malloc: error pointer being freed was not allocated

Question

malloc: error pointer being freed was not allocated

XhstormR opened this issue 2 years ago · 9 comments

Environment details (Put `x` in the checkbox along with the information)

Operating System: MacOS
Desktop Environment: Darwin 23.4.0 x86_64 i386
Terminal Emulator: alacritty
Shell: fishshell, version 3.7.1
Custom desktop opener (if applicable):
Program options used: -adexoiUH -Te -Pp
Configuration options set:
Plugins are installed: export NNN_PLUG='p:preview-tui;o:fzopen;c:fzcd;z:autojump;x:!chmod +x $nnn*;'
Issue exists on nnn master

Exact steps to reproduce the issue

nnn 4.9 installed from brew, after pressing n to enter nnn, directly enter ? for help, then enter q to exit help, and then press q again to exit nnn, and then an exception will occur.

Exception log:

        Alt ;  Select plugin           =  Launch app
         ! ^]  Shell                   ]  Cmd prompt
nnn(53031,0x7ff84ee82100) malloc: *** error for object 0x2020202020202020: pointer being freed was not allocated
nnn(53031,0x7ff84ee82100) malloc: *** set a breakpoint in malloc_error_break to debug
fish: Job 1, 'command nnn $argv' terminated by signal SIGABRT (Abort)
⏎

Answer 1 · 2024-05-05T12:21:54.000Z

I am unable to reproduce on Ubuntu. Can you please debug further to figure out which pointer is being freed without allocation?

Answer 2 · 2024-05-05T12:49:24.000Z

This is coming from commit 3665541 and the next one.

@N-R-K can you please have a look?

Answer 3 · 2024-05-05T12:49:54.000Z

Can we write directly to fd instead of having the temporary buffer?

Answer 4 · 2024-05-05T13:12:31.000Z

Please confirm that the fix works.

Answer 5 · 2024-05-05T19:49:45.000Z

This looks like a duplicate of #1768

It should be fixed in master. @XhstormR Can you try master branch and confirm?

This is coming from commit 3665541 and the next one.

@jarun I'm pretty sure that that is the commit that fixed the issue. be6988d should not be necessary.

Answer 6 · 2024-05-05T19:53:20.000Z

Can we write directly to fd instead of having the temporary buffer?

Making a syscall for each and every byte seems unnecessary waste of resources to me.

IMO be6988d should be reverted since the bug was already fixed.

OP was using v4.9 instead of master branch. Maybe we can cut a new release soon?

Answer 7 · 2024-05-06T13:36:17.000Z

I reproduced this one master (using fastmac) before attempting the fix.

As for a syscall overhead, I will add a new version to use dprintf.

Answer 8 · 2024-05-07T02:09:45.000Z

I reproduced this one master (using fastmac) before attempting the fix.

Interesting. I don't know how that's possible. The help string is 1832 bytes and the buffer is 2048 bytes. It has more than enough space.

As for a syscall overhead, I will add a new version to use dprintf.

dprintf also makes 1 write syscall per call since dprintf uses file-descriptor directly without any buffering.

You'd need to use a FILE * with fopen + fwrite etc to avoid many syscalls. Do you want to make that change yourself or should I open a PR later today?

Answer 9 · 2024-05-07T05:54:34.000Z

Please raise the PR.

Environment details (Put x in the checkbox along with the information)

Exact steps to reproduce the issue

Environment details (Put `x` in the checkbox along with the information)