3632
    #55 0x0808395c in compile_k () at xsrc/eval.c:3883
    #56 0x08094660 in top_level_do (k=0x80834a9 <compile_k>, eb=0, sj_start=0xbf901018) at xsrc/fun.c:1689
    #57 0x0809486d in scheme_top_level_do (k=0, eb=0) at xsrc/fun.c:1728
    #58 0x08081adf in scheme_default_eval_handler (argc=1, argv=0xb7adb2d0) at xsrc/eval.c:8689
    #59 0x0807e018 in scheme_do_eval (obj=<value optimized out>, num_rands=1, rands=0xb7adb2d0, get_value=-1) at xsrc/eval.c:7169
    #60 0x08094d16 in finish_apply_with_prompt (_data=0x3, argc=0, argv=0x0) at xsrc/fun.c:1972
    #61 0x0807e34b in scheme_do_eval (obj=0xb7ac056c, num_rands=0, rands=0x0, get_value=-1) at xsrc/eval.c:7577
    #62 0x0809d70e in scheme_finish_apply_for_prompt (prompt=0x0, _prompt_tag=0x0, proc=0xb7ac056c, argc=0, argv=0x0) at xsrc/fun.c:5894
    #63 0x0809d856 in scheme_apply_for_prompt (prompt=0xb7ac058c, prompt_tag=0xb7b64a6c, proc=0xb7ac056c, argc=0, argv=0x0) at xsrc/fun.c:5965
    #64 0x0809e0e9 in call_with_prompt (in_argc=3, in_argv=0xbf90161c) at xsrc/fun.c:6212
    #65 0x0807e018 in scheme_do_eval (obj=<value optimized out>, num_rands=3, rands=0xbf90161c, get_value=-1) at xsrc/eval.c:7169
    #66 0x0809e75c in do_call_with_prompt (f=<value optimized out>, data=<value optimized out>, multi=1, top_level=0) at xsrc/fun.c:6436
    #67 0x0809e90d in do_apply_with_prompt (rator=0xb7ad54c4, num_rands=1, rands=0xbf901734, multi=1, top_level=0) at xsrc/fun.c:2005
    #68 0x08103ea6 in do_load_handler (data=0xb7cb01b8) at xsrc/portfun.c:4376
    #69 0x080a0c64 in scheme_dynamic_wind (pre=0, act=0x8103c59 <do_load_handler>, post=0x8103c47 <post_load_handler>, jmp_handler=0, data=0xb7ac0614) at xsrc/fun.c:7821
    #70 0x0810476b in default_load (argc=2, argv=0xb7ee8f3c) at xsrc/portfun.c:4490
    #71 0x083104d1 in ?? ()
    #72 0x00000002 in ?? ()
    #73 0xb7ee8f3c in ?? ()
    #74 0xb7ad54e8 in ?? ()
    #75 0x00000000 in ?? ()
    (gdb) 5
    Undefined command: "5".  Try "help".
    (gdb) frame 5
    #5  do_optimize_info_lookup (info=0x0, pos=1, j=3, closure_offset=0xbf8fe050) at xsrc/env.c:2965
    (gdb) p info
    $1 = (Optimize_Info *) 0x0
    (gdb) 

The relevant bits of source (xsrc/env.c:2965) look like this:

      while (info ) {
        if (info -> flags & 8 )
          j ++ ; 
        if (pos < info -> original_frame )
          break ; 
        pos -= info -> original_frame ; 
        delta += info -> new_frame ; 
        info = info -> next ; 
      }
    =>p = info -> consts ; 

It's been a while since I've done any C, but that code looks
guaranteed to crash -- we loop until info is a NULL pointer, and then
we de-reference it.

Since this file clearly isn't source, maybe I need to rebuild from
scratch.  What do you think?

-- 
Governing the U.S. is like playing 200 simultaneous chess
matches (while whiny columnists second-guess every move on every
board).
        -- Nicholas Kristof, New York Times columnist
Posted on the users mailing list.
Previous message: [plt-scheme] Seg fault in 371.3
Next message: [plt-scheme] Seg fault in 371.3
Messages sorted by: [date] [thread] [subject] [author]