vector initialize fail cause seg fault

-1

Recently,i found something weird happens in our code:

Status incCfg()
{
    vector<T_InfoAll> infoVec(1);    
    T_InfoAll *cfgInfo = &infoVec[0];
   .......
}

#pragma pack(1)
typedef struct 
{
    WORD32 no;
    WORD32 mode;
    WORD32 eq;
    WORD32 idth;
    WORD32 cow;
    WORD32 fow;
    WORD32 satio;
    WORD32 rmRatio;
    WORD32 config[9];
    WORD32 cfgFlag;  
}TrInfo;

typedef struct 
{
    WORD32     co;
    WORD32     cg;  
    WORD32     cm;
    TrInfo rInfo[8* 2];
}T_erhan;

typedef struct 

{
    WORD32            tum;
    T_erhan tnfo[64];   
    WORD32            rum;
    T_erhan rInfo[64]; 
}T_InfoAll;
#pragma

exception recording:

record time: 000:01:25.910 LinuxSignalHandler: Here comes an exception signal: 11, signal code: 2.

Exception ARM registers: pc[0x008e5f18] fp[0xf31d36fc]
Exception happens in task(LWP) 1222!

SIGSEGV
Exception current instruction address: 0x8e5f18

Error Address: 0xf31b0000

Condition Register(cpsr): 0x200f0010

VecNumber = 0xb

----------------Exception Registers Start-----------------------

SP = 0xf31ad0e0   LR = 0x004b6188   PC = 0x008e5f18   CR = 0x200f0010

arm_r0 = 0xf31ad0e8  arm_r1 = 0x00000000  arm_r2     = 0x000236e8  arm_r3 = 0xf31b0000

arm_r4 = 0xf2b4c014  arm_r5 = 0x03a0de70  arm_r6     = 0x00000000  arm_r7 = 0x00000152

arm_r8 = 0x0000004b  arm_r9 = 0xf5522dd0  arm_r10    = 0x00000001  arm_fp = 0xf31d36fc

arm_ip = 0x00000000  trap_no= 0x00000000  error_code = 0x00000800  oldmask= 0x00010000

----------------Exception Registers End-------------------------

Current Instruction: 0x28a31002 0x22522008 (0x28a31002) 0x2afffff6 0xe2022007

Err Addr: 0xf31b0000, addrs maps: 0xd

----------------Current Exception Context Start--------------

pc   = 0x8e5f18  memset

----------------Current Exception Context End----------------

----------------Exception Registers Start-----------------------

SP = 0xf31ad0e0   LR = 0x004b6188   PC = 0x008e5f18   CR = 0x200f0010

arm_r0 = 0xf31ad0e8  arm_r1 = 0x00000000  arm_r2     = 0x000236e8  arm_r3 = 0xf31b0000

arm_r4 = 0xf2b4c014  arm_r5 = 0x03a0de70  arm_r6     = 0x00000000  arm_r7 = 0x00000152

arm_r8 = 0x0000004b  arm_r9 = 0xf5522dd0  arm_r10    = 0x00000001  arm_fp = 0xf31d36fc

arm_ip = 0x00000000  trap_no= 0x00000000  error_code = 0x00000800  oldmask= 0x00010000

----------------Exception Registers End-------------------------

Current Instruction: 0x28a31002 0x22522008 (0x28a31002) 0x2afffff6 0xe2022007

Err Addr: 0xf31b0000, addrs maps: 0xd

----------------Current Exception Context Start--------------

pc   = 0x8e5f18  memset

----------------Current Exception Context End----------------


0x008e5f18       memset

0x004b6144       _ZNSt27__uninitialized_default_n_1ILb1EE18__uninit_default_nIP18T_InfoAlljEET_S4_T0_

0x004b6054       _ZSt25__uninitialized_default_nIP18sT_InfoAlljET_S2_T0_

0x004b5f34       _ZSt27__uninitialized_default_n_aIP18T_InfoAllsjS0_ET_S2_T0_RSaIT1_E

0x004b5d74       _ZNSt6vectorI18T_InfoAllSaIS0_EE21_M_default_initializeEj

0x004b5b38       _ZNSt6vectorI18sT_InfoA

compiler toolchains:
arm_eabi_gcc6.2.0_glibc2.24.0_fp/bin/arm-linux-gnueabihf-g++ -march=armv8-a -mtune=cortex-a53  -Wall -Wno-invalid-offsetof -Wno-write-strings -Wno-reorder -Wno-psabi -Wall -Wno-invalid-offsetof -Wno-write-strings -Wno-reorder -Wno-psabi -mapcs-frame -mapcs-frame -fdiagnostics-color=always -fno-omit-frame-pointer -g -DCPU_FAMILY=ARM -DMGR_PROCESS -DVOS_LINUX -D_ARM_CPU_ -D_BYTE_ORDER=_LITTLE_ENDIAN -D_CPU_TYPE=_CPU_CORTEXA53 -D_DEBUG -D_GNU_SOURCE -D_OS_TYPE=_LINUX 

trying to modify code as following:

Status incCfg()
    {
        T_InfoAll *cfgInfo = new T_InfoAll;
        memset(cfgInfo, 0, sizeof(T_InfoAll));
    }

or

Status incCfg()
{
    vector<T_InfoAll> rInfoVec;
   rInfoVec.reserve(1);
    ASSERT_TRUE(!rInfoVec.empty());
    T_InfoAll *cfgInfo = &rInfoVec[0];
     ......
}

they all work fine, why? does there exist some bug in toolchain code?

by the way: we overload the global new operator,it simply calls glibc library function malloc(), system memory is definitely big enough to hold the giant struct.

c++
asked on Stack Overflow Dec 18, 2019 by zhangxiaoguo • edited Dec 18, 2019 by zhangxiaoguo

0 Answers

Nobody has answered this question yet.


User contributions licensed under CC BY-SA 3.0