symlink crashes octave if filename is longer than 23 chars

H. Wziontek hwz at hwz.bv.TU-Berlin.DE
Wed Aug 13 12:14:56 CDT 2008 

On Wed, 13 Aug 2008, John W. Eaton wrote:

> On 13-Aug-2008, hwz at hwz.bv.TU-Berlin.DE wrote:
>
> | --------
> | Bug report for Octave 3.0.1 configured for x86_64-unknown-linux-gnu
> |
> | Description:
> | -----------
> |
> | The function symlink crashes octave if the first argument (OLD)
> | is longer than 23 chars.
> |
> |
> | Repeat-By:
> | ---------
> |
> | Example:
> |
> | a="123456789012345678901234";
> | b="xxx";
> | system(["touch ", a]);
> | symlink(a, b)
> |
> | If 'a' is reduced by one char, the function works properly.
> |
> | The problem occurs with octave 2.9.9 as well on two different linux systems:
> |
> | Linux fw578 2.6.13-15.7-smp
> | SUSE LINUX 10.0 (X86-64)
> | VERSION = 10.0
> |
> | Linux fs045 2.6.16.54-0.2.8-smp
> | SUSE Linux Enterprise Server 10 (x86_64)
> | VERSION = 10
> | PATCHLEVEL = 1
> |
> |
> | Fix:
> | ---
> |
> | I've looked into liboctave/file-ops.cc but have no idea...
> | Maybe a problem related to libstdc++?
>
> I'm unable to reproduce this problem.  If you'd like to debug it,
> I think you should start by running Octave under gdb and finding out
> where the crash occurs.
>
> jwe
>

It seems to be a bug in libstdc++, not in octave. I've found another machine,
running suse 11.0 + octave 3.0 (from the dist), and the bug doesn't appear.
The first lines of the back trace by gdb point to libc.so.6, see below.

Hartmut

octave:4> symlink(a, b)
*** glibc detected *** free(): invalid next size (fast): 0x0000000002167b40 ***

Program received signal SIGABRT, Aborted.
0x00002aaaad06743a in raise () from /lib64/tls/libc.so.6
(gdb) bt
#0  0x00002aaaad06743a in raise () from /lib64/tls/libc.so.6
#1  0x00002aaaad068870 in abort () from /lib64/tls/libc.so.6
#2  0x00002aaaad09d06e in __libc_message () from /lib64/tls/libc.so.6
#3  0x00002aaaad0a240c in malloc_printerr () from /lib64/tls/libc.so.6
#4  0x00002aaaad0a2e9c in free () from /lib64/tls/libc.so.6
#5  0x00002aaaab819e61 in file_ops::symlink (old_name=@0x7fffff845ba0,
     new_name=@0x7fffff845b90, msg=@0x7fffff845b80) at new_allocator.h:96
#6  0x00002aaaaadf5225 in ?? ()
#7  0x0000000000000001 in ?? ()
#8  0x00007fffff845b90 in ?? ()
#9  0x00002aaaacf1b818 in std::string::_Rep::_S_empty_rep_storage ()
    from /usr/lib64/libstdc++.so.6
#10 0x00002aaaad260680 in mp_ () from /lib64/tls/libc.so.6
#11 0x000000000216f478 in ?? ()
#12 0x0000000000000011 in ?? ()
#13 0x000000000000002a in ?? ()
#14 0x0000000000507fe0 in octave_value_typeinfo::do_lookup_assign_op (
     this=<value optimized out>, op=25394, t_lhs=<value optimized out>,
     t_rhs=-1) at ov-typeinfo.cc:441
#15 0x0000000002279c10 in ?? ()
#16 0x0000000001454d38 in ?? ()
#17 0x0000000000000000 in ?? ()
#18 0x00002aaaacf1b800 in std::moneypunct<char, false>::id ()
    from /usr/lib64/libstdc++.so.6
#19 0x00002aaaab0a19e6 in ?? ()
#20 0x000000000226dd00 in ?? ()
#21 0x000000000226dd10 in ?? ()
#22 0x000000000226dd10 in ?? ()
#23 0x00002aaaab6ba3f0 in ?? ()
#24 0x0000000000501010 in octave_fcn_inline::load_binary (this=0x63c4,
     is=@0x63c4, swap=6) at ov-fcn-inline.cc:195
#25 0x00002aaaad260680 in mp_ () from /lib64/tls/libc.so.6
#26 0x00007fffffd80cc0 in ?? ()
#27 0x0000000001454d38 in ?? ()
#28 0x00007fffffd80cc0 in ?? ()
#29 0x0000000002126ee8 in ?? ()
#30 0x00007fffffd80c80 in ?? ()
#31 0x0000000002126ee8 in ?? ()
#32 0x0000000000000000 in ?? ()
#33 0x00002aaaab0a15e6 in ?? ()
#34 0x0000000000000010 in ?? ()
#35 0x0000000000501010 in octave_fcn_inline::load_binary (this=0x63c4,
     is=@0x63c4, swap=6) at ov-fcn-inline.cc:195
#36 0x00002aaaad0a2e9c in free () from /lib64/tls/libc.so.6
#37 0x00007fffffd80bc0 in ?? ()
#38 0x00000000021e14a0 in ?? ()
#39 0x00007fffffd80cd0 in ?? ()

More information about the Bug-octave mailing list