From owner-freebsd-hackers  Wed Oct  7 22:33:09 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id WAA22513
          for freebsd-hackers-outgoing; Wed, 7 Oct 1998 22:33:09 -0700 (PDT)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from dingo.cdrom.com (castles134.castles.com [208.214.165.134])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id WAA22508
          for <FreeBSD-Hackers@FreeBSD.ORG>; Wed, 7 Oct 1998 22:33:05 -0700 (PDT)
          (envelope-from mike@dingo.cdrom.com)
Received: from dingo.cdrom.com (localhost [127.0.0.1])
	by dingo.cdrom.com (8.9.1/8.8.8) with ESMTP id WAA01196;
	Wed, 7 Oct 1998 22:38:05 -0700 (PDT)
	(envelope-from mike@dingo.cdrom.com)
Message-Id: <199810080538.WAA01196@dingo.cdrom.com>
X-Mailer: exmh version 2.0.2 2/24/98
To: Studded <Studded@dal.net>
cc: Archie Cobbs <archie@whistle.com>, FreeBSD-Hackers@FreeBSD.ORG
Subject: Re: mail in free(): warning: junk pointer, too high to make sense. 
In-reply-to: Your message of "Wed, 07 Oct 1998 17:31:46 PDT."
             <361C07F2.85106E15@dal.net> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Wed, 07 Oct 1998 22:38:04 -0700
From: Mike Smith <mike@smith.net.au>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> 	Ok, I did that, then compiled a mail binary with -ggdb. Here's the
> result:
> 
> Core was generated by `mail'.
> Program terminated with signal 6, Abort trap.
> Cannot access memory at address 0x20027080.
> #0  0x20080d51 in ?? ()
> (gdb) bt
> #0  0x20080d51 in ?? ()
> #1  0x200805c4 in ?? ()
> #2  0x2007f01c in ?? ()
> #3  0x2007f058 in ?? ()
> #4  0x2008007d in ?? ()
> #5  0x200802ba in ?? ()
> #6  0x8e73 in execute (linebuf=0x0, contxt=110592) at lex.c:322
> #7  0x84c2 in __isctype () at v7.local.c:56
> #8  0xb0a2 in main (argc=1, argv=0xefbfd788) at main.c:95
> 
> Attempting to run it in gdb got a different response:

This is a better idea.

> (gdb) run
> Starting program: /usr/home/myusername/./mail 
> mail in free(): error: junk pointer, too high to make sense.
> 
> Program received signal SIGABRT, Aborted.
> 0x20080d51 in kill ()
> (gdb) bt
> #0  0x20080d51 in kill ()
> #1  0x200805c4 in abort ()
> #2  0x2007f01c in getdtablesize ()
> #3  0x2007f058 in getdtablesize ()
> #4  0x2008007d in getdtablesize ()
> #5  0x200802ba in free ()
> #6  0x9263 in setmsize (sz=0) at lex.c:445
> #7  0x88b2 in setfile (name=0x1b080 "/var/mail/myusername") at lex.c:146
> #8  0xb492 in main (argc=1, argv=0xefbfd768) at main.c:246
> 
> 	I hope this is what you were looking for. My experience with gdb is
> limited, my C only slightly less so. :)

Try 'frame 5', 'print msgvec'.  mail(1) is extremely funky; there's 
lots of room for really bad scope abuse in it.

You could try replacing all occurrences of 'msgvec' in lex.c with 
'msgfoo' and see if the problem changes. 

-- 
\\  Sometimes you're ahead,       \\  Mike Smith
\\  sometimes you're behind.      \\  mike@smith.net.au
\\  The race is long, and in the  \\  msmith@freebsd.org
\\  end it's only with yourself.  \\  msmith@cdrom.com



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message