malloc() debugging flags broken on RELENG_5
Dan Nelson
dnelson at allantgroup.com
Mon Mar 21 11:11:15 PST 2005
In the last episode (Mar 21), Bartosz Fabianowski said:
> >You're not running as root, are you? The A flag is always set for
> >root or setuid processes as a security measure.
>
> No, I am running as a normal user.
>
> >There hasn't been any changes to the malloc code in 5.x since 5.3.
>
> I realize there shouldn't have been any changes and I also cannot
> find everything in the CVS logs. But when I run Kopete, I get the
> following:
>
> kopete in free(): error: modified (chunk-) pointer
> ^^^^^
> According to the man page, this word should read "warning" instead of
> "error" and the application should not be aborted.
The actual test in the malloc code reads:
if (malloc_abort || issetugid() || getuid() == 0 || getgid() == 0)
wrterror(p)
, so it may also trigger if your primary groupid is 0 (wheel). Just
being a member of the wheel group won't trigger it.
> >File a bugreport; a program must pass the same pointer to free() that
> > it received from malloc().
>
> Obviously, there is a bug in Kopete. But it runs for other people with
> earlier versions of RELENG_5. I am currently downgrading to 1st March to
> see whether that fixes the issue for me.
It might also be caused by some dependant package, and not strictly
kopete's fault. Depends on what is being freed.
--
Dan Nelson
dnelson at allantgroup.com
More information about the freebsd-stable
mailing list