| Summary: | getaddrinfo causes invalid free of noai6ai_cached | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Matt McCutchen <matt> | ||||
| Component: | glibc | Assignee: | Andreas Schwab <schwab> | ||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 16 | CC: | ccecchi, emiel.kollof, erik-fedora, fweimer, jakub, kdudka, law, mishu, schwab, sorn.denis, theo148, yann, yunustj | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2011-11-16 17:04:37 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Attachments: |
|
||||||
*** Bug 754019 has been marked as a duplicate of this bug. *** *** Bug 753470 has been marked as a duplicate of this bug. *** *** Bug 754283 has been marked as a duplicate of this bug. *** This also crashes firefox, google chrome, yum update. Basically anything that tries to resolve stuff. I get the exact same error and trace. *** Bug 754434 has been marked as a duplicate of this bug. *** *** Bug 753736 has been marked as a duplicate of this bug. *** The affected update has been unpushed. *** Bug 753733 has been marked as a duplicate of this bug. *** |
Created attachment 533697 [details] Test program Description of problem: On my Dell Latitude D620, with no wired network connection and the wireless connection disabled by the hardware kill switch, calling getaddrinfo("localhost") several times in a row causes an invalid free. This is with unmodified /etc/hosts and unmodified glibc configuration files (rpm -V glibc) except for /etc/localtime. Version-Release number of selected component (if applicable): glibc-2.14.90-16.x86_64 How reproducible: Almost always on my system. Steps to Reproduce: 1. Download attached test.c. 2. make test 3. Offline with wireless hardware-disabled: valgrind ./test Actual results: [valgrind header] resolve one ==3271== Invalid free() / delete / delete[] ==3271== at 0x4C2962E: free (vg_replace_malloc.c:366) ==3271== by 0x4F459B7: __free_in6ai (check_pf.c:426) ==3271== by 0x4F0D444: getaddrinfo (getaddrinfo.c:2560) ==3271== by 0x4005F4: _resolve_addr (in /home/matt/test/gai-invalid-free/test) ==3271== by 0x400652: main (in /home/matt/test/gai-invalid-free/test) ==3271== Address 0x51e3390 is 0 bytes inside data symbol "noai6ai_cached" ==3271== resolve one resolve one [valgrind footer] Expected results: [valgrind header] resolve one resolve one resolve one [valgrind footer] Additional info: After I upgraded from F15 to F16, this problem caused cupsd to crash, which caused gnome-settings-daemon to hang and ultimately led to the GNOME "Oh no! Something has gone wrong" screen. The test case is a simplified version of what cupsd was doing via libaudit.