This is the mail archive of the gcc-bugs@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug libmudflap/28578] A most simple multithreaded program (practically any multithreaded one) causes mudflap violation

From: "fche at redhat dot com" <gcc-bugzilla at gcc dot gnu dot org>
To: gcc-bugs at gcc dot gnu dot org
Date: 10 Nov 2006 17:43:52 -0000
Subject: [Bug libmudflap/28578] A most simple multithreaded program (practically any multithreaded one) causes mudflap violation
References: <bug-28578-13029@http.gcc.gnu.org/bugzilla/>
Reply-to: gcc-bugzilla at gcc dot gnu dot org


------- Comment #3 from fche at redhat dot com  2006-11-10 17:43 -------
Some more details.
The data value in question comes from an allocation due to dlerror(),
performed during __mf_init()'s lookup of inteposed dynamic symbols.
Since mudflap is still in __mf_starting_p state, dlerror's calloc()
gets redirected to __mf_0fn_calloc, and gets one of the preallocated
buffers in .bss.

The problem occurs at main thread shutdown, as caused by pthread_exit().
(An ordinary falling-off-the-end does not trigger this problem.)
What happens is that __libc_start_main starts calling funky cleanup functions,
including one __nptl_deallocate_tsd, which results in a free() call
for that value allocated by dlerror().  But now, libmudflap is in normal
non-reentrant state, so this free() is checked, and sure enough is found
not to refer to a corresponding checked allocation call.


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28578

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]