This is the mail archive of the glibc-bugs@sources.redhat.com mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug regex/934] New: segfault in regexec

From: "zachmann at schlund dot de" <sourceware-bugzilla at sources dot redhat dot com>
To: glibc-bugs at sources dot redhat dot com
Date: 6 May 2005 06:06:02 -0000
Subject: [Bug regex/934] New: segfault in regexec
Reply-to: sourceware-bugzilla at sources dot redhat dot com

During the development of a multi threaded application on a multi processor 
machine I found a segfault in regexec. I could not reproduce this crash on a 
single processor machine. Attached you find a small testprogram that crashes 
in about 30 of 100 runs. 
Here is a backtrace of a crash: 
 
Program terminated with signal 11, Segmentation fault. 
#0  0x0805eb1e in re_acquire_state_context () 
(gdb) bt 
#0  0x0805eb1e in re_acquire_state_context () 
#1  0x08061e75 in build_trtable () 
#2  0x0806387e in re_search_internal () 
#3  0x08063c51 in regexec () 
#4  0x080482a2 in run () 
#5  0x08048c21 in pthread_start_thread () 
 
glibc 2.3.4 
gcc 3.3.5 
 
The program is run on a dual Intel(R) Xeon(TM) CPU 2.40GHz with hyberthreading 
enabled. 
 
If you need more informations please let me know. 
 
regextest.c 
-------------------------------------- 
#include <sys/types.h> 
#include <regex.h> 
#include <stdlib.h> 
 
regex_t * regex; 
 
void *run( void * param ) 
{ 
  int i = 0; 
  for ( ; i < 1000; ++i ) 
  { 
    size_t nmatch = 1; 
    regmatch_t pmatch[nmatch]; 
    regexec( regex, "this can cause a segfault on multi processor machines", 
nmatch, pmatch, 0 ); 
  } 
} 
 
int main() 
{ 
  int not = 4; 
  int i = 0; 
  int ret = 0; 
  char *exp = "a(aaaaaa|bbb(bbbb|ccc)?cccc(cccccccc)?\\.dd)d|" 
              "eeeeeee|f(gggggggggggggg|hhhhhhhh([0-9](\\.[0-9])?))|" 
              "i(jjjjj(/[0-9](\\.[0-9])?)?|kkkkkkkk)|" 
              "l(mmmmmmmmmmmmmmmmmmmmm|nnnnnn)|oooooooooooo\\.ooo|" 
              "ppppppppppp|qqqq[/ ]?1\\.[0-9]|rrrrrrrrr/[0-9](\\.[0-9])?|" 
              "ssss|M(tttt|uuu)|N(uuuuuuuu?/[1-9](\\.[0-9])?|aaaa)|" 
              "bbbbb[ /]?[0-9](\\.[0-9])?|P(aaaaaaaa|b(c/[3-4]|ddddd))|" 
              "S(a(bbbbb|ccc)|dd|eee|fffff|gggggg|hhhhhhhhhhh)|" 
              "wwwwwwwwwwwwwww|x(aaaaaaaa|bbb)"; 
  pthread_t pthread_[not]; 
 
  regex = (regex_t *)malloc( sizeof( regex_t ) ); 
 
  ret = regcomp( regex, exp, REG_ICASE|REG_EXTENDED ); 
 
  if ( ret != 0 ) 
  { 
    printf( "regcomp failed: %d\n", ret ); 
  } 
 
  for ( i = 0; i < not; ++i ) 
  { 
    int error = pthread_create( &pthread_[ i ], NULL, &run, 0 ); 
    if ( error != 0 ) 
    { 
      printf( "unable to create thread: %d", error ); 
      exit( 1 ); 
    } 
  } 
 
  for ( i = 0; i < not; ++i ) 
  { 
    pthread_join( pthread_[i], NULL ); 
  } 
}

-- 
           Summary: segfault in regexec
           Product: glibc
           Version: 2.3.4
            Status: NEW
          Severity: normal
          Priority: P2
         Component: regex
        AssignedTo: gotom at debian dot or dot jp
        ReportedBy: zachmann at schlund dot de
                CC: glibc-bugs-regex at sources dot redhat dot com,glibc-
                    bugs at sources dot redhat dot com


http://sources.redhat.com/bugzilla/show_bug.cgi?id=934

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

Follow-Ups:
- [Bug regex/934] segfault in regexec
  - From: paolo dot bonzini at lu dot unisi dot ch
- [Bug regex/934] segfault in regexec
  - From: zachmann at schlund dot de
- [Bug regex/934] segfault in regexec
  - From: paolo dot bonzini at lu dot unisi dot ch
- [Bug regex/934] segfault in regexec
  - From: jakub at redhat dot com

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]