On Fri, Nov 30, 2012 at 7:01 PM, Mans Rullgard mans.rullgard@linaro.org wrote:
On 30 November 2012 10:39, Ajeet Yadav ajeet.yadav.77@gmail.com wrote:
Linux version 3.0.33 (Cortex A15) Below program crashes with 2.14.1 glibc but runs fine with 2.11.1 glibc.
#include <pthread.h> #include <stdio.h> #include <stdlib.h> #include <signal.h> #include <string.h> #include <errno.h>
#define MAX_LINE_SIZE 80
#define MAX_THREAD 20 #define MAX_POPEN 10 #define MALLOC_SIZE 16
void* pipe_thread(void *arg) { int i; char *p = NULL; FILE *fp[MAX_POPEN]; char shellCommand[MAX_LINE_SIZE];
memset(shellCommand, 0x00, MAX_LINE_SIZE); sprintf(shellCommand, "mount"); signal(SIGPIPE, SIG_IGN); while (1) { for (i = 0; i < MAX_POPEN; ++i) { fp[i] = popen(shellCommand, "r"); } if (p) { free(p); } for (i = 0; i < MAX_POPEN; ++i) { if (fp[i]) pclose(fp[i]); } p = malloc(MALLOC_SIZE); if (p) memset(p, 0, MALLOC_SIZE); } return NULL;
}
int main(int argc, char *argv[]) { int i; pthread_t tid;
for (i = 0; i < MAX_THREAD; ++i) { pthread_create(&tid, NULL, &pipe_thread, (void*)NULL); } sleep(60);
}
On returning from main(), all open streams are closed, but your threads are still running and might call pclose() on an already closed FILE, which is not allowed.
-- Mans Rullgard / mru
At first thank you for feedback, About code, their is sleep of 1 minutes, but I found that most of the time the code crashes before 1 minute is passed. More important, is that this problem never occur on 2.11.1 glibc. Yesturday I have been able to fix this issue with below patch, now this problem no longer occurs. But still my interest is 1> Why this patch fixes the problem ? 2> What change between 2.11.1 and 2.14.1 caused this problem ------------------------------------------------------------------------------- diff --git a/libio/iopopen.c b/libio/iopopen.c index 1a5cc0f..888a57f 100644 --- a/libio/iopopen.c +++ b/libio/iopopen.c @@ -299,6 +299,7 @@ _IO_new_popen (command, mode) new_f = (struct locked_FILE *) malloc (sizeof (struct locked_FILE)); if (new_f == NULL) return NULL; + memset(new_f, 0, sizeof (struct locked_FILE)); #ifdef _IO_MTSAFE_IO new_f->fpx.file.file._lock = &new_f->lock; #endif --------------------------------------------------------------------------------------------