[Bug gdb/20716] New: AddressSanitizer: alloc-dealloc-mismatch (malloc vs operator delete)
qiyao at gcc dot gnu.org
sourceware-bugzilla@sourceware.org
Wed Oct 19 11:55:00 GMT 2016
https://sourceware.org/bugzilla/show_bug.cgi?id=20716
Bug ID: 20716
Summary: AddressSanitizer: alloc-dealloc-mismatch (malloc vs
operator delete)
Product: gdb
Version: HEAD
Status: NEW
Severity: normal
Priority: P2
Component: gdb
Assignee: unassigned at sourceware dot org
Reporter: qiyao at gcc dot gnu.org
Target Milestone: ---
I build GDB with address sanitizer, CXXFLAGS='-O0 -g3 -fsanitize=address'. I
got an ASAN error message,
start gdb and "quit".
(gdb) quit
=================================================================
==9723==ERROR: AddressSanitizer: alloc-dealloc-mismatch (malloc vs operator
delete) on 0x60200003bf70
#0 0x7f88f3837527 in operator delete(void*)
(/usr/lib/x86_64-linux-gnu/libasan.so.1+0x55527)
#1 0xac8e13 in __gnu_cxx::new_allocator<void (*)()>::deallocate(void
(**)(), unsigned long) /usr/include/c++/4.9/ext/new_allocator.h:110
#2 0xac8cc2 in __gnu_cxx::__alloc_traits<std::allocator<void (*)()>
>::deallocate(std::allocator<void (*)()>&, void (**)(), unsigned long)
/usr/include/c++/4.9/ext/alloc_traits.h:185
#3 0xac88af in std::_Vector_base<void (*)(), std::allocator<void (*)()>
>::_M_deallocate(void (**)(), unsigned long)
/usr/include/c++/4.9/bits/stl_vector.h:178
#4 0xac81f5 in std::_Vector_base<void (*)(), std::allocator<void (*)()>
>::~_Vector_base() /usr/include/c++/4.9/bits/stl_vector.h:160
#5 0xac9382 in std::vector<void (*)(), std::allocator<void (*)()>
>::~vector() /usr/include/c++/4.9/bits/stl_vector.h:425
#6 0x7f88f198b258 (/lib/x86_64-linux-gnu/libc.so.6+0x3c258)
#7 0x7f88f198b2a4 in exit (/lib/x86_64-linux-gnu/libc.so.6+0x3c2a4)
#8 0xb169f5 in quit_force(int*, int)
/home/yao/SourceCode/gnu/gdb/git/gdb/top.c:1711
#9 0x570f10 in quit_command(char*, int)
/home/yao/SourceCode/gnu/gdb/git/gdb/cli/cli-cmds.c:363
#10 0x560722 in do_cfunc
/home/yao/SourceCode/gnu/gdb/git/gdb/cli/cli-decode.c:105
#11 0x568463 in cmd_func(cmd_list_element*, char*, int)
/home/yao/SourceCode/gnu/gdb/git/gdb/cli/cli-decode.c:1913
#12 0xb13c86 in execute_command(char*, int)
/home/yao/SourceCode/gnu/gdb/git/gdb/top.c:674
#13 0x88a675 in command_handler(char*)
/home/yao/SourceCode/gnu/gdb/git/gdb/event-top.c:628
#14 0x88aeef in command_line_handler(char*)
/home/yao/SourceCode/gnu/gdb/git/gdb/event-top.c:820
#15 0x889652 in gdb_rl_callback_handler
/home/yao/SourceCode/gnu/gdb/git/gdb/event-top.c:200
#16 0xbfd387 in rl_callback_read_char
/home/yao/SourceCode/gnu/gdb/git/readline/callback.c:220
#17 0x88940b in gdb_rl_callback_read_char_wrapper
/home/yao/SourceCode/gnu/gdb/git/gdb/event-top.c:173
#18 0x88a2fe in stdin_event_handler(int, void*)
/home/yao/SourceCode/gnu/gdb/git/gdb/event-top.c:555
#19 0x886f1b in handle_file_event
/home/yao/SourceCode/gnu/gdb/git/gdb/event-loop.c:733
#20 0x8877f2 in gdb_wait_for_event
/home/yao/SourceCode/gnu/gdb/git/gdb/event-loop.c:859
#21 0x885600 in gdb_do_one_event()
/home/yao/SourceCode/gnu/gdb/git/gdb/event-loop.c:347
#22 0x8856b9 in start_event_loop()
/home/yao/SourceCode/gnu/gdb/git/gdb/event-loop.c:371
#23 0x874cdf in captured_command_loop
/home/yao/SourceCode/gnu/gdb/git/gdb/main.c:324
#24 0x86a36b in catch_errors(int (*)(void*), void*, char*, return_mask)
/home/yao/SourceCode/gnu/gdb/git/gdb/exceptions.c:236
#25 0x877980 in captured_main
/home/yao/SourceCode/gnu/gdb/git/gdb/main.c:1151
#26 0x877a28 in gdb_main(captured_main_args*)
/home/yao/SourceCode/gnu/gdb/git/gdb/main.c:1161
#27 0x412c35 in main /home/yao/SourceCode/gnu/gdb/git/gdb/gdb.c:32
#28 0x7f88f1970ec4 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x21ec4)
#29 0x412a3e (/scratch/yao/gdb/build-git/x86_64/gdb/gdb+0x412a3e)
0x60200003bf70 is located 0 bytes inside of 8-byte region
[0x60200003bf70,0x60200003bf78)
allocated by thread T0 here:
#0 0x7f88f38367ef in __interceptor_malloc
(/usr/lib/x86_64-linux-gnu/libasan.so.1+0x547ef)
#1 0xbd2762 in operator new(unsigned long)
/home/yao/SourceCode/gnu/gdb/git/gdb/common/new-op.c:42
#2 0xac8edc in __gnu_cxx::new_allocator<void (*)()>::allocate(unsigned
long, void const*) /usr/include/c++/4.9/ext/new_allocator.h:104
#3 0xac8d81 in __gnu_cxx::__alloc_traits<std::allocator<void (*)()>
>::allocate(std::allocator<void (*)()>&, unsigned long)
/usr/include/c++/4.9/ext/alloc_traits.h:182
#4 0xac8b79 in std::_Vector_base<void (*)(), std::allocator<void (*)()>
>::_M_allocate(unsigned long) /usr/include/c++/4.9/bits/stl_vector.h:170
#5 0xac8434 in std::vector<void (*)(), std::allocator<void (*)()>
>::_M_insert_aux(__gnu_cxx::__normal_iterator<void (**)(), std::vector<void
(*)(), std::allocator<void (*)()> > >, void (* const&)())
/usr/include/c++/4.9/bits/vector.tcc:353
#6 0xac8080 in std::vector<void (*)(), std::allocator<void (*)()>
>::push_back(void (* const&)()) /usr/include/c++/4.9/bits/stl_vector.h:925
#7 0xac7c5e in register_self_test(void (*)())
/home/yao/SourceCode/gnu/gdb/git/gdb/selftest.c:32
#8 0x6d3bc1 in _initialize_rust_exp()
/home/yao/SourceCode/gnu/gdb/git/gdb/rust-exp.y:2762
#9 0xbe840f in initialize_all_files()
/scratch/yao/gdb/build-git/x86_64/gdb/init.c:196
#10 0xb18267 in gdb_init(char*)
/home/yao/SourceCode/gnu/gdb/git/gdb/top.c:2196
#11 0x8768cb in captured_main
/home/yao/SourceCode/gnu/gdb/git/gdb/main.c:867
#12 0x877a28 in gdb_main(captured_main_args*)
/home/yao/SourceCode/gnu/gdb/git/gdb/main.c:1161
#13 0x412c35 in main /home/yao/SourceCode/gnu/gdb/git/gdb/gdb.c:32
#14 0x7f88f1970ec4 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x21ec4)
SUMMARY: AddressSanitizer: alloc-dealloc-mismatch ??:0 operator delete(void*)
==9723==HINT: if you don't care about these warnings you may set
ASAN_OPTIONS=alloc_dealloc_mismatch=0
==9723==ABORTING
Looks the problem is that we replace operator new, but doesn't replace operator
delete.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the Gdb-prs
mailing list