posix_memalign corrupts heap

Bug #1798601 reported by Jozef Behran on 2018-10-18
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
eglibc (Ubuntu)
Undecided
Unassigned
mesa (Ubuntu)
Undecided
Unassigned

Bug Description

The attached program exposes a bug in posix_memalign that causes it to either silently corrupt heap or cause the memory allocation checker to report spurious failures. I believe that the former is the case here because on more complex software (minetest or Irrlight tutorial examples) I had seen "pointer passed to free() which was never returned by an allocation function" errors. The posix_memalign is used by the OpenGL driver (package: mesa) and can be avoided by compiling mesa from source after telling the package we don't have posix_memalign. The "pointer passed to free()..." error was seen coming from inside the OpenGL as the irrlight example did not do much malloc&co calls itself. Unfortunately I could not figure out how this "real corruption" could be exposed by a simple program like this as it seems it requires a complicated mixture of malloc() and posix_memalign to trigger.

To compile the program run "sh compile.sh" and to run it run "sh run.sh". You will then get two files, "memalign.out" (the output of the program until the failure) and "memalign.log" (a mtrace log).

The program shall run for a several seconds but in fact it only runs for about 0.2 seconds before aborting with "invalid pointer" complaint.

The program appears to finish normally (with no memory leaks detected) when "-lmcheck" is omitted from the compilation command (see compile.sh). However I had seen crashes caused by the problem in more complicated software that mixes posix_memalign with malloc.

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: libc6 2.19-0ubuntu6.14
ProcVersionSignature: Ubuntu 3.13.0-52.86+bdw1-generic 3.13.11-ckt18
Uname: Linux 3.13.0-52-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.29
Architecture: amd64
CurrentDesktop: Unity
Date: Thu Oct 18 15:49:02 2018
Dependencies:
 gcc-4.9-base 4.9.3-0ubuntu4
 libc6 2.19-0ubuntu6.14
 libgcc1 1:4.9.3-0ubuntu4
 multiarch-support 2.19-0ubuntu6.14
DistributionChannelDescriptor:
 # This is a distribution channel descriptor
 # For more information see http://wiki.ubuntu.com/DistributionChannelDescriptor
 canonical-oem-somerville-trusty-amd64-20140620-0
InstallationDate: Installed on 2015-12-26 (1027 days ago)
InstallationMedia: Ubuntu 14.04 "Trusty" - Build amd64 LIVE Binary 20140620-04:25
ProcEnviron:
 LD_LIBRARY_PATH=<set>
 TERM=xterm
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 SHELL=/bin/bash
SourcePackage: eglibc
UpgradeStatus: No upgrade log present (probably fresh install)

Jozef Behran (jctech) wrote :
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers