[Ecls-list] [Maxima] segmentation fault with Maxima/ECL

Robert Dodier robert.dodier at gmail.com
Sat Sep 20 22:38:51 UTC 2008 

On 9/20/08, Oliver Kullmann <O.Kullmann at swansea.ac.uk> wrote:

> Finally, I got the example:
>
>  ExternalSources/Installations/Maxima/ecl/5.16.3/bin> ./maxima
>  Maxima 5.16.3 http://maxima.sourceforge.net
>  Using Lisp ECL 0.9l (CVS 2008-06-19 17:09)
>  Distributed under the GNU Public License. See the file COPYING.
>  Dedicated to the memory of William Schelter.
>  The function bug_report() provides bug reporting information.
>  (%i1) load("SegFault.mac");
>  Segmentation fault

Thanks, Oliver. I have confirmed that the segfault occurs with the
attached input files. I am working on Linux (32 bit). I built ECL from
CVS sources on August 30.

I suspect the problem is something like an undetected stack overflow.
One of the functions is max_min_var_degree_def_rec which is a
memoizing function (as shown by its definition
max_min_var_degree_def_rec[k] := ... instead of with parentheses).
max_min_var_degree_def_rec is a recursive function so for large k
it puts a lot of frames on a call stack (not sure if it is the Lisp stack
or a stack managed by Maxima or what).

The final line in the script SegFault.mac is
analyse_isorepo_defset_mvd(h) which calls max_min_var_degree_def_rec
with k=248 and the program either barfs during that calculation or gets a
little bit farther but eventually crashes with a segfault or an error like
"Not a Lisp object".

If the memoizing function is initialized by
for i thru 248 do max_min_var_degree_def_rec [i];
before analyse_isorepo_defset_mvd(h), then the call to
analyse_isorepo_defset_mvd is apparently successful.

(1) Oliver, a workaround for you is to put something like
for i thru n do max_min_var_degree_def_rec [i];
where n=248 or some other limit, before calling
analyse_isorepo_defset_mvd.

(2) I hope someone from the ECL team can look at this problem.

FWIW & HTH.

Robert Dodier

PS. For the record the definition of max_min_var_degree_def_rec is:
max_min_var_degree_def_rec[k] :=
 if k = 1 then 2 else
 lmax(create_list(min(2*i,max_min_var_degree_def_rec[k-i+1]+i),i,2,k))$

PPS. I have attached the program which Oliver Kullman wrote, which
exposes this problem, and also a record of a gdb session which shows
the segfault and C stack trace. Gdb shows that some pointer has been
clobbered with the value 0x1.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: SegFault.mac
URL: <https://mailman.common-lisp.net/pipermail/ecl-devel/attachments/20080920/5badf1e2/attachment.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: HashMaps.lisp
URL: <https://mailman.common-lisp.net/pipermail/ecl-devel/attachments/20080920/5badf1e2/attachment-0001.ksh>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ecl-segfault-gdb.log
Type: application/octet-stream
Size: 19228 bytes
Desc: not available
URL: <https://mailman.common-lisp.net/pipermail/ecl-devel/attachments/20080920/5badf1e2/attachment.obj>

More information about the ecl-devel mailing list