Re: Double free() in libc or gdb ?

From: Konstantin Belousov <kostikbel_at_gmail.com> Date: Tue, 13 Mar 2012 14:17:52 +0200 · This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:24 UTC

On Tue, Mar 13, 2012 at 11:08:40AM +0100, Alexandre Martins wrote:
> On Monday 12 March 2012 18:55:55 Konstantin Belousov wrote:
> > On Mon, Mar 12, 2012 at 05:50:33PM +0100, Alexandre Martins wrote:
> > > Dear all,
> > > 
> > > I'm currently having some trouble with the dynamic loader.
> > > 
> > > I have the libc compilled with "MALLOC_DEBUG" flag to detect double free.
> > > When i run this piece of code (attached file) thought GDB, i have this
> > > assertion :
> > > 
> > > Assertion failed: ((run->regs_mask[elm] & (1U << bit)) == 0), function
> > > arena_run_reg_dalloc, file /usr/src/lib/libc/stdlib/malloc.c, line 2543.
> > > 
> > > But when i run the same binary without GDB, no assert.
> > > 
> > > I'm very confused. Can you help me to debug that ?
> > 
> > There is no attachment.  Put the source somewhere on web.
> 
> Sorry, I'll past code here :
> 
> first.c:
> ____________________
> #include <stdio.h>
> 
> void print_name(void)
> {
>         printf("I'm " __FILE__ " at line %d\n", __LINE__);
> }
> ____________________
> 
> second.c
> ____________________
> #include <stdio.h>
> 
> void second_name(void)
> {
>         printf("I'm " __FILE__ " at line %d\n", __LINE__);
> }
> 
> void print_name(void)
> {
>         printf("I'm " __FILE__ " at line %d\n", __LINE__);
> }
> ____________________
> 
> main.c
> ____________________
> #include <stdio.h>
> #include <dlfcn.h>
> 
> extern void print_name(void);
> 
> int main(int argc, char *argv[])
> {
>         void (*second_name)(void);
>         void *handle;
>         int count = 0;
> 
>         while(42)
>         {
>                 print_name();
>                 handle = dlopen("second.so", RTLD_NOW);
>                 print_name();
>                 if (handle != NULL)
>                 {
>                         second_name = dlsym(handle, "second_name");
>                         if (second_name != NULL)
>                         {
>                                 printf("second : ");
>                                 second_name();
>                         }
>                         dlclose(handle);
>                 }
>                 else
>                         fprintf(stderr, "Error : %s\n", dlerror());
>         }
> }
> ____________________
> 
> Compilation and execution :
> 
> gcc -shared -O0 -g second.c -o second.so
> gcc -shared -O0 -g first.c -o libfirst.so
> gcc -O0 -g toto.c -lfirst -L. -o test
> export LD_LIBRARY_PATH=$PWD
> gdb ./test
> 
First, the libc malloc is not used inside rtld, so assertion which you
see points to somebody else. This somebody could be the stdio in your
example, or it could be gdb.

On the HEAD r232862, I indeed get the assertion, that obviously comes
from gdb. So this is a bug in gdb. Probably, try devel/gdb from ports,
I hardly can help you with gdb bug.