Ubuntu
mesa package

posix_memalign corrupts heap

Bug #1798601 reported by Jozef Behran on 2018-10-18

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	eglibc (Ubuntu)	New	Undecided	Unassigned
	mesa (Ubuntu)	New	Undecided	Unassigned

Bug Description

The attached program exposes a bug in posix_memalign that causes it to either silently corrupt heap or cause the memory allocation checker to report spurious failures. I believe that the former is the case here because on more complex software (minetest or Irrlight tutorial examples) I had seen "pointer passed to free() which was never returned by an allocation function" errors. The posix_memalign is used by the OpenGL driver (package: mesa) and can be avoided by compiling mesa from source after telling the package we don't have posix_memalign. The "pointer passed to free()..." error was seen coming from inside the OpenGL as the irrlight example did not do much malloc&co calls itself. Unfortunately I could not figure out how this "real corruption" could be exposed by a simple program like this as it seems it requires a complicated mixture of malloc() and posix_memalign to trigger.

To compile the program run "sh compile.sh" and to run it run "sh run.sh". You will then get two files, "memalign.out" (the output of the program until the failure) and "memalign.log" (a mtrace log).

The program shall run for a several seconds but in fact it only runs for about 0.2 seconds before aborting with "invalid pointer" complaint.

The program appears to finish normally (with no memory leaks detected) when "-lmcheck" is omitted from the compilation command (see compile.sh). However I had seen crashes caused by the problem in more complicated software that mixes posix_memalign with malloc.

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: libc6 2.19-0ubuntu6.14
ProcVersionSignature: Ubuntu 3.13.0-52.86+bdw1-generic 3.13.11-ckt18
Uname: Linux 3.13.0-52-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.29
Architecture: amd64
CurrentDesktop: Unity
Date: Thu Oct 18 15:49:02 2018
Dependencies:
gcc-4.9-base 4.9.3-0ubuntu4
libc6 2.19-0ubuntu6.14
libgcc1 1:4.9.3-0ubuntu4
multiarch-support 2.19-0ubuntu6.14
DistributionChannelDescriptor:
# This is a distribution channel descriptor
# For more information see http://wiki.ubuntu.com/DistributionChannelDescriptor
canonical-oem-somerville-trusty-amd64-20140620-0
InstallationDate: Installed on 2015-12-26 (1027 days ago)
InstallationMedia: Ubuntu 14.04 "Trusty" - Build amd64 LIVE Binary 20140620-04:25
ProcEnviron:
LD_LIBRARY_PATH=<set>
TERM=xterm
PATH=(custom, no user)
XDG_RUNTIME_DIR=<set>
SHELL=/bin/bash
SourcePackage: eglibc
UpgradeStatus: No upgrade log present (probably fresh install)

Tags:

Revision history for this message

Jozef Behran (jctech) wrote on 2018-10-18:

Test program that exposes a mcheck() problem with posix_memalign Edit (905 bytes, application/x-tar)
ProcCpuinfoMinimal.txt Edit (1.0 KiB, text/plain; charset="utf-8")

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntumesa package