public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug other/27156] New: SIGSEGV in operator delete() / wrong-code?
@ 2006-04-14 9:35 pluto at agmk dot net
2006-04-14 9:36 ` [Bug other/27156] " pluto at agmk dot net
` (13 more replies)
0 siblings, 14 replies; 15+ messages in thread
From: pluto at agmk dot net @ 2006-04-14 9:35 UTC (permalink / raw)
To: gcc-bugs
$ i486-gnu-linux-g++ -v
Using built-in specs.
Target: i486-gnu-linux
Configured with: ../configure --target=i486-gnu-linux
--prefix=/local/devel/toolchain41/i486-gnu-linux
--libdir=/local/devel/toolchain41/i486-gnu-linux/lib
--libexecdir=/local/devel/toolchain41/i486-gnu-linux/lib
--with-slibdir=/local/devel/toolchain41/i486-gnu-linux/lib
--with-sysroot=/local/devel/toolchain41/i486-gnu-linux
--disable-multilib --disable-nls --disable-libmudflap
--disable-libssp --disable-libstdcxx-pch --enable-shared
--enable-threads=posix --enable-__cxa_atexit --enable-languages=c,c++
--enable-symvers=gnu
Thread model: posix
gcc version 4.1.1 20060405 (prerelease) (PLD-Linux)
$ i486-gnu-linux-g++ \
-I/local/devel/buildenv41/i486-gnu-linux/STLport/include/stlport \
-L/local/devel/buildenv41/i486-gnu-linux/STLport/lib \
testDrv.cpp -o testDrv --save-temps -pthread \
-Wl,-rpath,/local/devel/buildenv41/i486-gnu-linux/STLport/lib \
-lstlport -nodefaultlibs -lc -O2
Program received signal SIGSEGV, Segmentation fault.
0x55674c91 in free () from /lib/tls/libc.so.6
(gdb) bt
#0 0x55674c91 in free () from /lib/tls/libc.so.6
#1 0x555ded2b in operator delete ()
from /local/devel/buildenv41/i486-gnu-linux/
STLport/lib/libstlport.so.5.0
#2 0x08048d19 in main ()
testcase works with 3.3.6, 3.4.x and 4.1.x(-fno-strict-aliasing).
4.0.x and 4.2.x not tested. 4.1.x(-fstrict-aliasing) causing segv
in the testcase. -Wall -Wstrict-aliasing=2 says nothing :(
--
Summary: SIGSEGV in operator delete() / wrong-code?
Product: gcc
Version: 4.1.1
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: other
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: pluto at agmk dot net
GCC build triplet: i486-linux
GCC host triplet: i486-linux
GCC target triplet: i486-linux
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=27156
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug other/27156] SIGSEGV in operator delete() / wrong-code?
2006-04-14 9:35 [Bug other/27156] New: SIGSEGV in operator delete() / wrong-code? pluto at agmk dot net
@ 2006-04-14 9:36 ` pluto at agmk dot net
2006-04-19 0:36 ` pinskia at gcc dot gnu dot org
` (12 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: pluto at agmk dot net @ 2006-04-14 9:36 UTC (permalink / raw)
To: gcc-bugs
------- Comment #1 from pluto at agmk dot net 2006-04-14 09:36 -------
Created an attachment (id=11265)
--> (http://gcc.gnu.org/bugzilla/attachment.cgi?id=11265&action=view)
preprocessed source (compiled with stlport-5.0.2)
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=27156
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug other/27156] SIGSEGV in operator delete() / wrong-code?
2006-04-14 9:35 [Bug other/27156] New: SIGSEGV in operator delete() / wrong-code? pluto at agmk dot net
2006-04-14 9:36 ` [Bug other/27156] " pluto at agmk dot net
@ 2006-04-19 0:36 ` pinskia at gcc dot gnu dot org
2006-04-19 0:39 ` pinskia at gcc dot gnu dot org
` (11 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: pinskia at gcc dot gnu dot org @ 2006-04-19 0:36 UTC (permalink / raw)
To: gcc-bugs
------- Comment #2 from pinskia at gcc dot gnu dot org 2006-04-19 00:36 -------
Well this works with just compiling like:
g++ -O2 -pthread t.ii
With 4.1.0 (4.1.0 20051026).
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=27156
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug other/27156] SIGSEGV in operator delete() / wrong-code?
2006-04-14 9:35 [Bug other/27156] New: SIGSEGV in operator delete() / wrong-code? pluto at agmk dot net
2006-04-14 9:36 ` [Bug other/27156] " pluto at agmk dot net
2006-04-19 0:36 ` pinskia at gcc dot gnu dot org
@ 2006-04-19 0:39 ` pinskia at gcc dot gnu dot org
2006-04-19 8:13 ` pluto at agmk dot net
` (10 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: pinskia at gcc dot gnu dot org @ 2006-04-19 0:39 UTC (permalink / raw)
To: gcc-bugs
------- Comment #3 from pinskia at gcc dot gnu dot org 2006-04-19 00:38 -------
Are you sure that you are not mixing operator new and deletes up so the
stlport's operator delete is being called on memory allocated from operator new
from libstdc++?
Also is there a reason why you are using stlport?
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=27156
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug other/27156] SIGSEGV in operator delete() / wrong-code?
2006-04-14 9:35 [Bug other/27156] New: SIGSEGV in operator delete() / wrong-code? pluto at agmk dot net
` (2 preceding siblings ...)
2006-04-19 0:39 ` pinskia at gcc dot gnu dot org
@ 2006-04-19 8:13 ` pluto at agmk dot net
2006-04-19 8:33 ` pluto at agmk dot net
` (9 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: pluto at agmk dot net @ 2006-04-19 8:13 UTC (permalink / raw)
To: gcc-bugs
------- Comment #4 from pluto at agmk dot net 2006-04-19 08:12 -------
(In reply to comment #2)
> Well this works with just compiling like:
> g++ -O2 -pthread t.ii
>
> With 4.1.0 (4.1.0 20051026).
>
Yes, it works with libstdcxx but the testcase uses STLport-5.0.2.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=27156
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug other/27156] SIGSEGV in operator delete() / wrong-code?
2006-04-14 9:35 [Bug other/27156] New: SIGSEGV in operator delete() / wrong-code? pluto at agmk dot net
` (3 preceding siblings ...)
2006-04-19 8:13 ` pluto at agmk dot net
@ 2006-04-19 8:33 ` pluto at agmk dot net
2006-04-19 8:38 ` pluto at agmk dot net
` (8 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: pluto at agmk dot net @ 2006-04-19 8:33 UTC (permalink / raw)
To: gcc-bugs
------- Comment #5 from pluto at agmk dot net 2006-04-19 08:33 -------
(In reply to comment #3)
> Are you sure that you are not mixing operator new and deletes up so the
> stlport's operator delete is being called on memory allocated from
> operator new from libstdc++?
STLport uses __stl_{new,delete} which uses ::operator {new,delete}
from g++'s <new> header. I don't see any mixing in preprocessed sources.
Moreover libstdc++ isn't linked in the testcase.
$ ldd testDrv
linux-gate.so.1 => (0xffffe000)
libstlport.so.5.0 => /local/devel/buildenv41/i486-gnu-linux/
STLport/lib/libstlport.so.5.0 (0x5556d000)
libc.so.6 => /lib/tls/libc.so.6 (0x55612000)
libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x5572c000)
libpthread.so.0 => /lib/tls/libpthread.so.0 (0x55734000)
libm.so.6 => /lib/tls/libm.so.6 (0x55746000)
/lib/ld-linux.so.2 (0x55555000)
> Also is there a reason why you are using stlport?
[1]
It has faster std::string implementation
which I need for large Tcl/Tk based GUI.
[2]
I'm using it in multiplatform project with different compilers
(win32(vc2003), linux(g++), solaris(g++, sunworkshop)).
It gives me a one STL implementation for whole project.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=27156
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug other/27156] SIGSEGV in operator delete() / wrong-code?
2006-04-14 9:35 [Bug other/27156] New: SIGSEGV in operator delete() / wrong-code? pluto at agmk dot net
` (4 preceding siblings ...)
2006-04-19 8:33 ` pluto at agmk dot net
@ 2006-04-19 8:38 ` pluto at agmk dot net
2006-04-30 8:02 ` pinskia at gcc dot gnu dot org
` (7 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: pluto at agmk dot net @ 2006-04-19 8:38 UTC (permalink / raw)
To: gcc-bugs
------- Comment #6 from pluto at agmk dot net 2006-04-19 08:38 -------
It works also with 4.1.x -fstrict-aliasing -fno-inline.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=27156
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug other/27156] SIGSEGV in operator delete() / wrong-code?
2006-04-14 9:35 [Bug other/27156] New: SIGSEGV in operator delete() / wrong-code? pluto at agmk dot net
` (5 preceding siblings ...)
2006-04-19 8:38 ` pluto at agmk dot net
@ 2006-04-30 8:02 ` pinskia at gcc dot gnu dot org
2006-05-03 9:02 ` pluto at agmk dot net
` (6 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: pinskia at gcc dot gnu dot org @ 2006-04-30 8:02 UTC (permalink / raw)
To: gcc-bugs
------- Comment #7 from pinskia at gcc dot gnu dot org 2006-04-30 08:02 -------
The testcase works for me as I don't have the STLport installed (and what is in
this bug is not enough to reproduce the bug).
--
pinskia at gcc dot gnu dot org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |WAITING
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=27156
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug other/27156] SIGSEGV in operator delete() / wrong-code?
2006-04-14 9:35 [Bug other/27156] New: SIGSEGV in operator delete() / wrong-code? pluto at agmk dot net
` (6 preceding siblings ...)
2006-04-30 8:02 ` pinskia at gcc dot gnu dot org
@ 2006-05-03 9:02 ` pluto at agmk dot net
2006-05-03 9:05 ` pluto at agmk dot net
` (5 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: pluto at agmk dot net @ 2006-05-03 9:02 UTC (permalink / raw)
To: gcc-bugs
------- Comment #8 from pluto at agmk dot net 2006-05-03 09:02 -------
Created an attachment (id=11364)
--> (http://gcc.gnu.org/bugzilla/attachment.cgi?id=11364&action=view)
full 32-bit testcase.
--
pluto at agmk dot net changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #11265|0 |1
is obsolete| |
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=27156
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug other/27156] SIGSEGV in operator delete() / wrong-code?
2006-04-14 9:35 [Bug other/27156] New: SIGSEGV in operator delete() / wrong-code? pluto at agmk dot net
` (7 preceding siblings ...)
2006-05-03 9:02 ` pluto at agmk dot net
@ 2006-05-03 9:05 ` pluto at agmk dot net
2006-05-03 9:19 ` pluto at agmk dot net
` (4 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: pluto at agmk dot net @ 2006-05-03 9:05 UTC (permalink / raw)
To: gcc-bugs
------- Comment #9 from pluto at agmk dot net 2006-05-03 09:05 -------
(In reply to comment #7)
> The testcase works for me as I don't have the STLport installed (and what is in
> this bug is not enough to reproduce the bug).
>
so, try latest testcase.
$ make
g++ testDrv.ii -o testDrv -pthread -fno-rtti -O3 -m32 -nodefaultlibs \
-Wl,-rpath,. -L. -lstlport -lc
./testDrv
*** glibc detected *** ./testDrv: free(): invalid pointer: 0x555a8f54 ***
make: *** [all] Aborted
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=27156
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug other/27156] SIGSEGV in operator delete() / wrong-code?
2006-04-14 9:35 [Bug other/27156] New: SIGSEGV in operator delete() / wrong-code? pluto at agmk dot net
` (8 preceding siblings ...)
2006-05-03 9:05 ` pluto at agmk dot net
@ 2006-05-03 9:19 ` pluto at agmk dot net
2006-05-03 9:22 ` pluto at agmk dot net
` (3 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: pluto at agmk dot net @ 2006-05-03 9:19 UTC (permalink / raw)
To: gcc-bugs
------- Comment #10 from pluto at agmk dot net 2006-05-03 09:19 -------
Created an attachment (id=11365)
--> (http://gcc.gnu.org/bugzilla/attachment.cgi?id=11365&action=view)
source code
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=27156
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug other/27156] SIGSEGV in operator delete() / wrong-code?
2006-04-14 9:35 [Bug other/27156] New: SIGSEGV in operator delete() / wrong-code? pluto at agmk dot net
` (9 preceding siblings ...)
2006-05-03 9:19 ` pluto at agmk dot net
@ 2006-05-03 9:22 ` pluto at agmk dot net
2006-05-10 22:37 ` pluto at agmk dot net
` (2 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: pluto at agmk dot net @ 2006-05-03 9:22 UTC (permalink / raw)
To: gcc-bugs
------- Comment #11 from pluto at agmk dot net 2006-05-03 09:22 -------
also fails on 64-bit system.
$ g++ testDrv.cpp -o testDrv -pthread -O2 \
-I/usr/include/stlport -nodefaultlibs -lstlport -lc
$ ./testDrv
*** glibc detected *** ./testDrv: munmap_chunk():
invalid pointer: 0x00000000004016b0 ***
======= Backtrace: =========
/lib64/libc.so.6[0x2b568785ebed]
./testDrv(__gxx_personality_v0+0x281)[0x400f69]
/lib64/libc.so.6(__libc_start_main+0xf4)[0x2b5687812134]
./testDrv(__gxx_personality_v0+0x81)[0x400d69]
======= Memory map: ========
(...)
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=27156
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug other/27156] SIGSEGV in operator delete() / wrong-code?
2006-04-14 9:35 [Bug other/27156] New: SIGSEGV in operator delete() / wrong-code? pluto at agmk dot net
` (10 preceding siblings ...)
2006-05-03 9:22 ` pluto at agmk dot net
@ 2006-05-10 22:37 ` pluto at agmk dot net
2006-08-10 9:58 ` pluto at agmk dot net
2006-08-10 9:58 ` pluto at agmk dot net
13 siblings, 0 replies; 15+ messages in thread
From: pluto at agmk dot net @ 2006-05-10 22:37 UTC (permalink / raw)
To: gcc-bugs
------- Comment #12 from pluto at agmk dot net 2006-05-10 22:36 -------
following reduced testcase works with libstdc++ and segv with stlport.
#include <list>
#include <vector>
struct A { };
int main()
{
std::list< A* > l;
std::vector< A* > v( l.end(), l.end() );
return 0;
}
g++ testDrv.cpp -o testDrv -pthread -O2 -fstrict-aliasing -Wall
./testDrv
g++ testDrv.cpp -o testDrv -I/usr/include/stlport -pthread \
-O2 -fstrict-aliasing -Wall -nodefaultlibs -lstlport -lc
./testDrv
*** glibc detected *** ./testDrv: free(): invalid pointer: 0x00002b96b71fb1c0
it looks like a stlport bug.
--
pluto at agmk dot net changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|WAITING |RESOLVED
Resolution| |INVALID
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=27156
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug other/27156] SIGSEGV in operator delete() / wrong-code?
2006-04-14 9:35 [Bug other/27156] New: SIGSEGV in operator delete() / wrong-code? pluto at agmk dot net
` (11 preceding siblings ...)
2006-05-10 22:37 ` pluto at agmk dot net
@ 2006-08-10 9:58 ` pluto at agmk dot net
2006-08-10 9:58 ` pluto at agmk dot net
13 siblings, 0 replies; 15+ messages in thread
From: pluto at agmk dot net @ 2006-08-10 9:58 UTC (permalink / raw)
To: gcc-bugs
------- Comment #14 from pluto at agmk dot net 2006-08-10 09:58 -------
fixed on current 4.1 branch.
--
pluto at agmk dot net changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
Resolution| |FIXED
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=27156
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug other/27156] SIGSEGV in operator delete() / wrong-code?
2006-04-14 9:35 [Bug other/27156] New: SIGSEGV in operator delete() / wrong-code? pluto at agmk dot net
` (12 preceding siblings ...)
2006-08-10 9:58 ` pluto at agmk dot net
@ 2006-08-10 9:58 ` pluto at agmk dot net
13 siblings, 0 replies; 15+ messages in thread
From: pluto at agmk dot net @ 2006-08-10 9:58 UTC (permalink / raw)
To: gcc-bugs
------- Comment #13 from pluto at agmk dot net 2006-08-10 09:58 -------
in fact it was a gcc bug.
gcc version 4.1.2 20060530 gives wrong code.
gcc version 4.1.2 20060712 gives correct code.
tree dump shows that gcc-20060530 removes some parts [*] of vector_base
initialization and finally crash during freeing invalid pointer.
--- ok/bug.cpp.t97.final_cleanup 2006-08-10 11:48:19.769723000 +0200
+++ err/bug.cpp.t97.final_cleanup 2006-08-10 11:47:33.802850250 +0200
- l.D.11626._M_node._M_data._M_next = &l.D.11626._M_node._M_data;
- l.D.11626._M_node._M_data._M_prev = &l.D.11626._M_node._M_data;
- v.D.12155._M_start = 0B; <== [*]
- v.D.12155._M_end_of_storage._M_data = 0B; <== [*]
- v.D.12155._M_finish = 0B; <== [*]
+ l.D.11607._M_node._M_data._M_next = &l.D.11607._M_node._M_data;
+ l.D.11607._M_node._M_data._M_prev = &l.D.11607._M_node._M_data;
--
pluto at agmk dot net changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |UNCONFIRMED
Resolution|INVALID |
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=27156
^ permalink raw reply [flat|nested] 15+ messages in thread
end of thread, other threads:[~2006-08-10 9:58 UTC | newest]
Thread overview: 15+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2006-04-14 9:35 [Bug other/27156] New: SIGSEGV in operator delete() / wrong-code? pluto at agmk dot net
2006-04-14 9:36 ` [Bug other/27156] " pluto at agmk dot net
2006-04-19 0:36 ` pinskia at gcc dot gnu dot org
2006-04-19 0:39 ` pinskia at gcc dot gnu dot org
2006-04-19 8:13 ` pluto at agmk dot net
2006-04-19 8:33 ` pluto at agmk dot net
2006-04-19 8:38 ` pluto at agmk dot net
2006-04-30 8:02 ` pinskia at gcc dot gnu dot org
2006-05-03 9:02 ` pluto at agmk dot net
2006-05-03 9:05 ` pluto at agmk dot net
2006-05-03 9:19 ` pluto at agmk dot net
2006-05-03 9:22 ` pluto at agmk dot net
2006-05-10 22:37 ` pluto at agmk dot net
2006-08-10 9:58 ` pluto at agmk dot net
2006-08-10 9:58 ` pluto at agmk dot net
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).