981778 – *** glibc detected *** wget: double free or corruption (!prev): 0x0979df90 ***

Bug 981778 - *** glibc detected *** wget: double free or corruption (!prev): 0x0979df90 ***

Summary: *** glibc detected *** wget: double free or corruption (!prev): 0x0979df90 ***

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	wget
Sub Component:
Version:	18
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Tomáš Hozza
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	985601 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-07-05 19:22 UTC by Ali Akcaagac
Modified:	2013-09-04 07:06 UTC (History)
CC List:	9 users (show)
Fixed In Version:	wget-1.14-5.fc18
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2013-07-22 00:37:47 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
wget coredump (454.03 KB, application/x-bzip) 2013-07-05 20:01 UTC, Ali Akcaagac	no flags	Details
View All

Description Ali Akcaagac 2013-07-05 19:22:47 UTC

I updated my Fedora18 (and Fedora19) system today and detected this error:

*** glibc detected *** wget: double free or corruption (!prev): 0x0979df90 ***
======= Backtrace: =========
/lib/libc.so.6[0x49660029]
wget[0x8071e09]
wget[0x8070114]
wget[0x804c8a0]
/lib/libc.so.6(__libc_start_main+0xf5)[0x49603865]
wget[0x804d0d9]
======= Memory map: ========
08047000-080a9000 r-xp 00000000 08:11 393624     /usr/bin/wget
080a9000-080aa000 r--p 00061000 08:11 393624     /usr/bin/wget
080aa000-080ae000 rw-p 00062000 08:11 393624     /usr/bin/wget
080ae000-080b3000 rw-p 00000000 00:00 0 
096d5000-097bc000 rw-p 00000000 00:00 0          [heap]
495c7000-495e6000 r-xp 00000000 08:11 445821     /usr/lib/ld-2.16.so
495e6000-495e7000 r--p 0001e000 08:11 445821     /usr/lib/ld-2.16.so
495e7000-495e8000 rw-p 0001f000 08:11 445821     /usr/lib/ld-2.16.so
495ea000-4979a000 r-xp 00000000 08:11 445822     /usr/lib/libc-2.16.so
4979a000-4979c000 r--p 001b0000 08:11 445822     /usr/lib/libc-2.16.so
4979c000-4979d000 rw-p 001b2000 08:11 445822     /usr/lib/libc-2.16.so
4979d000-497a0000 rw-p 00000000 00:00 0 
497a2000-497a5000 r-xp 00000000 08:11 445824     /usr/lib/libdl-2.16.so
497a5000-497a6000 r--p 00002000 08:11 445824     /usr/lib/libdl-2.16.so
497a6000-497a7000 rw-p 00003000 08:11 445824     /usr/lib/libdl-2.16.so
497a9000-497bf000 r-xp 00000000 08:11 445826     /usr/lib/libpthread-2.16.so
497bf000-497c0000 r--p 00015000 08:11 445826     /usr/lib/libpthread-2.16.so
497c0000-497c1000 rw-p 00016000 08:11 445826     /usr/lib/libpthread-2.16.so
497c1000-497c3000 rw-p 00000000 00:00 0 
497c5000-497cc000 r-xp 00000000 08:11 445827     /usr/lib/librt-2.16.so
497cc000-497cd000 r--p 00006000 08:11 445827     /usr/lib/librt-2.16.so
497cd000-497ce000 rw-p 00007000 08:11 445827     /usr/lib/librt-2.16.so
497d0000-497e5000 r-xp 00000000 08:11 445833     /usr/lib/libz.so.1.2.7
497e5000-497e6000 r--p 00014000 08:11 445833     /usr/lib/libz.so.1.2.7
497e6000-497e7000 rw-p 00015000 08:11 445833     /usr/lib/libz.so.1.2.7
4982b000-49847000 r-xp 00000000 08:11 445838     /usr/lib/libgcc_s-4.7.2-20121109.so.1
49847000-49848000 r--p 0001b000 08:11 445838     /usr/lib/libgcc_s-4.7.2-20121109.so.1
49848000-49849000 rw-p 0001c000 08:11 445838     /usr/lib/libgcc_s-4.7.2-20121109.so.1
4984b000-498ad000 r-xp 00000000 08:11 445834     /usr/lib/libpcre.so.1.0.1
498ad000-498ae000 r--p 00061000 08:11 445834     /usr/lib/libpcre.so.1.0.1
498ae000-498af000 rw-p 00062000 08:11 445834     /usr/lib/libpcre.so.1.0.1
498b1000-498d1000 r-xp 00000000 08:11 445835     /usr/lib/libselinux.so.1
498d1000-498d2000 r--p 0001f000 08:11 445835     /usr/lib/libselinux.so.1
498d2000-498d3000 rw-p 00020000 08:11 445835     /usr/lib/libselinux.so.1
498d3000-498d4000 rw-p 00000000 00:00 0 
498d6000-498eb000 r-xp 00000000 08:11 445836     /usr/lib/libresolv-2.16.so
498eb000-498ec000 r--p 00014000 08:11 445836     /usr/lib/libresolv-2.16.so
498ec000-498ed000 rw-p 00015000 08:11 445836     /usr/lib/libresolv-2.16.so
498ed000-498ef000 rw-p 00000000 00:00 0 
4b771000-4b775000 r-xp 00000000 08:11 399458     /usr/lib/libuuid.so.1.3.0
4b775000-4b776000 r--p 00003000 08:11 399458     /usr/lib/libuuid.so.1.3.0
4b776000-4b777000 rw-p 00004000 08:11 399458     /usr/lib/libuuid.so.1.3.0
4bb03000-4bb06000 r-xp 00000000 08:11 445934     /usr/lib/libcom_err.so.2.1
4bb06000-4bb07000 r--p 00002000 08:11 445934     /usr/lib/libcom_err.so.2.1
4bb07000-4bb08000 rw-p 00003000 08:11 445934     /usr/lib/libcom_err.so.2.1
4c1f5000-4c1f8000 r-xp 00000000 08:11 412233     /usr/lib/libkeyutils.so.1.4
4c1f8000-4c1f9000 r--p 00002000 08:11 412233     /usr/lib/libkeyutils.so.1.4
4c1f9000-4c1fa000 rw-p 00003000 08:11 412233     /usr/lib/libkeyutils.so.1.4
4c1fc000-4c23c000 r-xp 00000000 08:11 445936     /usr/lib/libgssapi_krb5.so.2.2
4c23c000-4c23d000 r--p 0003f000 08:11 445936     /usr/lib/libgssapi_krb5.so.2.2
4c23d000-4c23e000 rw-p 00040000 08:11 445936     /usr/lib/libgssapi_krb5.so.2.2
4c240000-4c268000 r-xp 00000000 08:11 445593     /usr/lib/libk5crypto.so.3.1
4c268000-4c269000 ---p 00028000 08:11 445593     /usr/lib/libk5crypto.so.3.1
4c269000-4c26a000 r--p 00028000 08:11 445593     /usr/lib/libk5crypto.so.3.1
4c26a000-4c26b000 rw-p 00029000 08:11 445593     /usr/lib/libk5crypto.so.3.1
4c26b000-4c26c000 rw-p 00000000 00:00 0 
4c2cc000-4c2d6000 r-xp 00000000 08:11 445592     /usr/lib/libkrb5support.so.0.1
4c2d6000-4c2d7000 r--p 00009000 08:11 445592     /usr/lib/libkrb5support.so.0.1
4c2d7000-4c2d8000 rw-p 0000a000 08:11 445592     /usr/lib/libkrb5support.so.0.1
4c342000-4c41b000 r-xp 00000000 08:11 445935     /usr/lib/libkrb5.so.3.3
4c41b000-4c421000 r--p 000d9000 08:11 445935     /usr/lib/libkrb5.so.3.3
4c421000-4c422000 rw-p 000df000 08:11 445935     /usr/lib/libkrb5.so.3.3
4c470000-4c5ff000 r-xp 00000000 08:11 445956     /usr/lib/libcrypto.so.1.0.1e
4c5ff000-4c600000 ---p 0018f000 08:11 445956     /usr/lib/libcrypto.so.1.0.1e
4c600000-4c60f000 r--p 0018f000 08:11 445956     /usr/lib/libcrypto.so.1.0.1e
4c60f000-4c615000 rw-p 0019e000 08:11 445956     /usr/lib/libcrypto.so.1.0.1e
4c615000-4c619000 rw-p 00000000 00:00 0 
4c658000-4c6b2000 r-xp 00000000 08:11 445957     /usr/lib/libssl.so.1.0.1e
4c6b2000-4c6b4000 r--p 0005a000 08:11 445957     /usr/lib/libssl.so.1.0.1e
4c6b4000-4c6b7000 rw-p 0005c000 08:11 445957     /usr/lib/libssl.so.1.0.1e
4cbea000-4cc1b000 r-xp 00000000 08:11 411815     /usr/lib/libidn.so.11.6.9
4cc1b000-4cc1c000 r--p 00030000 08:11 411815     /usr/lib/libidn.so.11.6.9
4cc1c000-4cc1d000 rw-p 00031000 08:11 411815     /usr/lib/libidn.so.11.6.9
b75df000-b77df000 r--p 00000000 08:11 618326     /usr/lib/locale/locale-archive
b77df000-b77e6000 rw-p 00000000 00:00 0 
b77e6000-b77eb000 r-xp 00000000 08:11 412302     /usr/lib/libnss_dns-2.16.so
b77eb000-b77ec000 r--p 00004000 08:11 412302     /usr/lib/libnss_dns-2.16.so
b77ec000-b77ed000 rw-p 00005000 08:11 412302     /usr/lib/libnss_dns-2.16.so
b77ed000-b77f8000 r-xp 00000000 08:11 412305     /usr/lib/libnss_files-2.16.so
b77f8000-b77f9000 r--p 0000a000 08:11 412305     /usr/lib/libnss_files-2.16.so
b77f9000-b77fa000 rw-p 0000b000 08:11 412305     /usr/lib/libnss_files-2.16.so
b77fa000-b77fc000 rw-p 00000000 00:00 0 
b77fc000-b77fd000 r-xp 00000000 00:00 0          [vdso]
bfcd6000-bfcf7000 rw-p 00000000 00:00 0          [stack]
./bookmarks.sh: line 40: 20885 Aborted                 (core dumped) wget -t 2 -U "Webkit" 

Fedora18 (and Fedora19) are affected by this:

-bash-4.2$ rpm -qa glibc*
glibc-common-2.16-33.fc18.i686
glibc-2.16-33.fc18.i686
glibc-devel-2.16-33.fc18.i686
glibc-headers-2.16-33.fc18.i686

The previous glibc versions didn't cause this issue. The wget line in above script only shows:

wget -t 2 -U "Webkit" http://www.selbstaendig-im-netz.de/2011/01/18/selbstaendig/schritt-fuer-schritt-in-die-selbstaendigkeit-im-netz-artikelserie/ -O index.html -o log.txt

I believe this one triggered it. If not then try a few other pages. That's basicly it. It's not always reproducible but allways happens when you use wget several times to dump certain webpages into index.html

Comment 1 Jeff Law 2013-07-05 19:32:54 UTC

Most likely a problem in wget itself, reassigning.

Attaching a core file would probably help the wget folks track this down.

Comment 2 Ali Akcaagac 2013-07-05 20:01:01 UTC

Created attachment 769378 [details]
wget coredump

Attached you find a coredump to wget which seem to become triggered by the recent changes in glibc. The triggering wget commandline is included in the tar file as well.

wget -t 2 -U Webkit "https://www.xing.com/net/pri5f120ax/r%c3%bcckkehrerstammtisch/stellenborse-615862/43692100/#43692100" -O index.html -o wget-tmp.txt

Comment 3 Ali Akcaagac 2013-07-05 20:02:10 UTC

Please note that -U Webkit is also surrounded by " symbols -U "Webkit". Somehow the coredump triggering program removes all this.

Comment 4 Tomáš Hozza 2013-07-10 11:33:49 UTC

If using IRI and downloading site that redirects itself the iri->orig_url is
freed twice. Once in retrieve_url() and then in iri_free().

The solution is to set iri->orig_url to NULL after free.

Comment 5 Tomáš Hozza 2013-07-10 12:41:12 UTC

Can you please test the fixed wget?

F18 build http://koji.fedoraproject.org/koji/buildinfo?buildID=432561
F19 build http://koji.fedoraproject.org/koji/buildinfo?buildID=432562

Thanks!

Comment 6 Fedora Update System 2013-07-15 07:55:13 UTC

wget-1.14-8.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/wget-1.14-8.fc19

Comment 7 Fedora Update System 2013-07-15 07:59:52 UTC

wget-1.14-5.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/wget-1.14-5.fc18

Comment 8 Fedora Update System 2013-07-16 01:33:38 UTC

Package wget-1.14-5.fc18:
* should fix your issue,
* was pushed to the Fedora 18 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing wget-1.14-5.fc18'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2013-13011/wget-1.14-5.fc18
then log in and leave karma (feedback).

Comment 9 Fedora Update System 2013-07-22 00:37:47 UTC

wget-1.14-8.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 10 Fedora Update System 2013-07-24 03:44:44 UTC

wget-1.14-5.fc18 has been pushed to the Fedora 18 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 11 Tomáš Hozza 2013-09-04 07:06:22 UTC

*** Bug 985601 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.