Subject: Re: dynamic linker/loader problem
To: Manuel Bouyer <email@example.com>
From: Rafal Boni <firstname.lastname@example.org>
Date: 03/27/2003 12:52:02
In message <20030326205004.GA690@antioche.eu.org>, you write:
-> On Tue, Mar 25, 2003 at 08:09:16PM -0500, Rafal Boni wrote:
-> > PR's 19183, 18657, 20078 (should be closed as dup?)
-> > Agreed that it should be fixed before release... I think the problem is
-> > slightly different than you describe it, but the end-result the same..
-> > Some child routines of tgetent (cgetstr, for example) allocate memory,
-> > which uses the libc malloc (even though bash/tcsh provide their own).
-> > So far, so good, but when the termcap code then *frees* that memory,
-> > it does so using the bash/tcsh free(), which whiles and in some cases
-> > crashes the shell.
-> I tried to reproduce the problem with a simple test case, but failed.
-> Each time the local function is called, instead of the libc's one.
-> It seems to require some special conditions to happen ...
As Christos suggested, writing a simple program that uses termcap and
also implements it's own malloc/free (mmm, reimplementing malloc/free
with realloc... Almost worthy of libmem v2 8-) triggers the bug.
Attached is a simple program that does that, and indeed has the same
My output (on an O2 running 1.6P kernel and recent ld_elf.so) is as
malloc from 0x30009c38, size 16
malloc returning ptr 0x10012030
free 0x10012040 from 0x3000a4c0
So indeed we're getting called to allocate one thing, and to free another.
begin 644 ldtest.tgz
Rafal Boni email@example.com
We are all worms. But I do believe I am a glowworm. -- Winston Churchill