The following issue has been SUBMITTED. 
Reported By:                Franklin
Assigned To:                BusyBox
Project:                    BusyBox
Issue ID:                   1272
Category:                   Standards Compliance
Reproducibility:            always
Severity:                   crash
Priority:                   normal
Status:                     assigned
Date Submitted:             03-12-2007 18:30 PDT
Last Modified:              03-12-2007 18:30 PDT
Summary:                    ash crashes on mpc8349 powerpc platform - free
invalid pointer
I used to post a message on mailing list, and now I think it should be a

Recently I'm playing embedded system running on mpc8349 (powerpc).
I built the toolchain myself, including glibc-2.4, binutils-2.17 and
Then I downloaded the busybox 1.4.1 and built it.  However, when running 
starting script, it shown the following messages and the system was

*** glibc detected *** -sh: free(): invalid pointer: 0x1007f1a8 ***
======= Backtrace: =========

I tried to hack into shells/ash.c, added some debug messages and found
in the popstackmark() in ash.c (about line 8315+), 

        while (stackp != mark->stackp) {
                sp = stackp;
                stackp = sp->prev;

in some cases the mark->stackp became NULL, so the stackp would never be
to mark->stackp, then finally it will try to free the stackbase, which is
static non-pointer struct variable, and glibc complains about it.

I don't know what cases cause the mark->stackp become NULL. I think that
mark itself might be invalid too.  Right now I just added a 

if (!mark->stackp) return;

before the while loop, and the shell goes well.  It is a ugly solution,
but I have no idea about how to dig more.

