[Barrelfish-users] [New release] free() error
Georgios Varisteas
yorgos at kth.se
Wed Mar 27 21:10:22 CET 2013
Hi,
Using code that run before updating, I now get a page fault while freeing memory. The same code runs correctly on linux and I get no messages from valgrind neither. Thus it should be something internal.
kernel 20: user page fault in 'pond20': addr 0 IP 4d3c8d SP a80062b1120 error 0x6
Although I attached the disassembled portion below, I assume the error is at ./lib/barrelfish/slot_alloc/single_slot_alloc.c:117.
Actually this is the last of a series of 3 calls to free() and since allocations were also done consecutively the addresses are consecutive.
I can spend time to fix this myself but I'd like some pointers.
cheers,
Georgios
00000000004d3b10 <sfree>:
4d3b10: 55 push %rbp
4d3b11: 48 89 e5 mov %rsp,%rbp
4d3b14: 48 83 ec 40 sub $0x40,%rsp
4d3b18: 48 89 5d d8 mov %rbx,-0x28(%rbp)
4d3b1c: 4c 89 6d e8 mov %r13,-0x18(%rbp)
4d3b20: 48 89 fb mov %rdi,%rbx
4d3b23: 41 89 d5 mov %edx,%r13d
4d3b26: 89 55 c8 mov %edx,-0x38(%rbp)
4d3b29: 48 89 f7 mov %rsi,%rdi
4d3b2c: 48 89 f2 mov %rsi,%rdx
4d3b2f: 48 c1 ef 30 sIs there anyway tohr $0x30,%rdi
4d3b33: 4c 89 65 e0 mov %r12,-0x20(%rbp)
4d3b37: 48 c1 ea 20 shr $0x20,%rdx
4d3b3b: 39 73 44 cmp %esi,0x44(%rbx)
4d3b3e: 4c 89 75 f0 mov %r14,-0x10(%rbp)
4d3b42: 4c 89 7d f8 mov %r15,-0x8(%rbp)
4d3b46: 48 89 75 c0 mov %rsi,-0x40(%rbp)
4d3b4a: 41 bc 7d 00 00 00 mov $0x7d,%r12d
4d3b50: 0f b6 43 48 movzbl 0x48(%rbx),%eax
4d3b54: 0f b6 4b 4a movzbl 0x4a(%rbx),%ecx
4d3b58: 74 1e je 4d3b78 <sfree+0x68>
4d3b5a: 4c 89 e0 mov %r12,%rax
4d3b5d: 48 8b 5d d8 mov -0x28(%rbp),%rbx
4d3b61: 4c 8b 65 e0 mov -0x20(%rbp),%r12
4d3b65: 4c 8b 6d e8 mov -0x18(%rbp),%r13
4d3b69: 4c 8b 75 f0 mov -0x10(%rbp),%r14
4d3b6d: 4c 8b 7d f8 mov -0x8(%rbp),%r15
4d3b71: c9 leaveq
4d3b72: c3 retq
4d3b73: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1)
4d3b78: 38 c2 cmp %al,%dl
4d3b7a: 75 de jne 4d3b5a <sfree+0x4a>
4d3b7c: 40 38 cf cmp %cl,%dil
4d3b7f: 75 d9 jne 4d3b5a <sfree+0x4a>
4d3b81: 4c 8d 7b 10 lea 0x10(%rbx),%r15
4d3b85: 4c 89 ff mov %r15,%rdi
4d3b88: e8 03 5e f9 ff callq 469990 <thread_mutex_lock>
4d3b8d: 4c 8b 73 50 mov 0x50(%rbx),%r14
4d3b91: 4d 85 f6 test %r14,%r14
4d3b94: 0f 84 06 01 00 00 je 4d3ca0 <sfree+0x190>
4d3b9a: 41 8b 06 mov (%r14),%eax
4d3b9d: 41 8d 55 01 lea 0x1(%r13),%edx
4d3ba1: 39 c2 cmp %eax,%edx
4d3ba3: 0f 84 87 00 00 00 je 4d3c30 <sfree+0x120>
4d3ba9: 41 39 c5 cmp %eax,%r13d
4d3bac: 0f 82 8e 00 00 00 jb 4d3c40 <sfree+0x130>
4d3bb2: 41 8b 56 04 mov 0x4(%r14),%edx
4d3bb6: 8d 04 02 lea (%rdx,%rax,1),%eax
4d3bb9: 41 39 c5 cmp %eax,%r13d
4d3bbc: 0f 84 a9 00 00 00 je 4d3c6b <sfree+0x15b>
4d3bc2: 41 bc 85 00 00 00 mov $0x85,%r12d
4d3bc8: 73 28 jae 4d3bf2 <sfree+0xe2>
4d3bca: eb 55 jmp 4d3c21 <sfree+0x111>
4d3bcc: 0f 1f 40 00 nopl 0x0(%rax)
4d3bd0: 41 8b 04 24 mov (%r12),%eax
4d3bd4: 41 39 c5 cmp %eax,%r13d
4d3bd7: 0f 82 a3 00 00 00 jb 4d3c80 <sfree+0x170>
4d3bdd: 41 8b 54 24 04 mov 0x4(%r12),%edx
4d3be2: 01 d0 add %edx,%eax
4d3be4: 41 39 c5 cmp %eax,%r13d
4d3be7: 74 7f je 4d3c68 <sfree+0x158>
4d3be9: 0f 82 89 00 00 00 jb 4d3c78 <sfree+0x168>
4d3bef: 4d 89 e6 mov %r12,%r14
4d3bf2: 4d 8b 66 08 mov 0x8(%r14),%r12
4d3bf6: 4d 85 e4 test %r12,%r12
4d3bf9: 75 d5 jne 4d3bd0 <sfree+0xc0>
4d3bfb: 48 8d 7b 58 lea 0x58(%rbx),%rdi
4d3bff: e8 ac 64 f9 ff callq 46a0b0 <slab_alloc>
4d3c04: 49 89 46 08 mov %rax,0x8(%r14)
4d3c08: 44 89 28 mov %r13d,(%rax)
4d3c0b: c7 40 04 01 00 00 00 movl $0x1,0x4(%rax)
4d3c12: 48 c7 40 08 00 00 00 movq $0x0,0x8(%rax)
4d3c19: 00
4d3c1a: 83 43 34 01 addl $0x1,0x34(%rbx)
4d3c1e: 45 31 e4 xor %r12d,%r12d
4d3c21: 4c 89 ff mov %r15,%rdi
4d3c24: e8 67 60 f9 ff callq 469c90 <thread_mutex_unlock>
4d3c29: e9 2c ff ff ff jmpq 4d3b5a <sfree+0x4a>
4d3c2e: 66 90 xchg %ax,%ax
4d3c30: 45 89 2e mov %r13d,(%r14)
4d3c33: 41 83 46 04 01 addl $0x1,0x4(%r14)
4d3c38: eb e0 jmp 4d3c1a <sfree+0x10a>
4d3c3a: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1)
4d3c40: 48 8d 7b 58 lea 0x58(%rbx),%rdi
4d3c44: e8 67 64 f9 ff callq 46a0b0 <slab_alloc>
4d3c49: 48 8b 53 50 mov 0x50(%rbx),%rdx
4d3c4d: 44 89 28 mov %r13d,(%rax)
4d3c50: c7 40 04 01 00 00 00 movl $0x1,0x4(%rax)
4d3c57: 48 89 50 08 mov %rdx,0x8(%rax)
4d3c5b: 48 89 43 50 mov %rax,0x50(%rbx)
4d3c5f: eb b9 jmp 4d3c1a <sfree+0x10a>
4d3c61: free 0f 1f 80 00 00 00 00 nopl 0x0(%rax)
4d3c68: 4d 89 e6 mov %r12,%r14
4d3c6b: 83 c2 01 add $0x1,%edx
4d3c6e: 41 89 56 04 mov %edx,0x4(%r14)
4d3c72: eb a6 jmp 4d3c1a <sfree+0x10a>
4d3c74: 0f 1f 40 00 nopl 0x0(%rax)
4d3c78: 41 bc 85 00 00 00 mov $0x85,%r12d
4d3c7e: eb a1 jmp 4d3c21 <sfree+0x111>
4d3c80: 48 8d 7b 58 lea 0x58(%rbx),%rdi
4d3c84: e8 27 64 f9 ff callq 46a0b0 <slab_alloc>
4d3c89: 49 89 46 08 mov %rax,0x8(%r14)
->4d3c8d: 44 89 28 mov %r13d,(%rax)
4d3c90: c7 40 04 01 00 00 00 movl $0x1,0x4(%rax)
4d3c97: 4c 89 60 08 mov %r12,0x8(%rax)
4d3c9b: e9 7a ff ff ff jmpq 4d3c1a <sfree+0x10a>
4d3ca0: 48 8d 7b 58 lea 0x58(%rbx),%rdi
4d3ca4: e8 07 64 f9 ff callq 46a0b0 <slab_alloc>
4d3ca9: 48 89 43 50 mov %rax,0x50(%rbx)
4d3cad: 44 89 28 mov %r13d,(%rax)
4d3cb0: c7 40 04 01 00 00 00 movl $0x1,0x4(%rax)
4d3cb7: 48 c7 40 08 00 00 00 movq $0x0,0x8(%rax)
4d3cbe: 00
4d3cbf: e9 56 ff ff ff jmpq 4d3c1a <sfree+0x10a>
4d3cc4: 66 66 66 2e 0f 1f 84 data32 data32 nopw %cs:0x0(%rax,%rax,1)
4d3ccb: 00 00 00 00 00
More information about the Barrelfish-users
mailing list