Search code examples
c++boostboost-signals

boost signal double free?

I'm having a hell of a time trying to debug some kind of memory access error, which I believe is a double free. The code is too complex to post, but I can try to describe it.

Basically, I have two threads. When the worker thread is created, it instantiates a new boost::signal object, and stores it in a shared_ptr. The parent then queries the thread for the signal, and the parent connect()s the shared_ptr signal to a handler function.

This all works, up until the point where the thread is finished and tries to clean up. Here is a snip of the call stack, in the hopes that someone might see something I missed.

ntdll.dll!7c90120e()    
ntdll.dll!7c96e139()    
ntdll.dll!7c96e576()    
ntdll.dll!7c9622e8()    
kernel32.dll!7c85f8d7()     
Worker.dll!_CrtIsValidHeapPointer(const void * pUserData=0x01788aa8)  Line 1807 C
Worker.dll!_free_dbg_lk(void * pUserData=0x01788aa8, int nBlockUse=1)  Line 1132 + 0x9  C
Worker.dll!_free_dbg(void * pUserData=0x01788aa8, int nBlockUse=1)  Line 1070 + 0xd C
Worker.dll!operator delete(void * pUserData=0x01788aa8)  Line 54 + 0x10 C++
Worker.dll!std::allocator<std::_List_nod<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >::_Node>::deallocate(std::_List_nod<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >::_Node * _Ptr=0x01788aa8, unsigned int __formal=1)  Line 132 + 0x9  C++
Worker.dll!std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >::clear()  Line 622 C++
Worker.dll!std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >::_Tidy()  Line 931 C++
Worker.dll!std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >::~list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >()  Line 366 C++
Worker.dll!std::pair<boost::signals::detail::stored_group const ,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> > >::~pair<boost::signals::detail::stored_group const ,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> > >()  + 0x2e   C++
Worker.dll!std::_Tree_nod<std::_Tmap_traits<boost::signals::detail::stored_group,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >,boost::function2<bool,boost::signals::detail::stored_group,boost::signals::detail::stored_group,std::allocator<boost::function_base> >,std::allocator<std::pair<boost::signals::detail::stored_group const ,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> > > >,0> >::_Node::~_Node()  + 0x12  C++
Worker.dll!std::_Tree_nod<std::_Tmap_traits<boost::signals::detail::stored_group,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >,boost::function2<bool,boost::signals::detail::stored_group,boost::signals::detail::stored_group,std::allocator<boost::function_base> >,std::allocator<std::pair<boost::signals::detail::stored_group const ,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> > > >,0> >::_Node::`scalar deleting destructor'()  + 0xf C++
Worker.dll!std::_Destroy<std::_Tree_nod<std::_Tmap_traits<boost::signals::detail::stored_group,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >,boost::function2<bool,boost::signals::detail::stored_group,boost::signals::detail::stored_group,std::allocator<boost::function_base> >,std::allocator<std::pair<boost::signals::detail::stored_group const ,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> > > >,0> >::_Node>(std::_Tree_nod<std::_Tmap_traits<boost::signals::detail::stored_group,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >,boost::function2<bool,boost::signals::detail::stored_group,boost::signals::detail::stored_group,std::allocator<boost::function_base> >,std::allocator<std::pair<boost::signals::detail::stored_group const ,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> > > >,0> >::_Node * _Ptr=0x013a3008)  Line 50   C++
Worker.dll!std::allocator<std::_Tree_nod<std::_Tmap_traits<boost::signals::detail::stored_group,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >,boost::function2<bool,boost::signals::detail::stored_group,boost::signals::detail::stored_group,std::allocator<boost::function_base> >,std::allocator<std::pair<boost::signals::detail::stored_group const ,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> > > >,0> >::_Node>::destroy(std::_Tree_nod<std::_Tmap_traits<boost::signals::detail::stored_group,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >,boost::function2<bool,boost::signals::detail::stored_group,boost::signals::detail::stored_group,std::allocator<boost::function_base> >,std::allocator<std::pair<boost::signals::detail::stored_group const ,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> > > >,0> >::_Node * _Ptr=0x013a3008)  Line 152 + 0x9  C++
Worker.dll!std::_Tree<std::_Tmap_traits<boost::signals::detail::stored_group,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >,boost::function2<bool,boost::signals::detail::stored_group,boost::signals::detail::stored_group,std::allocator<boost::function_base> >,std::allocator<std::pair<boost::signals::detail::stored_group const ,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> > > >,0> >::_Erase(std::_Tree_nod<std::_Tmap_traits<boost::signals::detail::stored_group,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >,boost::function2<bool,boost::signals::detail::stored_group,boost::signals::detail::stored_group,std::allocator<boost::function_base> >,std::allocator<std::pair<boost::signals::detail::stored_group const ,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> > > >,0> >::_Node * _Rootnode=0x013a3008)  Line 896   C++
Worker.dll!std::_Tree<std::_Tmap_traits<boost::signals::detail::stored_group,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >,boost::function2<bool,boost::signals::detail::stored_group,boost::signals::detail::stored_group,std::allocator<boost::function_base> >,std::allocator<std::pair<boost::signals::detail::stored_group const ,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> > > >,0> >::_Erase(std::_Tree_nod<std::_Tmap_traits<boost::signals::detail::stored_group,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >,boost::function2<bool,boost::signals::detail::stored_group,boost::signals::detail::stored_group,std::allocator<boost::function_base> >,std::allocator<std::pair<boost::signals::detail::stored_group const ,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> > > >,0> >::_Node * _Rootnode=0x013a2f48)  Line 894   C++
Worker.dll!std::_Tree<std::_Tmap_traits<boost::signals::detail::stored_group,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >,boost::function2<bool,boost::signals::detail::stored_group,boost::signals::detail::stored_group,std::allocator<boost::function_base> >,std::allocator<std::pair<boost::signals::detail::stored_group const ,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> > > >,0> >::clear()  Line 782    C++
Worker.dll!std::_Tree<std::_Tmap_traits<boost::signals::detail::stored_group,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >,boost::function2<bool,boost::signals::detail::stored_group,boost::signals::detail::stored_group,std::allocator<boost::function_base> >,std::allocator<std::pair<boost::signals::detail::stored_group const ,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> > > >,0> >::erase(std::_Tree<std::_Tmap_traits<boost::signals::detail::stored_group,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >,boost::function2<bool,boost::signals::detail::stored_group,boost::signals::detail::stored_group,std::allocator<boost::function_base> >,std::allocator<std::pair<boost::signals::detail::stored_group const ,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> > > >,0> >::iterator _First={...}, std::_Tree<std::_Tmap_traits<boost::signals::detail::stored_group,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >,boost::function2<bool,boost::signals::detail::stored_group,boost::signals::detail::stored_group,std::allocator<boost::function_base> >,std::allocator<std::pair<boost::signals::detail::stored_group const ,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> > > >,0> >::iterator _Last={...})  Line 754 C++
Worker.dll!std::_Tree<std::_Tmap_traits<boost::signals::detail::stored_group,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >,boost::function2<bool,boost::signals::detail::stored_group,boost::signals::detail::stored_group,std::allocator<boost::function_base> >,std::allocator<std::pair<boost::signals::detail::stored_group const ,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> > > >,0> >::_Tidy()  Line 1144   C++
Worker.dll!std::_Tree<std::_Tmap_traits<boost::signals::detail::stored_group,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >,boost::function2<bool,boost::signals::detail::stored_group,boost::signals::detail::stored_group,std::allocator<boost::function_base> >,std::allocator<std::pair<boost::signals::detail::stored_group const ,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> > > >,0> >::~_Tree<std::_Tmap_traits<boost::signals::detail::stored_group,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >,boost::function2<bool,boost::signals::detail::stored_group,boost::signals::detail::stored_group,std::allocator<boost::function_base> >,std::allocator<std::pair<boost::signals::detail::stored_group const ,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> > > >,0> >()  Line 393   C++
Worker.dll!std::map<boost::signals::detail::stored_group,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >,boost::function2<bool,boost::signals::detail::stored_group,boost::signals::detail::stored_group,std::allocator<boost::function_base> >,std::allocator<std::pair<boost::signals::detail::stored_group const ,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> > > > >::~map<boost::signals::detail::stored_group,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> >,boost::function2<bool,boost::signals::detail::stored_group,boost::signals::detail::stored_group,std::allocator<boost::function_base> >,std::allocator<std::pair<boost::signals::detail::stored_group const ,std::list<boost::signals::detail::connection_slot_pair,std::allocator<boost::signals::detail::connection_slot_pair> > > > >()  + 0xf    C++
Worker.dll!boost::signals::detail::named_slot_map::~named_slot_map()  + 0xf C++
Worker.dll!boost::signals::detail::signal_base_impl::~signal_base_impl()  Line 33 + 0x1d    C++
Worker.dll!boost::signals::detail::signal_base_impl::`scalar deleting destructor'()  + 0xf  C++
Worker.dll!boost::checked_delete<boost::signals::detail::signal_base_impl>(boost::signals::detail::signal_base_impl * x=0x013a2d98)  Line 34 + 0x1c C++
Worker.dll!boost::detail::sp_counted_impl_p<boost::signals::detail::signal_base_impl>::dispose()  Line 79 + 0xc C++
Worker.dll!boost::detail::sp_counted_base::release()  Line 102 + 0xd    C++
Worker.dll!boost::detail::shared_count::~shared_count()  Line 209   C++
Worker.dll!boost::shared_ptr<boost::signals::detail::signal_base_impl>::~shared_ptr<boost::signals::detail::signal_base_impl>()  + 0x12 C++
Worker.dll!boost::signals::detail::signal_base::~signal_base()  Line 184 + 0x8  C++
Worker.dll!boost::signal2<void,enum signal_e,std::basic_string<char,std::char_traits<char>,std::allocator<char> >,boost::last_value<void>,int,std::less<int>,boost::function<void __cdecl(enum signal_e,std::basic_string<char,std::char_traits<char>,std::allocator<char> >),std::allocator<void> > >::~signal2<void,enum signal_e,std::basic_string<char,std::char_traits<char>,std::allocator<char> >,boost::last_value<void>,int,std::less<int>,boost::function<void __cdecl(enum signal_e,std::basic_string<char,std::char_traits<char>,std::allocator<char> >),std::allocator<void> > >()  + 0x77 C++
Worker.dll!boost::signal<void __cdecl(enum signal_e,std::basic_string<char,std::char_traits<char>,std::allocator<char> >),boost::last_value<void>,int,std::less<int>,boost::function<void __cdecl(enum signal_e,std::basic_string<char,std::char_traits<char>,std::allocator<char> >),std::allocator<void> > >::~signal<void __cdecl(enum signal_e,std::basic_string<char,std::char_traits<char>,std::allocator<char> >),boost::last_value<void>,int,std::less<int>,boost::function<void __cdecl(enum signal_e,std::basic_string<char,std::char_traits<char>,std::allocator<char> >),std::allocator<void> > >()  + 0x2b C++
Worker.dll!boost::signal<void __cdecl(enum signal_e,std::basic_string<char,std::char_traits<char>,std::allocator<char> >),boost::last_value<void>,int,std::less<int>,boost::function<void __cdecl(enum signal_e,std::basic_string<char,std::char_traits<char>,std::allocator<char> >),std::allocator<void> > >::`scalar deleting destructor'()  + 0x2b  C++
Worker.dll!boost::checked_delete<boost::signal<void __cdecl(enum signal_e,std::basic_string<char,std::char_traits<char>,std::allocator<char> >),boost::last_value<void>,int,std::less<int>,boost::function<void __cdecl(enum signal_e,std::basic_string<char,std::char_traits<char>,std::allocator<char> >),std::allocator<void> > > >(boost::signal<void __cdecl(enum signal_e,std::basic_string<char,std::char_traits<char>,std::allocator<char> >),boost::last_value<void>,int,std::less<int>,boost::function<void __cdecl(enum signal_e,std::basic_string<char,std::char_traits<char>,std::allocator<char> >),std::allocator<void> > > * x=0x013a2cf8)  Line 34 + 0x2b  C++
Worker.dll!boost::detail::sp_counted_impl_p<boost::signal<void __cdecl(enum signal_e,std::basic_string<char,std::char_traits<char>,std::allocator<char> >),boost::last_value<void>,int,std::less<int>,boost::function<void __cdecl(enum signal_e,std::basic_string<char,std::char_traits<char>,std::allocator<char> >),std::allocator<void> > > >::dispose()  Line 79 + 0xc C++
Worker.dll!boost::detail::sp_counted_base::release()  Line 102 + 0xd    C++
Worker.dll!boost::detail::shared_count::~shared_count()  Line 209   C++
Worker.dll!boost::shared_ptr<boost::signal<void __cdecl(enum signal_e,std::basic_string<char,std::char_traits<char>,std::allocator<char> >),boost::last_value<void>,int,std::less<int>,boost::function<void __cdecl(enum signal_e,std::basic_string<char,std::char_traits<char>,std::allocator<char> >),std::allocator<void> > > >::~shared_ptr<boost::signal<void __cdecl(enum signal_e,std::basic_string<char,std::char_traits<char>,std::allocator<char> >),boost::last_value<void>,int,std::less<int>,boost::function<void __cdecl(enum signal_e,std::basic_string<char,std::char_traits<char>,std::allocator<char> >),std::allocator<void> > > >()  + 0x2e C++
Worker.dll!CWorker::~CWorker()  Line 77 + 0x24  C++
Worker.dll!CWorker::`scalar deleting destructor'()  + 0x2b  C++
Worker.dll!boost::checked_delete<CSubclass>(CSubclass* x=0x013a2ab0)  Line 34 + 0x32    C++
Worker.dll!boost::detail::sp_counted_impl_p<CSubclass>::dispose()  Line 79 + 0xc    C++
Parent.exe!boost::detail::sp_counted_base::release()  Line 102 + 0xd    C++
Parent.exe!boost::detail::shared_count::~shared_count()  Line 209   C++
Parent.exe!boost::shared_ptr<void>::~shared_ptr<void>()  + 0x19 C++
Parent.exe!CWorker::~CWorker()  Line 33 + 0x20  C++

Any advice would be appreciated. I've been going over this for a few days but can't figure out the issue.

Solution

  • I ran into this a year or two ago and, IIRC, it was caused by not explicitly managing the connections using boost::signals::connection objects.