From owner-freebsd-hackers@FreeBSD.ORG  Thu Mar  5 03:11:21 2015
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: hackers@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 73F97E71
 for <hackers@FreeBSD.org>; Thu,  5 Mar 2015 03:11:21 +0000 (UTC)
Received: from gw.catspoiler.org (cl-1657.chi-02.us.sixxs.net
 [IPv6:2001:4978:f:678::2])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 0BB5BE02
 for <hackers@FreeBSD.org>; Thu,  5 Mar 2015 03:11:20 +0000 (UTC)
Received: from FreeBSD.org (mousie.catspoiler.org [192.168.101.2])
 by gw.catspoiler.org (8.13.3/8.13.3) with ESMTP id t253BBqn061214
 for <hackers@FreeBSD.org>; Wed, 4 Mar 2015 19:11:15 -0800 (PST)
 (envelope-from truckman@FreeBSD.org)
Message-Id: <201503050311.t253BBqn061214@gw.catspoiler.org>
Date: Wed, 4 Mar 2015 19:11:11 -0800 (PST)
From: Don Lewis <truckman@FreeBSD.org>
Subject: crash in libstdc++ __dynamic_cast() only on FBSD 10, g++ libstdc++
 guru advice needed
To: hackers@FreeBSD.org
MIME-Version: 1.0
Content-Type: TEXT/plain; charset=us-ascii
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Mar 2015 03:11:21 -0000

I'm trying to debug an odd crash in openoffice that only happens on
FreeBSD 10 (and most likely 11).  It happens on both i386 and amd64.  It
does not happen FreeBSD 8.  Inside the guts of
__cxxabiv1::__dynamic_cast(), this line of code

    whole_type->__do_dyncast (src2dst, __class_type_info::__contained_public,
                              dst_type, whole_ptr, src_type, src_ptr, result);

ends up jumping to address 0, and it looks like the problem is a NULL
pointer in the vtable.

The code is being compiled with the default ports version of gcc on both
FreeBSD 8 and 10.  This is not a new problem and there have been
multiple versions of gcc used since the problem was first reported.  It
is just very strange the the same code compiled with the same version of
gcc, with the same compiler options and linked to the same version of
libstdc++ works on FreeBSD 8 and not FreeBSD 10.  Changing the compiler
optimization level has no effect.

All the gory details are here:
<https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=188088#c14>

I'm about out of ideas, so any advice is welcome.