tomoaki/hakmem
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b51b600e8d626601e1deca96d044cd10674c7cb1
hakmem/docs/analysis/debug_analysis_final_$(date +%Y%m%d_%H%M%S).md

101 lines
3.3 KiB
Markdown
Raw Normal View History

Box TLS-SLL: fix splice head normalization and remove false misalignment guard; add header-aware linear link instrumentation; log splice details in debug.\n\n- Normalize head before publishing to TLS SLL (avoid user-ptr head)\n- Remove size-mod alignment guard (stride!=size); keep small-ptr fail-fast only\n- Drop heuristic base normalization to avoid corrupting base\n- Add [LINEAR_LINK]/[SPLICE_LINK]/[SPLICE_SET_HEAD] debug logs (debug-only)\n- Verified debug build on bench_fixed_size_hakmem with visible carve/splice traces
2025-11-11 00:02:24 +09:00
# Debug Analysis Final - TLS-SLL Guard Investigation
**Date**: 2025-11-10
**Binary**: out/debug/bench_fixed_size_hakmem (verbose debug build)
**Command**: 200000 1024 128
## 1. Maximum Tracing Results
### Key Findings:
```
[TLS_SLL_GUARD] splice_trav: misaligned base=0x7244b7e10009 cls=0 blk=8 off=1
[HAKMEM][EARLY SIGSEGV] backtrace (1 frames)
./out/debug/bench_fixed_size_hakmem(+0x6a5e)[0x5b4a8b13ea5e]
```
### Critical Discovery:
- **TLS-SLL GUARDが検出** `misaligned base=0x7244b7e10009`
- SPLICE_TO_SLL直後の`splice_trav`操作でアライメント違反
- これがSIGSEGVの直接原因
### Analysis of misaligned address:
- `base=0x7244b7e10009` - 最後の9進数0x9が問題
- `cls=0 blk=8 off=1` - class 0, block 8, offset 1
- 正しいはず: `0x7244b7e10000` + (8 * 256) + 1 = `0x7244b7e10081`
- 実際: `0x7244b7e10009` - 計算が間違っている!
## 2. No Cache Results (Frontend Disabled)
### Same Pattern:
```
[TLS_SLL_GUARD] splice_trav: misaligned base=0x7d9100410009 cls=0 blk=8 off=1
[HAKMEM][EARLY SIGSEGV] backtrace (1 frames)
./out/debug/bench_fixed_size_hakmem(+0x6a5e)[0x622ace44fa5e]
```
### Confirmed:
- Frontend cacheを無効にしても問題は再現
- TLS-SLL境界の問題であることが確定
## 3. Root Cause Analysis
### Problem Location:
- **SPLICE_TO_SLL直後のTLS-SLL操作**
- `splice_trav`traverse spliceでポインタ計算が破壊されている
### Calculation Error:
```
Expected: base + (blk * size) + off
Actual: base + ??? = 0x7244b7e10009 (9 bytes from base)
```
### Header Offset Confusion:
- Class 0 (128B): header offset should be 1 byte
- Block 8: should be at 8 * 128 = 1024 bytes from base
- Correct address: `0x7244b7e10000 + 1024 + 1 = 0x7244b7e10401`
- Actual: `0x7244b7e10009` - **完全に間違った計算!**
## 4. PTR_TRACE Analysis
### Missing TLS Operations:
- PTR_TRACEに`tls_push/tls_pop/tls_sp_trav/tls_sp_link`が記録されていない
- TLS-SLL GUARDが発火する段階で既にPTR_TRACEが動いていない
- **PTR_TRACEマクロ自体が問題のコードパスを通っていない**
## 5. Recommendations
### Immediate Fix:
1. **TLS-SLL splice_travのポインタ計算を修正**
- base + (blk * size) + off の計算を確認
- class 0 (128B) × block 8 = 1024 bytes offset
### Debug Strategy:
1. **PTR_TRACEマクロをTLS-SLL GUARDの前後に配置**
2. **splice_trav関数のアセンブリ出力を確認**
3. **TLS-SLL GUARDの条件判定を緩和して詳細ログ取得**
### Code Location to Fix:
- `core/box/tls_sll_box.h` - splice_trav implementation
- SPLICE_TO_SLL直後のTLS-SLL操作フロー
## 6. Verification Steps
### After Fix:
1. Same test should show proper alignment
2. TLS-SLL GUARD should not fire
3. PTR_TRACE should show tls_push/tls_pop operations
4. SIGSEGV should be resolved
### Test Commands:
```bash
HAKMEM_DEBUG_SEGV=1 HAKMEM_PTR_TRACE_DUMP=1 HAKMEM_FREE_WRAP_TRACE=1 ./out/debug/bench_fixed_size_hakmem 200000 1024 128
```
## 7. Summary
**Root Cause**: TLS-SLL splice_trav operation has critical pointer calculation error
**Location**: SPLICE_TO_SLL immediate aftermath
**Impact**: Misaligned memory access causes SIGSEGV
**Fix Priority**: CRITICAL - core memory corruption issue
The TLS-SLL GUARD successfully identified the exact location of the problem!
Reference in New Issue Copy Permalink