[Pkg-mc-devel] Bug#666275: mc: crash when deleting a file with MALLOC_CHECK_, MALLOC_PERTURB_ on

Paul Wise pabs at debian.org
Fri Mar 30 08:02:41 UTC 2012 

Package: mc
Version: 3:4.8.1-3
Severity: normal
Usertags: malloc

While trying to delete a file using mc I got a random crash. I expect
this is because I set MALLOC_CHECK_ and MALLOC_PERTURB_, which turn on
heap consistency checks that help find memory allocation bugs. If the
below backtrace is not useful, please close this bug.

http://www.gnu.org/s/libc/manual/html_node/Heap-Consistency-Checking.html
http://udrepper.livejournal.com/11429.html

pabs at chianamo ~/tmp $ mc
Aborted (core dumped)
pabs at chianamo ~/tmp $ echo $MALLOC_CHECK_ $MALLOC_PERTURB_
2 21
pabs at chianamo ~/tmp $ gdb --core /var/cache/corefiles/core-17348-1000-1000-6-1333093626-chianamo-mc mc
GNU gdb (GDB) 7.4-debian
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/mc...Reading symbols from /usr/lib/debug/.build-id/fa/c1f2dea9a649d7bb1263dce935df337e957af4.debug...done.
done.
[New LWP 17348]

warning: Can't read pathname for load map: Input/output error.
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `mc -b myserver-home/'.
Program terminated with signal 6, Aborted.
#0  0x00007f75bd83c475 in *__GI_raise (sig=<optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
64	../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) thread apply all bt full

Thread 1 (Thread 0x7f75bf054720 (LWP 17348)):
#0  0x00007f75bd83c475 in *__GI_raise (sig=<optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
        pid = <optimized out>
        selftid = <optimized out>
#1  0x00007f75bd83f6f0 in *__GI_abort () at abort.c:92
        act = {__sigaction_handler = {sa_handler = 0x7f75bfc0bde0, sa_sigaction = 0x7f75bfc0bde0}, sa_mask = {__val = {140143704857184, 
              140143704973616, 140143667716554, 140143704284576, 140143673560321, 48, 140143667716554, 48, 140143704859312, 36, 
              140143667716554, 0, 140143667713380, 48, 35, 140143704859312}}, sa_flags = 35, sa_restorer = 0xfe01}
        sigs = {__val = {32, 0 <repeats 15 times>}}
#2  0x00007f75bd87fae0 in malloc_printerr (action=2, str=0x7f75bd95386a "free(): invalid pointer", ptr=0x43c4) at malloc.c:6288
No locals.
#3  0x00007f75bde0f04f in magazine_cache_trim (stamp=<optimized out>, ix=<optimized out>, allocator=<optimized out>)
    at /tmp/buildd/glib2.0-2.28.6/./glib/gslice.c:632
        chunk_size = 32
        current = 0x7f75bfbf6c00
        trash = 0x7f75bfbf70c0
        allocator = 0x7f75be09d300
#4  magazine_cache_push_magazine (ix=<optimized out>, magazine_chunks=<optimized out>, count=<optimized out>)
    at /tmp/buildd/glib2.0-2.28.6/./glib/gslice.c:663
        current = 0x7f75bfbf6c00
        next = <optimized out>
        prev = <optimized out>
#5  0x00007f75bde0f16c in thread_memory_magazine2_unload (ix=<optimized out>, tmem=<optimized out>)
    at /tmp/buildd/glib2.0-2.28.6/./glib/gslice.c:762
        mag = 0x7f75bfb60a00
#6  0x00007f75bde10528 in g_slice_free1 (mem_size=<optimized out>, mem_block=0x7f75bfbe6d60)
    at /tmp/buildd/glib2.0-2.28.6/./glib/gslice.c:889
        tmem = 0x7f75bfb605f0
        ix = 1
        chunk_size = 32
        acat = 3216377328
#7  0x00007f75bdde808f in g_key_file_clear (key_file=0x7f75bfb70ed0) at /tmp/buildd/glib2.0-2.28.6/./glib/gkeyfile.c:249
        tmp = 0x7f75bfbe4d20
        group_node = <optimized out>
        __PRETTY_FUNCTION__ = "g_key_file_clear"
#8  0x00007f75bdde967e in g_key_file_free (key_file=0x7f75bfb70ed0) at /tmp/buildd/glib2.0-2.28.6/./glib/gkeyfile.c:747
        __PRETTY_FUNCTION__ = "g_key_file_free"
---Type <return> to continue, or q <return> to quit---
#9  0x00007f75bf0ceb9a in mc_config_deinit (mc_config=0x7f75bfc12c60) at common.c:136
No locals.
#10 0x00007f75bf0de960 in dlg_read_history (h=<optimized out>) at dialog.c:175
        profile = 0x7f75bfc0bde0 "/home/pabs/.local/share/mc/history"
        event_data = {cfg = 0x7f75bfc12c60, receiver = 0x0}
#11 init_dlg (h=0x7f75bfc0b840) at dialog.c:1095
No locals.
#12 0x00007f75bf0fcd94 in compute_dir_size_create_ui () at file.c:2294
        ui = 0x7f75bfc12890
        b_name = 0x7f75bf14a56f "&Abort"
#13 0x00007f75bf0fd000 in panel_operate_init_totals (panel=0x7f75bfc00e00, source=0x7f75bfc125c0 "/home/pabs/tmp/myserver-home/.profile", 
    ctx=0x7f75bfc0a130, operation=<optimized out>) at file.c:1180
        ui = <optimized out>
        status = <optimized out>
#14 0x00007f75bf1004c3 in panel_operate_init_totals (ctx=0x7f75bfc0a130, source=0x7f75bfc125c0 "/home/pabs/tmp/myserver-home/.profile", 
    panel=0x7f75bfc00e00, operation=OP_DELETE) at file.c:1176
        status = <optimized out>
#15 panel_operate (source_panel=0x7f75bfc00e00, operation=OP_DELETE, force_single=0) at file.c:2688
        panel = 0x7f75bfc00e00
        single_entry = -1077860928
        source = 0x7f75bfbeda60 ".profile"
        source_with_path = 0x7f75bfc125c0 "/home/pabs/tmp/myserver-home/.profile"
        dest = <optimized out>
        temp = 0x0
        save_cwd = 0x0
        save_dest = 0x0
        src_stat = {st_dev = 65025, st_ino = 5933090, st_nlink = 1, st_mode = 33184, st_uid = 1000, st_gid = 1000, __pad0 = 0, 
          st_rdev = 0, st_size = 675, st_blksize = 4096, st_blocks = 8, st_atim = {tv_sec = 1333093622, tv_nsec = 845624718}, st_mtim = {
            tv_sec = 1317110453, tv_nsec = 672308072}, st_ctim = {tv_sec = 1317110453, tv_nsec = 672308072}, __unused = {0, 0, 0}}
        ret_val = 1
        i = <optimized out>
        value = <optimized out>
        ctx = 0x7f75bfc0a130
        tctx = 0x7f75bfc12230
        do_bg = 0
        i18n_flag = 1
#16 0x00007f75bf0f6ddf in delete_cmd () at cmd.c:960
No locals.
---Type <return> to continue, or q <return> to quit---
#17 0x00007f75bf10c78a in midnight_execute_cmd (sender=0x7f75bfbe5200, command=23) at midnight.c:1111
        res = MSG_HANDLED
#18 0x00007f75bf0dd0c2 in buttonbar_call (i=<optimized out>, bb=0x7f75bfbe5200) at buttonbar.c:153
        ret = MSG_NOT_HANDLED
#19 buttonbar_callback (w=0x7f75bfbe5200, msg=<optimized out>, parm=1008) at buttonbar.c:175
        bb = 0x7f75bfbe5200
        i = <optimized out>
        text = <optimized out>
#20 0x00007f75bf0dec2e in send_message (msg=WIDGET_HOTKEY, parm=1008, w=<optimized out>) at ../../lib/widget/widget-common.h:132
No locals.
#21 dlg_try_hotkey (d_key=1008, h=0x7f75bfbf48a0) at dialog.c:453
        hot_cur = 0x7f75bfbe4980
        current = <optimized out>
        handled = <optimized out>
        c = <optimized out>
#22 dlg_key_event (d_key=1008, h=0x7f75bfbf48a0) at dialog.c:498
        handled = <optimized out>
#23 dlg_process_event (h=0x7f75bfbf48a0, key=1008, event=<optimized out>) at dialog.c:1126
No locals.
#24 0x00007f75bf0deed2 in frontend_run_dlg (h=0x7f75bfbf48a0) at dialog.c:557
        d_key = <optimized out>
        event = {buttons = 208 '\320', modifiers = 1 '\001', vc = 48953, dx = 32629, dy = 0, x = -1, y = -16585, type = 32629, 
          clicks = -1086691264, margin = 32629, wdx = -1952, wdy = -16451}
#25 run_dlg (h=0x7f75bfbf48a0) at dialog.c:1158
No locals.
#26 0x00007f75bf10dab1 in create_panels_and_run_mc () at midnight.c:904
No locals.
#27 do_nc () at midnight.c:1660
        midnight_colors = {1, 1, 1, 1, 1}
#28 0x00007f75bf0ad9c5 in main (argc=<optimized out>, argv=<optimized out>) at main.c:516
        error = 0x0
        isInitialized = <optimized out>
(gdb) 

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (700, 'testing'), (600, 'unstable'), (550, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages mc depends on:
ii  e2fslibs      1.42.1-2
ii  libc6         2.13-27
ii  libcomerr2    1.42.1-2
ii  libglib2.0-0  2.28.6-1
ii  libgpm2       1.20.4-4
ii  libslang2     2.2.4-7
ii  mc-data       3:4.8.1-3

Versions of packages mc recommends:
ii  mime-support  3.52-1
ii  perl          5.14.2-9
ii  unzip         6.0-5

Versions of packages mc suggests:
ii  arj                  3.10.22-10
ii  bzip2                1.0.6-1
ii  catdvi               <none>
ii  dbview               <none>
ii  djvulibre-bin        <none>
ii  evince [pdf-viewer]  2.32.0-1
ii  file                 5.11-1
ii  gv                   <none>
ii  imagemagick          8:6.6.9.7-6
ii  odt2txt              <none>
ii  okular [pdf-viewer]  4:4.7.4-2
ii  python               2.7.2-10
ii  python-boto          <none>
ii  python-tz            <none>
ii  w3m                  0.5.3-5
ii  xpdf [pdf-viewer]    3.03-9
ii  zip                  3.0-4


-- 
bye,
pabs

http://wiki.debian.org/PaulWise
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-mc-devel/attachments/20120330/06782591/attachment.pgp>

More information about the Pkg-mc-devel mailing list