From owner-freebsd-current@FreeBSD.ORG Tue Mar 13 12:40:18 2012 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 99EC6106566B for ; Tue, 13 Mar 2012 12:40:18 +0000 (UTC) (envelope-from alexandre.martins@netasq.com) Received: from work.netasq.com (mars.netasq.com [91.212.116.3]) by mx1.freebsd.org (Postfix) with ESMTP id E79C28FC08 for ; Tue, 13 Mar 2012 12:40:17 +0000 (UTC) Received: from pc-alex.netasq.com (unknown [10.2.40.253]) by work.netasq.com (Postfix) with ESMTPS id E8E6974000A; Tue, 13 Mar 2012 13:38:44 +0100 (CET) From: Alexandre Martins Organization: NETASQ To: Konstantin Belousov Date: Tue, 13 Mar 2012 13:40:12 +0100 User-Agent: KMail/1.13.7 (FreeBSD/8.2-RELEASE; KDE/4.7.3; amd64; ; ) References: <201203121750.36937.alexandre.martins@netasq.com> <201203131108.43815.alexandre.martins@netasq.com> <20120313121752.GP75778@deviant.kiev.zoral.com.ua> In-Reply-To: <20120313121752.GP75778@deviant.kiev.zoral.com.ua> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart11892380.xjSGjULTiR"; protocol="application/pkcs7-signature"; micalg=sha1 Content-Transfer-Encoding: 7bit Message-Id: <201203131340.15998.alexandre.martins@netasq.com> X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-current@freebsd.org Subject: Re: Double free() in libc or gdb ? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Mar 2012 12:40:18 -0000 --nextPart11892380.xjSGjULTiR Content-Type: Text/Plain; charset="iso-8859-15" Content-Transfer-Encoding: quoted-printable On Tuesday 13 March 2012 13:17:52 Konstantin Belousov wrote: > On Tue, Mar 13, 2012 at 11:08:40AM +0100, Alexandre Martins wrote: > > On Monday 12 March 2012 18:55:55 Konstantin Belousov wrote: > > > On Mon, Mar 12, 2012 at 05:50:33PM +0100, Alexandre Martins wrote: > > > > Dear all, > > > >=20 > > > > I'm currently having some trouble with the dynamic loader. > > > >=20 > > > > I have the libc compilled with "MALLOC_DEBUG" flag to detect double > > > > free. When i run this piece of code (attached file) thought GDB, i > > > > have this assertion : > > > >=20 > > > > Assertion failed: ((run->regs_mask[elm] & (1U << bit)) =3D=3D 0), > > > > function arena_run_reg_dalloc, file > > > > /usr/src/lib/libc/stdlib/malloc.c, line 2543. > > > >=20 > > > > But when i run the same binary without GDB, no assert. > > > >=20 > > > > I'm very confused. Can you help me to debug that ? > > >=20 > > > There is no attachment. Put the source somewhere on web. > >=20 > > Sorry, I'll past code here : > >=20 > > first.c: > > ____________________ > > #include > >=20 > > void print_name(void) > > { > >=20 > > printf("I'm " __FILE__ " at line %d\n", __LINE__); > >=20 > > } > > ____________________ > >=20 > > second.c > > ____________________ > > #include > >=20 > > void second_name(void) > > { > >=20 > > printf("I'm " __FILE__ " at line %d\n", __LINE__); > >=20 > > } > >=20 > > void print_name(void) > > { > >=20 > > printf("I'm " __FILE__ " at line %d\n", __LINE__); > >=20 > > } > > ____________________ > >=20 > > main.c > > ____________________ > > #include > > #include > >=20 > > extern void print_name(void); > >=20 > > int main(int argc, char *argv[]) > > { > >=20 > > void (*second_name)(void); > > void *handle; > > int count =3D 0; > > =20 > > while(42) > > { > > =20 > > print_name(); > > handle =3D dlopen("second.so", RTLD_NOW); > > print_name(); > > if (handle !=3D NULL) > > { > > =20 > > second_name =3D dlsym(handle, "second_name"); > > if (second_name !=3D NULL) > > { > > =20 > > printf("second : "); > > second_name(); > > =20 > > } > > dlclose(handle); > > =20 > > } > > else > > =20 > > fprintf(stderr, "Error : %s\n", dlerror()); > > =20 > > } > >=20 > > } > > ____________________ > >=20 > > Compilation and execution : > >=20 > > gcc -shared -O0 -g second.c -o second.so > > gcc -shared -O0 -g first.c -o libfirst.so > > gcc -O0 -g toto.c -lfirst -L. -o test > > export LD_LIBRARY_PATH=3D$PWD > > gdb ./test >=20 > First, the libc malloc is not used inside rtld, so assertion which you > see points to somebody else. This somebody could be the stdio in your > example, or it could be gdb. >=20 > On the HEAD r232862, I indeed get the assertion, that obviously comes > from gdb. So this is a bug in gdb. Probably, try devel/gdb from ports, > I hardly can help you with gdb bug. Dear, Thank for your response. Two other thing - The process consume memory, but there is no allocation in my code. Maybe= a=20 leak in the libc ? - My kernel have crashed after some minute of leak (i have removed printf = for=20 better perf on the loop). Maybe unrelated, but ... Regards, =2D-=20 Alexandre Martins NETASQ -- We secure IT --nextPart11892380.xjSGjULTiR--