[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bug#700354: info: segfault on tab completion on large terminals
From: |
Karl Berry |
Subject: |
Re: Bug#700354: info: segfault on tab completion on large terminals |
Date: |
Wed, 13 Feb 2013 00:47:52 GMT |
> $ echo $LINES $COLUMNS
> 64 208
>
> Start info with the make info file from make-doc 3.81-5.1:
> $ info make
>
> Enter these keystrokes:
> i p TAB TAB
>
> Result: segfault.
I can reproduce this, even without all the special compiler flags (-g only).
E.g., .gdbinit containing:
set env LINES 64
set env COLUMNS 208
set env TERM xterm
set args make --restore drib.iptab
Where drib.iptab is the four characters i p TAB TAB.
Unfortunately, (as usual) it's far from obvious where the memory
corruption is happening. I tried set env MALLOC_CHECK_=2,
-lefence, -lmcheck, and valgrind, but it either didn't crash,
or crashed in the same place you found. How unhelpful.
Sergey, if you have a chance to try to track it down amidst the rest of
life, that would be great. Otherwise, I'll try to pick it up tomorrow.
Thanks,
karl
P.S. Independent of all these settings and input, valgrind reports:
==5435== Conditional jump or move depends on uninitialised value(s)
==5435== at 0x4006A97: strlen (mc_replace_strmem.c:275)
==5435== by 0x80635F3: tags_expand (tag.c:210)
..
==5435== Uninitialised value was created by a heap allocation
==5435== at 0x4005B83: malloc (vg_replace_malloc.c:195)
==5435== by 0x8068EE9: xmalloc (xmalloc.c:41)
==5435== by 0x804E5AD: filesys_read_info_file (filesys.c:629)
However, I can't see what it's complaining about. That line in tag.c is
while ((p = input + strlen (input)) < endp) /* go forward to null */
and I fail to see anything uninitialized about it. Any ideas, anyone?
Anyway, I doubt it's related to the bug here.