X-Loop: help-debbugs@HIDDEN
Subject: bug#76613: diff -y crashes with apparent memory corruption
Resent-From: "Nick Smallbone" <nick@HIDDEN>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
Resent-CC: bug-diffutils@HIDDEN
Resent-Date: Thu, 27 Feb 2025 17:59:03 +0000
Resent-Message-ID: <handler.76613.B.174067908414711 <at> debbugs.gnu.org>
Resent-Sender: help-debbugs@HIDDEN
X-GNU-PR-Message: report 76613
X-GNU-PR-Package: diffutils
X-GNU-PR-Keywords:
To: 76613 <at> debbugs.gnu.org
X-Debbugs-Original-To: bug-diffutils@HIDDEN
Received: via spool by submit <at> debbugs.gnu.org id=B.174067908414711
(code B ref -1); Thu, 27 Feb 2025 17:59:03 +0000
Received: (at submit) by debbugs.gnu.org; 27 Feb 2025 17:58:04 +0000
Received: from localhost ([127.0.0.1]:37443 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1tni95-0003p6-F4
for submit <at> debbugs.gnu.org; Thu, 27 Feb 2025 12:58:04 -0500
Received: from lists.gnu.org ([2001:470:142::17]:45562)
by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.84_2) (envelope-from <nick@HIDDEN>) id 1tnal5-0004ab-Bt
for submit <at> debbugs.gnu.org; Thu, 27 Feb 2025 05:04:49 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <nick@HIDDEN>) id 1tnakv-0000Fd-T4
for bug-diffutils@HIDDEN; Thu, 27 Feb 2025 05:04:38 -0500
Received: from fout-a6-smtp.messagingengine.com ([103.168.172.149])
by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <nick@HIDDEN>) id 1tnakt-0005bb-VH
for bug-diffutils@HIDDEN; Thu, 27 Feb 2025 05:04:37 -0500
Received: from phl-compute-01.internal (phl-compute-01.phl.internal
[10.202.2.41])
by mailfout.phl.internal (Postfix) with ESMTP id B6C0F1382F1D
for <bug-diffutils@HIDDEN>; Thu, 27 Feb 2025 05:04:31 -0500 (EST)
Received: from phl-imap-04 ([10.202.2.82])
by phl-compute-01.internal (MEProxy); Thu, 27 Feb 2025 05:04:31 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smallbone.se; h=
cc:content-transfer-encoding:content-type:content-type:date:date
:from:from:in-reply-to:message-id:mime-version:reply-to:subject
:subject:to:to; s=fm3; t=1740650671; x=1740737071; bh=AvXOEXJDLv
x5xdcpmZd3zsUJhxU0/AE5R+49ASmCwN0=; b=aSMbJodZ3xg3PbwHWdttq6gkqE
2ibD5Xezw7rMucl2i/d42joZ4SWgCKSB0UCPgHTwAFjolgnH83Osr2jVEE734QlJ
w7YZ5ENmo6yxb47gDez+ASkXNM1vQ17lPCuNerclfBbRMA9A3EarhvR45YpvAQEi
9WOhg1jTW79+tmbRVwXZ+fc+zrnu9waaA+SxuN1DHTTpcnmqYPDYpGkbdNy5s4X7
JgtaTREi749e7mdFKsTRAn7lEQhxbKvAUKhpOjMCkB2rc0yM54apTMAUgtvunCcp
7pvNEMepCUR3WmBWWfmQeSbGu7r4usNPFV1mMgSPs8o5tKj+eqeOSIksAx1Q==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
messagingengine.com; h=cc:content-transfer-encoding:content-type
:content-type:date:date:feedback-id:feedback-id:from:from
:in-reply-to:message-id:mime-version:reply-to:subject:subject:to
:to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=
1740650671; x=1740737071; bh=AvXOEXJDLvx5xdcpmZd3zsUJhxU0/AE5R+4
9ASmCwN0=; b=My5M0pcyz99LFAjaJIb4yh4FXjCwtAm9JW/e7+JqbZhJpW7WWux
ZTaxVmzEM9g5OZwD0rcpz+0DN/m636GSzj01VdCGx8wbcWOcWYWl4grnOn+CFVK+
USbUOnGE9KFlLqbZibOnwphZQnbiVe28qNUrx6uxGtWq1Gvomglme88x5smty30O
Pwikchh9BnXngjsoGrAD9VS66qHr4yn3iIKQFZpwxPLPyJOp/pJ77z0KL6NasYok
joSADc7EJPHfdR/per7pWqnsgZJRibCcjevzZiqT+JF2BEhnKmuuZktcCDyOICZ5
4ckP1/gSmLasT72DZSi5x0L9FpzKpobblVg==
X-ME-Sender: <xms:rzjAZxBC6cjC407CDm3ukz_RwB76mDBKPbuoJchuFu4UQtE9m5kVAA>
<xme:rzjAZ_icYSuxHI2ZDQqzz1xdxIei6MrgUwIvyyIxwE3fUIFXvdSgmXrV6jbWxY82D
zdX2mJiUYQM2apWbg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgdekjedukecutefuodetggdotefrod
ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpggftfghnshhusghstghrihgsvgdp
uffrtefokffrpgfnqfghnecuuegrihhlohhuthemuceftddtnecunecujfgurhepofggff
fhvffkufgtgfesthejredtredttdenucfhrhhomhepfdfpihgtkhcuufhmrghllhgsohhn
vgdfuceonhhitghksehsmhgrlhhlsghonhgvrdhsvgeqnecuggftrfgrthhtvghrnhepff
dugffghfekteehfffhjeeiteejhfdvffffuefhudfgledviefggfdtvdegvdetnecuffho
mhgrihhnpehgnhhurdhorhhgnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpe
hmrghilhhfrhhomhepnhhitghksehsmhgrlhhlsghonhgvrdhsvgdpnhgspghrtghpthht
ohepuddpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepsghughdqughifhhfuhhtih
hlshesghhnuhdrohhrgh
X-ME-Proxy: <xmx:rzjAZ8n9luerjGATVovW4O0OKb0e09VuHwfkfb6bxKNl7trE72Eu1g>
<xmx:rzjAZ7wQfMustD_DV_vQPzliBGbvdcBXRPRPDHWghdKWhu0FVBpGcg>
<xmx:rzjAZ2TMb8yGzf-2AFz7KljBdOQptJkTlNcjS2ZPZKr1sTZQGICpHg>
<xmx:rzjAZ-Z6UiI4UpbgFqzgKRTUmA12Wi6LfkaVV_8iVOXyOeRXm6YChQ>
<xmx:rzjAZ_6qcE_XVYzM-s2VEtzU0Sh6HXD1CQ1LoiIIWgahzyec-GABG7qQ>
Feedback-ID: ic1c842cf:Fastmail
Received: by mailuser.phl.internal (Postfix, from userid 501)
id 5BA852E60088; Thu, 27 Feb 2025 05:04:31 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
MIME-Version: 1.0
Date: Thu, 27 Feb 2025 11:04:03 +0100
From: "Nick Smallbone" <nick@HIDDEN>
Message-Id: <c4a9f6ca-57e1-47b5-886b-adb0be409b7f@HIDDEN>
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Received-SPF: pass client-ip=103.168.172.149; envelope-from=nick@HIDDEN;
helo=fout-a6-smtp.messagingengine.com
X-Spam_score_int: -27
X-Spam_score: -2.8
X-Spam_bar: --
X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001,
RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001,
SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: 0.7 (/)
X-Mailman-Approved-At: Thu, 27 Feb 2025 12:58:01 -0500
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -0.3 (/)
Hi,
I'm running diffutils-3.11, downloaded from ftp.gnu.org and built with ./configure && make (no options given).
I'm seeing the problem that diff -y is crashing with various malloc-related errors. Here is an example. First I create two files a and b like so:
% seq 1 100 > a
% seq 1 100 | grep -v 50 > b
Then I run diff -y a b, which crashes with an error in free():
% diff -y a b
free(): corrupted unsorted chunks
zsh: IOT instruction src/diff -y ~/a ~/b
I haven't looked into the source to find out the problem, but I did compile a debug build and run it under Valgrind. It detected some memory corruption - here is the report:
==9602== Memcheck, a memory error detector
==9602== Copyright (C) 2002-2024, and GNU GPL'd, by Julian Seward et al.
==9602== Using Valgrind-3.24.0 and LibVEX; rerun with -h for copyright info
==9602== Command: src/diff -y /home/nick/a /home/nick/b
==9602==
==9602== Invalid write of size 8
==9602== at 0x40EC8A: find_and_hash_each_line (io.c:1017)
==9602== by 0x40FBAA: read_files (io.c:1366)
==9602== by 0x40596C: diff_2_files (analyze.c:463)
==9602== by 0x409B1F: compare_prepped_files (diff.c:1371)
==9602== by 0x40ADBF: compare_files (diff.c:1633)
==9602== by 0x408834: main (diff.c:881)
==9602== Address 0x4b12f80 is 0 bytes after a block of size 656 alloc'd
==9602== at 0x4850C7C: realloc (vg_replace_malloc.c:1801)
==9602== by 0x41A8A6: rpl_realloc (stdlib.h:2066)
==9602== by 0x41CE27: xrealloc (xmalloc.c:66)
==9602== by 0x41D196: xpalloc (xmalloc.c:271)
==9602== by 0x40EC4A: find_and_hash_each_line (io.c:1013)
==9602== by 0x40FBAA: read_files (io.c:1366)
==9602== by 0x40596C: diff_2_files (analyze.c:463)
==9602== by 0x409B1F: compare_prepped_files (diff.c:1371)
==9602== by 0x40ADBF: compare_files (diff.c:1633)
==9602== by 0x408834: main (diff.c:881)
==9602==
--9602-- VALGRIND INTERNAL ERROR: Valgrind received a signal 11 (SIGSEGV) - exiting
--9602-- si_code=1; Faulting address: 0x9622BA0; sp: 0x1002cf6e20
valgrind: the 'impossible' happened:
Killed by fatal signal
host stacktrace:
==9602== at 0x5804AE1F: ??? (in /usr/libexec/valgrind/memcheck-amd64-linux)
==9602== by 0x58004E0C: ??? (in /usr/libexec/valgrind/memcheck-amd64-linux)
==9602== by 0x58005203: ??? (in /usr/libexec/valgrind/memcheck-amd64-linux)
==9602== by 0x58097E37: ??? (in /usr/libexec/valgrind/memcheck-amd64-linux)
==9602== by 0x580E1E1A: ??? (in /usr/libexec/valgrind/memcheck-amd64-linux)
sched status:
running_tid=1
Thread 1: status = VgTs_Runnable (lwpid 9602)
==9602== at 0x4850A5F: calloc (vg_replace_malloc.c:1675)
==9602== by 0x4160B0: icalloc (ialloc.h:91)
==9602== by 0x41D239: xicalloc (xmalloc.c:304)
==9602== by 0x41D1E7: xizalloc (xmalloc.c:289)
==9602== by 0x405E39: diff_2_files (analyze.c:529)
==9602== by 0x409B1F: compare_prepped_files (diff.c:1371)
==9602== by 0x40ADBF: compare_files (diff.c:1633)
==9602== by 0x408834: main (diff.c:881)
client stack range: [0x1FFEFFD000 0x1FFF000FFF] client SP: 0x1FFEFFEDA0
valgrind stack range: [0x1002BF7000 0x1002CF6FFF] top usage: 7272 of 1048576
Nick
Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) Content-Type: text/plain; charset=utf-8 X-Loop: help-debbugs@HIDDEN From: help-debbugs@HIDDEN (GNU bug Tracking System) To: "Nick Smallbone" <nick@HIDDEN> Subject: bug#76613: Acknowledgement (diff -y crashes with apparent memory corruption) Message-ID: <handler.76613.B.174067908414711.ack <at> debbugs.gnu.org> References: <c4a9f6ca-57e1-47b5-886b-adb0be409b7f@HIDDEN> X-Gnu-PR-Message: ack 76613 X-Gnu-PR-Package: diffutils Reply-To: 76613 <at> debbugs.gnu.org Date: Thu, 27 Feb 2025 17:59:03 +0000 Thank you for filing a new bug report with debbugs.gnu.org. This is an automatically generated reply to let you know your message has been received. Your message is being forwarded to the package maintainers and other interested parties for their attention; they will reply in due course. Your message has been sent to the package maintainer(s): bug-diffutils@HIDDEN If you wish to submit further information on this problem, please send it to 76613 <at> debbugs.gnu.org. Please do not send mail to help-debbugs@HIDDEN unless you wish to report a problem with the Bug-tracking system. --=20 76613: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D76613 GNU Bug Tracking System Contact help-debbugs@HIDDEN with problems
X-Loop: help-debbugs@HIDDEN
Subject: bug#76613: [bug-diffutils] bug#76613: diff -y crashes with apparent memory corruption
Resent-From: Paul Eggert <eggert@HIDDEN>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
Resent-CC: bug-diffutils@HIDDEN
Resent-Date: Thu, 27 Feb 2025 19:14:03 +0000
Resent-Message-ID: <handler.76613.B76613.174068359630649 <at> debbugs.gnu.org>
Resent-Sender: help-debbugs@HIDDEN
X-GNU-PR-Message: followup 76613
X-GNU-PR-Package: diffutils
X-GNU-PR-Keywords:
To: Nick Smallbone <nick@HIDDEN>
Cc: 76613 <at> debbugs.gnu.org
Received: via spool by 76613-submit <at> debbugs.gnu.org id=B76613.174068359630649
(code B ref 76613); Thu, 27 Feb 2025 19:14:03 +0000
Received: (at 76613) by debbugs.gnu.org; 27 Feb 2025 19:13:16 +0000
Received: from localhost ([127.0.0.1]:38013 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1tnjJs-0007yG-3a
for submit <at> debbugs.gnu.org; Thu, 27 Feb 2025 14:13:16 -0500
Received: from mail.cs.ucla.edu ([131.179.128.66]:44420)
by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.84_2) (envelope-from <eggert@HIDDEN>)
id 1tnjJp-0007x8-Dl
for 76613 <at> debbugs.gnu.org; Thu, 27 Feb 2025 14:13:14 -0500
Received: from localhost (localhost [127.0.0.1])
by mail.cs.ucla.edu (Postfix) with ESMTP id AD6BF3C00E413;
Thu, 27 Feb 2025 11:13:06 -0800 (PST)
Received: from mail.cs.ucla.edu ([127.0.0.1])
by localhost (mail.cs.ucla.edu [127.0.0.1]) (amavis, port 10032) with ESMTP
id HUW4yVErRLxc; Thu, 27 Feb 2025 11:13:06 -0800 (PST)
Received: from localhost (localhost [127.0.0.1])
by mail.cs.ucla.edu (Postfix) with ESMTP id 742F73C00E41C;
Thu, 27 Feb 2025 11:13:06 -0800 (PST)
DKIM-Filter: OpenDKIM Filter v2.10.3 mail.cs.ucla.edu 742F73C00E41C
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.ucla.edu;
s=9D0B346E-2AEB-11ED-9476-E14B719DCE6C; t=1740683586;
bh=PMVrmgasuchClWStyHgSmWG84fbpjBRabA84oGcGmjg=;
h=Message-ID:Date:MIME-Version:To:From;
b=fNDk54wS10jIt2W1zLD399g0OHj3BxrEIBd7d8fsO+B+h2K2NgBnEvCdWRE+PXG3U
HIYWfgsrW64dxXky00b5MY41pfM+FSvuoVnA00QvFUmUdzsNo5bbI58ir/SSyMUwIk
HUQTqtAJaXJKwTWk+vBMMbQxG1jFeaIW7hiQU6JLosk/rSaJMnP2YpC973xEkPcQKl
zW49imkEJNLfHF6e0PkhE8D9JG+fwXpdmlel/nMoE9P1KlMux0SIzrWsxY4n7NWLiL
hGxKAfC2h2gMSeU9bUWDTUUwCXjgYOjCcY7aJy+h+PJ4TlGqmRoP69WeYZ5dvSoha9
SamihZCdYVjqQ==
X-Virus-Scanned: amavis at mail.cs.ucla.edu
Received: from mail.cs.ucla.edu ([127.0.0.1])
by localhost (mail.cs.ucla.edu [127.0.0.1]) (amavis, port 10026) with ESMTP
id 7E5fujHCTaCW; Thu, 27 Feb 2025 11:13:06 -0800 (PST)
Received: from [192.168.254.12] (unknown [47.147.225.25])
by mail.cs.ucla.edu (Postfix) with ESMTPSA id 5454E3C00E413;
Thu, 27 Feb 2025 11:13:06 -0800 (PST)
Message-ID: <bc7c4558-1968-4c58-b03e-ab41a3177418@HIDDEN>
Date: Thu, 27 Feb 2025 11:13:06 -0800
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
References: <c4a9f6ca-57e1-47b5-886b-adb0be409b7f@HIDDEN>
Content-Language: en-US
From: Paul Eggert <eggert@HIDDEN>
Organization: UCLA Computer Science Department
In-Reply-To: <c4a9f6ca-57e1-47b5-886b-adb0be409b7f@HIDDEN>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
Thanks for the bug report. I can reproduce it with gcc
-fsanitize=address on Ubuntu 24.10 x86-64. I plan to take a look at it soon.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.