From owner-freebsd-toolchain@freebsd.org Wed Mar 13 13:11:53 2019 Return-Path: Delivered-To: freebsd-toolchain@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4815515330BF for ; Wed, 13 Mar 2019 13:11:53 +0000 (UTC) (envelope-from wjw@digiware.nl) Received: from smtp.digiware.nl (smtp.digiware.nl [IPv6:2001:4cb8:90:ffff::3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B02B8770B0; Wed, 13 Mar 2019 13:11:52 +0000 (UTC) (envelope-from wjw@digiware.nl) Received: from router.digiware.nl (localhost.digiware.nl [127.0.0.1]) by smtp.digiware.nl (Postfix) with ESMTP id 66EBB30BB3; Wed, 13 Mar 2019 14:11:51 +0100 (CET) X-Virus-Scanned: amavisd-new at digiware.com Received: from smtp.digiware.nl ([127.0.0.1]) by router.digiware.nl (router.digiware.nl [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ollh8Q3tkQcw; Wed, 13 Mar 2019 14:11:50 +0100 (CET) Received: from [192.168.10.9] (vaio [192.168.10.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.digiware.nl (Postfix) with ESMTPSA id 9966A30BAC; Wed, 13 Mar 2019 14:11:50 +0100 (CET) Subject: Re: Is this a programming error, or a compiler error.. To: Dimitry Andric Cc: FreeBSD Toolchain References: <98EFC560-16A0-4F62-892A-64B15B21AF21@FreeBSD.org> From: Willem Jan Withagen Message-ID: <9c822acb-01be-2579-f181-34b97d8417d3@digiware.nl> Date: Wed, 13 Mar 2019 14:11:48 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.5.3 MIME-Version: 1.0 In-Reply-To: <98EFC560-16A0-4F62-892A-64B15B21AF21@FreeBSD.org> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Content-Language: nl X-BeenThere: freebsd-toolchain@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Maintenance of FreeBSD's integrated toolchain List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Mar 2019 13:11:53 -0000 On 13-3-2019 13:17, Dimitry Andric wrote: > On 13 Mar 2019, at 12:57, Willem Jan Withagen wrote: >> I'm getting a crash in a Ceph test program in the following pice of code: >> >> struct entity_addrvec_t { >> vector v; >> ..... >> entity_addr_t legacy_addr() const { >> for (auto& a : v) { >> if (a.type == entity_addr_t::TYPE_LEGACY) { >> return a; >> } >> } >> return entity_addr_t(); >> } >> ...... >> >> Where the loop is taken, even if v.size() == 0 >> So v content is pointing to random memory and itterating over the next pointer results in a crash. > This can happen when the vector is invalidated, due to either it, or its > parent object having been moved from. Maybe run this under valgrind or > AddressSanitizer, that should give some more clues. Would be new tricks for me... I'll look into it. Prefixing the loop with `if (!empy())` fixes the runtime problem, and this is a single thread program So there is no other thread here that could work on the vector and corrupt it while looping over it. --WjW