Bug 9941 - SEGV
Summary: SEGV
Status: CLOSED FIXED
Alias: None
Product: Sisyphus
Classification: Development
Component: grep (show other bugs)
Version: unstable
Hardware: all Linux
: P2 blocker
Assignee: placeholder@altlinux.org
QA Contact: qa-sisyphus
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-08-31 10:21 MSD by at@altlinux.org
Modified: 2006-09-05 13:18 MSD (History)
3 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description at@altlinux.org 2006-08-31 10:21:15 MSD
$ /bin/grep -m10 -C1 -E '( error:|Command not found)'
/raid/beehive/error/kdebase-3.5.3-alt3 >/dev/null
zsh: segmentation fault  /bin/grep -m10 -C1 -E '( error:|Command not found)'  >
/dev/null
$ /bin/grep -w $(($?-128)) /usr/include/bits/signum.h 
#define SIGSEGV         11      /* Segmentation violation (ANSI).  */
$
Comment 1 Dmitry V. Levin 2006-08-31 13:48:52 MSD
$ egrep -m9 -A1 '( error:|Command not found)'
/raid/beehive/error/kdebase-3.5.3-alt3 >/dev/null
$ egrep -m10 -A1 '( error:|Command not found)'
/raid/beehive/error/kdebase-3.5.3-alt3 >/dev/null
Segmentation fault
$ egrep -m11 -A1 '( error:|Command not found)'
/raid/beehive/error/kdebase-3.5.3-alt3 >/dev/null
Comment 2 Dmitry V. Levin 2006-09-02 20:17:22 MSD
С наскока не зафиксилось...

x86_64$ grep -F -c ' error:' kdebase-3.5.3-alt3.log
10
x86_64$ valgrind ./grep -E -m10 -A1 '( error:|zz )' <kdebase-3.5.3-alt3.log
>/dev/null 
==1234== Memcheck, a memory error detector.
==1234== Copyright (C) 2002-2006, and GNU GPL'd, by Julian Seward et al.
==1234== Using LibVEX rev 1606, a library for dynamic binary translation.
==1234== Copyright (C) 2004-2006, and GNU GPL'd, by OpenWorks LLP.
==1234== Using valgrind-3.2.0, a dynamic binary instrumentation framework.
==1234== Copyright (C) 2000-2006, and GNU GPL'd, by Julian Seward et al.
==1234== For more details, rerun with: -v
==1234== 
==1234== Use of uninitialised value of size 8
==1234==    at 0x40D161: dfaexec (dfa.c:2915)
==1234==    by 0x411B4D: EGexecute (search.c:392)
==1234==    by 0x403276: prpending (grep.c:631)
==1234==    by 0x4039F8: grep (grep.c:838)
==1234==    by 0x403D7F: grepfile (grep.c:954)
==1234==    by 0x4055F1: main (grep.c:1778)
==1234== 
==1234== Invalid read of size 1
==1234==    at 0x40D153: dfaexec (dfa.c:2915)
==1234==    by 0x411B4D: EGexecute (search.c:392)
==1234==    by 0x403276: prpending (grep.c:631)
==1234==    by 0x4039F8: grep (grep.c:838)
==1234==    by 0x403D7F: grepfile (grep.c:954)
==1234==    by 0x4055F1: main (grep.c:1778)
==1234==  Address 0x5090EE1 is 0 bytes after a block of size 69,633 alloc'd
==1234==    at 0x4B1A98E: malloc (vg_replace_malloc.c:149)
==1234==    by 0x414146: xmalloc (xmalloc.c:87)
==1234==    by 0x40280C: fillbuf (grep.c:357)
==1234==    by 0x403B11: grep (grep.c:866)
==1234==    by 0x403D7F: grepfile (grep.c:954)
==1234==    by 0x4055F1: main (grep.c:1778)
==1234== 
==1234== Process terminating with default action of signal 11 (SIGSEGV)
Comment 3 Dmitry V. Levin 2006-09-02 20:37:03 MSD
Нашёл testcase поменьше:
$ printf 'a1\na\n' |grep -E -m1 -A1 '(a1|b)'
a1
Segmentation fault
Comment 4 Dmitry V. Levin 2006-09-02 20:44:05 MSD
Ещё меньше:

$ printf 'a\nb\n' |env -i grep -m1 -A1 '[a]'
a
Segmentation fault
Comment 5 Dmitry V. Levin 2006-09-02 20:59:36 MSD
Fixed in 2.5.1a-alt2.
Comment 6 at@altlinux.org 2006-09-05 13:18:19 MSD
Ура!