This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: glibc 2.14 [SIGSEGV @ _int_malloc]
- From: PaweÅ Sikora <pluto at agmk dot net>
- To: libc-alpha at sourceware dot org
- Cc: Ulrich Drepper <drepper at gmail dot com>,"H.J. Lu" <hjl dot tools at gmail dot com>
- Date: Mon, 6 Jun 2011 23:55:01 +0200
- Subject: Re: glibc 2.14 [SIGSEGV @ _int_malloc]
- References: <BANLkTimLUQZxHO30oLx8qSQUuN2c+580Rw@mail.gmail.com>
On Tuesday, May 31, 2011 06:27:32 AM Ulrich Drepper wrote:
> I've tagged the tree for the 2.14 release. Quite a lot of changes
> went into the tree in the last weeks but I hope the result is still
> stable.
i've found one more problem :/
linking some part of c++ application ends with gpf inside glibc:
4330â if (in_smallbin_range(nb)) {
4331â idx = smallbin_index(nb);
4332â bin = bin_at(av,idx);
4333â
4334â if ( (victim = last(bin)) != bin) {
4335â if (victim == 0) /* initialization check */
4336â malloc_consolidate(av);
4337â else {
4338â bck = victim->bk;
4339â> if (__builtin_expect (bck->fd != victim, 0))
4340â {
4341â errstr = "malloc(): smallbin double linked list corrupted";
4342â goto errout;
4343â }
/usr/src/debug/glibc-2.14/malloc/malloc.c
Program received signal SIGSEGV, Segmentation fault.
_int_malloc (av=0x7ffff79bdea0, bytes=200) at malloc.c:4339
(gdb) p bck->fd
Cannot access memory at address 0x8003b5b50
(gdb) p/x *victim
$4 = {
prev_size = 0x8003b5b28,
size = 0x8003b5b30,
fd = 0x8003b5b38,
bk = 0x8003b5b40,
fd_nextsize = 0x8003b5b48,
bk_nextsize = 0x8003b5b50
}
(gdb) bt
#0 _int_malloc (av=0x7ffff79bdea0, bytes=200) at malloc.c:4339
#1 0x00007ffff76a9939 in __libc_malloc (bytes=200) at malloc.c:3660
#2 0x000000000042e8e6 in bfd_malloc2 (nmemb=<value optimized out>, size=200) at libbfd.c:213
#3 0x0000000000459531 in elf_create_symbuf (symcount=25, isymbuf=0x4b1c740) at elflink.c:7145
#4 0x0000000000459a52 in bfd_elf_match_symbols_in_sections (sec1=<value optimized out>, sec2=<value optimized out>, info=<value optimized out>) at elflink.c:7269
#5 0x0000000000467113 in match_group_member (sec=0x3bd09b8, info=0x731b80) at elflink.c:9153
#6 _bfd_elf_check_kept_section (sec=0x3bd09b8, info=0x731b80) at elflink.c:9177
#7 0x000000000046826e in elf_link_input_bfd (finfo=<value optimized out>, input_bfd=0x3764bd0) at elflink.c:9652
#8 0x00000000004696ea in bfd_elf_final_link (abfd=0x74ab40, info=<value optimized out>) at elflink.c:10841
#9 0x0000000000418475 in ldwrite () at ldwrite.c:581
#10 0x000000000041781a in main (argc=110, argv=0x7fffffffccf8) at ./ldmain.c:472
testcase is too big to attach, so i can provide a shell access to debug this issue.
BR,
PaweÅ.