On Mon, 2009-04-13 at 09:22 +0800, Guo Hongruan wrote:
> How to reproduce this bug:
>
> ./clone07 -i 19
I can produce this.
Before Patching:
$ ./clone07 -i 19
*** glibc detected *** ./testcases/bin/clone07: double free or
corruption (top): 0x08dda008 ***
======= Backtrace: =========
/lib/libc.so.6[0xb3db16]
/lib/libc.so.6(cfree+0x90)[0xb41030]
./testcases/bin/clone07[0x8048e7c]
/lib/libc.so.6(__libc_start_main+0xdc)[0xaeadec]
./testcases/bin/clone07[0x8048b61]
======= Memory map: ========
00ab7000-00ad1000 r-xp 00000000 08:02 19085105 /lib/ld-2.5.so
00ad1000-00ad2000 r-xp 00019000 08:02 19085105 /lib/ld-2.5.so
00ad2000-00ad3000 rwxp 0001a000 08:02 19085105 /lib/ld-2.5.so
00ad5000-00c12000 r-xp 00000000 08:02 19085112 /lib/libc-2.5.so
00c12000-00c14000 r-xp 0013d000 08:02 19085112 /lib/libc-2.5.so
00c14000-00c15000 rwxp 0013f000 08:02 19085112 /lib/libc-2.5.so
00c15000-00c18000 rwxp 00c15000 00:00 0
00c6b000-00c6c000 r-xp 00c6b000 00:00 0 [vdso]
061d0000-061db000 r-xp 00000000 08:02
19085120 /lib/libgcc_s-4.1.2-20080102.so.1
061db000-061dc000 rwxp 0000a000 08:02
19085120 /lib/libgcc_s-4.1.2-20080102.so.1
08048000-0804c000 r-xp 00000000 08:02
2262291
/home/subratamodak/OFFICE_WORKS/LTP_PROJECT_CODE/LTP_TARS/MARCH_2009_RELEASE/ltp-full-20090331/testcases/bin/clone07
0804c000-0804d000 rwxp 00004000 08:02
2262291
/home/subratamodak/OFFICE_WORKS/LTP_PROJECT_CODE/LTP_TARS/MARCH_2009_RELEASE/ltp-full-20090331/testcases/bin/clone07
0804d000-08051000 rwxp 0804d000 00:00 0
08dda000-08dfb000 rwxp 08dda000 00:00 0
b7e00000-b7e21000 rwxp b7e00000 00:00 0
b7e21000-b7f00000 --xp b7e21000 00:00 0
b7f5a000-b7f5c000 rwxp b7f5a000 00:00 0
bfab7000-bfacc000 rwxp bfab7000 00:00 0 [stack]
Aborted
$ echo $?
134
Post Patching:
$ ./clone07 -i 19
clone07 1 PASS : Use of return() in child did not cause SIGSEGV
Index: clone07.c
> ===================================================================
> --- clone07.c (revision 301)
> +++ clone07.c (working copy)
> @@ -114,17 +114,17 @@
> /* perform global setup for test */
> setup();
>
> - /* Allocate stack for child */
> - if((child_stack = (void *) malloc(CHILD_STACK_SIZE)) == NULL) {
> - tst_brkm(TBROK, cleanup, "Cannot allocate stack for
> child");
> - }
> -
> /* check looping state if -i option given */
> for (lc=0; TEST_LOOPING(lc); lc++) {
>
> /* reset Tst_count in case we are looping. */
> Tst_count=0;
>
> + /* Allocate stack for child */
> + if((child_stack = (void *) malloc(CHILD_STACK_SIZE)) ==
> NULL) {
> + tst_brkm(TBROK, cleanup, "Cannot allocate stack
> for child");
> + }
> +
> /*
> * Call clone(2)
> */
Thanks for the patch.
Regards--
Subrata
>
>
------------------------------------------------------------------------------
This SF.net email is sponsored by:
High Quality Requirements in a Collaborative Environment.
Download a free trial of Rational Requirements Composer Now!
http://p.sf.net/sfu/www-ibm-com
_______________________________________________
Ltp-list mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ltp-list
