From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 5135 invoked from network); 18 May 2004 19:32:16 -0000 Received: from thor.dotsrc.org (HELO a.mx.sunsite.dk) (130.225.247.86) by ns1.primenet.com.au with SMTP; 18 May 2004 19:32:16 -0000 Received: (qmail 29778 invoked from network); 18 May 2004 19:32:04 -0000 Received: from sunsite.dk (130.225.247.90) by a.mx.sunsite.dk with SMTP; 18 May 2004 19:32:04 -0000 Received: (qmail 17512 invoked by alias); 18 May 2004 19:32:02 -0000 Mailing-List: contact zsh-workers-help@sunsite.dk; run by ezmlm Precedence: bulk X-No-Archive: yes X-Seq: 19957 Received: (qmail 17503 invoked from network); 18 May 2004 19:32:01 -0000 Received: from thor.dotsrc.org (HELO a.mx.sunsite.dk) (qmailr@130.225.247.86) by sunsite.dk with SMTP; 18 May 2004 19:31:58 -0000 Received: (qmail 29640 invoked from network); 18 May 2004 19:31:58 -0000 Received: from nef.ens.fr (129.199.96.32) by a.mx.sunsite.dk with SMTP; 18 May 2004 19:31:56 -0000 Received: from clipper.ens.fr (clipper-gw.ens.fr [129.199.1.22]) by nef.ens.fr (8.12.10/1.01.28121999) with ESMTP id i4IJUuRv030440 ; Tue, 18 May 2004 21:30:56 +0200 (CEST) Received: from (george@localhost) by clipper.ens.fr (8.12.3/jb-1.1) Date: Tue, 18 May 2004 21:30:55 +0200 From: Nicolas George To: Clint Adams Cc: zsh-workers@sunsite.dk, 249627@bugs.debian.org Subject: Re: Bug#249627: Alias + LC_CTYPE + function => segmentation fault Message-ID: <20040518193055.GB6702@clipper.ens.fr> References: <20040518152257.GA11291@clipper.ens.fr> <20040518155325.GA6069@scowler.net> <20040518163903.GA29789@clipper.ens.fr> <20040518185734.GA8703@scowler.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="s/l3CgOIzMHHjg/5" Content-Disposition: inline In-Reply-To: <20040518185734.GA8703@scowler.net> User-Agent: Mutt/1.4.2i X-Spam-Checker-Version: SpamAssassin 2.63 on a.mx.sunsite.dk X-Spam-Level: X-Spam-Status: No, hits=0.0 required=6.0 tests=none autolearn=no version=2.63 X-Spam-Hits: 0.0 --s/l3CgOIzMHHjg/5 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Le decadi 30 flor=E9al, an CCXII, Clint Adams a =E9crit=A0: > If you rebuild the deb with DEB_BUILD_OPTIONS=3D"debug", you'll get some > more verbose output from gdb. I built only with ./configure, but I confess I did not check that the build options enabled debugging, as they usually do with ./configure. I re-tried with --enable-zsh-debug --enable-zsh-mem-debug --enable-zsh-hash-debug. Here is the new backtrace: Program received signal SIGSEGV, Segmentation fault. 0x4011513c in mallopt () from /lib/tls/i686/cmov/libc.so.6 (gdb) where #0 0x4011513c in mallopt () from /lib/tls/i686/cmov/libc.so.6 #1 0x080b3f30 in gettext2 (state=3D0x40aa6070) at text.c:343 Previous frame inner to this frame (corrupt stack?) > zsh doesn't call mallopt() directly; it's probably being called from > another libc function such as free(). Can you repeat the problem under > valgrind with appropriate options? Does it reveal anything? I do not know valgrind, so I am not sure which are the appropriate options, but a raw "HOME=3D/tmp/empty valgrind ./Src/zsh" gives sime interesting details: [snip a lot of initialization] zsh: failed to load module: zsh/zle <--- I did not make install ssecem% alias frobnicate=3D"LC_CTYPE=3Den_US.UTF-8" ssecem% alias date=3D"frobnicate date" ssecem% function date { command date; echo done } ssecem% date =3D=3D29387=3D=3D Warning: invalid file descriptor -1 in syscall close() =3D=3D29387=3D=3D Warning: invalid file descriptor -1 in syscall close() Tue May 18 21:11:15 CEST 2004 done ssecem% date =3D=3D29385=3D=3D=20 =3D=3D29385=3D=3D Invalid free() / delete / delete[] =3D=3D29385=3D=3D at 0x3C01F918: free (vg_replace_malloc.c:127) =3D=3D29385=3D=3D by 0x808DC1D: zsfree (mem.c:1399) =3D=3D29385=3D=3D by 0x809B2D1: delenv (params.c:3455) =3D=3D29385=3D=3D by 0x80698F3: save_params (exec.c:2523) =3D=3D29385=3D=3D Address 0x3C3C9B24 is 0 bytes inside a block of size 21 = free'd =3D=3D29385=3D=3D at 0x3C01F918: free (vg_replace_malloc.c:127) =3D=3D29385=3D=3D by 0x808DC1D: zsfree (mem.c:1399) =3D=3D29385=3D=3D by 0x809B1A8: addenv (params.c:3402) =3D=3D29385=3D=3D by 0x8069C67: restore_params (exec.c:2594) =3D=3D29389=3D=3D Warning: invalid file descriptor -1 in syscall close() =3D=3D29389=3D=3D Warning: invalid file descriptor -1 in syscall close() Tue May 18 21:11:17 CEST 2004 done Again, I can make a core file available if you need it. I guess the final core would be rather useless, since according to valgrind, the memory is probably already corrupted at this point, but I can use gdb to produce a core at the entrance of save_params. --s/l3CgOIzMHHjg/5 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (SunOS) iD8DBQFAqmRusGPZlzblTJMRAuDBAKCkRz7bG3xPQ6UUMU+JnK9cw3ZttwCgjV56 yc8s9Na5RDjI3+wO6ZWMLyE= =7uP4 -----END PGP SIGNATURE----- --s/l3CgOIzMHHjg/5--