reassign 165603 libc6 thanks Hi,
Please see http://bugs.debian.org/165603 for context. The summary is that apropos segfaults inside regexec() when using glibc 2.3.1 in a locale other than C. To reproduce, get http://people.debian.org/~branden/bug165603_index.bt.bz2, uncompress, install as ~/man/index.bt, 'export LC_ALL=en_US' (or some other non-C locale installed on the system), and run 'apropos -M ~/man xkb'. There are no problems with glibc 2.2.5, and according to the NEWS file glibc's regex implementation has just been completely rewritten. On Tue, Oct 22, 2002 at 01:54:10AM +0100, Colin Watson wrote: > Aha! On the off-chance, I tried this in a chroot with glibc 2.3.1 and it > segfaulted. Ditto with en_US, which I'm guessing Branden's using. I now believe that this is a bug in glibc. Unfortunately I can't persuade either gdb or valgrind to give me any line number information from /usr/lib/debug/libc.so.6, so I can't debug it in any more detail. (Is this a bug too? If so, I can file it separately.) > (gdb) bt > #0 0x400c29e3 in re_exec () from /lib/libc.so.6 > #1 0x400c27c3 in re_exec () from /lib/libc.so.6 > #2 0x400bdae3 in re_exec () from /lib/libc.so.6 > #3 0x400bd1f2 in regexec () from /lib/libc.so.6 > #4 0x080498ad in parse_whatis (page=0xbffffee8 "xkb", lowpage=0x8050b40 > "xkb", > whatis=0x807b00a "the ISO 8859-2 character set encoded in octal, decimal, > and hexadecimal") at whatis.c:413 > #5 0x08049a3e in apropos (page=0xbffffee8 "xkb", lowpage=0x8050b40 "xkb") at > whatis.c:488 > #6 0x08049d44 in search (page=0xbffffee8 "xkb") at whatis.c:563 > #7 0x0804a0b3 in main (argc=4, argv=0xbffffdd4) at whatis.c:711 A more useful backtrace with the aid of libc6-dbg is: (gdb) bt #0 0x400c09e3 in re_string_context_at () from /usr/lib/debug/libc.so.6 #1 0x400c07c3 in re_string_reconstruct () from /usr/lib/debug/libc.so.6 #2 0x400bbae3 in re_search_internal () from /usr/lib/debug/libc.so.6 #3 0x400bb1f2 in regexec () from /usr/lib/debug/libc.so.6 #4 0x080498ad in parse_whatis (page=0xbffffec6 "xkb", lowpage=0x8050b40 "xkb", whatis=0x807b00a "the ISO 8859-2 character set encoded in octal, decimal, and hexadecimal") at whatis.c:413 #5 0x08049a3e in apropos (page=0xbffffec6 "xkb", lowpage=0x8050b40 "xkb") at whatis.c:488 #6 0x08049d44 in search (page=0xbffffec6 "xkb") at whatis.c:563 #7 0x0804a0b3 in main (argc=4, argv=0xbffffdb4) at whatis.c:711 There seems to be some subtle memory corruption. I haven't managed to pin any of this down to a segfault with a test program yet. However, I can pin it down to something valgrind complains about quite easily, so I would suggest that that would be the first place to look. $ cat regtest.c #include <stdio.h> #include <regex.h> int main (int argc, char **argv) { regex_t preg; int errcode; errcode = regcomp (&preg, "xkb", REG_EXTENDED | REG_NOSUB | REG_ICASE); if (errcode) { perror ("regcomp"); return 1; } errcode = regexec (&preg, "hello world", 0, (regmatch_t *) 0, 0); if (errcode == 0) { fprintf (stderr, "regexec succeeded incorrectly\n"); return 1; } else if (errcode != REG_NOMATCH) { perror ("regexec"); return 1; } return 0; } $ LD_LIBRARY_PATH=/usr/lib/debug valgrind -v --num-callers=20 ./regtest ==7085== valgrind-1.0.3, a memory error detector for x86 GNU/Linux. ==7085== Copyright (C) 2000-2002, and GNU GPL'd, by Julian Seward. ==7085== Startup, with flags: ==7085== --suppressions=/usr/lib/valgrind/woody.supp ==7085== -v ==7085== --num-callers=20 ==7085== Reading suppressions file: /usr/lib/valgrind/woody.supp ==7085== Reading syms from /home/cjwatson/regtest ==7085== object doesn't have any debug info ==7085== Reading syms from /lib/ld-2.3.1.so ==7085== object doesn't have any debug info ==7085== Reading syms from /usr/lib/valgrind/valgrind.so ==7085== Reading syms from /usr/lib/debug/libc-2.3.1.so ==7085== Estimated CPU clock rate is 506 MHz ==7085== ==7085== Conditional jump or move depends on uninitialised value(s) ==7085== at 0x402F4AAC: re_search_internal (in /usr/lib/debug/libc-2.3.1.so) ==7085== by 0x402F41F2: __regexec (in /usr/lib/debug/libc-2.3.1.so) ==7085== by 0x8048507: main (in /home/cjwatson/regtest) ==7085== by 0x402609D3: __libc_start_main (in /usr/lib/debug/libc-2.3.1.so) ==7085== by 0x80483F1: (within /home/cjwatson/regtest) ==7085== ==7085== ERROR SUMMARY: 12 errors from 1 contexts (suppressed: 0 from 0) ==7085== ==7085== 12 errors in context 1 of 1: ==7085== Conditional jump or move depends on uninitialised value(s) ==7085== at 0x402F4AAC: re_search_internal (in /usr/lib/debug/libc-2.3.1.so) ==7085== by 0x402F41F2: __regexec (in /usr/lib/debug/libc-2.3.1.so) ==7085== by 0x8048507: main (in /home/cjwatson/regtest) ==7085== by 0x402609D3: __libc_start_main (in /usr/lib/debug/libc-2.3.1.so) ==7085== by 0x80483F1: (within /home/cjwatson/regtest) ==7085== IN SUMMARY: 12 errors from 1 contexts (suppressed: 0 from 0) ==7085== ==7085== malloc/free: in use at exit: 684 bytes in 21 blocks. ==7085== malloc/free: 31 allocs, 10 frees, 977 bytes allocated. ==7085== For a detailed leak analysis, rerun with: --leak-check=yes ==7085== --7085-- lru: 0 epochs, 0 clearings. --7085-- translate: new 919 (14529 -> 218524), discard 0 (0 -> 0). --7085-- dispatch: 0 basic blocks, 2/964 sched events, 920 tt_fast misses. --7085-- reg-alloc: 313 t-req-spill, 38365+1974 orig+spill uis, 4766 total-reg-r. --7085-- sanity: 3 cheap, 1 expensive checks. Thanks, -- Colin Watson [EMAIL PROTECTED]
