On Freitag 21 Dezember 2007, Daniel Jacobowitz wrote: > On Fri, Dec 21, 2007 at 12:15:43PM -0500, Andreas Kloeckner wrote: > > Breakpoint 1, mmap_resize (m=0x2b6a5b236010, oldp=0x2b6a5bdb4000, > > nb=406784) at src/gklib/dlmalloc.c:2358 > > 2358 if (cp != CMFAIL) { > > So you're here... > > > 2356 char* cp = (char*)CALL_MREMAP((char*)oldp - offset, > > 2357 oldmmsize, newmmsize, 1); > > Having just done this... > > > #define CALL_MREMAP(addr, osz, nsz, mv) ((void)(addr),(void)(osz), \ > > (void)(nsz), (void)(mv),MFAIL) > > Which you said expands to this... > > > (gdb) p cp > > $3 = 0x5bdb4000 <Address 0x5bdb4000 out of bounds> > > So how can this possibly be true, and how does mremap have anything to > do with your problem? Nowhere in this code are you calling it. > > I think we need a testcase for this problem, if you are convinced it > has something to do with glibc. Also try strace. Oops. I pasted the wrong line. CALL_MREMAP is 8< ------------------------------------------------------------ #define CALL_MREMAP(addr, osz, nsz, mv) mremap((addr), (osz), (nsz), (mv)) 8< ------------------------------------------------------------ And there is indeed a call to mremap, and it is indeed the last thing the process does. The strace return value looks ok, but the value that arrives in C (at least according to gdb and the segfault) is not. 8< ------------------------------------------------------------ ... mremap(0x2ba79d9ef000, 573440, 409600, MREMAP_MAYMOVE) = 0x2ba79d9ef000 --- SIGSEGV (Segmentation fault) @ 0 (0) --- +++ killed by SIGSEGV +++ 8< ------------------------------------------------------------ And the code is not really mine--it's just dlmalloc. Andreas
Attachment:
signature.asc
Description: This is a digitally signed message part.