public inbox for gdb-prs@sourceware.org
help / color / mirror / Atom feed
* [Bug gdb/27817] New: AddressSanitizer: new-delete-type-mismatch (new signatured_type)
@ 2021-05-03 21:35 vries at gcc dot gnu.org
2021-05-03 22:13 ` [Bug gdb/27817] " vries at gcc dot gnu.org
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: vries at gcc dot gnu.org @ 2021-05-03 21:35 UTC (permalink / raw)
To: gdb-prs
https://sourceware.org/bugzilla/show_bug.cgi?id=27817
Bug ID: 27817
Summary: AddressSanitizer: new-delete-type-mismatch (new
signatured_type)
Product: gdb
Version: HEAD
Status: NEW
Severity: normal
Priority: P2
Component: gdb
Assignee: unassigned at sourceware dot org
Reporter: vries at gcc dot gnu.org
Target Milestone: ---
Build gdb with address sanitizer, and ran into trouble in
gdb.dwarf2/fission-reread.exp:
...
(gdb) PASS: gdb.dwarf2/fission-reread.exp: ptype baz
PASS: gdb.dwarf2/fission-reread.exp: fission-reread
file
No executable file now.
Discard symbol table from
`/home/vries/gdb_versions/devel/build/gdb/testsuite/outputs/gdb.dwarf2/fission-reread/fission-reread'?
(y or n) y^M
=================================================================^M
^[[1m^[[31m==4512==ERROR: AddressSanitizer: new-delete-type-mismatch on
0x60e000002ea0 in thread T0:^M
^[[1m^[[0m object passed to delete has wrong type:^M
size of the allocated type: 152 bytes;^M
size of the deallocated type: 112 bytes.^M
#0 0x7f1118a59fa8 in operator delete(void*, unsigned long)
(/usr/lib64/libasan.so.4+0xdefa8)
#1 0x10a2ea6 in
std::default_delete<dwarf2_per_cu_data>::operator()(dwarf2_per_cu_data*) const
/usr/include/c++/7/bits/unique_ptr.h:78
#2 0x109629e in std::unique_ptr<dwarf2_per_cu_data,
std::default_delete<dwarf2_per_cu_data> >::~unique_ptr()
/usr/include/c++/7/bits/unique_ptr.h:263
#3 0x10cf55c in void std::_Destroy<std::unique_ptr<dwarf2_per_cu_data,
std::default_delete<dwarf2_per_cu_data> > >(std::unique_ptr<dwarf2_per_cu_data,
std::default_delete<dwarf2_per_cu_data> >*)
/usr/include/c++/7/bits/stl_construct.h:98
#4 0x10c38dc in void
std::_Destroy_aux<false>::__destroy<std::unique_ptr<dwarf2_per_cu_data,
std::default_delete<dwarf2_per_cu_data> >*>(std::unique_ptr<dwarf2_per_cu_data,
std::default_delete<dwarf2_per_cu_data> >*, std::unique_ptr<dwarf2_per_cu_data,
std::default_delete<dwarf2_per_cu_data> >*)
/usr/include/c++/7/bits/stl_construct.h:108
#5 0x10b4049 in void std::_Destroy<std::unique_ptr<dwarf2_per_cu_data,
std::default_delete<dwarf2_per_cu_data> >*>(std::unique_ptr<dwarf2_per_cu_data,
std::default_delete<dwarf2_per_cu_data> >*, std::unique_ptr<dwarf2_per_cu_data,
std::default_delete<dwarf2_per_cu_data> >*)
/usr/include/c++/7/bits/stl_construct.h:137
#6 0x10a1eb0 in void std::_Destroy<std::unique_ptr<dwarf2_per_cu_data,
std::default_delete<dwarf2_per_cu_data> >*, std::unique_ptr<dwarf2_per_cu_data,
std::default_delete<dwarf2_per_cu_data> > >(std::unique_ptr<dwarf2_per_cu_data,
std::default_delete<dwarf2_per_cu_data> >*, std::unique_ptr<dwarf2_per_cu_data,
std::default_delete<dwarf2_per_cu_data> >*,
std::allocator<std::unique_ptr<dwarf2_per_cu_data,
std::default_delete<dwarf2_per_cu_data> > >&)
/usr/include/c++/7/bits/stl_construct.h:206
#7 0x10955fd in std::vector<std::unique_ptr<dwarf2_per_cu_data,
std::default_delete<dwarf2_per_cu_data> >,
std::allocator<std::unique_ptr<dwarf2_per_cu_data,
std::default_delete<dwarf2_per_cu_data> > > >::~vector()
/usr/include/c++/7/bits/stl_vector.h:434
#8 0xfe110f in dwarf2_per_bfd::~dwarf2_per_bfd()
/home/vries/gdb_versions/devel/src/gdb/dwarf2/read.c:1896
#9 0x10b3b67 in
std::default_delete<dwarf2_per_bfd>::operator()(dwarf2_per_bfd*) const
/usr/include/c++/7/bits/unique_ptr.h:78
#10 0x10a1765 in bfd_key<dwarf2_per_bfd,
std::default_delete<dwarf2_per_bfd> >::cleanup(bfd*, void*)
/home/vries/gdb_versions/devel/src/gdb/gdb_bfd.h:28
#11 0x11745da in bfdregistry_callback_adaptor
/home/vries/gdb_versions/devel/src/gdb/gdb_bfd.c:120
#12 0x16d24f8 in registry_clear_data(registry_data_registry*, void (*)(void
(*)(registry_container*, void*), registry_container*, void*),
registry_container*, registry_fields*)
/home/vries/gdb_versions/devel/src/gdb/registry.c:79
#13 0x16d2650 in registry_container_free_data(registry_data_registry*, void
(*)(void (*)(registry_container*, void*), registry_container*, void*),
registry_container*, registry_fields*)
/home/vries/gdb_versions/devel/src/gdb/registry.c:92
#14 0x117465a in bfd_free_data
/home/vries/gdb_versions/devel/src/gdb/gdb_bfd.c:120
#15 0x1176a94 in gdb_bfd_unref(bfd*)
/home/vries/gdb_versions/devel/src/gdb/gdb_bfd.c:709
#16 0x1504817 in objfile::~objfile()
/home/vries/gdb_versions/devel/src/gdb/objfiles.c:573
#17 0x1511a94 in std::_Sp_counted_ptr<objfile*,
(__gnu_cxx::_Lock_policy)2>::_M_dispose()
/usr/include/c++/7/bits/shared_ptr_base.h:376
#18 0xd001d6 in
std::_Sp_counted_base<(__gnu_cxx::_Lock_policy)2>::_M_release()
/usr/include/c++/7/bits/shared_ptr_base.h:154
#19 0xcf77a5 in
std::__shared_count<(__gnu_cxx::_Lock_policy)2>::~__shared_count()
/usr/include/c++/7/bits/shared_ptr_base.h:684
#20 0x150dd93 in std::__shared_ptr<objfile,
(__gnu_cxx::_Lock_policy)2>::~__shared_ptr()
/usr/include/c++/7/bits/shared_ptr_base.h:1123
#21 0x150ddaf in std::shared_ptr<objfile>::~shared_ptr()
/usr/include/c++/7/bits/shared_ptr.h:93
#22 0x15be26f in void
__gnu_cxx::new_allocator<std::_List_node<std::shared_ptr<objfile> >
>::destroy<std::shared_ptr<objfile> >(std::shared_ptr<objfile>*)
/usr/include/c++/7/ext/new_allocator.h:140
#23 0x15bd54a in void
std::allocator_traits<std::allocator<std::_List_node<std::shared_ptr<objfile> >
> >::destroy<std::shared_ptr<objfile>
>(std::allocator<std::_List_node<std::shared_ptr<objfile> > >&,
std::shared_ptr<objfile>*) /usr/include/c++/7/bits/alloc_traits.h:487
#24 0x15bce57 in std::__cxx11::list<std::shared_ptr<objfile>,
std::allocator<std::shared_ptr<objfile> >
>::_M_erase(std::_List_iterator<std::shared_ptr<objfile> >)
/usr/include/c++/7/bits/stl_list.h:1815
#25 0x15bbdf0 in std::__cxx11::list<std::shared_ptr<objfile>,
std::allocator<std::shared_ptr<objfile> >
>::erase(std::_List_const_iterator<std::shared_ptr<objfile> >)
/usr/include/c++/7/bits/list.tcc:157
#26 0x15b837f in program_space::remove_objfile(objfile*)
/home/vries/gdb_versions/devel/src/gdb/progspace.c:210
#27 0x15042ef in objfile::unlink()
/home/vries/gdb_versions/devel/src/gdb/objfiles.c:487
#28 0x15b7d1a in program_space::free_all_objfiles()
/home/vries/gdb_versions/devel/src/gdb/progspace.c:170
#29 0x18c4294 in symbol_file_clear(int)
/home/vries/gdb_versions/devel/src/gdb/symfile.c:1231
#30 0x18c638d in symbol_file_command(char const*, int)
/home/vries/gdb_versions/devel/src/gdb/symfile.c:1593
#31 0x1111a64 in file_command
/home/vries/gdb_versions/devel/src/gdb/exec.c:555
#32 0xdedb37 in do_const_cfunc
/home/vries/gdb_versions/devel/src/gdb/cli/cli-decode.c:101
#33 0xdf7e26 in cmd_func(cmd_list_element*, char const*, int)
/home/vries/gdb_versions/devel/src/gdb/cli/cli-decode.c:2181
#34 0x19d2e40 in execute_command(char const*, int)
/home/vries/gdb_versions/devel/src/gdb/top.c:670
#35 0x110a0f9 in command_handler(char const*)
/home/vries/gdb_versions/devel/src/gdb/event-top.c:588
#36 0x110aa04 in command_line_handler(std::unique_ptr<char,
gdb::xfree_deleter<char> >&&)
/home/vries/gdb_versions/devel/src/gdb/event-top.c:773
#37 0x1a351d5 in tui_command_line_handler
/home/vries/gdb_versions/devel/src/gdb/tui/tui-interp.c:268
#38 0x1108b77 in gdb_rl_callback_handler
/home/vries/gdb_versions/devel/src/gdb/event-top.c:218
#39 0x1be8614 in rl_callback_read_char
/home/vries/gdb_versions/devel/src/readline/readline/callback.c:281
#40 0x1108722 in gdb_rl_callback_read_char_wrapper_noexcept
/home/vries/gdb_versions/devel/src/gdb/event-top.c:176
#41 0x1108902 in gdb_rl_callback_read_char_wrapper
/home/vries/gdb_versions/devel/src/gdb/event-top.c:193
#42 0x1109b04 in stdin_event_handler(int, void*)
/home/vries/gdb_versions/devel/src/gdb/event-top.c:515
#43 0x224776c in handle_file_event
/home/vries/gdb_versions/devel/src/gdbsupport/event-loop.cc:575
#44 0x2247f89 in gdb_wait_for_event
/home/vries/gdb_versions/devel/src/gdbsupport/event-loop.cc:701
#45 0x2245ef2 in gdb_do_one_event()
/home/vries/gdb_versions/devel/src/gdbsupport/event-loop.cc:237
#46 0x14006ab in start_event_loop
/home/vries/gdb_versions/devel/src/gdb/main.c:421
#47 0x140099c in captured_command_loop
/home/vries/gdb_versions/devel/src/gdb/main.c:481
#48 0x14047af in captured_main
/home/vries/gdb_versions/devel/src/gdb/main.c:1353
#49 0x140483f in gdb_main(captured_main_args*)
/home/vries/gdb_versions/devel/src/gdb/main.c:1368
#50 0xa9d9aa in main /home/vries/gdb_versions/devel/src/gdb/gdb.c:32
#51 0x7f11159b6349 in __libc_start_main (/lib64/libc.so.6+0x24349)
#52 0xa9d7b9 in _start
(/home/vries/gdb_versions/devel/build/gdb/gdb+0xa9d7b9)
0x60e000002ea0 is located 0 bytes inside of 152-byte region
[0x60e000002ea0,0x60e000002f38)
allocated by thread T0 here:
#0 0x7f1118a58c20 in operator new(unsigned long)
(/usr/lib64/libasan.so.4+0xddc20)
#1 0xfe4196 in dwarf2_per_bfd::allocate_signatured_type()
/home/vries/gdb_versions/devel/src/gdb/dwarf2/read.c:2539
#2 0x1007d93 in read_comp_units_from_section
/home/vries/gdb_versions/devel/src/gdb/dwarf2/read.c:7731
#3 0x10087ca in create_all_comp_units
/home/vries/gdb_versions/devel/src/gdb/dwarf2/read.c:7770
#4 0x100706e in dwarf2_build_psymtabs_hard
/home/vries/gdb_versions/devel/src/gdb/dwarf2/read.c:7623
#5 0xffadfa in dwarf2_build_psymtabs(objfile*, psymbol_functions*)
/home/vries/gdb_versions/devel/src/gdb/dwarf2/read.c:5787
#6 0x109188b in lazy_dwarf_reader::read_partial_symbols(objfile*)
/home/vries/gdb_versions/devel/src/gdb/dwarf2/read.c:2253
#7 0x18b83df in objfile::require_partial_symbols(bool)
/home/vries/gdb_versions/devel/src/gdb/symfile-debug.c:513
#8 0x18c1214 in read_symbols
/home/vries/gdb_versions/devel/src/gdb/symfile.c:794
#9 0x18c206b in syms_from_objfile_1
/home/vries/gdb_versions/devel/src/gdb/symfile.c:967
#10 0x18c224c in syms_from_objfile
/home/vries/gdb_versions/devel/src/gdb/symfile.c:984
#11 0x18c312e in symbol_file_add_with_addrs
/home/vries/gdb_versions/devel/src/gdb/symfile.c:1087
#12 0x18c3d13 in symbol_file_add_from_bfd(bfd*, char const*,
enum_flags<symfile_add_flag>, std::vector<other_sections,
std::allocator<other_sections> >*, enum_flags<objfile_flag>, objfile*)
/home/vries/gdb_versions/devel/src/gdb/symfile.c:1168
#13 0x18c3e22 in symbol_file_add(char const*, enum_flags<symfile_add_flag>,
std::vector<other_sections, std::allocator<other_sections> >*,
enum_flags<objfile_flag>) /home/vries/gdb_versions/devel/src/gdb/symfile.c:1181
#14 0x18c406b in symbol_file_add_main_1
/home/vries/gdb_versions/devel/src/gdb/symfile.c:1204
#15 0x18c6928 in symbol_file_command(char const*, int)
/home/vries/gdb_versions/devel/src/gdb/symfile.c:1648
#16 0x1111a64 in file_command
/home/vries/gdb_versions/devel/src/gdb/exec.c:555
#17 0xdedb37 in do_const_cfunc
/home/vries/gdb_versions/devel/src/gdb/cli/cli-decode.c:101
#18 0xdf7e26 in cmd_func(cmd_list_element*, char const*, int)
/home/vries/gdb_versions/devel/src/gdb/cli/cli-decode.c:2181
#19 0x19d2e40 in execute_command(char const*, int)
/home/vries/gdb_versions/devel/src/gdb/top.c:670
#20 0x110a0f9 in command_handler(char const*)
/home/vries/gdb_versions/devel/src/gdb/event-top.c:588
#21 0x110aa04 in command_line_handler(std::unique_ptr<char,
gdb::xfree_deleter<char> >&&)
/home/vries/gdb_versions/devel/src/gdb/event-top.c:773
#22 0x1a351d5 in tui_command_line_handler
/home/vries/gdb_versions/devel/src/gdb/tui/tui-interp.c:268
#23 0x1108b77 in gdb_rl_callback_handler
/home/vries/gdb_versions/devel/src/gdb/event-top.c:218
#24 0x1be8614 in rl_callback_read_char
/home/vries/gdb_versions/devel/src/readline/readline/callback.c:281
#25 0x1108722 in gdb_rl_callback_read_char_wrapper_noexcept
/home/vries/gdb_versions/devel/src/gdb/event-top.c:176
#26 0x1108902 in gdb_rl_callback_read_char_wrapper
/home/vries/gdb_versions/devel/src/gdb/event-top.c:193
#27 0x1109b04 in stdin_event_handler(int, void*)
/home/vries/gdb_versions/devel/src/gdb/event-top.c:515
#28 0x224776c in handle_file_event
/home/vries/gdb_versions/devel/src/gdbsupport/event-loop.cc:575
#29 0x2247f89 in gdb_wait_for_event
/home/vries/gdb_versions/devel/src/gdbsupport/event-loop.cc:701
SUMMARY: AddressSanitizer: new-delete-type-mismatch
(/usr/lib64/libasan.so.4+0xdefa8) in operator delete(void*, unsigned long)
==4512==HINT: if you don't care about these errors you may set
ASAN_OPTIONS=new_delete_type_mismatch=0
==4512==ABORTING
...
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug gdb/27817] AddressSanitizer: new-delete-type-mismatch (new signatured_type)
2021-05-03 21:35 [Bug gdb/27817] New: AddressSanitizer: new-delete-type-mismatch (new signatured_type) vries at gcc dot gnu.org
@ 2021-05-03 22:13 ` vries at gcc dot gnu.org
2021-05-04 6:52 ` vries at gcc dot gnu.org
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: vries at gcc dot gnu.org @ 2021-05-03 22:13 UTC (permalink / raw)
To: gdb-prs
https://sourceware.org/bugzilla/show_bug.cgi?id=27817
Tom de Vries <vries at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |simark at simark dot ca,
| |tromey at sourceware dot org
--- Comment #1 from Tom de Vries <vries at gcc dot gnu.org> ---
Hmm, so we allocate a signatured_type:
...
auto sig_type = per_objfile->per_bfd->allocate_signatured_type ();
...
which we then move to:
...
std::unique_ptr<dwarf2_per_cu_data> this_cu;
...
this_cu = std::move (sig_type);
...
and store it:
...
per_objfile->per_bfd->all_comp_units.push_back (std::move (this_cu));
...
Then when dwarf2_per_bfd::~dwarf2_per_bfd() is called, it also invokes the
destructor for:
...
std::vector<std::unique_ptr<dwarf2_per_cu_data>> all_comp_units;
...
and the item is deallocated with a dwarf2_per_cu_data type instead of a
signatured_type.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug gdb/27817] AddressSanitizer: new-delete-type-mismatch (new signatured_type)
2021-05-03 21:35 [Bug gdb/27817] New: AddressSanitizer: new-delete-type-mismatch (new signatured_type) vries at gcc dot gnu.org
2021-05-03 22:13 ` [Bug gdb/27817] " vries at gcc dot gnu.org
@ 2021-05-04 6:52 ` vries at gcc dot gnu.org
2021-05-04 14:08 ` tromey at sourceware dot org
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: vries at gcc dot gnu.org @ 2021-05-04 6:52 UTC (permalink / raw)
To: gdb-prs
https://sourceware.org/bugzilla/show_bug.cgi?id=27817
--- Comment #2 from Tom de Vries <vries at gcc dot gnu.org> ---
Hmm, I've should have noted the build commit, I already have trouble
reproducing this.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug gdb/27817] AddressSanitizer: new-delete-type-mismatch (new signatured_type)
2021-05-03 21:35 [Bug gdb/27817] New: AddressSanitizer: new-delete-type-mismatch (new signatured_type) vries at gcc dot gnu.org
2021-05-03 22:13 ` [Bug gdb/27817] " vries at gcc dot gnu.org
2021-05-04 6:52 ` vries at gcc dot gnu.org
@ 2021-05-04 14:08 ` tromey at sourceware dot org
2021-05-21 1:08 ` vries at gcc dot gnu.org
2021-05-21 13:51 ` tromey at sourceware dot org
4 siblings, 0 replies; 6+ messages in thread
From: tromey at sourceware dot org @ 2021-05-04 14:08 UTC (permalink / raw)
To: gdb-prs
https://sourceware.org/bugzilla/show_bug.cgi?id=27817
Tom Tromey <tromey at sourceware dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Assignee|unassigned at sourceware dot org |tromey at sourceware dot org
--- Comment #3 from Tom Tromey <tromey at sourceware dot org> ---
https://sourceware.org/pipermail/gdb-patches/2021-May/178450.html
Though I wonder now if this code should instead use a specialized
deleter to avoid a vtable.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug gdb/27817] AddressSanitizer: new-delete-type-mismatch (new signatured_type)
2021-05-03 21:35 [Bug gdb/27817] New: AddressSanitizer: new-delete-type-mismatch (new signatured_type) vries at gcc dot gnu.org
` (2 preceding siblings ...)
2021-05-04 14:08 ` tromey at sourceware dot org
@ 2021-05-21 1:08 ` vries at gcc dot gnu.org
2021-05-21 13:51 ` tromey at sourceware dot org
4 siblings, 0 replies; 6+ messages in thread
From: vries at gcc dot gnu.org @ 2021-05-21 1:08 UTC (permalink / raw)
To: gdb-prs
https://sourceware.org/bugzilla/show_bug.cgi?id=27817
--- Comment #4 from Tom de Vries <vries at gcc dot gnu.org> ---
I guess a fix was committed:
https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=473ab96443eaf08f1a56c116c82410de2022c29b
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug gdb/27817] AddressSanitizer: new-delete-type-mismatch (new signatured_type)
2021-05-03 21:35 [Bug gdb/27817] New: AddressSanitizer: new-delete-type-mismatch (new signatured_type) vries at gcc dot gnu.org
` (3 preceding siblings ...)
2021-05-21 1:08 ` vries at gcc dot gnu.org
@ 2021-05-21 13:51 ` tromey at sourceware dot org
4 siblings, 0 replies; 6+ messages in thread
From: tromey at sourceware dot org @ 2021-05-21 13:51 UTC (permalink / raw)
To: gdb-prs
https://sourceware.org/bugzilla/show_bug.cgi?id=27817
Tom Tromey <tromey at sourceware dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
Target Milestone|--- |11.1
--- Comment #5 from Tom Tromey <tromey at sourceware dot org> ---
(In reply to Tom de Vries from comment #4)
> I guess a fix was committed:
> https://sourceware.org/git/?p=binutils-gdb.git;a=commit;
> h=473ab96443eaf08f1a56c116c82410de2022c29b
Yep!
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2021-05-21 13:51 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-03 21:35 [Bug gdb/27817] New: AddressSanitizer: new-delete-type-mismatch (new signatured_type) vries at gcc dot gnu.org
2021-05-03 22:13 ` [Bug gdb/27817] " vries at gcc dot gnu.org
2021-05-04 6:52 ` vries at gcc dot gnu.org
2021-05-04 14:08 ` tromey at sourceware dot org
2021-05-21 1:08 ` vries at gcc dot gnu.org
2021-05-21 13:51 ` tromey at sourceware dot org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).