|
2012-10-24, 01:32
|
#1 |
|
∂2ω=0
Sep 2002
República de California
267338 Posts |
Reverse memory lookup
In C/C++, it's trivial to map from a variable name (either scalar or pointer+offset) to the memory location. Is there a way (or tool) allowing one to find which variable / function / allocated-memory-block a given address maps to? I am trying to localize a valgrind (specifically the DRD thread-analysis tool) error, and valgrind is only giving the address in question, no associated name:
Conflicting store by thread 3 at 0x10041fc00 size 4 |
|
|
|
2012-10-24, 01:45
|
#2 | |
"Mark"
Apr 2003
Between here and the
3×17×131 Posts |
Quote:
|
|
|
|
|
|
2012-10-24, 02:23
|
#3 | |
|
∂2ω=0
Sep 2002
República de California
3×7×13×43 Posts |
Quote:
|
|
|
|
|
|
2012-10-24, 10:22
|
#4 | |
Jan 2008
France
23·71 Posts |
Quote:
|
|
|
|
|
|
2012-10-24, 22:42
|
#5 | |
|
∂2ω=0
Sep 2002
República de California
267338 Posts |
Quote:
DRD looks like it's going to be a very handy tool to have around. Last fiddled with by ewmayer on 2012-10-24 at 22:43 |
|
|
|
|
|
2012-11-11, 02:32
|
#6 |
|
∂2ω=0
Sep 2002
República de California
3×7×13×43 Posts |
OK, another multithreaded-code-debug issue: I am getting a divide-by-zero exception in a newly-put-together pthreaded worker-function routine. My source code has no explicit DIVs, so it appears the DIV is resulting from thread-management code. Valgrind DRD indicates the following may be the cause:
==1595== Use of uninitialised value of size 8 ==1595== at 0x10017D633: cy_process_chunk (in ./Mlucas_sse2) ==1595== by 0x10025A1C2: worker_thr_routine (in ./Mlucas_sse2) ==1595== by 0x100373FD5: _pthread_start (in /usr/lib/libSystem.B.dylib) ==1595== by 0x100373E88: thread_start (in /usr/lib/libSystem.B.dylib) In trying to localize the error, I first looked for the first of the above addresses in the output of "nm -v" run on the binary - no match. Then I re-ran under gdb (note the binary is compiled unoptimized with -g), which catches the exception, and reveals the DIV (boldfaced) within a disassembly dump: Code:
(gdb) disass Dump of assembler code for function worker_thr_routine: 0x0000000100259fe0 <worker_thr_routine+0>: push %rbp 0x0000000100259fe1 <worker_thr_routine+1>: mov %rsp,%rbp 0x0000000100259fe4 <worker_thr_routine+4>: push %r15 0x0000000100259fe6 <worker_thr_routine+6>: push %r14 0x0000000100259fe8 <worker_thr_routine+8>: push %r13 0x0000000100259fea <worker_thr_routine+10>: push %r12 0x0000000100259fec <worker_thr_routine+12>: push %rbx 0x0000000100259fed <worker_thr_routine+13>: sub $0x58,%rsp 0x0000000100259ff1 <worker_thr_routine+17>: mov %rdi,-0x58(%rbp) 0x0000000100259ff5 <worker_thr_routine+21>: mov (%rdi),%r15d 0x0000000100259ff8 <worker_thr_routine+24>: mov 0x8(%rdi),%rbx 0x0000000100259ffc <worker_thr_routine+28>: callq 0x10029f3fc <dyld_stub_mach_thread_self> 0x000000010025a001 <worker_thr_routine+33>: mov %eax,%r12d 0x000000010025a004 <worker_thr_routine+36>: movl $0x0,-0x40(%rbp) 0x000000010025a00b <worker_thr_routine+43>: lea -0x40(%rbp),%rdx 0x000000010025a00f <worker_thr_routine+47>: mov $0x1,%ecx 0x000000010025a014 <worker_thr_routine+52>: mov $0x1,%esi 0x000000010025a019 <worker_thr_routine+57>: mov %eax,%edi 0x000000010025a01b <worker_thr_routine+59>: callq 0x10029f4f2 <dyld_stub_thread_policy_set> 0x000000010025a020 <worker_thr_routine+64>: test %eax,%eax 0x000000010025a022 <worker_thr_routine+66>: jne 0x10025a445 <worker_thr_routine+1125> 0x000000010025a028 <worker_thr_routine+72>: movzwl 0x4a(%rbx),%eax 0x000000010025a02c <worker_thr_routine+76>: mov %r15d,%edx 0x000000010025a02f <worker_thr_routine+79>: mov %eax,%ecx 0x000000010025a031 <worker_thr_routine+81>: mov %r15d,%eax 0x000000010025a034 <worker_thr_routine+84>: sar $0x1f,%edx 0x000000010025a037 <worker_thr_routine+87>: idiv %ecx 0x000000010025a039 <worker_thr_routine+89>: mov %edx,-0x50(%rbp) 0x000000010025a03c <worker_thr_routine+92>: lea -0x50(%rbp),%rdx 0x000000010025a040 <worker_thr_routine+96>: mov $0x1,%ecx 0x000000010025a045 <worker_thr_routine+101>: mov $0x1,%esi ... I need to figure out which variable or array element is the argument to the IDIV which is causing the problem. Suggestions welcome. |
|
|
|
|
2012-11-12, 00:25
|
#7 |
|
∂2ω=0
Sep 2002
República de California
3·7·13·43 Posts |
Found the problem: By playing with various things - adding some sanity spot-checks of key parts of thread-local-memory, testing things with various #threads starting with the "this had better work" value of 1, etc, I determined that some of the bookkeeping I added for the SSE2 register-spill/fill portion of the thread-local memory store was getting corrupted ... apparently the div-by-zero in the pthread-lib thread management code was a side effect of the resulting memory corruption.
Thanks to jasonp for some comparative threadpool-code checking - that didn't tell e what the problem was, but gave some clues as to what it likely was not. |
|
|
|
 |
| Thread Tools | |
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Interesting table-lookup bug in Google Translate | ewmayer | Programming | 14 | 2011-02-28 01:45 |
| Account Lookup | Primeinator | PrimeNet | 2 | 2009-07-21 23:19 |
| Pari hash table lookup | Joshua2 | Software | 5 | 2009-02-23 22:59 |
| How to start a team, lookup someone? | cwilliamsprime | Teams | 1 | 2007-02-23 20:55 |
| Reverse Decomp Program | nfortino | LMH > 100M | 2 | 2004-01-30 22:38 |
