ed SEGV

To: debian-bsd@lists.debian.org
Subject: ed SEGV
From: "Joel Baker" <lucifer@lightbearer.com>
Date: Tue, 5 Feb 2002 11:17:30 -0700
Message-id: <[🔎] 20020205111730.A25031@lightbearer.com>

Currently, my copy of ed is throwing SEGV; gdb says this is caused by a
pattern pointer being fed to regexec as 0xffffffff, so it makes some sense.
What doesn't make sense is that the pointer is aquiring this value after
being used in a prior call to regexec - which prototypes that argument as
a (const regex_t *).

I have attached the log of a GDB run over it, to share the confusion...
-- 
***************************************************************************
Joel Baker                           System Administrator - lightbearer.com
lucifer@lightbearer.com              http://users.lightbearer.com/lucifer/

root@deb-bsd:/tmp/Hard/ed-0.2$ cat ed-test/comment.ed 
#!/bin/sh -
/tmp/Hard/ed-0.2/ed - <<'EOT'
H
r /tmp/Hard/ed-0.2/testsuite/comment.d
# lines beginning with a `#' should be ignored
g/./# including in global commands \
s/l/x/\
# and in the command list \
s/x/y/
w comment.o
EOT
root@deb-bsd:/tmp/Hard/ed-0.2$ gdb ./ed
GNU gdb 5.1
Copyright 2001 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-unknown-netbsdelf1.5"...
(gdb) set args -
(gdb) break substitute_matching_text
Breakpoint 1 at 0x8050c84: file sub.c, line 190.
(gdb) run
Starting program: /tmp/Hard/ed-0.2/./ed -
H
r /tmp/Hard/ed-0.2/testsuite/comment.d
# lines beginning with a `#' should be ignored
g/./# including in global commands \
s/l/x/\
# and in the command list \
s/x/y/

Breakpoint 1, substitute_matching_text (pat=0x8055180, lp=0x80550a0, gflag=1, 
    kth=0) at sub.c:190
190     {
(gdb) display pat
1: pat = (pattern_t *) 0x8055180
(gdb) display *pat
2: *pat = {buffer = 0xf265 <Error reading address 0xf265: Invalid argument>, 
  allocated = 0, used = 0, syntax = 134575616, fastmap = 0x0, translate = 0x0, 
  re_nsub = 0, can_be_null = 0, regs_allocated = 0, fastmap_accurate = 0, 
  no_sub = 0, not_bol = 0, not_eol = 0, newline_anchor = 0}
(gdb) n
191       int off = 0;
2: *pat = {buffer = 0xf265 <Error reading address 0xf265: Invalid argument>, 
  allocated = 0, used = 0, syntax = 134575616, fastmap = 0x0, translate = 0x0, 
  re_nsub = 0, can_be_null = 0, regs_allocated = 0, fastmap_accurate = 0, 
  no_sub = 0, not_bol = 0, not_eol = 0, newline_anchor = 0}
1: pat = (pattern_t *) 0x8055180
(gdb) n
192       int changed = 0;
2: *pat = {buffer = 0xf265 <Error reading address 0xf265: Invalid argument>, 
  allocated = 0, used = 0, syntax = 134575616, fastmap = 0x0, translate = 0x0, 
  re_nsub = 0, can_be_null = 0, regs_allocated = 0, fastmap_accurate = 0, 
  no_sub = 0, not_bol = 0, not_eol = 0, newline_anchor = 0}
1: pat = (pattern_t *) 0x8055180
(gdb) n
193       int matchno = 0;
2: *pat = {buffer = 0xf265 <Error reading address 0xf265: Invalid argument>, 
  allocated = 0, used = 0, syntax = 134575616, fastmap = 0x0, translate = 0x0, 
  re_nsub = 0, can_be_null = 0, regs_allocated = 0, fastmap_accurate = 0, 
  no_sub = 0, not_bol = 0, not_eol = 0, newline_anchor = 0}
1: pat = (pattern_t *) 0x8055180
(gdb) n
194       int i = 0;
2: *pat = {buffer = 0xf265 <Error reading address 0xf265: Invalid argument>, 
  allocated = 0, used = 0, syntax = 134575616, fastmap = 0x0, translate = 0x0, 
  re_nsub = 0, can_be_null = 0, regs_allocated = 0, fastmap_accurate = 0, 
  no_sub = 0, not_bol = 0, not_eol = 0, newline_anchor = 0}
1: pat = (pattern_t *) 0x8055180
(gdb) n
199       if ((txt = get_sbuf_line (lp)) == NULL)
2: *pat = {buffer = 0xf265 <Error reading address 0xf265: Invalid argument>, 
  allocated = 0, used = 0, syntax = 134575616, fastmap = 0x0, translate = 0x0, 
  re_nsub = 0, can_be_null = 0, regs_allocated = 0, fastmap_accurate = 0, 
  no_sub = 0, not_bol = 0, not_eol = 0, newline_anchor = 0}
1: pat = (pattern_t *) 0x8055180
(gdb) n
201       if (isbinary)
2: *pat = {buffer = 0xf265 <Error reading address 0xf265: Invalid argument>, 
  allocated = 0, used = 0, syntax = 134575616, fastmap = 0x0, translate = 0x0, 
  re_nsub = 0, can_be_null = 0, regs_allocated = 0, fastmap_accurate = 0, 
  no_sub = 0, not_bol = 0, not_eol = 0, newline_anchor = 0}
1: pat = (pattern_t *) 0x8055180
(gdb) n
203       eot = txt + lp->len;
2: *pat = {buffer = 0xf265 <Error reading address 0xf265: Invalid argument>, 
  allocated = 0, used = 0, syntax = 134575616, fastmap = 0x0, translate = 0x0, 
  re_nsub = 0, can_be_null = 0, regs_allocated = 0, fastmap_accurate = 0, 
  no_sub = 0, not_bol = 0, not_eol = 0, newline_anchor = 0}
1: pat = (pattern_t *) 0x8055180
(gdb) n
204       if (!regexec (pat, txt, SE_MAX, rm, 0))
2: *pat = {buffer = 0xf265 <Error reading address 0xf265: Invalid argument>, 
  allocated = 0, used = 0, syntax = 134575616, fastmap = 0x0, translate = 0x0, 
  re_nsub = 0, can_be_null = 0, regs_allocated = 0, fastmap_accurate = 0, 
  no_sub = 0, not_bol = 0, not_eol = 0, newline_anchor = 0}
1: pat = (pattern_t *) 0x8055180
(gdb) n
208               if (!kth || kth == ++matchno)
2: *pat = Error accessing memory address 0xffffffff: Invalid argument.
Disabling display 2 to avoid infinite recursion.
(gdb) print pat
$1 = (pattern_t *) 0xffffffff
(gdb) quit
The program is running.  Exit anyway? (y or n) y
root@deb-bsd:/tmp/Hard/ed-0.2$

Reply to:

Follow-Ups:
- Re: ed SEGV
  - From: Matthew Vernon <matthew@debian.org>

Prev by Date: XFree86
Next by Date: libshadow
Previous by thread: XFree86
Next by thread: Re: ed SEGV
Index(es):
- Date
- Thread