This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/14895] New: corruption in popen pclose
- From: "ajeet.yadav.77 at gmail dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: Fri, 30 Nov 2012 09:59:42 +0000
- Subject: [Bug libc/14895] New: corruption in popen pclose
- Auto-submitted: auto-generated
http://sourceware.org/bugzilla/show_bug.cgi?id=14895
Bug #: 14895
Summary: corruption in popen pclose
Product: glibc
Version: 2.14
Status: NEW
Severity: normal
Priority: P2
Component: libc
AssignedTo: unassigned@sourceware.org
ReportedBy: ajeet.yadav.77@gmail.com
CC: drepper.fsp@gmail.com
Classification: Unclassified
Linux version 3.0.33 (Cortex A15)
Below program crashes with 2.14.1 glibc but runs fine with 2.11.1 glibc.
#include <pthread.h>
#include <stdio.h>
#include <stdlib.h>
#include <signal.h>
#include <string.h>
#include <errno.h>
#define MAX_LINE_SIZE 80
#define MAX_THREAD 20
#define MAX_POPEN 10
#define MALLOC_SIZE 16
void* pipe_thread(void *arg)
{
int i;
char *p = NULL;
FILE *fp[MAX_POPEN];
char shellCommand[MAX_LINE_SIZE];
memset(shellCommand, 0x00, MAX_LINE_SIZE);
sprintf(shellCommand, "mount");
signal(SIGPIPE, SIG_IGN);
while (1) {
for (i = 0; i < MAX_POPEN; ++i) {
fp[i] = popen(shellCommand, "r");
}
if (p) {
free(p);
}
for (i = 0; i < MAX_POPEN; ++i) {
if (fp[i])
pclose(fp[i]);
}
p = malloc(MALLOC_SIZE);
if (p)
memset(p, 0, MALLOC_SIZE);
}
return NULL;
}
int main(int argc, char *argv[])
{
int i;
pthread_t tid;
for (i = 0; i < MAX_THREAD; ++i) {
pthread_create(&tid, NULL, &pipe_thread, (void*)NULL);
}
sleep(60);
}
gdb logs:
(gdb) bt
#0 0x4014f998 in _IO_new_fclose (fp=0x1) at iofclose.c:74
#1 0x4015b59c in fwide (fp=0xb8, mode=<optimized out>) at fwide.c:47
#2 0x00008a6c in ?? ()
Cannot access memory at address 0x8
#3 0x00008a6c in ?? ()
Cannot access memory at address 0x8
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.