[Bug libstdc++/22309] New: mt allocator doesn't pthread_key_delete it's keys
jakub at redhat dot com
gcc-bugzilla@gcc.gnu.org
Tue Jul 5 13:54:00 GMT 2005
With libstdc++ configured with --enable-libstdcxx-allocator=mt (on 4.0 branch
or on HEAD for linux even without it, as mt is the default there), following
testcase crashes:
cat > O.c <<EOF
#include <dlfcn.h>
#include <pthread.h>
void *
tf (void *arg)
{
void *h = dlopen ("./libO.so", RTLD_LAZY);
void (*fn) (void);
if (!h) return 0;
fn = dlsym (h, "foo");
fn ();
dlclose (h);
return 0;
}
int
main (void)
{
pthread_t th;
pthread_create (&th, NULL, tf, NULL);
pthread_join (th, NULL);
return 0;
}
EOF
cat > libO.C <<EOF
#include <string>
extern "C" void
foo (void)
{
std::string s;
s += "hello";
}
EOF
g++ -g -O2 -shared -fpic -o libO.so libO.C
gcc -g -O2 -o O O.c -ldl -lpthread
The problem is that __gnu_cxx::__pool<true>::_M_initialize () calls
pthread_key_create but doesn't ensure pthread_key_delete is called when
libstdc++.so is unloaded. So when glibc attempts destroys a thread or program
and calls the registered key cleanup routine (_S_destroy_thread_key), if
libstdc++.so is not mapped at that moment any longer, either whatever other
code happens to be mapped at that address is run, or the program crashes
immediately.
mt_allocator.cc should ensure that gthread_key_delete is called on the key
after all users of the key have been destroyed.
--
Summary: mt allocator doesn't pthread_key_delete it's keys
Product: gcc
Version: 4.1.0
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: libstdc++
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: jakub at redhat dot com
CC: gcc-bugs at gcc dot gnu dot org
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=22309
More information about the Gcc-bugs
mailing list