https://bugzilla.redhat.com/show_bug.cgi?id=1095664
Bug ID: 1095664
Summary: Crash in g_type_free_instance for instance objects at
an address > 4GB on win64
Product: Fedora
Version: 20
Component: mingw-glib2
Severity: medium
Assignee: rjones at redhat.com
Reporter: bernhard.loos at ruecker.de
QA Contact: extras-qa at fedoraproject.org
CC: erik-fedora at vanpienbroek.nl,
fedora-mingw at lists.fedoraproject.org,
kalevlember at gmail.com, lfarkas at lfarkas.org,
marcandre.lureau at redhat.com, rjones at redhat.com,
t.sailer at alumni.ethz.ch
Description of problem:
For some reason, glib2 is compiled with valgrind support.
This leads to a special code sequence to check if valgrind is running.
Among other things, this code sequence also contains an xchg ebx, ebx
instruction.
In g_type_free_instance, the address of the memory to be freed is stored in
rbx, and the xchg ebx,ebx zeros out the upper 32bit of the address.
This has no effect for most programs, but for large programs which use more
then 4GB of memory, it will lead to suprise crashes.
IMPORTANT: The valgrind check only happens for types with private data.
Adding NVALGRIND=1 to the compiler defines disables valgrind support and fixes
the problem.
Version-Release number of selected component (if applicable):
mingw64-glib2-2.38.2-1.fc20
How reproducible:
always
Steps to Reproduce:
1. Use loads of memory
2. create a GTypeInstance (with private data or the bug won't trigger) at an
address > 4GB. Most GObject types should also work
3. free the instance with g_type_free_instance (or g_object_unref)
4. -> crash
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=KFtUOGV4mk&a=cc_unsubscribe