Re: Signal 10, Bus error - BUS_ADRALN (bad deque iterator) (923 Views)
Reply
Occasional Advisor
gina23
Posts: 6
Registered: ‎03-14-2012
Message 1 of 12 (1,016 Views)

Signal 10, Bus error - BUS_ADRALN

I am using HP-UX B.11.23 U ia64 2193032355

 

On this platform I get core dump with Signal 10, BUS_ADRALN message. Tried analyzing dump by myself and it looks like some issue with std::deque and std::deque::iterator:begin(). Element returned by std::deque::iterator:begin() is invalid. Went through code, seems like there is no simultaneous multi thread access to deque.

 

(gdb) set redirect-file gdb.out
(gdb) set redirect on
(gdb) bt
(gdb) frame 0
(gdb) disas $pc-16*12 $pc+16*4
(gdb) info reg
(gdb) set redirect off

 

gdb.out attached for referrence.

Could you please help to solve this core dump.. Thanks in advance

Acclaimed Contributor
Dennis Handly
Posts: 25,199
Registered: ‎03-06-2006
Message 2 of 12 (1,009 Views)

Re: Signal 10, Bus error - BUS_ADRALN (bad deque iterator)

[ Edited ]

>seems like there is no simultaneous multi thread access to deque.

 

That's correct.  User's are responsible for synchronizing their objects and containers.

(Oops, are you asking if you can do this or telling us you don't do this?)

 

In this case, the parm or "this" pointer passed to WriteJob::getAction is misaligned.

Ok, r9 == r33 + 56, offset of the misaligned field.

Occasional Advisor
gina23
Posts: 6
Registered: ‎03-14-2012
Message 3 of 12 (1,005 Views)

Re: Signal 10, Bus error - BUS_ADRALN

[ Edited ]

when can this happen? Could the simultaneous multithread access be one reason? what else could be reason for misaligned?

Acclaimed Contributor
Dennis Handly
Posts: 25,199
Registered: ‎03-06-2006
Message 4 of 12 (998 Views)

Re: Signal 10, Bus error - BUS_ADRALN (bad deque iterator)

[ Edited ]

>Could the simultaneous multithread access be one reason?

 

Yes, if one thread is writing to the container.

 

>what else could be reason for misaligned?

 

Do you have misaligned fields in structs?  What is your element type in your deque?

Occasional Advisor
gina23
Posts: 6
Registered: ‎03-14-2012
Message 5 of 12 (993 Views)

Re: Signal 10, Bus error - BUS_ADRALN

[ Edited ]

element type in deque is WriteJob

 

class WriteJob {

 

public:

 enum {Cnx = 1};

 enum {Noth, NotPro = 2, FreB = 4};

 

private:

 struct BufRef {
     BufRef(): m_Ptr(NULL), m_Len(0) {}
     BufRef(void * ptr, unsigned long len): m_Ptr(ptr), m_Len(len) {}
     void *  m_Ptr;
     unsigned long   m_Len;
 };

 BufRef m_IOBuf;
 unsigned long m_nWritten;
 BufRef m_ActionBuf;
 void * m_ProtocolData;
 void* m_IOCookie;
 int m_Action;
 Buf * m_writebuf;
 bool m_TranslateIOBufPtr;

 

public:

 

 some functions...

 ...

 ...

};

 

Buf is:

class Buf {

public:

    ...

    some functions

    ...

private:
    unsigned int ft;
    unsigned int l;
    unsigned int sz;
    unsigned int gs;
    char *_d;
    char *m;
    Buf *n;
    unsigned int iu;
    bool m_P;

};

Occasional Advisor
gina23
Posts: 6
Registered: ‎03-14-2012
Message 6 of 12 (986 Views)

Re: Signal 10, Bus error - BUS_ADRALN

[ Edited ]

(gdb) set redirect-file gdb1.out
(gdb) set redirect on
Redirecting output to gdb1.out.
(gdb) bt
(gdb) frame 1
(gdb) disas $pc-16*20 $pc+16*4
(gdb) info reg
(gdb) set redirect off

 

I believe something going wrong in frame 1, deque::begin() returns invalid data?

 

Attaching frame1 assembly code. Something gone wrong after line: br.call.dptk.few rp=_ZNSt5dequeI8WriteJobSaIS0_EE5beginEv+0x0;;

Acclaimed Contributor
Dennis Handly
Posts: 25,199
Registered: ‎03-06-2006
Message 7 of 12 (966 Views)

Re: Signal 10, Bus error - BUS_ADRALN (bad deque iterator)

[ Edited ]

>I believe something going wrong in frame 1, deque::begin() returns invalid data?

 

Yes.  Which means the deque object is corrupted, somehow.  Or already freed.

 

>Something gone wrong after line: br.call rp=_ZNSt5dequeI8WriteJobSaIS0_EE5beginEv

 

No, that's fine.

 

Do you have debug info so you can print out the deque control block?

Otherwise you'll need to print it out in raw hex format:

x /11gx &deque   # The "g" is for 64 bit apps

 

It also appears that this isn't the first time through the for-loop since r33 has changed.

Occasional Advisor
gina23
Posts: 6
Registered: ‎03-14-2012
Message 8 of 12 (952 Views)

Re: Signal 10, Bus error - BUS_ADRALN

Here we go:

 

 (gdb) x /11gx 0x6000000003102870
0x6000000003102870:     0x600000000031d540      0x600000000031d540
0x6000000003102880:     0x600000000031d590      0x600000000031b6f0
0x6000000003102890:     0x600000000031d590      0x600000000031d540
0x60000000031028a0:     0x600000000031d590      0x600000000031b6f0
0x60000000031028b0:     0x0000000000000001      0x600000000031b6f0
0x60000000031028c0:     0x0000000000000001

Acclaimed Contributor
Dennis Handly
Posts: 25,199
Registered: ‎03-06-2006
Message 9 of 12 (949 Views)

Re: Signal 10, Bus error - BUS_ADRALN (bad deque iterator)

[ Edited ]

These addresses all seem nicely aligned.  So any corruption must be in blocks that are nested deeper.

 

If you can change your application, you might want to loop through all of your elements and print their addresses to see how many are bad.

Also, having debug info would be helpful.

Occasional Advisor
gina23
Posts: 6
Registered: ‎03-14-2012
Message 10 of 12 (947 Views)

Re: Signal 10, Bus error - BUS_ADRALN

The first element that we retrive from deque itself is corrupted. i e deque::begin() returns something invalid.

 

0x6000000000305003

 

x /11gx 0x6000000000305003
0x6000000000305003:     0x0000000020600000      0x000031b318000000
0x6000000000305013:     0x000000001c600000      0x000031b7b8000000
0x6000000000305023:     0x000000003f000000      0x0000000064000000
0x6000000000305033:     0x0100000000000000      0x0000000030600000
0x6000000000305043:     0x0004352838000000      0x0000000012600000
0x6000000000305053:     0x00043529b8000000

 

what is debug info ?

Acclaimed Contributor
Dennis Handly
Posts: 25,199
Registered: ‎03-06-2006
Message 11 of 12 (936 Views)

Re: Signal 10, Bus error - BUS_ADRALN (bad deque iterator)

[ Edited ]

0x6000000003102870:     0x600000000031d540      0x600000000031d540
0x6000000003102880:     0x600000000031d590      0x600000000031b6f0

 

This is the iterator begin.  The first word is the pointer to the element and it is aligned.

 

0x6000000003102890:     0x600000000031d590      0x600000000031d540
0x60000000031028a0:     0x600000000031d590      0x600000000031b6f0

 

This is the iterator end.  The first word is the pointer past the end.

 

0x60000000031028b0:     0x0000000000000001      0x600000000031b6f0  0x0000000000000001

 

The only thing "odd" about this, is that there is only room for the one element, of 80 bytes.

(This would only happen if container allocation policies were fiddled with.)

 

>The first element that we retrieve from deque itself is corrupted. Ie deque::begin() returns something invalid.

 

I'm not sure how?  It only needs to copy the 4 pointers out of the control block.

 

>what is debug info?

When you compile with -g, the compiler generates debug info.
Acclaimed Contributor
Dennis Handly
Posts: 25,199
Registered: ‎03-06-2006
Message 12 of 12 (923 Views)

Re: Signal 10, Bus error - BUS_ADRALN (bad deque iterator)

>I'm not sure how?  It only needs to copy the 4 pointers out of the control block.

 

The register values indicate that r33 was changed.  This could happen if it was changed somewhere in the for-loop below the disassembly.  This means it aborted on the second or following trip.

So can you print out the current iterator value?

 

You could have blasted it by a buffer overrun.

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.