Re: GTK+ 1.2.10 on Solaris has segfault inside malloc
- From: "Eric M. Monsler" <emonsler beamreachnetworks com>
- Cc: gtk-list <gtk-list gnome org>
- Subject: Re: GTK+ 1.2.10 on Solaris has segfault inside malloc
- Date: Thu, 08 May 2003 15:29:51 -0700
Peter \"Firefly\" Lund wrote:
Run it on x86 with valgrind to fix the memory corruption bug you obviously
have. Then run it on Solaris again.
Well, after fixing one item generating false bug-reports, I was able to
run valgrind on my application. In general, it ran clean.
After a number of days, the crash finally occurred. The valgrind log
file associated with the crash shows a number of errors (seven), and
then a terminated file, without the summary that valgrind typically
places there when the program exits normally.
There was also a core file produced. But, although the "Core was
generated by..." line was correct, gdb warned that the core file may not
match specified executible. It was also unable to parse the stack,
apparently. It did say that the program terminated with signal 11.
Attached is the full valgrind log file.
All of the warnings seem to relate to operations after the end of the
same 1 byte allocation by g_string_sprintf().
This is consistent with previous parsable core files when not using
valgrind, in which the crash would occur inside that function, with a
format string of "%lu". Of course, I can't be sure that was the case
this time.
By the time the crash occurs I have called g_string_sprintf() thousands
of times with no failure.
Any suggestions?
Eric
==23962== Memcheck, a.k.a. Valgrind, a memory error detector for x86-linux.
==23962== Copyright (C) 2002, and GNU GPL'd, by Julian Seward.
==23962== Using valgrind-1.9.5, a program instrumentation system for x86-linux.
==23962== Copyright (C) 2000-2002, and GNU GPL'd, by Julian Seward.
==23962==
==23962== My PID = 23962, parent PID = 23961. Prog and args are:
==23962== /home/emonsler/usr/local/bin/avdisplay2.55
==23962== -ip
==23962== 192.168.51.144
==23962==
==23962== Startup, with flags:
==23962== --suppressions=/home/emonsler/testing/lib/valgrind/default.supp
==23962== --num-callers=8
==23962== --logfile=/tmp/LindaCrash
==23962== --workaround-gcc296-bugs=yes
==23962== --leak-check=yes
==23962== --run-libc-freeres=no
==23962== -v
==23962== Reading suppressions file: /home/emonsler/testing/lib/valgrind/default.supp
==23962== Estimated CPU clock rate is 870 MHz
==23962==
==23962== Reading syms from /home/emonsler/usr/local/bin/avdisplay2.55
==23962== Reading syms from /lib/ld-2.2.2.so
==23962== Reading syms from /home/emonsler/testing/lib/valgrind/vgskin_memcheck.so
==23962== Reading syms from /home/emonsler/testing/lib/valgrind/valgrind.so
==23962== Reading syms from /home/emonsler/usr/local/lib/libgtk-1.2.so.0.9.1
==23962== Reading syms from /home/emonsler/usr/local/lib/libgdk-1.2.so.0.9.1
==23962== Reading syms from /home/emonsler/usr/local/lib/libgtkextra-0.99.so.17.0.0
==23962== Reading syms from /home/emonsler/usr/local/lib/libglib-1.2.so.0.0.10
==23962== Reading syms from /lib/i686/libm-2.2.2.so
==23962== Reading syms from /home/emonsler/usr/local/lib/libgmodule-1.2.so.0.0.10
==23962== Reading syms from /lib/libdl-2.2.2.so
==23962== Reading syms from /usr/X11R6/lib/libXext.so.6.4
==23962== object doesn't have any debug info
==23962== Reading syms from /usr/X11R6/lib/libX11.so.6.2
==23962== object doesn't have any debug info
==23962== Reading syms from /lib/i686/libc-2.2.2.so
==23962== Reading syms from /usr/lib/gconv/ISO8859-1.so
==23962== object doesn't have any debug info
==23962== Reading syms from /lib/libnss_compat-2.2.2.so
==23962== Reading syms from /lib/libnsl-2.2.2.so
==23962== Invalid write of size 1
==23962== at 0x4063A114: _IO_default_xsputn (genops.c:429)
==23962== by 0x406305D2: _IO_padn (iopadn.c:66)
==23962== by 0x40619B0C: __printf_fp (printf_fp.c:1073)
==23962== by 0x40614B84: _IO_vfprintf (_itoa.h:49)
==23962== by 0x40631201: _IO_vsprintf (iovsprintf.c:47)
==23962== by 0x4048FF93: g_strdup_vprintf (gstrfuncs.c:158)
==23962== by 0x40492980: g_string_sprintfa_int (gstring.c:483)
==23962== by 0x404929E9: g_string_sprintf (gstring.c:498)
==23962== Address 0x417D9399 is 0 bytes after a block of size 1 alloc'd
==23962== at 0x40169340: malloc (vg_clientfuncs.c:103)
==23962== by 0x40485AF6: g_malloc (gmem.c:177)
==23962== by 0x4048FF7C: g_strdup_vprintf (gstrfuncs.c:156)
==23962== by 0x40492980: g_string_sprintfa_int (gstring.c:483)
==23962== by 0x404929E9: g_string_sprintf (gstring.c:498)
==23962== by 0x8057FBF: vGenMetDispMsgHandling (avd_genmet.c:2220)
==23962== by 0x8062DF8: vPassMessageToDisplay (avd_disp_msgs.c:1033)
==23962== by 0x806381B: vReadIncomingUDP (avd_disp_msgs.c:1496)
==23962==
==23962== Invalid write of size 1
==23962== at 0x40619770: __printf_fp (printf_fp.c:1143)
==23962== by 0x40614B84: _IO_vfprintf (_itoa.h:49)
==23962== by 0x40631201: _IO_vsprintf (iovsprintf.c:47)
==23962== by 0x4048FF93: g_strdup_vprintf (gstrfuncs.c:158)
==23962== by 0x40492980: g_string_sprintfa_int (gstring.c:483)
==23962== by 0x404929E9: g_string_sprintf (gstring.c:498)
==23962== by 0x8057FBF: vGenMetDispMsgHandling (avd_genmet.c:2220)
==23962== by 0x8062DF8: vPassMessageToDisplay (avd_disp_msgs.c:1033)
==23962== Address 0x417D939D is 4 bytes after a block of size 1 alloc'd
==23962== at 0x40169340: malloc (vg_clientfuncs.c:103)
==23962== by 0x40485AF6: g_malloc (gmem.c:177)
==23962== by 0x4048FF7C: g_strdup_vprintf (gstrfuncs.c:156)
==23962== by 0x40492980: g_string_sprintfa_int (gstring.c:483)
==23962== by 0x404929E9: g_string_sprintf (gstring.c:498)
==23962== by 0x8057FBF: vGenMetDispMsgHandling (avd_genmet.c:2220)
==23962== by 0x8062DF8: vPassMessageToDisplay (avd_disp_msgs.c:1033)
==23962== by 0x806381B: vReadIncomingUDP (avd_disp_msgs.c:1496)
==23962==
==23962== Invalid write of size 1
==23962== at 0x40631230: _IO_vsprintf (iovsprintf.c:50)
==23962== by 0x4048FF93: g_strdup_vprintf (gstrfuncs.c:158)
==23962== by 0x40492980: g_string_sprintfa_int (gstring.c:483)
==23962== by 0x404929E9: g_string_sprintf (gstring.c:498)
==23962== by 0x8057FBF: vGenMetDispMsgHandling (avd_genmet.c:2220)
==23962== by 0x8062DF8: vPassMessageToDisplay (avd_disp_msgs.c:1033)
==23962== by 0x806381B: vReadIncomingUDP (avd_disp_msgs.c:1496)
==23962== by 0x403B6A1B: gdk_io_invoke (gdkevents.c:882)
==23962== Address 0x417D93A2 is 9 bytes after a block of size 1 alloc'd
==23962== at 0x40169340: malloc (vg_clientfuncs.c:103)
==23962== by 0x40485AF6: g_malloc (gmem.c:177)
==23962== by 0x4048FF7C: g_strdup_vprintf (gstrfuncs.c:156)
==23962== by 0x40492980: g_string_sprintfa_int (gstring.c:483)
==23962== by 0x404929E9: g_string_sprintf (gstring.c:498)
==23962== by 0x8057FBF: vGenMetDispMsgHandling (avd_genmet.c:2220)
==23962== by 0x8062DF8: vPassMessageToDisplay (avd_disp_msgs.c:1033)
==23962== by 0x806381B: vReadIncomingUDP (avd_disp_msgs.c:1496)
==23962==
==23962== Invalid read of size 1
==23962== at 0x40169BF9: strlen (vg_clientfuncs.c:439)
==23962== by 0x40492062: g_string_append (gstring.c:296)
==23962== by 0x40492996: g_string_sprintfa_int (gstring.c:484)
==23962== by 0x404929E9: g_string_sprintf (gstring.c:498)
==23962== by 0x8057FBF: vGenMetDispMsgHandling (avd_genmet.c:2220)
==23962== by 0x8062DF8: vPassMessageToDisplay (avd_disp_msgs.c:1033)
==23962== by 0x806381B: vReadIncomingUDP (avd_disp_msgs.c:1496)
==23962== by 0x403B6A1B: gdk_io_invoke (gdkevents.c:882)
==23962== Address 0x417D9399 is 0 bytes after a block of size 1 alloc'd
==23962== at 0x40169340: malloc (vg_clientfuncs.c:103)
==23962== by 0x40485AF6: g_malloc (gmem.c:177)
==23962== by 0x4048FF7C: g_strdup_vprintf (gstrfuncs.c:156)
==23962== by 0x40492980: g_string_sprintfa_int (gstring.c:483)
==23962== by 0x404929E9: g_string_sprintf (gstring.c:498)
==23962== by 0x8057FBF: vGenMetDispMsgHandling (avd_genmet.c:2220)
==23962== by 0x8062DF8: vPassMessageToDisplay (avd_disp_msgs.c:1033)
==23962== by 0x806381B: vReadIncomingUDP (avd_disp_msgs.c:1496)
==23962==
==23962== Invalid read of size 1
==23962== at 0x40169C1E: strcpy (vg_clientfuncs.c:446)
==23962== by 0x40492092: g_string_append (gstring.c:299)
==23962== by 0x40492996: g_string_sprintfa_int (gstring.c:484)
==23962== by 0x404929E9: g_string_sprintf (gstring.c:498)
==23962== by 0x8057FBF: vGenMetDispMsgHandling (avd_genmet.c:2220)
==23962== by 0x8062DF8: vPassMessageToDisplay (avd_disp_msgs.c:1033)
==23962== by 0x806381B: vReadIncomingUDP (avd_disp_msgs.c:1496)
==23962== by 0x403B6A1B: gdk_io_invoke (gdkevents.c:882)
==23962== Address 0x417D9399 is 0 bytes after a block of size 1 alloc'd
==23962== at 0x40169340: malloc (vg_clientfuncs.c:103)
==23962== by 0x40485AF6: g_malloc (gmem.c:177)
==23962== by 0x4048FF7C: g_strdup_vprintf (gstrfuncs.c:156)
==23962== by 0x40492980: g_string_sprintfa_int (gstring.c:483)
==23962== by 0x404929E9: g_string_sprintf (gstring.c:498)
==23962== by 0x8057FBF: vGenMetDispMsgHandling (avd_genmet.c:2220)
==23962== by 0x8062DF8: vPassMessageToDisplay (avd_disp_msgs.c:1033)
==23962== by 0x806381B: vReadIncomingUDP (avd_disp_msgs.c:1496)
==23962==
==23962== Invalid read of size 1
==23962== at 0x40169C18: strcpy (vg_clientfuncs.c:446)
==23962== by 0x40492092: g_string_append (gstring.c:299)
==23962== by 0x40492996: g_string_sprintfa_int (gstring.c:484)
==23962== by 0x404929E9: g_string_sprintf (gstring.c:498)
==23962== by 0x8057FBF: vGenMetDispMsgHandling (avd_genmet.c:2220)
==23962== by 0x8062DF8: vPassMessageToDisplay (avd_disp_msgs.c:1033)
==23962== by 0x806381B: vReadIncomingUDP (avd_disp_msgs.c:1496)
==23962== by 0x403B6A1B: gdk_io_invoke (gdkevents.c:882)
==23962== Address 0x417D9399 is 0 bytes after a block of size 1 alloc'd
==23962== at 0x40169340: malloc (vg_clientfuncs.c:103)
==23962== by 0x40485AF6: g_malloc (gmem.c:177)
==23962== by 0x4048FF7C: g_strdup_vprintf (gstrfuncs.c:156)
==23962== by 0x40492980: g_string_sprintfa_int (gstring.c:483)
==23962== by 0x404929E9: g_string_sprintf (gstring.c:498)
==23962== by 0x8057FBF: vGenMetDispMsgHandling (avd_genmet.c:2220)
==23962== by 0x8062DF8: vPassMessageToDisplay (avd_disp_msgs.c:1033)
==23962== by 0x806381B: vReadIncomingUDP (avd_disp_msgs.c:1496)
==23962==
==23962== Invalid write of size 1
==23962== at 0x4063B565: _IO_str_overflow (strops.c:175)
==23962== by 0x4063A0DA: _IO_default_xsputn (genops.c:434)
==23962== by 0x406305D2: _IO_padn (iopadn.c:66)
==23962== by 0x40619B0C: __printf_fp (printf_fp.c:1073)
==23962== by 0x40614B84: _IO_vfprintf (_itoa.h:49)
==23962== by 0x40631201: _IO_vsprintf (iovsprintf.c:47)
==23962== by 0x4048FF93: g_strdup_vprintf (gstrfuncs.c:158)
==23962== by 0x40492980: g_string_sprintfa_int (gstring.c:483)
==23962== Address 0x0 is not stack'd, malloc'd or free'd
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
