This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/3397] New: free() aborts with invalid pointer message
- From: "alexeichi at yahoo dot de" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: 19 Oct 2006 16:42:05 -0000
- Subject: [Bug libc/3397] New: free() aborts with invalid pointer message
- Reply-to: sourceware-bugzilla at sourceware dot org
Distribution: LFS http://www.linuxfromscratch.org
glibc version: 2.5
glibc configure options: --prefix=/usr --disable-profile --enable-add-ons
--enable-kernel=2.6.0 --libexecdir=/usr/lib/glibc
kernel version: Linux lfs 2.6.18 #6 PREEMPT Thu Sep 28 14:58:32 CEST 2006
i686 athlon-4 i386 GNU/Linux
glibc build toolchain versions: gcc 4.1.0
binutils 2.17
Description: free() aborts the process with invalid pointer message if
malloc was called with a specific value (in test program 241056 Byte)
or if free is called serial, but with different pointers
Steps to reproduce:
1. compile code with gcc -g -O0 -o sobel_test sobel_test.c
2. start program (program should abort with output shown below)
3. change #define WIDTH 324 to #define WIDTH 325 (line 5)
or
remove free(vertical_sobel_image) (line 136)
4. compile code with gcc -g -O0 -o sobel_test sobel_test.c
5. start program (program should exit normally)
Debug output:
*** glibc detected *** ./sobel_test: free(): invalid pointer: 0xb7df7008 ***
======= Backtrace: =========
/lib/libc.so.6[0xb7ed1a30]
/lib/libc.so.6(__libc_free+0x89)[0xb7ed3099]
./sobel_test[0x804870f]
./sobel_test[0x8048485]
/lib/libc.so.6(__libc_start_main+0xd8)[0xb7e837c8]
./sobel_test[0x8048311]
======= Memory map: ========
08048000-08049000 r-xp 00000000 03:41 16565444 /home/alexander/sobel_test
08049000-0804a000 rw-p 00000000 03:41 16565444 /home/alexander/sobel_test
b7c00000-b7c21000 rw-p b7c00000 00:00 0
b7c21000-b7d00000 ---p b7c21000 00:00 0
b7db1000-b7dbb000 r-xp 00000000 03:02 2168783 /usr/lib/libgcc_s.so.1
b7dbb000-b7dbc000 rw-p 00009000 03:02 2168783 /usr/lib/libgcc_s.so.1
b7dbc000-b7e6e000 rw-p b7dbc000 00:00 0
b7e6e000-b7f91000 r-xp 00000000 03:02 2142662 /lib/libc-2.5.so
b7f91000-b7f92000 r--p 00123000 03:02 2142662 /lib/libc-2.5.so
b7f92000-b7f94000 rw-p 00124000 03:02 2142662 /lib/libc-2.5.so
b7f94000-b7f98000 rw-p b7f94000 00:00 0
b7fba000-b7fbb000 r-xp b7fba000 00:00 0 [vdso]
b7fbb000-b7fd5000 r-xp 00000000 03:02 2142809 /lib/ld-2.5.so
b7fd5000-b7fd6000 r--p 00019000 03:02 2142809 /lib/ld-2.5.so
b7fd6000-b7fd7000 rw-p 0001a000 03:02 2142809 /lib/ld-2.5.so
bf802000-bf818000 rw-p bf802000 00:00 0 [stack]
this was also tested with Fedora Core 5 with the same result
(glibc version 2.4)
--
Summary: free() aborts with invalid pointer message
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: libc
AssignedTo: drepper at redhat dot com
ReportedBy: alexeichi at yahoo dot de
CC: glibc-bugs at sources dot redhat dot com
GCC build triplet: i686-pc-gnu-linux
GCC host triplet: i686-pc-gnu-linux
GCC target triplet: i686-pc-gnu-linux
http://sourceware.org/bugzilla/show_bug.cgi?id=3397
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.