segfault in strlen
hi, I experience a segfault when using strlen. First time it happened was
when doing:
strlen(argv[0]), but it also happens when doing strlen(stdup(argv[0])) and in
some other configurations. When a string triggers a segfault, I can printf it
correctly, what's more: I can also traverse the string and detect final '\0' at
its correct place (so, what's wrong with strlen?).
see demo crash below. I'm using libc6 and libc6-dev
versions 2.11.1-2 from unstable, and gcc 4.4.4-4 (also from unstable). Here is
a small code that triggers the segfault with some comments explaining the
issue. All I get in gdb is that segfault happens in strlen, even after
installing libc6-dbg. How can I debug this issue more ?
thanks
// compile with gcc -o test test.c
#include <stdio.h>
#include <string.h>
int
main(int argc, char **argv)
{
const char *path = argv[0];
// all those path definitions will result in a crash in strlen
//const char* path = "path\0";
//const char* path = "path";
//const char* path = strdup(argv[0]);
// prints command name correctly
printf("command is: %s\n", path);
int i = 0;
for (i = 0; i < 1020; i++) {
if (path[i] == '\0') {
break;
}
}
// XXX: prints correct string length
printf("computed length: %d\n", i);
// crashes:
// (gdb) where
// #0 0x0000000000401a00 in strlen ()
// #1 0x00000000004005dc in main ()
printf("command length: %d\n", strlen(path));
return 0;
}
Reply to: