Comment 3 for bug 3122

OK, refetched the source.

First I show a watchpoint on the corrupted variable - a pointer gets set to 1.

Then I show the crash. The pointer to address 1 gets dereferenced:

Script started on Fri 14 Oct 2005 14:50:08 CEST
chris@chrislap:~/src/elmo/elmo-1.3.0/src$ gdb ./elmo
GNU gdb 6.3-debian

(gdb) watch variable_table
Hardware watchpoint 1: variable_table
(gdb) run
Starting program: /home/chris/src/elmo/elmo-1.3.0/src/elmo
Hardware watchpoint 1: variable_table

Old value = (htable_t *) 0x0
New value = (htable_t *) 0x80b5ec0
confhold_init () at confhold.c:171
171 values_table = htable_create (6);
(gdb) c
Continuing.
Hardware watchpoint 1: variable_table

Old value = (htable_t *) 0x80b5ec0
New value = (htable_t *) 0x1
confhold_close (cd=-16) at confhold.c:273
273 }
(gdb) print variable_table
$1 = (htable_t *) 0x1
(gdb) where
#0 confhold_close (cd=-16) at confhold.c:273
#1 0x0807991c in ask_select_default (name=0x8085bd4 "win_echo") at ask.c:146
#2 0x0804e173 in interface_init () at cmd.inc:57
#3 0x0804e4ba in cmd_init () at cmd.c:457
#4 0x0804afc9 in main (argc=1, argv=0xbfc911a4) at elmo.c:276
(gdb) quit
The program is running. Exit anyway? (y or n) y
chris@chrislap:~/src/elmo/elmo-1.3.0/src$
Script done on Fri 14 Oct 2005 14:50:37 CEST

Script started on Fri 14 Oct 2005 14:52:12 CEST
chris@chrislap:~/src/elmo/elmo-1.3.0/src$ gdb ./elmo
GNU gdb 6.3-debian

(gdb) run
Starting program: /home/chris/src/elmo/elmo-1.3.0/src/elmo

Program received signal SIGSEGV, Segmentation fault.
0x080543e1 in htable_insert (table=0x1, key=0x808b40e "addressbook",
    content=0xbf92aa18) at hash.c:106
106 int shift = 8 * sizeof (unsigned) - exponent;
(gdb) where
#0 0x080543e1 in htable_insert (table=0x1, key=0x808b40e "addressbook",
    content=0xbf92aa18) at hash.c:106
#1 0x0807d91f in confhold_register (name=0x808b40e "addressbook",
    fieldcount=0) at confhold.c:231
#2 0x0804afe1 in main (argc=1, argv=0xbf92aae4) at elmo.c:199
(gdb)

Script done on Fri 14 Oct 2005 14:53:17 CEST