[CODE][PORTING] Malloc Crashes

From: Erocs (nfinco@MONTANA.CAMPUS.MCI.NET)
Date: 05/20/98

Hello everyone.  I have a slight problem that has eluded my grasp.
About a month ago I transfered my mud from a NetBSD machine, where it
was working great on, over to a RedHat 4.2 (Kernel 2.0.33) with gcc
version  Ever since, malloc has been crashing on me.  I have
tested the mud on two other Linux systems (one Slackware and another
RedHat) which both have the same crash so this has to be Linux

The mud crashes at the first malloc or free executed after I edit a
new mob not in the index.  This also occurs if a new character is
created but I have not looked into that scenario as closely.  The
problem, to me, seems to be tied to str_dup in some way...

I guess my questions are: 1) What porting issues are there when
transferring programs to Linux?  2) Has anyone else had this same
problem?  I am running an older version of Circle (3.0, pl7 I believe)
but it has been used for at least three years now by one person or
another and has become reasonably stable.  I have re-compiled the
malloc source that can be found with the distributions which is how I
have gotten debug info on malloc.

I will admit that I could look through the code and research the
problem more on the web but I am getting tired of this so I'm looking
for the quick solution (which just happens to be the gurus on this

Thanks in advance to all who reply.   :)

 Here is the gdb output I receive:
GDB is free software and you are welcome to distribute copies of it
 under certain conditions; type "show copying" to see the conditions.
There is absolutely no warranty for GDB; type "show warranty" for
GDB 4.16 (i586-unknown-linux), Copyright 1996 Free Software
Foundation, Inc...
Core was generated by `bin/eod.tmp -d /u/drenkas/test 5556'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /lib/libc.so.5.3.12...done.
Reading symbols from /lib/ld-linux.so.1...done.
#0  0x80f00b5 in malloc (size=0) at malloc.c:217
217    next->prev->next = next->next;
(gdb) bt
#0  0x80f00b5 in malloc (size=0) at malloc.c:217
#1  0x80f15a3 in calloc (nmemb=17, size=1) at calloc.c:33
#2  0x80c3cf8 in str_dup (source=0x8360260 "Obvious exits:\r\n") at
#3  0x804ccf2 in parse_color (txt=0x80f2e14 "Obvious exits:\r\n",
    at comm.c:1188
#4  0x804cd39 in write_to_output (txt=0x80f2e14 "Obvious exits:\r\n",
    t=0x83c7000) at comm.c:1205
#5  0x804dfaf in send_to_char (messg=0x80f2e14 "Obvious exits:\r\n",
    ch=0x83c6e00) at comm.c:1851
#6  0x8054fc0 in do_exits (ch=0x83c6e00, argument=0x80f2d56 "", cmd=0,
    subcmd=0) at act.informative.c:656
#7  0x80555c5 in look_at_room (ch=0x83c6e00, ignore_brief=1)
    at act.informative.c:713
#8  0x8056b88 in do_look (ch=0x83c6e00, argument=0xbffff80d "",
    subcmd=0) at act.informative.c:938
#9  0x80a16f3 in command_interpreter (ch=0x83c6e00,
argument=0xbffff80c "l")
    at interpreter.c:1016
#10 0x804a462 in game_loop (mother_desc=3) at comm.c:523
#11 0x80497d8 in init_game (port=5556) at comm.c:230
#12 0x8049749 in main (argc=4, argv=0xbffffcfc) at comm.c:200
#13 0x804937b in _start ()
(gdb) info locals
log = 5
result = (void *) 0x8360260
block = 1
blocks = 1074399640
lastblocks = 0
start = 3221223144
i = 138178560
next = (struct list *) 0x8360260
(gdb) list
212  {
213    /* There are free fragments of this size.
214       Pop a fragment out of the fragment list and return it.
215       Update the block's nfree and first counters. */
216    result = (__ptr_t) next;
217    next->prev->next = next->next;
218    if (next->next != NULL)
219      next->next->prev = next->prev;
220    block = BLOCK (result);
221    if (--_heapinfo[block].busy.info.frag.nfree != 0)
(gdb) print *next
$1 = {next = 0x6976624f, prev = 0x2073756f}
(gdb) print *next->prev
Cannot access memory at address 0x2073756f.
(gdb) print *next->next
Cannot access memory at address 0x6976624f.
(gdb) quit

     | Ensure that you have read the CircleMUD Mailing List FAQ:  |
     | http://democracy.queensu.ca/~fletcher/Circle/list-faq.html |

This archive was generated by hypermail 2b30 : 12/15/00 PST