GNU gdb (GDB) 10.0.50.20200724-git
Copyright (C) 2020 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from obstack...
(gdb) b obstack_free
Breakpoint 1 at 0x1060
(gdb) r
Starting program: /media/haoxin/SeagateData/haoxin-data/smu-research/exp/datasets/ram-paper/klee-mm-benchmarks/m4/build/src/obstack 
address of obstack = 0x555555559260, chunk_size = 4064 
chunk = 0x5555555592c0, object_base = 0x5555555592d0 next_free = 0x5555555592d0 

======First chunk======
before free: ((void *) lp = 0x55555555a6c0 , (void *) (lp)->limit = 0x55555555b713 
before free : prv = (nil)

before free : address of s = 0x55555555a6d0
before free : address of ss = 0x55555555b730

======Second chunk======
before free: ((void *) lp = 0x55555555b720 , (void *) (lp)->limit = 0x55555555c773 
before free : prv = 0x55555555a6c0

======Start to free======
before free : obj (string_obstack->chunk) = 0x55555555b720 
before free : obj (t) = 0x55555555b721 


Breakpoint 1, obstack_free (h=0x555555559260, obj=0x55555555b720) at obstack.c:346
346	{
(gdb) n
350	  lp = h->chunk;
(gdb) l
345	__obstack_free (struct obstack *h, void *obj)
346	{
347	  struct _obstack_chunk *lp;    /* below addr of any objects in this chunk */
348	  struct _obstack_chunk *plp;   /* point to previous chunk if any */
349	
350	  lp = h->chunk;
351	  /* We use >= because there cannot be an object at the beginning of a chunk.
352	     But there can be an empty object at that address
353	     at the end of another chunk.  */
354	  while (lp != 0 && ((void *) lp >= obj || (void *) (lp)->limit < obj))
(gdb) n
354	  while (lp != 0 && ((void *) lp >= obj || (void *) (lp)->limit < obj))
(gdb) p lp
$1 = (struct _obstack_chunk *) 0x55555555b720
(gdb) p obj
$2 = (void *) 0x55555555b720
(gdb) n
357	      CALL_FREEFUN (h, lp);
(gdb) n
356	      plp = lp->prev;
(gdb) 
357	      CALL_FREEFUN (h, lp);
(gdb) 
361	      h->maybe_empty_object = 1;
(gdb) 
354	  while (lp != 0 && ((void *) lp >= obj || (void *) (lp)->limit < obj))
(gdb) p lp
$3 = (struct _obstack_chunk *) 0x55555555a6c0
(gdb) p obj
$4 = (void *) 0x55555555b720
(gdb) n
357	      CALL_FREEFUN (h, lp);
(gdb) 
356	      plp = lp->prev;
(gdb) 
357	      CALL_FREEFUN (h, lp);
(gdb) 
361	      h->maybe_empty_object = 1;
(gdb) 
354	  while (lp != 0 && ((void *) lp >= obj || (void *) (lp)->limit < obj))
(gdb) p lp
$5 = (struct _obstack_chunk *) 0x0
(gdb) p obj
$6 = (void *) 0x55555555b720
(gdb) n
369	  else if (obj != 0)
(gdb) n
371	    abort ();
(gdb) 

Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
51	}
(gdb)