Bug 184384 - setlocale() calls free(NULL)
setlocale() calls free(NULL)
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: glibc (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jakub Jelinek
Brian Brock
Depends On:
  Show dependency treegraph
Reported: 2006-03-08 08:18 EST by Toralf
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-03-11 15:18:22 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Test program (77 bytes, text/plain)
2006-03-08 08:18 EST, Toralf
no flags Details

  None (edit)
Description Toralf 2006-03-08 08:18:13 EST
Description of problem:
setlocale() will under certain contions call free(NULL). This is not exactly a
bug in its own right, but it could indicate an unexpected state inside the
routine, and having such calls floating around makes it harder to track down
actual memory errors and leaks in a program.

Version-Release number of selected component (if applicable):

How reproducible:
Every time

Steps to Reproduce:
1. cc setlocale.c -ldmalloc -o setlocale
2. DMALLOC_OPTIONS=debug=0x2000000 ./setlocale

(Assuming dmalloc is installed. setlocale.c will be attached to this report.)
Actual results:
1141823485: 30: WARNING: tried to free(0) from 'ra=0xe9cdbf'
1141823485: 30: free: invalid pointer: from 'ra=0xe9cdbf'
1141823485: 30: ERROR: _chunk_free: pointer is null (err 20)
1141823485: 30: ending time = 1141823485, elapsed since start = 0:00:00

Expected results:
[ No output ]

Additional info:
I'm testing under RHEL 3 right now, but I've also seen it on other releases and
libc versions.

Part of the problem is that various functions in Gtk and Glib contain
setlocale() calls that trigger this problem.
Comment 1 Toralf 2006-03-08 08:18:13 EST
Created attachment 125795 [details]
Test program
Comment 2 Toralf 2006-03-08 08:55:51 EST
Note that we've run extensive tests of the type indicated above, and this is the
only instance of free(NULL) within the system libs encountered so far. This
suggests to me that the developers have generally tried to avoid freeing
NULL-pointers, which probably also means it was not done on purpose in this case.
Comment 3 Jakub Jelinek 2006-03-11 15:18:22 EST
I don't see how the tests could be extensive, there are hundreds of places
in glibc alone where free can be called with NULL and in all cases it relies
on the ISO C99 mandated behavior of free - if ptr is a null pointer,
no action occurs.

Note You need to log in before you can comment on or make changes to this bug.