Bug#457337: libc6: mremap() returns invalid address

To: Andreas Kloeckner <inform@tiker.net>, 457337@bugs.debian.org
Subject: Bug#457337: libc6: mremap() returns invalid address
From: Daniel Jacobowitz <drow@false.org>
Date: Fri, 21 Dec 2007 15:25:38 -0500
Message-id: <[🔎] 20071221202538.GA14417@caradoc.them.org>
Reply-to: Daniel Jacobowitz <drow@false.org>, 457337@bugs.debian.org
In-reply-to: <[🔎] 20071221171543.20293.34899.reportbug@tuck.camp.tiker.net>
References: <[🔎] 20071221171543.20293.34899.reportbug@tuck.camp.tiker.net>

On Fri, Dec 21, 2007 at 12:15:43PM -0500, Andreas Kloeckner wrote:
> Breakpoint 1, mmap_resize (m=0x2b6a5b236010, oldp=0x2b6a5bdb4000,
> nb=406784) at src/gklib/dlmalloc.c:2358
> 2358        if (cp != CMFAIL) {

So you're here...

> 2356        char* cp = (char*)CALL_MREMAP((char*)oldp - offset,
> 2357                                      oldmmsize, newmmsize, 1);

Having just done this...

> #define CALL_MREMAP(addr, osz, nsz, mv) ((void)(addr),(void)(osz), \
>                                          (void)(nsz), (void)(mv),MFAIL)

Which you said expands to this...

> (gdb) p cp
> $3 = 0x5bdb4000 <Address 0x5bdb4000 out of bounds>

So how can this possibly be true, and how does mremap have anything to
do with your problem?  Nowhere in this code are you calling it.

I think we need a testcase for this problem, if you are convinced it
has something to do with glibc.  Also try strace.

-- 
Daniel Jacobowitz
CodeSourcery

Reply to:

Follow-Ups:
- Bug#457337: libc6: mremap() returns invalid address
  - From: Andreas Klöckner <inform@tiker.net>

References:
- Bug#457337: libc6: mremap() returns invalid address
  - From: Andreas Kloeckner <inform@tiker.net>

Prev by Date: Bug#457351: locales: Please add a locale file for Kashmiri/India
Next by Date: Bug#457337: libc6: mremap() returns invalid address
Previous by thread: Bug#457337: libc6: mremap() returns invalid address
Next by thread: Bug#457337: libc6: mremap() returns invalid address
Index(es):
- Date
- Thread