[Bug malloc/15991] New: Error after calling proc by pointer: `malloc.c:3096: sYSMALLOc'...

[Bug malloc/15991] New: Error after calling proc by pointer: `malloc.c:3096: sYSMALLOc'...

[a.i.prutkov at gmail dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=15991

            Bug ID: 15991
           Summary: Error after calling proc by pointer: `malloc.c:3096:
                    sYSMALLOc'...
           Product: glibc
           Version: 2.18
            Status: NEW
          Severity: normal
          Priority: P2
         Component: malloc
          Assignee: unassigned at sourceware dot org
          Reporter: a.i.prutkov at gmail dot com

Dears sirs.

I have a problem when I am trying to run my programm written on C++ (platform
is Core i5-2.41 GNU/Linux x86_64).

The programm has many pointers on procedures (about 220), extracted by dlsym
from dynamical libraries (such as lissl, as libcrypto, as limcrypt). I need it
to protect the programm from Reverse Engineering (LD_PRELOAD etc).

The programm is multithread (Posix Threads), and it has callbacks with local
defined objects of different classes (NOT DYNAMICALLY for correct free memory
(by their destructors) used by objects in threads) similar:

[CODE=CPP]
void* my1_cb(void *arg){
 Crypt::Rsa rsa; // Rsa is big class for job with openssl rsa keys/CA
 Internet::SSLTcpClent client; // SSLTcpClent is big class for connect to SSL
hosts

 // etc ...
}
[/CODE]


In the runtime I get error:

[STDOUTPUT]
server: malloc.c:3096: sYSMALLOc: Assertion `(old_top == (((mbinptr) (((char *)
&((av)->bins[((1) - 1) * 2])) - __builtin_offsetof (struct malloc_chunk, fd))))
&& old_size == 0) || ((unsigned long) (old_size) >= (unsigned
long)((((__builtin_offsetof (struct malloc_chunk, fd_nextsize))+((2 *
(sizeof(size_t))) - 1)) & ~((2 * (sizeof(size_t))) - 1))) && ((old_top)->size &
0x1) && ((unsigned long)old_end & pagemask) == 0)' failed.
Abort termination
[/STDOUTPUT]

after calling procedure by pointer (from libz.so):

[CODE=CPP]
if (procs->deflateInit2_p(&stream,
Z_BEST_COMPRESSION,
Z_DEFLATED,
m,
8,
Z_DEFAULT_STRATEGY,
procs->zlibVersion_p(),
sizeof(z_stream)) != Z_OK) {
 goto err;
}
[/CODE]

I will be glad any help/tips.

--
Have a nice day.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug malloc/15991] Error after calling proc by pointer: `malloc.c:3096: sYSMALLOc'...

[neleai at seznam dot cz]

https://sourceware.org/bugzilla/show_bug.cgi?id=15991

Ondrej Bilka <neleai at seznam dot cz> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |UNCONFIRMED
                 CC|                            |neleai at seznam dot cz
     Ever confirmed|1                           |0

--- Comment #1 from Ondrej Bilka <neleai at seznam dot cz> ---
This is probably application issue, If you run that program in valgrind it will
probably find invalid write that caused this.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug malloc/15991] Error after calling proc by pointer: `malloc.c:3096: sYSMALLOc'...

[fweimer at redhat dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=15991

Florian Weimer <fweimer at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
              Flags|                            |security-

-- 
You are receiving this mail because:
You are on the CC list for the bug.