Bug#389706: realloc(): invalid next size on startup
Package: xfm Version: 1.5-1 Severity: important Hi, I just can't start xfm: as soon as start it, I get *** glibc detected *** realloc(): invalid next size: 0x08108c60 *** zsh: abort (core dumped) xfm Please tell me if you can't reproduce it, I'll compile a gdb-able version and produce a backtrace. Regards, Samuel -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-rc5 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages xfm depends on: ii libc62.3.6.ds1-4 GNU C Library: Shared libraries ii libx11-6 2:1.0.0-9 X11 client-side library ii libxmu6 1:1.0.2-2 X11 miscellaneous utility library ii libxpm4 1:3.5.5-2 X11 pixmap library ii libxt6 1:1.0.2-2 X11 toolkit intrinsics library ii xaw3dg 1.5+E-14Xaw3d widget set ii zlib1g 1:1.2.3-13 compression library - runtime Versions of packages xfm recommends: ii mime-support 3.37-1 MIME files 'mime.types' 'mailcap pn xless none (no description available) -- no debconf information -- Samuel Thibault [EMAIL PROTECTED] «Tiens, quand j'aurai un peu de temps et une partition libre, je crois que je vais essayer de remplacer mes scripts de démarrage par des programmes Windows lancés via Wine et binfmt_misc :-)» -+- AGV in Guide du linuxien pervers - J'sais pas quoi faire... (air connu)
Bug#389706: realloc(): invalid next size on startup
* Samuel Thibault [EMAIL PROTECTED] [060927 11:57]: I just can't start xfm: as soon as start it, I get *** glibc detected *** realloc(): invalid next size: 0x08108c60 *** zsh: abort (core dumped) xfm Please tell me if you can't reproduce it, I cannot reproduce it. Neither on i386 nor on amd64 nor does valgrind show more than the usual X related uninitialized accesses. (With all library versions the same, except libX11-6 only being -8 here (using testing). I will try this afternoon with that Xlib, too.). What window manager are you using? (Perhaps it resizes the window on startup in a way triggering a bug). Do you have any Xresources set that could make a difference? (take a look at the output of xrdb -query) What version is your app-defaults file? (output of grep DefsVersion /etc/X11/app-defaults/Xfm) Any changes to the config files? (output of debsums -e) I'll compile a gdb-able version and produce a backtrace. That could help, too. Thanks in advance, Bernhard R. Link
Bug#389706: realloc(): invalid next size on startup
Bernhard R. Link, le Wed 27 Sep 2006 12:40:45 +0200, a écrit : What window manager are you using? (Perhaps it resizes the window on startup in a way triggering a bug). fvwm Do you have any Xresources set that could make a difference? (take a look at the output of xrdb -query) Same result with empty Xresources. What version is your app-defaults file? (output of grep DefsVersion /etc/X11/app-defaults/Xfm) Xfm.appDefsVersion: 1.5 Any changes to the config files? (output of debsums -e) No change. I've just installed the package this morning, actually. I'll compile a gdb-able version and produce a backtrace. That could help, too. #0 0xb7fff410 in __kernel_vsyscall () #1 0x4294e9d1 in raise () from /lib/tls/i686/cmov/libc.so.6 #2 0x42950209 in abort () from /lib/tls/i686/cmov/libc.so.6 #3 0x4298481a in __libc_message () from /lib/tls/i686/cmov/libc.so.6 #4 0x4298e07e in _int_realloc () from /lib/tls/i686/cmov/libc.so.6 #5 0x4298e998 in realloc () from /lib/tls/i686/cmov/libc.so.6 #6 0x0806af3c in mime_parse_line (filename=0x80f7c40 /etc/mailcap, linenr=0xbfbb2908, f=0x80f8c48) at mime.c:425 #7 0x0806b318 in mailcap_parse (filename=0x80f7c40 /etc/mailcap) at mime.c:718 #8 0x0806a4ea in mime_parse_line ( filename=0x808ffc0 /etc/X11/xfm/xfm_mailcap, linenr=0xbfbb2a98, f=0x80e6b38) at mime.c:575 #9 0x0806b318 in mailcap_parse (filename=0x808ffc0 /etc/X11/xfm/xfm_mailcap) at mime.c:718 #10 0x0804ef1d in initFileWindows () at FmFw.c:1006 #11 0x0806264a in main (argc=Cannot access memory at address 0x0 frame 6 #6 0x0806af3c in mime_parse_line (filename=0x80f7c40 /etc/mailcap, linenr=0xbfbb2908, f=0x80f8c48) at mime.c:425 425 h = realloc(buffer,i); p *linenr $5 = 202 That's image/gif; /usr/bin/zgv '%s'; test=expr `/usr/bin/tty` : '/dev/\(tty\|vc/\)[0-9][0-9]*' /dev/null 21 || expr $STY : '[0-9][0-9]*\.tty[0-9][0-9]*\.'`hostname`'$' /dev/null 21; description=GIF Image; nametemplate=%s.gif; needsterminal in my /etc/mailcap. There's something odd in that function: size_t buflen = 1000; char *buffer = malloc(128); shouldn't that be size_t buflen = 1000; char *buffer = malloc(buflen); ? Making the change makes xfm now run on my box. Regards, Samuel
Bug#389706: realloc(): invalid next size on startup
* Samuel Thibault [EMAIL PROTECTED] [060927 14:06]: There's something odd in that function: size_t buflen = 1000; char *buffer = malloc(128); Indeed, that is really stupid. Thanks for finding this. Hochachtungsvoll, Bernhard R. Link -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
