public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libc/14895] New: corruption in popen pclose
@ 2012-11-30 9:59 ajeet.yadav.77 at gmail dot com
2012-12-01 10:37 ` [Bug libc/14895] " ajeet.yadav.77 at gmail dot com
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: ajeet.yadav.77 at gmail dot com @ 2012-11-30 9:59 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=14895
Bug #: 14895
Summary: corruption in popen pclose
Product: glibc
Version: 2.14
Status: NEW
Severity: normal
Priority: P2
Component: libc
AssignedTo: unassigned@sourceware.org
ReportedBy: ajeet.yadav.77@gmail.com
CC: drepper.fsp@gmail.com
Classification: Unclassified
Linux version 3.0.33 (Cortex A15)
Below program crashes with 2.14.1 glibc but runs fine with 2.11.1 glibc.
#include <pthread.h>
#include <stdio.h>
#include <stdlib.h>
#include <signal.h>
#include <string.h>
#include <errno.h>
#define MAX_LINE_SIZE 80
#define MAX_THREAD 20
#define MAX_POPEN 10
#define MALLOC_SIZE 16
void* pipe_thread(void *arg)
{
int i;
char *p = NULL;
FILE *fp[MAX_POPEN];
char shellCommand[MAX_LINE_SIZE];
memset(shellCommand, 0x00, MAX_LINE_SIZE);
sprintf(shellCommand, "mount");
signal(SIGPIPE, SIG_IGN);
while (1) {
for (i = 0; i < MAX_POPEN; ++i) {
fp[i] = popen(shellCommand, "r");
}
if (p) {
free(p);
}
for (i = 0; i < MAX_POPEN; ++i) {
if (fp[i])
pclose(fp[i]);
}
p = malloc(MALLOC_SIZE);
if (p)
memset(p, 0, MALLOC_SIZE);
}
return NULL;
}
int main(int argc, char *argv[])
{
int i;
pthread_t tid;
for (i = 0; i < MAX_THREAD; ++i) {
pthread_create(&tid, NULL, &pipe_thread, (void*)NULL);
}
sleep(60);
}
gdb logs:
(gdb) bt
#0 0x4014f998 in _IO_new_fclose (fp=0x1) at iofclose.c:74
#1 0x4015b59c in fwide (fp=0xb8, mode=<optimized out>) at fwide.c:47
#2 0x00008a6c in ?? ()
Cannot access memory at address 0x8
#3 0x00008a6c in ?? ()
Cannot access memory at address 0x8
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libc/14895] corruption in popen pclose
2012-11-30 9:59 [Bug libc/14895] New: corruption in popen pclose ajeet.yadav.77 at gmail dot com
@ 2012-12-01 10:37 ` ajeet.yadav.77 at gmail dot com
2013-05-22 9:13 ` ondra at iuuk dot mff.cuni.cz
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: ajeet.yadav.77 at gmail dot com @ 2012-12-01 10:37 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=14895
--- Comment #1 from Ajeet Yadav <ajeet.yadav.77 at gmail dot com> 2012-12-01 10:37:00 UTC ---
Yesturday I have been able to fix this issue with below patch, now this problem
no longer occurs.
But still my interest is 1> Why this patch fixes the problem ? 2> What change
between 2.11.1 and 2.14.1 might have caused this problem
------------------------------------------------------------------------------
diff --git a/libio/iopopen.c b/libio/iopopen.c
--- a/libio/iopopen.c
+++ b/libio/iopopen.c
@@ -299,6 +299,7 @@ _IO_new_popen (command, mode)
new_f = (struct locked_FILE *) malloc (sizeof (struct locked_FILE));
if (new_f == NULL)
return NULL;
+ memset(new_f, 0, sizeof (struct locked_FILE));
#ifdef _IO_MTSAFE_IO
new_f->fpx.file.file._lock = &new_f->lock;
#endif
------------------------------------------------------------------------------
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libc/14895] corruption in popen pclose
2012-11-30 9:59 [Bug libc/14895] New: corruption in popen pclose ajeet.yadav.77 at gmail dot com
2012-12-01 10:37 ` [Bug libc/14895] " ajeet.yadav.77 at gmail dot com
@ 2013-05-22 9:13 ` ondra at iuuk dot mff.cuni.cz
2014-06-14 11:00 ` fweimer at redhat dot com
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: ondra at iuuk dot mff.cuni.cz @ 2013-05-22 9:13 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=14895
OndrejBilka <ondra at iuuk dot mff.cuni.cz> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |marcus.shawcroft at linaro
| |dot org, ondra at iuuk dot
| |mff.cuni.cz
--- Comment #2 from OndrejBilka <ondra at iuuk dot mff.cuni.cz> 2013-05-22 09:13:38 UTC ---
Cannot reproduce on x64. Looks like platform specific issue.
Marcus could you reproduce this?
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libc/14895] corruption in popen pclose
2012-11-30 9:59 [Bug libc/14895] New: corruption in popen pclose ajeet.yadav.77 at gmail dot com
2012-12-01 10:37 ` [Bug libc/14895] " ajeet.yadav.77 at gmail dot com
2013-05-22 9:13 ` ondra at iuuk dot mff.cuni.cz
@ 2014-06-14 11:00 ` fweimer at redhat dot com
2014-06-16 9:08 ` fweimer at redhat dot com
2015-08-23 1:13 ` [Bug stdio/14895] " jsm28 at gcc dot gnu.org
4 siblings, 0 replies; 6+ messages in thread
From: fweimer at redhat dot com @ 2014-06-14 11:00 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=14895
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libc/14895] corruption in popen pclose
2012-11-30 9:59 [Bug libc/14895] New: corruption in popen pclose ajeet.yadav.77 at gmail dot com
` (2 preceding siblings ...)
2014-06-14 11:00 ` fweimer at redhat dot com
@ 2014-06-16 9:08 ` fweimer at redhat dot com
2015-08-23 1:13 ` [Bug stdio/14895] " jsm28 at gcc dot gnu.org
4 siblings, 0 replies; 6+ messages in thread
From: fweimer at redhat dot com @ 2014-06-16 9:08 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=14895
--- Comment #3 from Florian Weimer <fweimer at redhat dot com> ---
Ajeet, can you reproduce this with more recent glibc versions?
(This bug report reminds me of some other bug I saw, but I can't find it.)
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug stdio/14895] corruption in popen pclose
2012-11-30 9:59 [Bug libc/14895] New: corruption in popen pclose ajeet.yadav.77 at gmail dot com
` (3 preceding siblings ...)
2014-06-16 9:08 ` fweimer at redhat dot com
@ 2015-08-23 1:13 ` jsm28 at gcc dot gnu.org
4 siblings, 0 replies; 6+ messages in thread
From: jsm28 at gcc dot gnu.org @ 2015-08-23 1:13 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=14895
Joseph Myers <jsm28 at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Component|libc |stdio
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2015-08-23 1:13 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-11-30 9:59 [Bug libc/14895] New: corruption in popen pclose ajeet.yadav.77 at gmail dot com
2012-12-01 10:37 ` [Bug libc/14895] " ajeet.yadav.77 at gmail dot com
2013-05-22 9:13 ` ondra at iuuk dot mff.cuni.cz
2014-06-14 11:00 ` fweimer at redhat dot com
2014-06-16 9:08 ` fweimer at redhat dot com
2015-08-23 1:13 ` [Bug stdio/14895] " jsm28 at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).