Date: Wed, 13 Mar 2019 14:11:48 +0100 From: Willem Jan Withagen <wjw@digiware.nl> To: Dimitry Andric <dim@FreeBSD.org> Cc: FreeBSD Toolchain <freebsd-toolchain@freebsd.org> Subject: Re: Is this a programming error, or a compiler error.. Message-ID: <9c822acb-01be-2579-f181-34b97d8417d3@digiware.nl> In-Reply-To: <98EFC560-16A0-4F62-892A-64B15B21AF21@FreeBSD.org> References: <bc4f8f4f-55c9-63ed-1ce8-b53d95a0696a@digiware.nl> <98EFC560-16A0-4F62-892A-64B15B21AF21@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 13-3-2019 13:17, Dimitry Andric wrote:
> On 13 Mar 2019, at 12:57, Willem Jan Withagen <wjw@digiware.nl> wrote:
>> I'm getting a crash in a Ceph test program in the following pice of code:
>>
>> struct entity_addrvec_t {
>> vector<entity_addr_t> v;
>> .....
>> entity_addr_t legacy_addr() const {
>> for (auto& a : v) {
>> if (a.type == entity_addr_t::TYPE_LEGACY) {
>> return a;
>> }
>> }
>> return entity_addr_t();
>> }
>> ......
>>
>> Where the loop is taken, even if v.size() == 0
>> So v content is pointing to random memory and itterating over the next pointer results in a crash.
> This can happen when the vector is invalidated, due to either it, or its
> parent object having been moved from. Maybe run this under valgrind or
> AddressSanitizer, that should give some more clues.
Would be new tricks for me... I'll look into it.
Prefixing the loop with `if (!empy())` fixes the runtime problem, and
this is a single thread program
So there is no other thread here that could work on the vector and
corrupt it while looping over it.
--WjW
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9c822acb-01be-2579-f181-34b97d8417d3>