This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug libc/6547] New: mcheck / mcheck_pedantic fails with multiple threads


mcheck / mcheck_pedantic when used in a multi threaded program causes abort().

I will attach the testcase later.

[suzie@suzukikp bugs]$ cc mcheck_pedantic.c -lpthread
[suzie@suzukikp bugs]$ ./a.out 
mcheck 0
thread 1 started
created thread 0
thread 2 started
*** glibc detected *** ./a.out: munmap_chunk(): invalid pointer: 0xb7d00528 ***
======= Backtrace: =========
/lib/libc.so.6[0x4d0f7e4]
./a.out[0x80487fd]
/lib/libpthread.so.0[0xd5432f]
/lib/libc.so.6(clone+0x5e)[0x4d8027e]
======= Memory map: ========
00110000-00111000 r-xp 00110000 00:00 0          [vdso]
00205000-00221000 r-xp 00000000 08:03 254843     /lib/ld-2.8.so
00221000-00222000 r--p 0001c000 08:03 254843     /lib/ld-2.8.so
00222000-00223000 rw-p 0001d000 08:03 254843     /lib/ld-2.8.so
00d4e000-00d63000 r-xp 00000000 08:03 254845     /lib/libpthread-2.8.so
00d63000-00d64000 r--p 00014000 08:03 254845     /lib/libpthread-2.8.so
00d64000-00d65000 rw-p 00015000 08:03 254845     /lib/libpthread-2.8.so
00d65000-00d67000 rw-p 00d65000 00:00 0 
04ca2000-04e05000 r-xp 00000000 08:03 254844     /lib/libc-2.8.so
04e05000-04e07000 r--p 00163000 08:03 254844     /lib/libc-2.8.so
04e07000-04e08000 rw-p 00165000 08:03 254844     /lib/libc-2.8.so
04e08000-04e0b000 rw-p 04e08000 00:00 0 
05792000-0579f000 r-xp 00000000 08:03 254860     /lib/libgcc_s-4.3.0-20080428.so.1
0579f000-057a0000 rw-p 0000c000 08:03 254860     /lib/libgcc_s-4.3.0-20080428.so.1
08048000-08049000 r-xp 00000000 08:06 292709     /home/suzie/bugs/a.out
08049000-0804a000 rw-p 00000000 08:06 292709     /home/suzie/bugs/a.out
0804a000-0804e000 rw-p 0804a000 00:00 0 
08664000-08685000 rw-p 08664000 00:00 0          [heap]
b7d00000-b7d21000 rw-p b7d00000 00:00 0 
b7d21000-b7e00000 ---p b7d21000 00:00 0 
b7e8b000-b7e8c000 ---p b7e8b000 00:00 0 
b7e8c000-b7ecc000 rw-p b7e8c000 00:00 0 
b7ecc000-b7ecd000 ---p b7ecc000 00:00 0 
b7ecd000-b7f0f000 rw-p b7ecd000 00:00 0 
b7f25000-b7f26000 rw-p b7f25000 00:00 0 
bfe10000-bfe25000 rw-p bffeb000 00:00 0          [stack]
Aborted

This happens because there is no synchronization between the threads while
updating the __*_hook_ . This causes some threads to escape the mcheck overhead
and allocate memory block without an mcheck header. Freeing this are will endup
in abort().

Another path is a block allocated with the mcheck header may directly end up in
libc_free(), making libc confused about the chunk_ptrs.

-- 
           Summary: mcheck / mcheck_pedantic fails with multiple threads
           Product: glibc
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: libc
        AssignedTo: drepper at redhat dot com
        ReportedBy: suzuki at in dot ibm dot com
                CC: glibc-bugs at sources dot redhat dot com


http://sourceware.org/bugzilla/show_bug.cgi?id=6547

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]