[Mono-devel-list] malloc_consolidate segfaults

Scott Mohekey scott.mohekey at telogis.com
Sun Feb 27 21:05:27 EST 2005 

A fresh build appears to have fixed this.

Scott Mohekey wrote:

> Hi,
>
> I'm seeing very frequent seg faults occuring inside 
> malloc_consolidate(), which is in libc. I've seen them occur as a 
> result of a call to free from inside libgdiplus:
>
> #0  0x401ad81a in malloc_consolidate () from /lib/libc.so.6
> #1  0x401ad5fc in _int_free () from /lib/libc.so.6
> #2  0x401ac30d in free () from /lib/libc.so.6
> #3  0x40f3f33a in png_free_default () from /usr/lib/libpng12.so.0
> #4  0x40f3f30c in png_free () from /usr/lib/libpng12.so.0
> #5  0x40f1ce56 in png_zfree () from /usr/lib/libpng12.so.0
> #6  0x40f4a6a4 in deflateEnd () from /lib/libz.so.1
> #7  0x40f306f8 in png_write_destroy () from /usr/lib/libpng12.so.0
> #8  0x40f30673 in png_destroy_write_struct () from /usr/lib/libpng12.so.0
> #9  0x40ccb4fb in gdip_save_png_image_to_file_or_stream (fp=0x0, 
> putBytesFunc=0x8e570f0, image=0x8e51a70, params=0x0) at pngcodec.c:435
> #10 0x40ccb6c5 in gdip_save_png_image_to_stream_delegate 
> (putBytesFunc=0x8e4f9e0, image=0x8e4f9e0, params=0x8e4f9e0) at 
> pngcodec.c:461
> #11 0x40cbab0c in GdipSaveImageToDelegate_linux (image=0x8e51a70, 
> getBytesFunc=0x8e4f9e0, putBytesFunc=0x8e570f0, seekFunc=0x8e4f9e0, 
> closeFunc=0x8e4f9e0, sizeFunc=0x8e4f9e0, encoderCLSID=0x8e50400,
>    params=0x0) at image.c:1364
>
>
> when callocing some memory inside SetSerialisedCurrentCulture:
>
> #0  0x401ad81a in malloc_consolidate () from /lib/libc.so.6
> #1  0x401acf6e in _int_malloc () from /lib/libc.so.6
> #2  0x401ac96b in calloc () from /lib/libc.so.6
> #3  0x4005ba1f in g_malloc0 () from /usr/lib/libglib-2.0.so.0
> #4  0x080a434f in 
> ves_icall_System_Threading_Thread_SetSerializedCurrentCulture 
> (this=0x1000, arr=0x400b033c) at threads.c:709
>
>
> inside the mono runtime when mallocing memory:
>
> #0  0x401ad81a in malloc_consolidate () from /lib/libc.so.6
> #1  0x401acf6e in _int_malloc () from /lib/libc.so.6
> #2  0x401ac171 in malloc () from /lib/libc.so.6
> #3  0x4005b9a7 in g_malloc () from /usr/lib/libglib-2.0.so.0
> #4  0x080d6232 in mono_mempool_new () at mempool.c:47
> #5  0x08121fe1 in mini_method_compile (method=0x8b99d80, 
> opts=146341400, domain=0x81f66e0, run_cctors=146341400, 
> compile_aot=146341400, parts=0) at mini.c:8872
> #6  0x08122b44 in mono_jit_compile_method_inner (method=0x8b99d80, 
> target_domain=0x81f66e0) at mini.c:9243
> #7  0x08122e1a in mono_jit_compile_method (method=0x8b8fe18) at 
> mini.c:9320
> #8  0x080c1d98 in mono_compile_method (method=0x8b8fe18) at object.c:368
> #9  0x0809311d in mono_delegate_to_ftnptr (delegate=0x8d677d0) at 
> marshal.c:232
>
>
> inside System.IO, again when mallocing memory:
>
> #0  0x401ad711 in malloc_consolidate () from /lib/libc.so.6
> #1  0x401acf6e in _int_malloc () from /lib/libc.so.6
> #2  0x401ac171 in malloc () from /lib/libc.so.6
> #3  0x401cd1ca in opendir () from /lib/libc.so.6
> #4  0x40042d7b in g_dir_open () from /usr/lib/libglib-2.0.so.0
> #5  0x080e35c3 in mono_io_scandir (dirname=0x8bd2288 
> "/opt/telogis/ontrack2/xml", pattern=0xc701cefb <Address 0xc701cefb 
> out of bounds>, namelist=0x3b75484d) at io.c:3026
> #6  0x080e3886 in FindFirstFile (pattern=0xc701cefb, 
> find_data=0xc701cefb) at io.c:3165
> #7  0x080d7c22 in ves_icall_System_IO_MonoIO_FindFirstFile 
> (path=0x8d90f60, stat=0xc701cefb, error=0xbebff74c) at file-io.c:257
>
>
> Also, I'm occasionally seeing the following assertion:
>
> ** ERROR **: file mini.c: line 9342 (mono_jit_free_method): assertion 
> failed: (method->dynamic)
> aborting...
>
>
> #0  0x40175391 in kill () from /lib/libc.so.6
> #1  0x400cdd6d in pthread_kill () from /lib/libpthread.so.0
> #2  0x400ce0cb in raise () from /lib/libpthread.so.0
> #3  0x40174de2 in raise () from /lib/libc.so.6
> #4  0x40176a10 in abort () from /lib/libc.so.6
> #5  0x4005d740 in g_logv () from /usr/lib/libglib-2.0.so.0
> #6  0x4005d766 in g_log () from /usr/lib/libglib-2.0.so.0
> #7  0x4005e2b8 in g_assert_warning () from /usr/lib/libglib-2.0.so.0
> #8  0x08122e9b in mono_jit_free_method (domain=0x8183434, 
> method=0x400b033c) at mini.c:9342
> #9  0x080c1dff in mono_runtime_free_method (domain=0x400d3b84, 
> method=0x8de3518) at object.c:403
> #10 0x0809348a in mono_delegate_free_ftnptr (delegate=0x88e4820) at 
> marshal.c:351
> #11 0x08135450 in run_finalize (obj=0x88e4820, data=0x0) at gc.c:96
> #12 0x080fcc87 in GC_invoke_finalizers () at finalize.c:787
> #13 0x08136225 in finalizer_thread (unused=0x0) at gc.c:699
> #14 0x080a3aec in start_wrapper (data=0x8230130) at threads.c:294
> #15 0x080f0340 in timed_thread_start_routine (args=0x8230030) at 
> timed-thread.c:135
> #16 0x080ff613 in GC_start_routine (arg=0xbf7ffaa4) at 
> pthread_support.c:1226
> #17 0x400cb8df in pthread_start_thread () from /lib/libpthread.so.0
> #18 0x400cb96f in pthread_start_thread_event () from /lib/libpthread.so.0
> #19 0x4020196a in clone () from /lib/libc.so.6
>
>
> All of these only began occurring after the fix for bug 73001 
> [http://bugs.ximian.com/show_bug.cgi?id=73001].
>
> Scott.
> _______________________________________________
> Mono-devel-list mailing list
> Mono-devel-list at lists.ximian.com
> http://lists.ximian.com/mailman/listinfo/mono-devel-list
>

More information about the Mono-devel-list mailing list