Hi all, I'm getting a core dump in xgettext whenever I try to process PO files that contain duplicate plural form entries. Looks like a double-free() somewhere:
$ ls test1.pot test2.pot $ cat test1.pot #: location_1:1 msgid "common" msgid_plural "common_plural" msgstr[0] "" msgstr[1] "" #: location_1:2 msgid "str1" msgid_plural "str1_plural" msgstr[0] "" msgstr[1] "" $ cat test2.pot #: location_2:1 msgid "common" msgid_plural "common_plural" msgstr[0] "" msgstr[1] "" #: location_2:2 msgid "str2" msgid_plural "str2_plural" msgstr[0] "" msgstr[1] "" $ ulimit -c unlimited $ xgettext *.pot *** glibc detected *** xgettext: double free or corruption (fasttop): 0x00000000018f0590 *** Segmentation fault (core dumped) $ gdb /usr/bin/xgettext core.3225 [...snip...] (gdb) bt #0 0x0000003803a75f72 in malloc_consolidate () from /lib64/libc.so.6 #1 0x0000003803a79125 in _int_malloc () from /lib64/libc.so.6 #2 0x0000003803a7a346 in calloc () from /lib64/libc.so.6 #3 0x000000380320ad7f in _dl_new_object () from /lib64/ld-linux-x86-64.so.2 #4 0x00000038032071de in _dl_map_object_from_fd () from /lib64/ld-linux-x86-64.so.2 #5 0x000000380320839a in _dl_map_object () from /lib64/ld-linux-x86-64.so.2 #6 0x0000003803212a94 in dl_open_worker () from /lib64/ld-linux-x86-64.so.2 #7 0x000000380320e206 in _dl_catch_error () from /lib64/ld-linux-x86-64.so.2 #8 0x000000380321254a in _dl_open () from /lib64/ld-linux-x86-64.so.2 #9 0x0000003803b26ca0 in do_dlopen () from /lib64/libc.so.6 #10 0x000000380320e206 in _dl_catch_error () from /lib64/ld-linux-x86-64.so.2 #11 0x0000003803b26df7 in __libc_dlopen_mode () from /lib64/libc.so.6 #12 0x0000003803afe995 in init () from /lib64/libc.so.6 #13 0x0000003803e0cd33 in pthread_once () from /lib64/libpthread.so.0 #14 0x0000003803afeac4 in backtrace () from /lib64/libc.so.6 #15 0x0000003803a7054b in __libc_message () from /lib64/libc.so.6 #16 0x0000003803a75e66 in malloc_printerr () from /lib64/libc.so.6 #17 0x0000003bc240e578 in po_gram_parse () at po-gram-gen.y:418 #18 0x0000003bc240f4d7 in po_parse (this=<value optimized out>, fp=<value optimized out>, real_filename=<value optimized out>, logical_filename=<value optimized out>) at read-po.c:41 #19 0x0000003bc240ba71 in catalog_reader_parse (pop=0x18eefa0, fp=<value optimized out>, real_filename=<value optimized out>, logical_filename=<value optimized out>, input_syntax=0x6417b0) at read-catalog-abstract.c:179 #20 0x000000000040d6b8 in extract (fp=0x18efef0, real_filename=0x18efac0 "test2.pot", logical_filename=0x18f0380 "test2.pot", input_syntax=0x6417b0, mdlp=0x18edb40) at x-po.c:165 #21 0x000000000040720c in extract_from_file (file_name=0x18edb20 "test2.pot", extractor=..., mdlp=0x18edb40) at xgettext.c:2105 #22 0x0000000000407df5 in main (argc=<value optimized out>, argv=<value optimized out>) at xgettext.c:849 $ valgrind xgettext *.pot [...snip...] ==3895== Invalid free() / delete / delete[] / realloc() ==3895== at 0x4A06430: free (vg_replace_malloc.c:446) ==3895== by 0x3BC240E966: po_gram_parse (po-gram-gen.y:230) ==3895== by 0x3BC240F4D6: po_parse (read-po.c:41) ==3895== by 0x3BC240BA70: catalog_reader_parse (read-catalog-abstract.c:179) ==3895== by 0x40D6B7: extract (x-po.c:165) ==3895== by 0x40720B: extract_from_file (xgettext.c:2105) ==3895== by 0x407DF4: main (xgettext.c:849) ==3895== Address 0x4c6aa80 is 0 bytes inside a block of size 14 free'd ==3895== at 0x4A06430: free (vg_replace_malloc.c:446) ==3895== by 0x3BC24121E1: default_add_message (read-catalog.c:378) ==3895== by 0x3BC241266E: default_directive_message (read-catalog.c:64) ==3895== by 0x3BC240AE72: po_callback_message (read-catalog-abstract.c:107) ==3895== by 0x3BC240E956: po_gram_parse (po-gram-gen.y:108) ==3895== by 0x3BC240F4D6: po_parse (read-po.c:41) ==3895== by 0x3BC240BA70: catalog_reader_parse (read-catalog-abstract.c:179) ==3895== by 0x40D6B7: extract (x-po.c:165) ==3895== by 0x40720B: extract_from_file (xgettext.c:2105) ==3895== by 0x407DF4: main (xgettext.c:849) ==3895== $ xgettext --version xgettext (GNU gettext-tools) 0.19.5.1 Copyright (C) 1995-1998, 2000-2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Written by Ulrich Drepper. $ uname -a Linux aim83dev1 2.6.32-504.el6.x86_64 #1 SMP Wed Oct 15 04:27:16 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux $ gcc --version gcc (GCC) 4.4.7 20120313 (Red Hat 4.4.7-11) Copyright (C) 2010 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. $ /lib/libc.so.6 GNU C Library stable release version 2.12, by Roland McGrath et al. Copyright (C) 2010 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Compiled by GNU CC version 4.4.7 20120313 (Red Hat 4.4.7-11). Compiled on a Linux 2.6.32 system on 2014-10-15. Available extensions: The C stubs add-on version 2.1.2. crypt add-on version 2.1 by Michael Glad and others GNU Libidn by Simon Josefsson Native POSIX Threads Library by Ulrich Drepper et al BIND-8.2.3-T5B RT using linux kernel aio libc ABIs: UNIQUE IFUNC For bug reporting instructions, please see: <http://www.gnu.org/software/libc/bugs.html>.