This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug libc/1796] New: "double free or corruption" error in glibc 2.3.5


I've come across what may be a problem in glibc 2.3.5.  My system and compiler
details are listed below, and I will follow with the error output from glibc,
and then try to describe more details of the problem.

System details:

[ehm ~]$ uname -a
Linux 2.6.11-1.1369_FC4smp #1 SMP Thu Jun 2 23:08:39 EDT 2005 i686 i686 i386
GNU/Linux

[ehm ~]$ gcc --version
gcc (GCC) 4.0.1 20050727 (Red Hat 4.0.1-5)

Description of the program and problem:

Error output from glibc:

*** glibc detected *** pack: double free or corruption (!prev): 0x09b6fce0 ***
======= Backtrace: =========
/lib/libc.so.6[0x34e424]
/lib/libc.so.6(__libc_free+0x77)[0x34e95f]
pack[0x8052e55]
pack[0x8057642]
/lib/libc.so.6(__libc_start_main+0xc6)[0x2ffde6]
pack[0x8048ab1]
======= Memory map: ========
002c9000-002e3000 r-xp 00000000 08:07 9864930    /lib/ld-2.3.5.so
002e3000-002e4000 r-xp 00019000 08:07 9864930    /lib/ld-2.3.5.so
002e4000-002e5000 rwxp 0001a000 08:07 9864930    /lib/ld-2.3.5.so
002eb000-0040f000 r-xp 00000000 08:07 9864931    /lib/libc-2.3.5.so
0040f000-00411000 r-xp 00124000 08:07 9864931    /lib/libc-2.3.5.so
00411000-00413000 rwxp 00126000 08:07 9864931    /lib/libc-2.3.5.so
00413000-00415000 rwxp 00413000 00:00 0 
00417000-00439000 r-xp 00000000 08:07 9864932    /lib/libm-2.3.5.so
00439000-0043a000 r-xp 00021000 08:07 9864932    /lib/libm-2.3.5.so
0043a000-0043b000 rwxp 00022000 08:07 9864932    /lib/libm-2.3.5.so
00594000-00595000 r-xp 00594000 00:00 0 
00677000-00680000 r-xp 00000000 08:07 9863195    /lib/libgcc_s-4.0.1-20050727.so.1
00680000-00681000 rwxp 00009000 08:07 9863195    /lib/libgcc_s-4.0.1-20050727.so.1
08048000-08065000 r-xp 00000000 08:02 21442375   /home/ehm/bin/pack
08065000-08066000 rw-p 0001c000 08:02 21442375   /home/ehm/bin/pack
09b6b000-09b8c000 rw-p 09b6b000 00:00 0          [heap]
b7e00000-b7e21000 rw-p b7e00000 00:00 0 
b7e21000-b7f00000 ---p b7e21000 00:00 0 
b7fd5000-b7fd6000 rw-p b7fd5000 00:00 0 
b7ff9000-b7ffc000 rw-p b7ff9000 00:00 0 
bfce7000-bfcfc000 rw-p bfce7000 00:00 0          [stack]
Aborted


The code that produces the problem is about 8,000 lines long over four or five
source files, so I can't easily reduce it to something that will produce the
error.  However, if I compile the program on other linux systems, and Mac OS X
systems, that are using earlier versions of glibc, the problem does not seem to
be present.  If I compile the program (non static) on the system that gives the
error message, and then copy the executable to another linux machine using an
earlier version of glibc (2.2.5), the error is NOT present.

I attempted to use gdb to diagnose the problem.  It is an apparent error with
a free() statement, but everything appears to be OK, from the return value of
the malloc() call, and the subsequent call to free().

I used Electric Fence to try to diagnose the problem also.  When the program
seg faults and gdb is run, it leads to the same free() call.  The malloc()
and free()s call are both contained in one function, and that function is only
called one time during the running of the program.  I'm not out of bounds on the
array indices which I've checked carefully.

Please let me know if this bug report is of any use, or if you need any other
details.  I can't rule out completely that it's not a bug in my code, but it is
very suspicious that the code only crashes with glibc 2.3.5.  If you have any
suggestions on how to better narrow it down, please let me know.

Regards,
Eric

-- 
           Summary: "double free or corruption" error in glibc 2.3.5
           Product: glibc
           Version: 2.3.5
            Status: NEW
          Severity: critical
          Priority: P2
         Component: libc
        AssignedTo: drepper at redhat dot com
        ReportedBy: ehmajzo at sandia dot gov
                CC: glibc-bugs at sources dot redhat dot com


http://sourceware.org/bugzilla/show_bug.cgi?id=1796

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]