public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libstdc++/16655] New: Segmentation fault in the std::ofstream destructor
@ 2004-07-21 9:49 Serguei dot Kolos at cern dot ch
2004-07-21 19:29 ` [Bug libstdc++/16655] " pinskia at gcc dot gnu dot org
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: Serguei dot Kolos at cern dot ch @ 2004-07-21 9:49 UTC (permalink / raw)
To: gcc-bugs
On some file systems (for example on AFS), the ofstream destructor crashes the
application if there is no space left on that FS. This happens because it calls
the fclose() function 2 times.
In more details the problem is that in case of no space left on AFS the fflush()
succeeds and only fclose() fails. In this case:
1. the __basic_file<char>::close() is called twice - first time by the
basic_filebuf<char, std::char_traits<char> >::close() and second time by the
__basic_file<char> destructor.
2. in the first call the fclose() fails and the _M_cfile is not set to 0.
3. in the second call __basic_file<char>::is_open() returns true because the
_M_cfile is not 0 and the fclose() is called second time and tries to use the
memory which was already freed by the previous invocation of the fclose().
4. Program crashes.
Here is the program, which reproduces the bug:
#include <fstream>
#include <iostream>
using namespace std;
int main()
{
ofstream foo( "foo.bar", std::ios::out | std::ios::trunc );
for ( int i = 0; i < 1000000; i++ )
foo << "hello";
cout << "foo.good() = " << foo.good() << endl;
cout << "foo.bad() = " << foo.bad() << endl;
cout << "foo.eof() = " << foo.eof() << endl;
cout << "foo.fail() = " << foo.fail() << endl << endl;
foo.flush();
cout << "foo.good() = " << foo.good() << endl;
cout << "foo.bad() = " << foo.bad() << endl;
cout << "foo.eof() = " << foo.eof() << endl;
cout << "foo.fail() = " << foo.fail() << endl << endl;
foo.close();
cout << "foo.good() = " << foo.good() << endl;
cout << "foo.bad() = " << foo.bad() << endl;
cout << "foo.eof() = " << foo.eof() << endl;
cout << "foo.fail() = " << foo.fail() << endl;
return 0;
}
The output is (on AFS with not enough space left):
foo.good() = 1
foo.bad() = 0
foo.eof() = 0
foo.fail() = 0
foo.good() = 1
foo.bad() = 0
foo.eof() = 0
foo.fail() = 0
foo.good() = 0
foo.bad() = 0
foo.eof() = 0
foo.fail() = 1
Segmentation fault (core dumped)
The problem does not appear for a local file system because in this case the
fflush() fails and destructor works correctly.
--
Summary: Segmentation fault in the std::ofstream destructor
Product: gcc
Version: 3.2
Status: UNCONFIRMED
Severity: critical
Priority: P3
Component: libstdc++
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: Serguei dot Kolos at cern dot ch
CC: gcc-bugs at gcc dot gnu dot org
GCC build triplet: i386-pc-linux-gnu
GCC host triplet: i386-pc-linux-gnu
GCC target triplet: i386-pc-linux-gnu
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=16655
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libstdc++/16655] Segmentation fault in the std::ofstream destructor
2004-07-21 9:49 [Bug libstdc++/16655] New: Segmentation fault in the std::ofstream destructor Serguei dot Kolos at cern dot ch
@ 2004-07-21 19:29 ` pinskia at gcc dot gnu dot org
2004-07-30 9:30 ` pcarlini at suse dot de
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: pinskia at gcc dot gnu dot org @ 2004-07-21 19:29 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From pinskia at gcc dot gnu dot org 2004-07-21 19:29 -------
This sounds like a bug in AFS rather than libstdc++. Also I think this is fixed for 3.4.0 anyways, can
you try gcc 3.4.0?
--
What |Removed |Added
----------------------------------------------------------------------------
Severity|critical |minor
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=16655
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libstdc++/16655] Segmentation fault in the std::ofstream destructor
2004-07-21 9:49 [Bug libstdc++/16655] New: Segmentation fault in the std::ofstream destructor Serguei dot Kolos at cern dot ch
2004-07-21 19:29 ` [Bug libstdc++/16655] " pinskia at gcc dot gnu dot org
@ 2004-07-30 9:30 ` pcarlini at suse dot de
2004-08-16 0:33 ` giovannibajo at libero dot it
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: pcarlini at suse dot de @ 2004-07-30 9:30 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From pcarlini at suse dot de 2004-07-30 09:30 -------
Indeed, assuming the analysis is correct, the bug should be fixed also in 3.3.x,
since __basic_file<char>::close() sets _M_cfile = 0 even when fclose fails: 2.
does not hold.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=16655
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libstdc++/16655] Segmentation fault in the std::ofstream destructor
2004-07-21 9:49 [Bug libstdc++/16655] New: Segmentation fault in the std::ofstream destructor Serguei dot Kolos at cern dot ch
2004-07-21 19:29 ` [Bug libstdc++/16655] " pinskia at gcc dot gnu dot org
2004-07-30 9:30 ` pcarlini at suse dot de
@ 2004-08-16 0:33 ` giovannibajo at libero dot it
2004-08-16 7:52 ` Serguei dot Kolos at cern dot ch
2004-08-16 7:57 ` pinskia at gcc dot gnu dot org
4 siblings, 0 replies; 6+ messages in thread
From: giovannibajo at libero dot it @ 2004-08-16 0:33 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From giovannibajo at libero dot it 2004-08-16 00:33 -------
Waiting for feedback from Serguei: the bug should be fixed on 3.3.x, 3.4.x and
mainline. Would you please check with one of those compilers?
--
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |WAITING
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=16655
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libstdc++/16655] Segmentation fault in the std::ofstream destructor
2004-07-21 9:49 [Bug libstdc++/16655] New: Segmentation fault in the std::ofstream destructor Serguei dot Kolos at cern dot ch
` (2 preceding siblings ...)
2004-08-16 0:33 ` giovannibajo at libero dot it
@ 2004-08-16 7:52 ` Serguei dot Kolos at cern dot ch
2004-08-16 7:57 ` pinskia at gcc dot gnu dot org
4 siblings, 0 replies; 6+ messages in thread
From: Serguei dot Kolos at cern dot ch @ 2004-08-16 7:52 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From Serguei dot Kolos at cern dot ch 2004-08-16 07:52 -------
(In reply to comment #3)
> Waiting for feedback from Serguei: the bug should be fixed on 3.3.x, 3.4.x and
> mainline. Would you please check with one of those compilers?
You are right. The bug is fixed in 3.3.x compiler. I did not check any of the
3.4.x, but I would assume they should have is correct also.
The last compiler, which still has this bug is the 3.2.3. Do you still provide
bug fixes for the 3.2.x family? The problem for me is that I'm working for a
large scintific community and changing compiler takes ages for us. For the
moment we are still using 3.2.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=16655
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libstdc++/16655] Segmentation fault in the std::ofstream destructor
2004-07-21 9:49 [Bug libstdc++/16655] New: Segmentation fault in the std::ofstream destructor Serguei dot Kolos at cern dot ch
` (3 preceding siblings ...)
2004-08-16 7:52 ` Serguei dot Kolos at cern dot ch
@ 2004-08-16 7:57 ` pinskia at gcc dot gnu dot org
4 siblings, 0 replies; 6+ messages in thread
From: pinskia at gcc dot gnu dot org @ 2004-08-16 7:57 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From pinskia at gcc dot gnu dot org 2004-08-16 07:57 -------
Well the 3.2 branch is no longer being maintain so no we do not provide patches for 3.2.
Now I don't even know if the patch which fixed this could be backported or not.
Closing as fixed.
--
What |Removed |Added
----------------------------------------------------------------------------
Status|WAITING |RESOLVED
Resolution| |FIXED
Target Milestone|--- |3.3
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=16655
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2004-08-16 7:57 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2004-07-21 9:49 [Bug libstdc++/16655] New: Segmentation fault in the std::ofstream destructor Serguei dot Kolos at cern dot ch
2004-07-21 19:29 ` [Bug libstdc++/16655] " pinskia at gcc dot gnu dot org
2004-07-30 9:30 ` pcarlini at suse dot de
2004-08-16 0:33 ` giovannibajo at libero dot it
2004-08-16 7:52 ` Serguei dot Kolos at cern dot ch
2004-08-16 7:57 ` pinskia at gcc dot gnu dot org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).