lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


On Fri, Apr 6, 2012 at 21:21, Pierre Chapuis <catwell@archlinux.us> wrote:
> On 2012-04-06 18:38, Alexander Gladysh wrote:
>>
>> 06.04.2012, в 18:14, Pierre Chapuis <catwell@archlinux.us> написал(а):
>>
>>> One of my programs that uses FFI somtimes (rarely) segfaults
>>> in LuaJIT, even with -joff. I have recompiled luajit with debug
>>> symbols and -O0 and obtained a core dump which I could analyse
>>> in GCC. Here is the error:
>>>
>>> #0  0x00000000004672ca in lj_cconv_ct_ct (cts=0x41d8e4a0, d=0x41d95ba0,
>>>   s=0x41d95b20, dp=0x4199f480 "",
>>>   sp=0x4095b000 <Address 0x4095b000 out of bounds>, flags=0)
>>>   at lj_cconv.c:241
>>> 241        else i = *(uint8_t *)sp;
>>>
>>> And the backtrace:
>>>
>>> #0  0x00000000004672ca in lj_cconv_ct_ct (cts=0x41d8e4a0, d=0x41d95ba0,
>>>   s=0x41d95b20, dp=0x4199f480 "",
>>>   sp=0x4095b000 <Address 0x4095b000 out of bounds>, flags=0)
>>>   at lj_cconv.c:241
>>> #1  0x0000000000467c51 in lj_cconv_tv_ct (cts=0x41d8e4a0, s=0x41d95b20,
>>> sid=6,
>>>   o=0x4199f480, sp=0x4095b000 <Address 0x4095b000 out of bounds>)
>>>   at lj_cconv.c:388
>>> #2  0x0000000000466560 in lj_cdata_get (cts=0x41d8e4a0, s=0x41d95b20,
>>>   o=0x4199f480, sp=0x4095b000 <Address 0x4095b000 out of bounds>)
>>>   at lj_cdata.c:237
>>> #3  0x000000000042a6fe in lj_cf_ffi_meta___index (L=0x41e09378)
>>>   at lib_ffi.c:150
>>> #4  0x000000000042fb33 in lj_BC_FUNCC ()
>>> #5  0x0000000000410acb in lua_pcall (L=0x41e09378, nargs=2, nresults=-1,
>>>   errfunc=2) at lj_api.c:1034
>>> #6  0x00000000004039cd in docall (L=0x41e09378, narg=2, clear=0)
>>>   at luajit.c:126
>>> #7  0x0000000000404392 in handle_script (L=0x41e09378,
>>> argv=0x7fffe2c26df8,
>>>   n=4) at luajit.c:290
>>> #8  0x0000000000404f60 in pmain (L=0x41e09378) at luajit.c:525
>>> #9  0x000000000042fb33 in lj_BC_FUNCC ()
>>> #10 0x0000000000410c95 in lua_cpcall (L=0x41e09378, func=0x404dd3
>>> <pmain>,
>>>   ud=0x7fffe2c26cf0) at lj_api.c:1056
>>>
>>> Can anybody help me understand what is going on there? I am
>>> probably doing something wrong with the FFI somewhere but I
>>> cannot pinpoint exactly where in the program, and it looks
>>> like the segfault doesn't always happen at the same stage
>>> so I suspect it happens on deallocation by the GC...
>>>
>
>> We also see segfaults in one of our utilities, in about one of six
>> launches (this is a separate issue from what I reported earlier with
>> bogus stacktraces).
>>
>> We still need to confirm that this is LJ2 fault, but that code does
>> not use many third party modules, so this is not unlikely. So, maybe
>> this is the same issue that is reported here.
>>
>> Will get back as soon as I would have more details.
>
>
> I found the origin of this precise issue and it is probably not
> the same thing (so you should open a separate thread).

OK, will do.

> I am working with data similar to black and white images which
> is stored in arrays allocated with the FFI.
>
> I have a method that resizes one of these images and a particular
> edge case made me access data out of this array (gory details
> related to floating point precision omitted...).
>
> So GDB was right, I was simply accessing out of bounds data.
>
> As far as I am concerned, problem solved.

Congratulations on the victory! :-)

Alexander.