Date: Thu, 6 Oct 2011 20:51:03 +0400 From: Lev Serebryakov <lev@FreeBSD.org> To: hackers@freebsd.org Subject: how to debug RB_TREE for memory corruption? Message-ID: <1034127827.20111006205103@serebryakov.spb.ru>
next in thread | raw e-mail | index | archive | help
Hello, Hackers. I'm writing some code, which uses RB_TREE from <sys/tree.h>. At some momoent, it crashes within REMOVE method with "elm" 0xa5a5a5a5 (I have malloc() debug options turned on). So, it seems, that free()ed element presents somewhere in the tree, am I right? Ok, I add printing of whole tree BEFORE removal call with simple recursive function. It doesn't crash and doesn't print any invalid pointers! How could it happen!? Tree is perfectly valid at line BEFORE RB_DELETE() call and crashes with bad pointer in this method! I could (theoretically!) belive, that my code forget to delete node from tree in some situations. But in such case tree printing function will crash (or print "0xa5a5a5a5" pointer) before RB_DELETE crash! Any hints how to debug such strange situation? --=20 // Black Lion AKA Lev Serebryakov <lev@FreeBSD.org>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1034127827.20111006205103>