Bug 109971 - LTC5316-use free not munmap to deallocate space allocated using mmap
LTC5316-use free not munmap to deallocate space allocated using mmap
Status: CLOSED WONTFIX
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: glibc (Show other bugs)
3.0
powerpc Linux
high Severity high
: ---
: ---
Assigned To: Jakub Jelinek
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-11-13 11:01 EST by IBM Bug Proxy
Modified: 2007-11-30 17:06 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-10-03 16:16:53 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description IBM Bug Proxy 2003-11-13 11:01:23 EST
The following has be reported by IBM LTC:  
use free not munmap to deallocate space allocated using mmap
Hardware Environment:
PPC64 

Software Environment:
RHEL3 RC3 (GAed)

Steps to Reproduce:
1. cp spec2000 vortex source and input data
2. Use IBM compiler, 
cc_r -qsmp -O2 -qipa=level=2 -I_FVT -I_USE_TEST_DATA -I_END_XOPTS -
qalias=noansi -o vortex src/*.c  
3. ./vortex bendian.raw 

Actual Results:
free(): invalid pointer 0x4001a000!
Memory fault
Return code: 139

Expected Results:
Return code: 0

Additional Information:
The problem looks like that on libio/genops, they are calling free(fp-
>_IO_save_base) but the address is there was allocated using mmap, not
free, 
so it should be deallocated by calling munmap.

There is a macro called FREE_BUF, which is what I think should be used
to do 
this deallocation. It is defined to 'munmap' if mmap is being used,
and to 
'free' otherwise.This is a GA bug, seems generic. Over to
Service.Glen/Greg - Yes, this should be submitted to Red Hat.  Thanks.
Shimin - thanks for the good details.
Comment 1 Jakub Jelinek 2003-11-21 16:31:04 EST
Can you reproduce it with GCC?  fp->_IO_save_base is certainly allocated
with malloc in glibc sources.
Comment 2 Jakub Jelinek 2004-10-03 16:16:53 EDT
No testcase provided on which this could be reproduced and code
inspection doesn't reveal any problems.
Please reopen if you have self-contained testcase.

Note You need to log in before you can comment on or make changes to this bug.