malloc() debugging flags broken on RELENG_5

Dan Nelson dnelson at
Mon Mar 21 11:11:15 PST 2005

In the last episode (Mar 21), Bartosz Fabianowski said:
> >You're not running as root, are you?  The A flag is always set for
> >root or setuid processes as a security measure.
> No, I am running as a normal user.
> >There hasn't been any changes to the malloc code in 5.x since 5.3.
> I realize there shouldn't have been any changes and I also cannot
> find everything in the CVS logs. But when I run Kopete, I get the
> following:
> kopete in free(): error: modified (chunk-) pointer
>                   ^^^^^
> According to the man page, this word should read "warning" instead of
> "error" and the application should not be aborted.

The actual test in the malloc code reads:

    if (malloc_abort || issetugid() || getuid() == 0 || getgid() == 0)

, so it may also trigger if your primary groupid is 0 (wheel).  Just
being a member of the wheel group won't trigger it.
> >File a bugreport; a program must pass the same pointer to free() that
> > it received from malloc().
> Obviously, there is a bug in Kopete. But it runs for other people with 
> earlier versions of RELENG_5. I am currently downgrading to 1st March to 
> see whether that fixes the issue for me.

It might also be caused by some dependant package, and not strictly
kopete's fault.  Depends on what is being freed.

	Dan Nelson
	dnelson at

More information about the freebsd-stable mailing list