[Boost-bugs] [Boost C++ Libraries] #4415: Posible "Segmentation Fault" in shared_ptr destructor

Date view Thread view Subject view Author view

Subject: [Boost-bugs] [Boost C++ Libraries] #4415: Posible "Segmentation Fault" in shared_ptr destructor
From: Boost C++ Libraries (noreply_at_[hidden])
Date: 2010-07-09 07:00:36

#4415: Posible "Segmentation Fault" in shared_ptr destructor
-----------------------------------------------------+----------------------
 Reporter: Takenori Sato <takenori.sato@…> | Owner: pdimov
     Type: Bugs | Status: new
Milestone: Boost 1.44.0 | Component: smart_ptr
  Version: Boost 1.44.0 | Severity: Problem
 Keywords: |
-----------------------------------------------------+----------------------
 Hi,

 I got Segmentation Fault as follows, and found a possible bug.


 {{{
 Program terminated with signal 11, Segmentation fault.
 #0 0x0000000000401227 in boost::detail::atomic_exchange_and_add
 (pw=Cannot access memory at address 0x7fff2ee2dff8
 )
     at
 /home/takenori/workspace_native/Boost/boost/smart_ptr/detail/sp_counted_base_gcc_x86.hpp:36
 36 {
 (gdb) bt
 #0 0x0000000000401227 in boost::detail::atomic_exchange_and_add
 (pw=Cannot access memory at address 0x7fff2ee2dff8
 )
     at
 /home/takenori/workspace_native/Boost/boost/smart_ptr/detail/sp_counted_base_gcc_x86.hpp:36
 #1 0x000000000040137b in boost::detail::sp_counted_base::release (
     this=0xd921130)
     at
 /home/takenori/workspace_native/Boost/boost/smart_ptr/detail/sp_counted_base_gcc_x86.hpp:143
 #2 0x000000000040142b in boost::detail::shared_count::~shared_count (
     this=0xd9210c0, __in_chrg=<value optimized out>)
     at
 /home/takenori/workspace_native/Boost/boost/smart_ptr/detail/shared_count.hpp:217
 #3 0x00000000004014be in boost::shared_ptr<SPIntSLLNode>::~shared_ptr (
     this=0xd9210b8, __in_chrg=<value optimized out>)
     at
 /home/takenori/workspace_native/Boost/boost/smart_ptr/shared_ptr.hpp:163
 }}}

 Here's I doubt.

 {{{
     ~shared_count() // nothrow
     {
         if( pi_ != 0 ) pi_->release();
 #if defined(BOOST_SP_ENABLE_DEBUG_HOOKS)
         id_ = 0;
 #endif
     }
 }}}

 sp_count_base

 {{{
     void release() // nothrow
     {
         if( atomic_exchange_and_add( &use_count_, -1 ) == 1 )
         {
             dispose();
             weak_release();
         }
     }
 }}}


 The two last threads can enter release(), the latter encounters
 Segmentation Fault on &use_count_.

 Fairly large singly linked list with shared_ptr easily reproduce this
 issue at its destruction.

 Cheers,
 Takenori 

-- 
Ticket URL: <https://svn.boost.org/trac/boost/ticket/4415>
Boost C++ Libraries <http://www.boost.org/>
Boost provides free peer-reviewed portable C++ source libraries.
Date view Thread view Subject view Author view

This archive was generated by hypermail 2.1.7 : 2017-02-16 18:50:03 UTC