"Deallocation of a pointer not malloced," or: Pointers crossing the libstdc++ chasm #20
Replies: 7 comments 16 replies
-
Not harmless! Causes frequent outright crashes. Iain has a fix in mind, involving namespaced symbols (just like llvm uses in libcxx). All of it takes time, interest, debugging, etc and if you haven't yet noticed, pretty much everything to do with gcc/libgcc on darwin/macOS is Iain's one-man-show here (with helpers at times)! |
Beta Was this translation helpful? Give feedback.
-
By the way, the place I seem to see it most often is involving software that uses facets. I read that there are two different symbols in libgcc for facets, one for pre-c++11 and one for post-c++11, and I have surmised that might be why that is where the error shows up (cmake, many others), as the pre-c++11 symbol might clash with the ancient one in the system's implementation. I have no illusions though -- facets are just the tip of the iceberg here. It needs a proper fix if things are to go on. Apparently the only really good fix is to replace some parts of the system software on 10.4 and 10.5 with newer parts -- hah hah hah. Try selling that one ;> |
Beta Was this translation helpful? Give feedback.
-
this MacPorts ticket is quite related: https://trac.macports.org/ticket/59832 and less so perhaps this ticket: |
Beta Was this translation helpful? Give feedback.
-
The problem is that we can have a situation in which we:
So now we have two copies of libstdc++ in the same process. In principle, dyld can tell the difference "two level namespace" because the two libraries are installed at different paths. However, at least on 10.5 (darwin9) and earlier it seems that dyld is not that smart and only allocates one slot for each symbol. So we can have the situation in which and object is constructed in one libstdc++ and then we try to destroy it in the other (which obviously has no idea about the object, and then we get reasonable complaints about double free()s when the memory is deallocated). Hence the sub-title about 'pointers crossing library boundaries'. There are two painful solutions:
The most likely proper solutions:
For my part, I have test versions of (1) for master, 11, 10 and 7.5 .. but they are not ready yet, and I am going to repeat: Additional notes: FWIW, it seems that dyld on 10.6+ is much better behaved, at least, my simple reproducer for the crash we see on 10.5 works without problems there. between 10.8 (there are not many uses in 10.7, but ISTR one or two) and 10.13, the only users of /usr/lib/libstdc++ would be third party code (no system uses) - so the chances of clashes are small ---- UNLESS you start using clang -stdlib=libstdc++, and shoot yourself in the foot that way ;) After 10.14 this is academic - since nothing will use /usr/libstdc++ (clang does not work with -stdlib=libstdc++ because the headers are not installed), After 11, the library is omitted as well. So, sorry, once again, 'watch this space' - I have now fixed libgcc_s on master, and those fixes will be backported, but the libstdc++ fix is still pending a few nanoseconds to work on it. edit: |
Beta Was this translation helpful? Give feedback.
-
we never saw this issue until MacPorts updated to libgcc 7.5. Then we saw the same facet error in many different ports. rolling back to libgcc 7.4 made those errors disappear. But eventually too many ports, esp ICU, would not build with gcc 7.4/libgcc 7.4 so we had to move on. Academic, probably, as we are not going back now to change it, but something changed between gcc 7.4 and 7.5 to make this underlying latent issue start to show up in many different software builds, and disappeared when gcc was rolled back. I tried to find the commit that did it a few years ago, but the bisecting was too time consuming for me to finish, knowing it wouldn’t matter anyway. |
Beta Was this translation helpful? Give feedback.
-
I would be interested to see your simple reproducer. I did all this two years ago or so -- I should try to repro it again now on 10.5 Intel to see if what I said still holds up. Other things have changed too (the cctools we use, in particular, has been updated a few times. |
Beta Was this translation helpful? Give feedback.
-
A "hello world" using iostream (which has a global init).
then link with libxar (even though we have no dependency on it - ld64 will add it if we say so - so long as we do not 'dead strip dylibs').
and, as you can see, the problem manifests on earlier versions - and later Not sure why 6.5 is apparently OK - it might be "dumb luck" with the ordering of initialisers. |
Beta Was this translation helpful? Give feedback.
-
I would like some clarity on the bug reported here:
https://trac.macports.org/ticket/63551
@kencu indicated that it's a known issue introduced between GCC 7.4 and GCC 7.5 – as I understand it, the system's libgcc and the compiler's libgcc have some disagreement when it comes to keeping track of allocated pointers. I understand the warning is harmless, but it is rather annoying. Is this something that can be fixed in GCC 7.5? Is there another bug report where I can read and learn more about it? Do I have any options besides the
DYLD_LIBRARY_PATH
/ wrapper script workaround described in the ticket? Thanks in advance for any light you can shine on this dark corner of the run-time.Beta Was this translation helpful? Give feedback.
All reactions