Package: libc6
Version: 2.7-18
Severity: normal
Description:
Segmentation fault now and then in ace-of-penguins/ace-canfield
kernel: lt-canfield[1653]: segfault at 64 ip b7d88a19 sp bfae197c error
4 in libc-2.7.so[b7d1e000+138000]
and ftp, if macro "$safn ." is used
macdef safn
dir $1 "| more"
kernel: ftp[1675]: segfault at 1f6b3 ip b7e34978 sp bf88d088 error 4 in
libc-2.7.so[b7dca000+138000]
For ace-canfield:
Segmentation fault if max_undo == 100 now and then
sizeof(Undo) == 12
------Start of part of code-------
static void
stack_note_undo(Stack *src, int n, Stack *dest)
{
if (doing_undo) return;
if (num_undo >= max_undo)
{
max_undo += 50;
fprintf(stderr, "max_undo = %d, sizeof(Undo) = %d\n", max_undo,
sizeof(Undo));
/* if (max_undo == 100) mtrace(); */
if (undo)
undo = (Undo *)realloc(undo, max_undo * sizeof(Undo));
else
undo = (Undo *)malloc(max_undo * sizeof(Undo));
}
/*if (max_undo == 100) muntrace();*/
-------End of part of code--------
Dump with gdb without "fprintf(...)" and "mtrace()":
GNU gdb 6.8-debian
...
Program received signal SIGSEGV, Segmentation fault.
0xb7e9da19 in malloc_consolidate (av=0xb7f6e160) at malloc.c:4842
4842 malloc.c: No such file or directory.
in malloc.c
(gdb) bt full
#0 0xb7e9da19 in malloc_consolidate (av=0xb7f6e160) at malloc.c:4842
fb = (mfastbinptr *) 0xb7f6e178
maxfb = (mfastbinptr *) 0xb7f6e18c
p = (mchunkptr) 0x9ff4e58
nextp = (mchunkptr) 0x9ffac08
unsorted_bin = (mchunkptr) 0xb7f6e190
first_unsorted = <value optimized out>
nextchunk = (mchunkptr) 0x9ff4e88
size = 208
nextsize = 160
prevsize = <value optimized out>
bck = (mchunkptr) 0x53
fwd = (mchunkptr) 0x65
#1 0xb7e9f9a5 in _int_malloc (av=0xb7f6e160, bytes=1201) at malloc.c:4166
nb = 1208
idx = 74
bin = <value optimized out>
victim = <value optimized out>
size = <value optimized out>
victim_index = <value optimized out>
remainder = <value optimized out>
remainder_size = <value optimized out>
block = <value optimized out>
bit = <value optimized out>
map = <value optimized out>
fwd = <value optimized out>
bck = <value optimized out>
---Type <return> to continue, or q <return> to quit---
#2 0xb7ea0ecf in _int_realloc (av=0xb7f6e160, oldmem=0x9ff4f70, bytes=1200)
at malloc.c:4972
nextsize = <value optimized out>
nb = 1208
oldp = (mchunkptr) 0x9ff4f68
oldsize = 608
newp = <value optimized out>
newsize = 608
newmem = <value optimized out>
next = (mchunkptr) 0x9ff51c8
remainder = <value optimized out>
remainder_size = <value optimized out>
bck = <value optimized out>
fwd = <value optimized out>
copysize = <value optimized out>
ncopies = <value optimized out>
errstr = <value optimized out>
#3 0xb7ea1a6f in *__GI___libc_realloc (oldmem=0x9ff4f70, bytes=1200)
at malloc.c:3709
ar_ptr = (mstate) 0xb7f6e160
nb = 1208
oldp = (mchunkptr) 0x9ff4f68
oldsize = 608
newp = <value optimized out>
hook = <value optimized out>
#4 0xb80d063a in stack_note_undo (src=0x9ff4dc0, n=27, dest=0x9ff4e28)
at stack.c:592
---Type <return> to continue, or q <return> to quit---
No locals.
#5 0xb80d0404 in stack_flip_card (src=0x9ff4dc0, dest=0x9ff4e28)
at stack.c:557
No locals.
#6 0x08049766 in hand_to_talon () at canfield.c:263
No locals.
#7 0x08049ede in click (x=54, y=275, b=1) at canfield.c:460
c = 4
f = 1
cp = (Picture *) 0x0
#8 0xb80c9cfd in table_loop () at table.c:405
event = {type = ev_buttondown, x = 54, y = 275, w = 474, h = 540,
button = 1, shifts = 0, key = -1206979872, time = 20910024}
first_expose = 1
click_button = 1
#9 0x08048ea4 in main (argc=1, argv=0xbfaf7464) at canfield.c:60
No locals.
-----End without "fprintf(...)" and "mtrace()"--------
Dump from gdb with "mtrace" activated in code
GNU gdb 6.8-debian
max_undo = 50, sizeof(Undo) = 12
Base rank: 1
max_undo = 100, sizeof(Undo) = 12
Program received signal SIGSEGV, Segmentation fault.
0xb7d88a19 in malloc_consolidate (av=0xb7e59160) at malloc.c:4842
4842 malloc.c: No such file or directory.
in malloc.c
(gdb) bt full
#0 0xb7d88a19 in malloc_consolidate (av=0xb7e59160) at malloc.c:4842
fb = (mfastbinptr *) 0xb7e59178
maxfb = (mfastbinptr *) 0xb7e5918c
p = (mchunkptr) 0x8057e58
nextp = (mchunkptr) 0x0
unsorted_bin = (mchunkptr) 0xb7e59190
first_unsorted = <value optimized out>
nextchunk = (mchunkptr) 0x8057e88
size = 208
nextsize = 160
prevsize = <value optimized out>
bck = (mchunkptr) 0x77
fwd = (mchunkptr) 0x70
#1 0xb7d8a9a5 in _int_malloc (av=0xb7e59160, bytes=512) at malloc.c:4166
nb = 520
idx = 64
bin = <value optimized out>
victim = <value optimized out>
size = <value optimized out>
victim_index = <value optimized out>
remainder = <value optimized out>
remainder_size = <value optimized out>
block = <value optimized out>
bit = <value optimized out>
map = <value optimized out>
fwd = <value optimized out>
bck = <value optimized out>
---Type <return> to continue, or q <return> to quit---
#2 0xb7d8c586 in *__GI___libc_malloc (bytes=512) at malloc.c:3553
ar_ptr = (mstate) 0xb7e59160
victim = (void *) 0xbfe94fb1
hook = <value optimized out>
#3 0xb7d8e09c in mtrace () at mtrace.c:314
mallfile = <value optimized out>
added_atexit_handler = 0
#4 0xb7fbb6bd in stack_note_undo (src=0x8057dc0, n=28, dest=0x8057e28)
at stack.c:593
No locals.
#5 0xb7fbb474 in stack_flip_card (src=0x8057dc0, dest=0x8057e28)
at stack.c:558
No locals.
#6 0x08049766 in hand_to_talon () at canfield.c:263
No locals.
#7 0x08049ede in click (x=52, y=265, b=1) at canfield.c:460
c = 4
f = 1
cp = (Picture *) 0x0
#8 0xb7fb4d6d in table_loop () at table.c:405
event = {type = ev_buttondown, x = 52, y = 265, w = 474, h = 540,
button = 1, shifts = 0, key = -1208114464, time = 1799809}
first_expose = 1
click_button = 1
#9 0x08048ea4 in main (argc=1, argv=0xbfe92fe4) at canfield.c:60
No locals.
---End of dump for "mtrace()" activated-----
-- System Information:
Debian Release: 5.0.2
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i586)
Kernel: Linux 2.6.18d and Linux 2.6.26
Locale: LANG=is_IS, LC_CTYPE=is_IS (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
Versions of packages libc6 depends on:
ii libgcc1 1:4.3.2-1.1 GCC support library
--
Bjarni I. Gislason
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
