Ubuntu
joe package

segmentation fault after 82 minus signs on a line

Bug #615320 reported by Razvan Cosma
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
JOE
Unknown
Unknown
joe (Debian)
Fix Released
Unknown
joe (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

Binary package hint: joe

 When typing a series of - (minus) signs on a single line, joe crashes after the 82nd character. Error displayed is *** glibc detected *** joe: double free or corruption (!prev): 0x09ed8570 ***
When opening a file that already has a long line of ----------------, going to the end of the line and typing a single '-', joe crashes.
System: 32-bit Intel Lenovo desktop
Ubuntu 10.04.1 LTS, all current updates installed
joe 3.7-1

Revision history for this message
Razvan Cosma (rg-cosma) wrote :

Behaviour confirmed on other computers running the same ubuntu+joe versions, but: just did a bzr branch lp:ubuntu/lucid/joe && configure && make and I cannot reproduce the segfault with the built binary.

Revision history for this message
Marcel Stimberg (marcelstimberg) wrote :

Thank you for reporting this to Ubuntu. Could you please generate an
apport crash report for this?
You can enable apport for one instance like this:
sudo service apport start force_start=1

I am marking this invalid as apport will open a new bug when the crash
is generated. If it does not, you can reset the status of this one to
New and we will try something else.

Changed in joe (Ubuntu):
status: New → Invalid
Revision history for this message
Razvan Cosma (rg-cosma) wrote :

Hello - apport doesn't trigger when crashing joe. I do get a garbled terminal looking like this:
    IW Unnamed (Modified) Row 1 Col 69 7:55 Ctrl-K H for help
----------------------------------------------------------------------------------
*** glibc detected *** joe: double free or corruption (!prev): 0x08ea4350 ***
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(+0x6b591)[0x711591]
/lib/tls/i686/cmov/libc.so.6(+0x6cde8)[0x712de8]
/lib/tls/i686/cmov/libc.so.6(cfree+0x6d)[0x715ecd]
joe[0x8079ba3]
.. and a lot more, going through libdl, libncurses, etc.

Changed in joe (Ubuntu):
status: Invalid → Opinion
Revision history for this message
Marcel Stimberg (marcelstimberg) wrote :

I can reproduce your bug and I can't get apport to trigger, too. But, as you commented earlier, building joe from the bazaar branch does work, no segfault...

Changed in joe (Ubuntu):
status: Opinion → Confirmed
Bug Watch Updater (bug-watch-updater)
Changed in joe (Debian):
status: Unknown → Confirmed
Bug Watch Updater (bug-watch-updater)
Changed in joe (Debian):
status: Confirmed → Fix Released
Revision history for this message
Marco Davids (mdavids) wrote :

Perhaps related to this; joe also crashes when I start in and paste the following string in it:

/usr/bin/qemu-system-x86_64 -S -M pc-0.12 -no-kvm -m 128 -smp 1,sockets=1,cores=1,threads=1 -name test2 -uuid 52610fb0-9d58-bc91-fbd6-e7506c2cc6b1 -nodefaults -chardev socket,id=monitor,path=/var/lib/libvirt/qemu/test2.monitor,server,nowait -mon chardev=monitor,mode=readline -rtc base=utc -boot c -drive file=/var/lib/libvirt/images/2Gtest2.img,if=none,id=drive-ide0-0-0,format=raw -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -drive if=none,media=cdrom,id=drive-ide0-1-0,readonly=on,format=raw -device ide-drive,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -device rtl8139,vlan=0,id=net0,mac=52:54:00:ce:14:83,bus=pci.0,addr=0x3 -net tap,fd=32,vlan=0,name=hostnet0 -chardev pty,id=serial0 -device isa-serial,chardev=serial0 -usb -vnc 127.0.0.1:0 -vga cirrus -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x4

Result:

vice ide-drive,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0
           device rtl8139,vlan=0,id=net0,mac=52:54:00:ce:14:83,bus=pci.0,add*** glibc detected *** jmacs: free(): invalid next size (fast): 0x08428600 ***
                                     ======= Backtrace: =========
                                                                 /lib/libc.so.6(+0x6c501)[0x2ea501]
                                                                                                   /lib/libc.so.6(+0x6dd70)[0x2ebd70]
                /lib/libc.so.6(cfree+0x6d)[0x2eee5d]
                                                    jmacs[0x8079ba3]
                                                                    jmacs[0x807aa00]
                                                                                    jmacs[0x805671d]
                                                                                                    jmacs[0x80593ec]
                                                                                                                    jmacs[0x80597db]
               jmacs[0x8059b3f]
                               jmacs[0x805a5d5]

Etc....

Revision history for this message
Josip Rodin (joy) wrote : Re: [Bug 615320] Re: segmentation fault after 82 minus signs on a line

On Tue, Jan 18, 2011 at 07:17:24PM -0000, Marco Davids wrote:
> Perhaps related to this; joe also crashes when I start in and paste the
> following string in it:

Please test the updated version in Debian...

--
Josip Rodin
Racunalno-informacijski sustavi i servisi
CARNet - Croatian Academic and Research Network
J. Marohnica 5, 10000 Zagreb, Croatia
tel. +385 1 66 61 61 6
http://www.carnet.hr/

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.