The following has be reported by IBM LTC:
use free not munmap to deallocate space allocated using mmap
RHEL3 RC3 (GAed)
Steps to Reproduce:
1. cp spec2000 vortex source and input data
2. Use IBM compiler,
cc_r -qsmp -O2 -qipa=level=2 -I_FVT -I_USE_TEST_DATA -I_END_XOPTS -
qalias=noansi -o vortex src/*.c
3. ./vortex bendian.raw
free(): invalid pointer 0x4001a000!
Return code: 139
Return code: 0
The problem looks like that on libio/genops, they are calling free(fp-
>_IO_save_base) but the address is there was allocated using mmap, not
so it should be deallocated by calling munmap.
There is a macro called FREE_BUF, which is what I think should be used
this deallocation. It is defined to 'munmap' if mmap is being used,
'free' otherwise.This is a GA bug, seems generic. Over to
Service.Glen/Greg - Yes, this should be submitted to Red Hat. Thanks.
Shimin - thanks for the good details.
Can you reproduce it with GCC? fp->_IO_save_base is certainly allocated
with malloc in glibc sources.
No testcase provided on which this could be reproduced and code
inspection doesn't reveal any problems.
Please reopen if you have self-contained testcase.