[Bug libgcc/116637] New: malloc and calloc assertion fails when two consecutive sizes don't match

Fri, 06 Sep 2024 21:47:41 -0700 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=116637

            Bug ID: 116637
           Summary: malloc and calloc assertion fails when two consecutive
                    sizes don't match
           Product: gcc
           Version: 13.3.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: libgcc
          Assignee: unassigned at gcc dot gnu.org
          Reporter: pgmer6809 at yahoo dot com
  Target Milestone: ---

I am running Mint 22 Wilma cinnamon.(derived from Debian 13 via Ubuntu 22.04)
Believe this is a bug in the gnulibc.a library.

Here it is:
    I have a function that calls calloc (or malloc) to allocate an area of 'N'
integers. At the end of the function I free the alloc.
    The next time I call the function if the number of integers is different
from N, I get the following assertion and then a core dump:

    malloc.c:2617: sysmalloc: Assertion `(old_top == initial_top (av) &&
old_size == 0) || ((unsigned long) (old_size) >= MINSIZE && prev_inuse
(old_top) && ((unsigned long) old_end & (pagesize - 1)) == 0)' failed.

Here is some sample output:

    Description: Tag 28 Name HCP_JGM Strain NoTrump Size 10M Seed 919
:Top=34.00 step=0.50
    ../src/deal_bktfreq_subs.c:222 Show Freq2d Calling: calloc nelem=14 Alloc
Size=56
    ../src/deal_bktfreq_subs.c:226 Show Freq2d calloc Returns
ptr=0x55b20d961300 nelem=14 Alloc Size=56
    Low 1500 1600 1700 1800 1900 2000 2100 2200 Sum
    Low 2 0 0 0 0 0 0 0 0 0 0
    1500 0 1 0 0 0 0 0 0 0 0 0
    1600 0 0 0 0 0 0 0 0 0 0 0

    ../src/deal_bktfreq_subs.c:260 Calling free(col_tot) calloc
ptr=0x55b20d961300

    Description: Tag 29 Name CCCC Strain NoTrump Size 10M Seed 919 :Top=37.00
step=0.50
    ../src/deal_bktfreq_subs.c:222 Show Freq2d Calling: calloc nelem=13 Alloc
Size=52
    dealdbg: malloc.c:2617: sysmalloc: Assertion `(old_top == initial_top (av)
&& old_size == 0) || ((unsigned long) (old_size) >= MINSIZE && prev_inuse
(old_top) && ((unsigned long) old_end & (pagesize - 1)) == 0)' failed.
    Aborted (core dumped)

and here is the code that does the above:

int *col_tot ;
   JGMDPRT(5,"Show Freq2d Calling: calloc nelem=%d Alloc Size=%ld \n",
a_bkt->Num, sizeof(int)*a_bkt->Num ) ; //<====== Line 222

   col_tot = (int *)calloc( (size_t)a_bkt->Num , sizeof(int) ) ;   //calloc
will set them to zero to start.
   if (NULL == col_tot ) { perror("show_freq2D cant allocate RAM for Column
Totals"); return(-7) ; }
   JGMDPRT(5,"Show Freq2d calloc Returns ptr=%p nelem=%d Alloc Size=%ld
\n",(void*)col_tot, a_bkt->Num, sizeof(int)*a_bkt->Num ) ;  //<====== line 226

<SNIP>

   JGMDPRT(5,"Calling free(col_tot) calloc ptr=%p\n", (void *)col_tot ) ; 
   free((void*)col_tot) ;  /* free RAM per this local var*/ //<==== line 260
   return(1) ;

Reply via email to