Public bug reported: The attached program exposes a bug in posix_memalign that causes it to either silently corrupt heap or cause the memory allocation checker to report spurious failures. I believe that the former is the case here because on more complex software (minetest or Irrlight tutorial examples) I had seen "pointer passed to free() which was never returned by an allocation function" errors. The posix_memalign is used by the OpenGL driver (package: mesa) and can be avoided by compiling mesa from source after telling the package we don't have posix_memalign. The "pointer passed to free()..." error was seen coming from inside the OpenGL as the irrlight example did not do much malloc&co calls itself. Unfortunately I could not figure out how this "real corruption" could be exposed by a simple program like this as it seems it requires a complicated mixture of malloc() and posix_memalign to trigger.
To compile the program run "sh compile.sh" and to run it run "sh run.sh". You will then get two files, "memalign.out" (the output of the program until the failure) and "memalign.log" (a mtrace log). The program shall run for a several seconds but in fact it only runs for about 0.2 seconds before aborting with "invalid pointer" complaint. The program appears to finish normally (with no memory leaks detected) when "-lmcheck" is omitted from the compilation command (see compile.sh). However I had seen crashes caused by the problem in more complicated software that mixes posix_memalign with malloc. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: libc6 2.19-0ubuntu6.14 ProcVersionSignature: Ubuntu 3.13.0-52.86+bdw1-generic 3.13.11-ckt18 Uname: Linux 3.13.0-52-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.29 Architecture: amd64 CurrentDesktop: Unity Date: Thu Oct 18 15:49:02 2018 Dependencies: gcc-4.9-base 4.9.3-0ubuntu4 libc6 2.19-0ubuntu6.14 libgcc1 1:4.9.3-0ubuntu4 multiarch-support 2.19-0ubuntu6.14 DistributionChannelDescriptor: # This is a distribution channel descriptor # For more information see http://wiki.ubuntu.com/DistributionChannelDescriptor canonical-oem-somerville-trusty-amd64-20140620-0 InstallationDate: Installed on 2015-12-26 (1027 days ago) InstallationMedia: Ubuntu 14.04 "Trusty" - Build amd64 LIVE Binary 20140620-04:25 ProcEnviron: LD_LIBRARY_PATH=<set> TERM=xterm PATH=(custom, no user) XDG_RUNTIME_DIR=<set> SHELL=/bin/bash SourcePackage: eglibc UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: eglibc (Ubuntu) Importance: Undecided Status: New ** Affects: mesa (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug trusty ** Attachment added: "Test program that exposes a mcheck() problem with posiix_memalign" https://bugs.launchpad.net/bugs/1798601/+attachment/5202600/+files/memalign.tgz ** Also affects: mesa (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to eglibc in Ubuntu. https://bugs.launchpad.net/bugs/1798601 Title: posix_memalign corrupts heap Status in eglibc package in Ubuntu: New Status in mesa package in Ubuntu: New Bug description: The attached program exposes a bug in posix_memalign that causes it to either silently corrupt heap or cause the memory allocation checker to report spurious failures. I believe that the former is the case here because on more complex software (minetest or Irrlight tutorial examples) I had seen "pointer passed to free() which was never returned by an allocation function" errors. The posix_memalign is used by the OpenGL driver (package: mesa) and can be avoided by compiling mesa from source after telling the package we don't have posix_memalign. The "pointer passed to free()..." error was seen coming from inside the OpenGL as the irrlight example did not do much malloc&co calls itself. Unfortunately I could not figure out how this "real corruption" could be exposed by a simple program like this as it seems it requires a complicated mixture of malloc() and posix_memalign to trigger. To compile the program run "sh compile.sh" and to run it run "sh run.sh". You will then get two files, "memalign.out" (the output of the program until the failure) and "memalign.log" (a mtrace log). The program shall run for a several seconds but in fact it only runs for about 0.2 seconds before aborting with "invalid pointer" complaint. The program appears to finish normally (with no memory leaks detected) when "-lmcheck" is omitted from the compilation command (see compile.sh). However I had seen crashes caused by the problem in more complicated software that mixes posix_memalign with malloc. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: libc6 2.19-0ubuntu6.14 ProcVersionSignature: Ubuntu 3.13.0-52.86+bdw1-generic 3.13.11-ckt18 Uname: Linux 3.13.0-52-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.29 Architecture: amd64 CurrentDesktop: Unity Date: Thu Oct 18 15:49:02 2018 Dependencies: gcc-4.9-base 4.9.3-0ubuntu4 libc6 2.19-0ubuntu6.14 libgcc1 1:4.9.3-0ubuntu4 multiarch-support 2.19-0ubuntu6.14 DistributionChannelDescriptor: # This is a distribution channel descriptor # For more information see http://wiki.ubuntu.com/DistributionChannelDescriptor canonical-oem-somerville-trusty-amd64-20140620-0 InstallationDate: Installed on 2015-12-26 (1027 days ago) InstallationMedia: Ubuntu 14.04 "Trusty" - Build amd64 LIVE Binary 20140620-04:25 ProcEnviron: LD_LIBRARY_PATH=<set> TERM=xterm PATH=(custom, no user) XDG_RUNTIME_DIR=<set> SHELL=/bin/bash SourcePackage: eglibc UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/1798601/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
